DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of the Claims
Claims 1-9 were previously pending and subject to a non-final rejection dated July 15, 2025. In the Response, submitted on December 14, 2025, claims 1 and 2 were amended. Therefore, claims 1-9 are currently pending and rejected in the final rejection below.
Examiner makes note the term “management” was deleted in line 1 of claim 1 in the amendments presented on December 14, 2025 without any markings (e.g., stricken through) indicating that the language was deleted. However, to further prosecution Examiner is interpreting the term to have been stricken through, and will be treated as deleted claim language.
Response to Arguments
Applicant’s remarks on Page 10 of the Response, regarding the previous objection to claim 2, and the previous rejection of claims 1-9 under 35 U.S.C. 112(b) have been fully considered and are found persuasive in view of the claim amendments.
Applicant’s remarks on Pages 10-13 of the Response, regarding the previous rejection of claims 1-9 under 35 U.S.C. 101 have been fully considered and are only found persuasive in part. Examiner notes while Applicant has only addressed the 35 U.S.C. 101 subject matter eligibility rejection of claims 1-9, the amendments to the claims overcome the previous 35 U.S.C. 101 rejection for reciting non-statutory subject matter.
On Pages 10-11 of the Response, regarding the subject matter eligibility rejection, Applicant argues “Claim 1…explicitly recite a privacy-enabled system comprising a specific database architecture utilizing randomly generated unique identifiers for obfuscation, a specific hierarchical default/override logic rule…and a comparator algorithm…that automatically blocks non-compliant transactions…By reciting specific data structures for privacy and a responsive action for transaction control, the claims transcend the Examiner’s broad characterization of ‘organizing human activity.’”
Examiner respectfully disagrees and notes the “logic rule”, algorithm and prohibition of a transaction merely recite the abstract idea; and nothing in the claims or specification describes a “specific database architecture” as alleged. For example, Paragraph [0044] of the specification explains “Database 2 may be a SQL, Non-SQL, relational, or non-relational database (e.g., MySQL, Oracle, Mongo, Cassandra, ElasticSearch, Neo4J, and others) or any other datastore or repository for persistently storing and managing collections of data according to the invention.” (emphasis added) Therefore, it is unclear what “specific…architecture” or “specific data structures” is being claimed, such that claims do not recite an abstract idea.
On Page 11 of the Response, Applicant argues that claim 1 “is directed to a specific technological implementation of data privacy and rule enforcement” and that the claimed elements of a “database structure configured to store records” and “specific querying mechanism utilizing…unique identifiers to securely retrieve policy datasets” are “specific improvements to the way a computer stores and retrieves data mirroring the ‘self-referential table’ in Enfish”.
Examiner respectfully disagrees and as discussed above, the specification describes the database at such a high-level of generality, that it amounts to no more than mere instructions to apply the judicial exception using generic computer components (See MPEP 2106.05(f)). Similarly, “using the unique identifier to query the database” is described in Paragraph [96] of the specification as merely “the participant dataset…may be stored encrypted in database 2 identifiable by a unique identifier”. Therefore, “using the unique identifier to query the database” amounts to no more than mere instructions to apply the judicial exception using generic computer components (See MPEP 2106.05(f)).
Examiner further notes that in Enfish, the patented logical model includes all data entities in a single table, with column definitions provided by rows in that same table. The patents describe this as the self-referential property of the database. The patented self-referential model has two features that are not found in the relational model: first the self-referential model can store all entity types in a single table, and second the self-referential model can define the table’s columns by rows in that same table. Here, nothing in the claims or specification recites a structure of the database or querying of data (as noted above), similar to that of Enfish, such that the high-level recitation of the claimed “a database configured to store data records….” “mirror[s] the self-referential table” of Enfish, as Applicant alleges. Thus, Applicant’s arguments analogizing the claims to that of Enfish are not found persuasive.
On Pages 11-12 of the Response, Applicant further argues that the “use of obfuscated unique identifiers to separate PII from policy logic is a specific improvement to database security and privacy. Therefore, the eligibility of the claim is self-evident because it recites a specific improvement to database security.”
