MEDICAL DATA MANAGEMENT SYSTEM

Notice of Pre-AIA or AIA Status 1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments 2. Applicant’s arguments, filed on 12/15/2025, with respect to the 35 U.S.C. 103 rejection of claims 1-3, 5,6, 9-11, 13, 14, 17, 22, and 27 are rejected under as being unpatentable over U.S. Publication No. 20170372096 hereinafter Yousfi in view of U.S. Publication No. 20090132282 hereinafter Kerstna have been fully considered. However, upon further consideration, a new ground(s) of rejection is made in view of amended claims. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. 3. Claims 1-3, 5,6, 9-11, 13, 14, 17, 22, and 27 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20170372096 hereinafter Yousfi in view of U.S. Publication No. 20090132282 hereinafter Kerstna, and further in view of U.S. Publication No. 20200075143 hereinafter Takikawa. As to claim 1, Yousfi discloses: A medical data management system (Fig 1 element 100 para 0042) For managing medical data (para 0042), the system comprising: a medical data gateway (Fig 1 element 113) including at least one processor (Fig 1 element 115) connectable to a plurality of input devices (Fig 1110) the medical data gateway being connected to a local network (Fig 3A element 313, para 0065 and 0070) and the at least one processor being configured to carry out at least: collecting medical data associated to health data may include patient information with patient privacy information a non- pseudonymized patient identifier (para 0024 and 0028) and a data source identifier, from an input device of the plurality of input devices (para 0024, 0035 and 0044) pseudonymize at least the non-pseudonymized patient identifier to produce pseudonymized medical data (para 0024, 0042 and 0058) including a pseudonymized patient identifier based on the non- pseudonymized patient identifier and the data source identifier (para 0035 "Alternately or in addition, hashes of patient privacy information may be generated or used to anonymously link patient privacy information to an identifier. For example, a selected patient's patient privacy information serve as input for a hash function, and the hash function may output a hash. The hash may be mapped to the input patient privacy information, even if the hash does not include patient privacy information. In one embodiment, the hash function may be an irreversible hash function that may omit patient privacy information. Exemplary hash functions include SHA1, MD5, berypt, etc. Any hash function may be used, but the same hash algorithm may be used on each case, SO that different data sets may be mapped to one another. In one embodiment, hashes may include unique values computed for each of the fields considered patient privacy data. Any field of the patient privacy information may be hashed. Exemplary hashed fields may include: patient's first name, patient's last name, a patient identifier (e.g., patient ID), a patient's date of birth, a referring physician's first name, a referring physician's last name, a study date, a study time, etc." Para 0059 "In one embodiment, step 203 may include anonymizing the collected health data. For example, a cloud platform of the first region may strip the received health data of PHI. In one embodiment, step 203 may further include storing the PHI stripped from a received health data set, e.g., in a PHI database of the first region. In one embodiment, the PHI database may be included in a cloud platform, a local network, or any system of the first region. For example, step 203 may include identifying PHI fields based on regulatory requirements of the first region. For instance, in a DICOM file, step 203 may include detecting the Patient Name field (e.g., Tag (0010,0010), identifying the patient name, storing the patient name (e.g., in a database), and redacting the name from the DICOM with a generic (e.g., not nominative) string." Para 0059 "In one embodiment, step 205 may include creating one or more hashes of the PHI. Adding a hash may include computing and/or storing a hash (ea., at a permanent storage). The hashes may be irreversible and created so they do not contain PHI. Accordingly, while the PHI may be retained in the first region, the hashes may be transferred to the second region along with the data (now decoupled from PHI). In other words, method 200 may entail ensuring that PHI associated with the health data may remain in the first region, while the health data (absent PHI) and the hash may be transmitted to the second region. Accordingly, step 207 may include transmitting anonymized health data to a second region. For example, transmitted health data may be associated with one or more hashes or other identifiers, while PHI remains exclusively within the first region (e.g., in the PHI storage). export the pseudonymized