SYSTEM AND METHOD FOR MANAGING CLINICAL TRIAL DATA USING BLOCKCHAIN NETWORK SCHEME

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION Response to Amendment In the amendment dated 11/10/2025, the following occurred: Claims 1, 4-6, 9, 13-15 have been amended and claim 7 has been cancelled. Claims 1-6 and 8-15 are pending and have been examined. Priority Acknowledgement is made of applicant’s claim for foreign priority under 35 U.S.C. 119(a)-(d). The certified copy has been filed in parent Application No. KR 10-2021-0190051 filed 12-28-2021. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-6 and 8-15 are rejected under 35 U.S.C. §101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Claims 1, 13 and 15 are rejected under 35 U.S.C. §101 because the claimed invention is directed to an abstract idea without significantly more. Step 1 (YES) Claims 1, 13 and 15 fall into at least one of the statutory categories (i.e., process or machine). Step 2A1 (YES) The claims recite an abstract idea. The identified abstract idea is for managing clinical trial data using a blockchain network scheme in association with a remote health diagnostics and monitoring system (RHDMS), as underlined (claim 13 being representative): a blockchain platform configured to define group-specific attributes for a contract research organization (CRO) group for managing a clinical trial, a hospital group for carrying out the clinical trial, and an admin group for administering a blockchain network and separately giving authority to access the blockchain network to the groups; a RESTful application programming interface (API) router connected to a hospital terminal and a smart pillbox terminal through a web server and linked with the blockchain platform through Google remote procedure calls (gRPC) and a hypertext transfer protocol (HTTP); a database (DB) configured to receive test information of clinical trial subjects from the hospital terminal, receive medication information and vital sign information of the clinical trial subjects from the smart pillbox terminal, and encrypt and then store the test information, the medication information, and the vital sign information; and a blockchain network admin part configured to separately give the authority to access the blockchain network to the groups and provide the test information, the medication information, and the vital sign information of the clinical trial subjects stored in the DB to be viewed or read through group-specific management terminals but forbid other groups from viewing or reading the test information, the medication information, and the vital sign information of the clinical trial subjects, wherein, after the test information, the medication information, and the vital sign information of the clinical trial subjects are received, the DB substitutes detailed test item names with code through aliasing, encrypts the code, and stores the encrypted code, wherein the DB encrypts identification (ID) information given to each of the clinical trial subjects and stores the encrypted ID information, wherein the DB generates key data including the test information encrypted and the ID information encrypted and then stores the key data, and wherein, when viewing or reading information of the key data is requested through the group-specific management terminals, the blockchain network admin part decrypts and provides the key data to the group-specific management terminals with the test information and the ID information included in the key data prevented from being decrypted. The identified claim elements, as drafted, is a process that under the broadest reasonable interpretation (BRI) covers a method of organizing human activity (i.e., managing personal behavior or relationships or interactions between people including following rules or instructions) but for the recitation of generic computer component language (discussed below in 2A2). That is, other than reciting a remote health diagnostics and monitoring system (RHDMS), the claimed invention amounts to managing personal behavior or relationships or interactions between people. For example, but for the generic computer component language, the claims encompass one or more persons managing clinical trial data using a blockchain network scheme: (1) defining group-specific attributes, (2) connecting and linking with the blockchain platform, (3) receiving, aliasing, encrypting, and storing data, (4) separately giving the authority to access the database to the groups and provide the stored data, wherein (5) when viewing of key data is requested, the blockchain network admin part decrypts and provides the key data (e.g., the key) in the manner described in the identified abstract idea, supra. The Examiner notes that certain “method[s] of organizing human activity” includes a person’s interaction with a computer (see MPEP § 2106.04(a)(2)(II)). If a claim limitation, under its broadest reasonable interpretation, covers managing personal behavior or relationships or interactions between people but for the recitation of generic computer component language, then it falls within the “certain methods of organizing human activity” grouping of abstract ideas. See additionally MPEP § 2106. Accordingly, the claims recite an abstract idea. Step 2A2 (NO) The judicial exception, the above-identified abstract idea, is not integrated into a practical application. In particular, the claims recite the additional elements of a remote health diagnostics and monitoring system (RHDMS) / a blockchain network having a RESTful application programming interface (API) router, a hospital terminal, a smart pillbox terminal, and a web server; and group-specific management terminals that implement the identified abstract idea. The additional elements aforementioned are not described by the applicant and are recited at a high-level of generality (i.e., a generic computer or computer component performing a generic computer or computer component function that facilitates the identified abstract idea) such that these amount no more than mere instructions to apply the exception using a generic computer component (see Specification e.g., at para. 0018, 0076-0077). See MPEP § 2106.04(d)(I). Accordingly, even in combination, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claims are directed to an abstract idea. Step 2B (NO) The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of a remote health diagnostics and monitoring system (RHDMS) / blockchain network having a RESTful application programming interface (API) router, a hospital terminal, a smart pillbox terminal, and a web server; and group-specific management terminals to perform the method (represented by claim 13) amount no more than mere instructions to apply the exception using a generic computer or generic computer component. Mere instructions to apply an exception using generic computer(s) and/or generic computer component(s) cannot provide an inventive concept (“significantly more”). See MPEP § 2106.05(f). Dependent claims 2-6, 8-12 and 14, when analyzed as a whole, are similarly rejected under 35 U.S.C. §101 because the additional limitation(s) fail(s) to establish that the claim(s) is/are not directed to an abstract idea without significantly more. The claims, when considered alone or as an ordered combination, either (1) merely further define the abstract idea, (2) do not further limit the claim to a practical application, or (3) do not provide an inventive concept such that the claims are subject matter eligible. Claim(s) 2-3 merely further describe(s) the additional element(s) of the RESTful API router (e.g., linked through Google remote procedure calls (gRPC) and a hypertext transfer protocol (HTTP)), the blockchain network (e.g., storing and updating data). See analysis, supra. Claim 3 further recites the additional element of a blockchain node (e.g., the hospital terminal, the smart pillbox terminal) that performs a commit function and an endorsing function in one or more peer domains, which amounts no more than mere instructions to apply the judicial exception (including interactions one or more peers committing and endorsing) using a generic computer alone or in combination. See analysis, supra. Claims 4 further recite the additional element of a Base64 encryption scheme. Under practical application, the additional element is merely generally linking the use of the abstract idea to a particular technological environment or field of use (by reciting use of the abstract idea “on the basis of” a Base64 encryption scheme). MPEP § 2106.04(d)(I) indicates that generally linking an abstract idea to a particular technological environment or field of use cannot provide a practical application. Accordingly, even in combination, this additional element does not integrate the abstract idea into a practical application. The claim is directed to an abstract idea. Also, as discussed above with respect to integration of the abstract idea into a practical application, the additional element of a Base64 encryption scheme is considered generally linking the use of the abstract idea to a particular technological environment or field of use. This has been re-evaluated under the “significantly more” analysis and has also been found insufficient to provide significantly more. MPEP § 2106.05(A) indicates that generally linking an abstract idea to a particular technological environment or field of use cannot provide significantly more. Accordingly, even in combination, this additional element does not provide significantly more; as such, the claim is not patent eligible. Claims 5 further recites the additional element of a SHA-256 hash encryption scheme. Under practical application, the additional element is merely generally linking the use of the abstract idea to a particular technological environment or field of use (by reciting use of the abstract idea “on the basis of” a SHA-256 hash encryption scheme). MPEP § 2106.04(d)(I) indicates that generally linking an abstract idea to a particular technological environment or field of use cannot provide a practical application. Accordingly, even in combination, this additional element does not integrate the abstract idea into a practical application. The claim is directed to an abstract idea. Also, as discussed above with respect to integration of the abstract idea into a practical application, the additional element of a SHA-256 hash encryption scheme is considered generally linking the use of the abstract idea to a particular technological environment or field of use. This has been re-evaluated under the “significantly more” analysis and has also been found insufficient to provide significantly more. MPEP § 2106.05(A) indicates that generally linking an abstract idea to a particular technological environment or field of use cannot provide significantly more. Accordingly, even in combination, this additional element does not provide significantly more; as such, the claim is not patent eligible. Likewise, Claims 6 and 14 further recite the additional