medical data to a remote storage (Figs. 1, 3A and 4a, 0050, 0058 and 0070) and make the non-pseudonymized patient identifier patient privacy information may include patient identification information accessible to a local application one or more displays running in the local network (Fig 3A element 311, para 0095) Yousfi does not disclose: data source identifier corresponding to an identifier of the input device of the plurality of input devices and make non-pseudonymized patient identifier non-accessible to a remote application, running outside of a local network Kerstna discloses: and make non-pseudonymized patient identifier non-accessible to a remote application, running outside of a local network (para 0068 "This embodiment of the present invention, thus, allows external domains to access medical data from a (isolated) patient domain, the patient identifiers of which are inaccessible for the external domains and other external units." Para 0069 "In an optional next step S11, the medical data and the received patient identifier is associatively stored in a storage location within the first patient domain and/or the medical data and patient identifier are sent, preferably through secure communication, to an external storage location for storage therein.") Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the preserving patient privacy of Yousfi to include and make non-pseudonymized patient identifier non-accessible to a remote application, running outside of a local network, as taught by Kerstna. The motivation would have been to enable exchange of medical and Clinical patient data between patient domains in a healthcare system (Kerstna paragraph 0012). Yousfi in view Kerstna of does not disclose: data source identifier corresponding to an identifier of the input device of the plurality of input devices Takikawa discloses: data source identifier corresponding to an identifier of the input device of the plurality of input devices (para 0047 “To begin with, a first embodiment will be explained. In the first embodiment, the management apparatus 10a is configured to specify the pre-arrival medical information of the patient by using a “Device ID” uniquely identifying the onboard device 20a that took the images of the patient and information related to the arrival time of the patient at the hospital. In this situation, the “Device ID” is an example of the identification information of an extra-order device. The “arrival time” is an example of the arrival status. For example, the Device ID of the onboard device 20a is “Camera-A”, whereas the Device ID of the onboard device 20b is “Camera-B”. As explained below, in some situations, a Device ID may be assigned to each of devices other than the onboard devices 20.”) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the preserving patient privacy of Yousfi in view Kerstna to include data source identifier corresponding to an identifier of the input device of the plurality of input devices , as taught by Takikawa. The motivation would have been to properly identify source identifier of input devices. As to claim 2, Yousfi in view of Kerstna and Takikawa discloses: The system of claim 1, wherein the medical data gateway (Yousfi Fig 1 113) further comprises: a storage (Yousfi Fig 1 element 117) and the at least one processor is further configured to pseudonymized at least one non- pseudonymized patient identifier (Yousfi para 0059) associating the medical data to the pseudonymized patient identifier, and storing the pseudonymized patient identifier and the non-pseudonymized patient identifier in the storage (Yousfi para 0024, 0035, 0036, 004f9, 0059, and 0088) As to claim 3, Yousfi in view of Kerstna and Takikawa discloses: The system of claim 1, wherein, the at least one processor is configured to export the pseudonymized medical data by transferring the pseudonymized medical data to the remote storage, and deleting the pseudonymized medical data from the medical data gateway (Yousfi Fig 1 element 121 and Fig 4A element, para 0048 and 0049). As to claim 5, Yousfi in view of Kerstna and Takikawa discloses: The system of claim 1, wherein the at least one processor is configured to receive a data availability notification, including the data source identifier and the non-pseudonymized patient identifier (Yousfi para 0024 and 0033). As per claim 6, Yousfi in view of Kerstna and Takikawa discloses: The system of claim 1, wherein the at least one processor is configured receive a data query, including the data source identifier and the non- pseudonymized patient identifier (Yousfi para 0062 "In one embodiment, step 217 may include transmitting analyzed data to the first region and step 219 may include matching analyzed data to a patient. For example, step 219 may include matching identifier(s) and/or hash(es) associated with