elements of the Base64 encryption scheme and the SHA-256 hash encryption scheme, each of which is also considered generally linking. See analysis, supra. Claims 8-9 merely further recites the additional element of a public key infrastructure (PKI)-based membership service provider (MSP), which is considered generally linking. See analysis, supra. Claim 10 merely further describes the additional element of the blockchain network comprising a file system, which amounts no more than mere instructions to apply the judicial exception with a generic computer and a generic computer component. See analysis, supra. Claim 11 merely further describes the identified abstract idea (e.g., the access configuration file). Claim 12 merely further recites the additional element of the smart pillbox terminal (e.g., transmitting data). Response to Arguments Rejections under 35 U.S.C. §112(b) Regarding the rejections, the Applicant has amended the claims to obviate or overcome the previous issue of indefiniteness. The amended claims as considered do not cause any new issues. Rejections under 35 U.S.C. §101 Regarding the rejection of Claims 1-15, the Applicant has cancelled claim 7, rendering the rejection of the claim moot. Regarding the remaining claims 1-6 and 8-15, the Examiner has considered the Applicant’s arguments but does not find them persuasive for at least the following reasons. Applicant argues: A1. “The claims do not recite a judicial exception. Although the Office Action characterizes the claims as directed to organizing human activity… a blockchain-based system that securely receives, encrypts, stores, and selectively shares clinical trial data using group-specific access control and encryption protocols. This is not a fundamental economic practice or mental process, but…” (Remarks, pg. 10). Re. argument A1: The Examiner respectfully submits the basis of rejection as necessitated by amendment. Given the broadest reasonable interpretation, the Examiner respectfully asserts that the claims recite an abstract idea (i.e., CMOHA – particularly the managing personal behavior subgrouping) because of the recitations of rule following (defining, receiving, aliasing, encrypting, storing, decrypting, providing, accessing, or viewing data and authorizing access, etc.) are encompassed by this abstract idea subgrouping. See MPEP 2106.04(a)(2)(II). The above-identified abstract idea encompasses these high-level steps that are performed by a person via generic computer interactions. For example, but for the remote health diagnostics and monitoring system (comprising various modules and stored data, e.g., a blockchain platform, a database, a blockchain network admin part), the claims encompass a person (e.g., a group member) requesting to view information of the key data and the functionality of decrypting and providing the key data to the person with the test information and the identification information being redacted. A2. “the amended claims are instead directed to a specific technical solution… a concrete implementation of a secure data management system-similar to the facts in Enfish, where claims were found patent eligible for improving computer functionality” (Remarks, pg. 10). Re. argument A2: The Examiner respectfully asserts that the additional elements are not described by the Applicant and are recited at a high-level of generality, such that these amount no more than mere instructions to apply the abstract idea therewith. Even in combination, generic computer components cannot provide an integration of the abstract idea into a practical application. Respectfully, the Applicant has not provided evidence from the Specification to pursue any of the assertions of improving computer functionality (or the functioning of other technology or technological field). “[F]irst the specification should be evaluated to determine if the disclosure provides sufficient details such that one of ordinary skill in the art would recognize the claimed invention as providing an improvement” (citing MPEP 2106.04(d)) (emphasis added). The Examiner has not found evidence in the Applicant’s disclosure of any improvement(s). “Second, if the specification sets forth an improvement in technology”, which in this case it does not, “the claim must be evaluated to ensure that the claim itself reflects the disclosed improvement. That is, the claim includes the components or steps of the invention that provide the improvement described in the specification” (citing MPEP 2106.04(d)(1)). The Applicant goes over several points following their assertion of improved computer functionality. The Examiner addresses these in order of presentation, as follows: A RESTful API router, a hospital terminal, a smart pillbox terminal, and a web server are each generic computer components (i.e., generic network components) performing generic computer component functions (linking by following various network communication protocols, e.g., a Google remote procedure calls and a hypertext transfer protocol (HTTP)) without describing sufficient details of the linking. Even in combination, these cannot provide a practical application merely by being connected and linked for data communication in accordance with the recited communication protocols. Further, the linking of these generic network components represents a non-generic arrangement, which does not provide significantly more. In light of the Specification, the blockchain platform reads as a software module of the RHDMS / blockchain network. Only additional elements (e.g., the RHDMS / blockchain network or components thereof) can provide an integration or an inventive concept. As for the RHDMS / blockchain network and its components, these are not described by the Applicant and each is recited at a high level of generality (i.e., a generic computer network component). For example, the functionality of defining group-specific attributes and access controls is not described by the Applicant and is recited at a high-level without technical details as to the definition of group-specific attributes or access controls. In light of the specification, the database may be contained in a generic computer network component as a data arrangement. None of the generic computer network components integrate the abstract idea into a practical application. For example, the functionalities of receiving, aliasing, encrypting, generating, and storing data are recited at a high-level. The Examiner asserts that even “substituting data with code through aliasing” is a high-level recitation of aliasing functionality. The database and the blockchain network admin part may be contained by a single generic computer network component. The functions of authorizing various levels of access, forbidding unauthorized access, decrypting data and providing data to be viewed (while maintaining redaction of key information) are recited at a high-level without sufficient technical details. As such, these mere instructions to implement the abstract idea on a generic computer do not integrate the abstract idea into a practical application. A3. “The system prevents unauthorized access and ensures anonymization of sensitive data---just like the fact pattern inMcRO, where structured rules applied to data yielded a technological improvement” (Remarks, pg. 10). Re. argument A3: The Examiner respectfully submits that the argued rules and improvement to technology are unlike McRo and do not remove the claimed invention from being an abstract idea. In McRo, the claimed invention recited a very specific set of rules that allowed a computer to perform animation in a manner that was previously only performable by human animators. The very fact that the animation could not be previously performed by computers and that the rules applied by the claimed invention solved this problem was the reason the claimed invention in McRo was found to be not directed to an abstract idea. Here, there is no evidence on record that establishes that the claimed invention was only previously performable by humans in the manner of McRo. The claimed invention does not appear to improve the technology of data security, integrity, or access control as previously stated. The claimed invention also does not appear to improve blockchain network data storage security. A4. “the claims recite significantly more than the alleged abstract idea. The combination of RESTful API routing, gRPC/HTTP linkage, Base64 and SHA-256 encryption, and PKI-based MSP access control reflects an inventive concept not found in conventional systems” (Remarks, pg. 10-11). Re. argument A4: The Examiner respectfully submits that the additional elements do not amount to significantly more than the above-identified abstract idea. Looking at the limitations as an ordered combination adds nothing that is not already present when looking at the additional elements taken individually. For instance, there is no indication that the additional elements, when considered as a whole, (1) reflect an improvement in the functioning of a computer or an improvement to another technology or technical field, (2) apply or use the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition, (3) implement the judicial exception with a particular machine or manufacture that is integral to the claim, (4) effect a transformation or reduction of a particular article to a different state or thing, or (5) apply the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is not more than a drafting effort designed to monopolize the judicial exception (see MPEP § 2106.05). The collective functions of the limitations merely provide conventional computer implementation. Further, the claimed invention by definition monopolizes (i.e., “ties up”) the identified abstract idea. RESTful API routing is not claimed. It is not clear whether the router does more than exist in the computer environment or provide generic communication functionality. Google RPC/HTTP linkage does not recite sufficient technical details and the specification does not disclose how this would provide a technical improvement. Neither Base64 nor SHA-256 encryption schemes are claimed in the independent claims. One or more dependent claims generally link the identified abstract idea to these schemes for at least the reason that “on the basis of” is not a positive recitation of performing encryption using a specific encryption scheme. Such a recitation, upon entry, may or may not be considered “apply it”. Note: Support for performing encryption using a SHA-256 scheme is found in the Specification at para. 0046-0055. The abstract idea (“wherein the blockchain network admin part separately gives the authority to access the blockchain network to the groups”) is likewise generally linked to a PKI-based membership service provider. Further, “[a]s made clear by the courts, the novelty of any element or steps in a process, or even of the process itself, is of no relevance in determining whether the subject matter of a claim falls within the § 101 categories of possibly patentable