the analyzed data, to identifier(s) and/or hash(es) associated with PHI stored in the PHI database of the first region.") and (Kerstna para 0076 and 0110, Though Yousfi discloses a data query, Kerstna discloses receive a data query, including the data source identifier and the non- pseudonymized patient identifier. The motivation would have been to enable exchange of medical and Clinical patient data between patient domains in a healthcare system ). As per claim 9, the implementation of the system of claim 1 will execute the medical management method of claim 1. The claim is analyzed with respect to claim 1. As per claim 10, the claim is analyzed with respect to claim 2. As per claim 11, the claim is analyzed with respect to claim 3. As per claim 13, the claim is analyzed with respect to claim 5. As per claim 14, the claim is analyzed with respect to claim 6. As per claim 17, the claim is analyzed with respect to claim 3. As per claim 22, the claim is analyzed with respect to claim 3. As per claim 27, the implementation of the system of claim 1 will execute the non-transitory computer readable medium (Yousfi paragraph 0116) of claim 1. The claim is analyzed with respect to claim 1. 4. Claim 4, 12, 18, and 23 is rejected under pre-AIA 35 U.S.C. 103 as being unpatentable over Yousfi in view of Kerstna, further in view of Takikawa, and further in view of in view of U.S. Publication No. 20160154977 hereinafter Jagdish, and further in view of U.S. Publication No. 20150012283 hereinafter Ryan. As to claim 4, Yousfi in view of Kerstna and Takikawa discloses: The system of claim 1, wherein the at least one processor is configured to: pseudonymized patient identifier (Yousfi para 0058) Yousfi in view of Kerstna and Takikawa does not disclose: receive a conversion request including the pseudonymized patient identifier, evaluate whether the conversion request has sufficient rights for obtaining the non-pseudonymized patient identifier, and convert, upon the conversion request being evaluated to have the sufficient rights for obtaining the non-pseudonymized patient identifier, the pseudonymized patient identifier into the non-pseudonymized patient identifier Jagdish discloses: receive a conversion request, evaluate whether the conversion request has sufficient rights for obtaining the non-pseudonymized patient identifier (para 0048 " When a user 117 logs in at the Client for viewing the patient data, a decision is made on the basis of the login data, to download the encrypted patient identification dataset or not." Para 0049 "The inbox 139 sends a request to the access service 153 for downloading the encrypted patient identification dataset, if the login data are admissible."), convert, upon the conversion request being evaluated to have the sufficient rights for obtaining the non-pseudonymized patient identifier, the pseudonymized patient identifier into the non- pseudonymized patient identifier (para 0037 "Consequently, the patient identification data are separated from the DICON-files. The patient identification data of a study, (like name, age, sex, or date of birth), are stored as separate JSON-file with encryption." para 0049 "The inbox 139 sends a request to the access service 153 for downloading the encrypted patient identification dataset, if the login data are admissible. The access service 153 uses the storage access service 155 for downloading the encrypted patient identification dataset. For the sake of performance, the encrypted patient identification dataset may be deposited in a cache-storage. The information in the patient identification dataset is decrypted only in the cache of the browsers and returned to the inbox 139.") Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the preserving patient privacy of Yousfi in view of Kerstna and Takikawa to include receive a conversion request, evaluate whether the conversion request has sufficient rights for obtaining the non-pseudonymized patient identifier and u convert, upon the conversion request being evaluated to have the sufficient rights for obtaining the non-pseudonymized patient identifier, the pseudonymized patient identifier into the non- pseudonymized patient identifier, as taught by Jagdish. The motivation would have been to protect patient identification data by encryption and are still made available for authorized users (Jagdish paragraph 0006). Yousfi in view of Kerstna, Takikawa and Jagdish does not disclose: receive a request including a pseudonymized patient identifier Ryan discloses: receive a conversion request including a pseudonymized patient identifier (para 0067 "At block 1410, data reports are received. More specifically, one or more data reports are received via a communications network, by an analytic server, from one or more wireless device application providers that provide wireless device applications to patients, each request comprising an anonymized patient identifier that identifies the patient associated with the data report, and a wireless device application identifier that identifies the wireless device application associated with the data report.") Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the preserving patient privacy of Yousfi in view of Kerstna, Takikawa and Jagdish to include receive a request including a pseudonymized patient identifier, as taught by Ryan. The motivation would have been to send a request including pseudonymized patient identifier in order to properly identify and protect patient identification. As per claim 12, the claim is analyzed with respect to claim 4. As per claim 18, the claim is analyzed with respect to claim 4. As per claim 23, the claim is analyzed with respect to claim 4. 5. Claims 7-8, 15-16, 20-21, and 24-26 are rejected under pre-AIA 35 U.S.C. 103(a) as being unpatentable over Yousfi in view of Kerstna, and further in view of Takikawa and further in view of U.S. Publication No. 20180217947 hereinafter Rusen. As to claim 7, Yousfi in view of Kerstna and Takikawa discloses: The system of claim 5, further comprising: at least one processor (Yousfi Fig. 1, element 115) Yousfi in view of Kerstna and Takikawa does not disclose: a multiplexer configured to connect the at least one processor to a second input device of the plurality of input devices identified by the data source identifier Rusen discloses: a multiplexer configured to connect the at least one processor to a second input device of the plurality of input devices identified by the data source identifier (para 0024 "The peripherals are not limited to any particular type, and may include such peripherals as: a timer, a UART, a voltage comparator, an encryption engine, an analogue-to-digital converter (ADC), a digital-to-analogue converter (DAC), a radio transmitter, a radio receiver, and so on. An event may be signaled from a peripheral in response to any input, change of state, satisfying of a criterion, etc., as will be familiar to one skilled in the art-for example, when a timer reaches a target value. The tasks may be any function or operation which can be performed by the peripheral, such as transmitting data over an interface." para 0094 "Each of the channels has a similar set of elements. The channel's EEP is connected to an event signal lookup table which cross-references a set of peripheral event register addresses with an internal event line identifier which relates to one of the inputs to a multiplexer (MUX) in the PPI, associated with the channel. The PPI is configured to set the MUX to select the input associated with the address contained in the EEP.") Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the preserving patient privacy of Yousfi in view of Kerstna and Takikawa to include a multiplexer configured to connect the at least one processor to an input device identified by the data source identifier, as taught by Rusen. The motivation would have been provide a system that properly identifies channels and information within the system. As to claim 7, Yousfi in view of Kerstna and Takikawa discloses: The system of claim 1, further comprising: at least one processor (Yousfi Fig. 1, element 115) Yousfi in view of Kerstna and Takikawa does not disclose: a demultiplexer, configured to connect the at least one processor to an output device Rusen discloses: a demultiplexer, configured to connect the at least one processor to an output device (para 0095 "Similarly, the channel's TEP is connected to a task signal lookup table which cross-references a set of peripheral task register addresses with an internal task line identifier which relates to one of the output of a demultiplexer (DEMUX) in the PPI, associated with the channel. The PPI is configured to set the DEMUX to select the output associated with the address contained in the TEP.") Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the preserving patient privacy of Yousfi in view of Kerstna to include a demultiplexer, configured to connect the at least one processor to an output device, as taught by Rusen. The motivation would have been provide a system that properly identifies channels and information within the system. As per claim 15, the claim is analyzed with respect to claim 7. As per claim 16, the claim is analyzed with respect to claim 8. As per claim 20, the claim is analyzed with respect to claim 8. As per claim 21, the claim is analyzed with respect to claim 8. As per claim 24, the claim is analyzed with respect to claim 7. As per claim 25, the claim is analyzed with respect to claim 8. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached at 5712723951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /GARY S GRACIA/Primary Examiner, Art Unit 2499