subject matter." MPEP 2016.05(I) (internal quotations omitted). A5. “These features are rooted in the specification” (remarks, pg. 11). Re. argument A5: See response to argument A2-A3. The Applicant has not evidenced any portions of the specification. A6. “are not routine or conventional computing practices, as confirmed in BASCOM” (remarks, pg. 11). Re. argument A6: See response to argument A4. The Examiner respectfully submits that, regarding BASCOM, the court agreed that the additional elements were generic computer, network and Internet components that did not amount to significantly more when considered individually, but explained that the district court erred by failing to recognize that an inventive concept may be found in the combination of the additional elements in a non-conventional and non-generic arrangement, i.e., the installation of a filtering tool at a specific location, which was remote from end-users, with customizable filtering features specific to each end-user. It is unclear what is non-conventional and non-generic about the arrangement of the additional elements in the Applicant’s case. Regarding the rejection of Claims 2-6 and 8-15, the Applicant has not offered any arguments with respect to these claims other than to reiterate the argument(s) present for the claim(s) from which they depend. As such, the rejection of these claims is also maintained. Rejections under 35 U.S.C. §103 Regarding the rejection of Claims 1-15, the Applicant has cancelled claim 7, rendering the rejection of the claim moot. Regarding the remaining claims 1-6 and 8-15, the Examiner has considered the incorporation of the wherein clause of canceled claim 7 into the independent claims. The independent claims are considered to recite subject matter free of prior art (as explained below). The prior art rejection of claims 1-6 and 8-15 is withdrawn, obviating the Applicant’s remarks thereto. Subject Matter Free of Prior Art The cited prior art of record fails to expressly teach or suggest, either alone or in combination, the features found within independent claims 1, 13 and 15 as follows (claim 13 being representative): wherein, when viewing or reading information of the key data is requested through the group-specific management terminals, the blockchain network admin part decrypts and provides the key data to the group-specific management terminals with the test information and the ID information included in the key data prevented from being decrypted. The most remarkable prior art of record is as follows: Dods (US 11,769,577 B1) for teaching a method for authenticating requestors of client devices (122) and granting access to a permissioned blockchain network and for use in managing clinical trial data (see at least Abstract & Figs. 6B, 7B). Zhang (US 2022/0038268 A1) for teaching, among other things, a router and various procedures and protocols (see at least para. 0124). Oh (US 2023/0120168 A1) for teaching a clinical trial subject smartphone terminal that sends transaction data to a blockchain (see at least Figs. 1, 8-10 & para. 0040, 0052). Kehr (US 2003/0036683 A1) for teaching vital signs (see at least para. 0151). Maloney (US 5,701,453) for teaching creating aliases for data items in the database tables and columns (see at least Figs. 12-13). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Stankoulov (US 2021/0200501 A1) for teaching claim 13 limitation of wherein the RESTful API router is linked… through Google remote procedure calls and a hypertext transfer protocol (HTTP) (see para. 0139), with the motivation of improving healthcare information management and exchange (see Stankoulov at Abstract and para. 0002). Leng et al. (2021) (“Application of Hyperledger in the Hospital Information Systems: A Survey”) for teaching the claim 3 limitations of one or more peer domains in which a commit function and an endorsing function are performed at the blockchain node (pg. 128968, section 1), a fabric certificate authority (CA) domain for the group (pg. 128968, section 1), and a membership service provider (MSP) domain for the group (pg. 128976, left column); and for teaching the claim 9 recitations of wherein the MSP is defined to include peer information, orderer information, admin information (pg. 128968, section 1). Sharda et al. (US 2021/0174911 A1) for teaching A blockchain-based clinical study management system simplifies data regulation while enabling data transparency. The system identifies data falsification and guarantees monetary compensation for trial participants. The system records and manages informed consent histories for trial participants. See at least Figs. 1-2 and 4. Tamis et al. (US 2010/0169115 A1 teaches moving member’s name, address, and email address to a separate offline server and assigning the individual a code number (Fig. 4); system information is transferred to online encrypted files (Fig. 5). Shelton (US 2014/0289001 A1) for teaching a system and method for managing private records and other confidential information. Akinmeji et al. (US 2018/0096102 A1) for teaching redaction of sensitive patient data. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jessica M Webb whose telephone number is (469)295-9173. The examiner can normally be reached Mon-Fri 9:00am-3:00pm CST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Robert Morgan can be reached on (571) 272-6773. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /J.M.W./Examiner, Art Unit 3683 /CHRISTOPHER L GILLIGAN/Primary Examiner, Art Unit 3683