Examiner respectfully disagrees and notes that the type of data (i.e., “obfuscated unique identifiers”) used in a query merely reflects the abstract idea, and not an improvement to the database itself. As discussed above, the claimed “database structure configured to store records” and “querying the database” are recited at such a high-level of generality, that it amounts to no more than mere instructions to apply the judicial exception using generic computer components (See MPEP 2106.05(f)). Thus, Applicant’s arguments are not found persuasive.
On Page 12 of the Response, in discussing Step 2A, Prong Two, Applicant states “amended claim 1 recites an improvement to the functioning of a computer as defined in MPEP§ 2106.05(a) and utilizes the judicial exception to control a specific technical process…the claims do not merely describe a result, but rather expressly recite specific methods of implementing technical processes for data protection and automatic application and enforcement of a default or an overriding specialized travel policy based on travel policy conditions, for example:…By linking specialized travel policies to ‘randomly generated unique identifiers’ rather than raw personal data….By executing a hierarchical rule engine (e.g., default/override rule) that applies a main travel policy by default and overrides it with a specialized travel policy when specific travel conditions (country, site, visit attribute, visit policy label, traveler policy label) are met….By executing a ‘comparator algorithm’ that compares booking information against either the default main travel policy or the overriding specialized travel policy.”
Examiner respectfully disagrees and notes nothing in the claims or specification discloses an “improvement to the functioning of a computer” as alleged. Merely “implementing technical processes” and claiming an “automatic application” does not taking the claim out of the grouping of a certain method of abstract idea or integrate the abstract idea into a practical application. As will be discussed below, “linking specialized travel policies to ‘randomly generated unique identifiers’ rather than raw personal data”, "a hierarchical rule engine (e.g., default/override rule) that applies a main travel policy by default and overrides it with a specialized travel policy when specific travel conditions (country, site, visit attribute, visit policy label, traveler policy label) are met” and a “executing a ‘comparator algorithm’ that compares booking information against either the default main travel policy or the overriding specialized travel policy” are limitations that merely recite the abstract idea of a certain method of organizing human activity (e.g., commercial interaction). Lastly Examiner notes that “a bare assertion of an improvement without the detail necessary to be apparent to a person of ordinary skill in the art” does not amount to a technological improvement. Here, nothing in the above arguments, specification or claims, explains how a computer itself is improved by the use of specific data (e.g., randomly generated unique identifiers) or by default/override rules or a comparator algorithm. Thus, Applicant’s arguments are not found persuasive.
On Pages 12-13, in comparing the claims to Example 47, Applicant argues “the system is ‘configured to automatically block the booking request’ if the comparator algorithm determines non-compliance with either the main travel policy by default or with the specialized travel policy if the specialized travel policy overrides the main travel policy. This limitation clarifies that the claimed invention takes responsive action rather than merely identify non-compliance. (See USPTO Example 47, Anomaly Detection). By using the travel policy analysis and comparator algorithm to automatically block the booking (i.e., control the transaction flow), the claimed invention integrates the abstract idea into a practical technical tool for network and transaction security.”
Examiner initially notes that the limitation “automatically block the booking request” is rejected under 35 U.S.C. 112(a) for reciting new matter – as will be discussed further below in the rejection. Examiner further notes that eligible Claim 3 of Example 47 explains that automatically dropping the one or more malicious network packets, and blocking future traffic from the source address, provide specific computer solutions that use the output from the ANN to provide security solutions to the detected anomalies. As indicated in paragraph six of the background, the system may “automatically” perform dropping of malicious network packets and blocking future traffic without the need for any action by a network administrator. Instead, the ANN may make decisions about whether a network packet is potentially malicious and take action to drop malicious network packets and block future traffic.
Here, nothing in the specification explains that “automatically block[ing] the booking request” is a security solution to detected anomalies or to “network and transaction security”. Rather the opposite, Paragraph [0138] (as cited to on Page 9 of the Response for written description support) explains that “[i]f the algorithm results in non-compliance” then an “approval workflow” is invoked, and if the workflow “results in a rejection step” then “travel interface 500 returns to step 1006 allowing the user to modify or input new trip segment data” (emphasis added). That is, nothing in the specification explains that a booking request is blocked, rather a user is simply allowed to return to a step for modifying or inputting segment data for a subsequent booking request. Thus, Applicant’s comparison to Example 47’s eligible claim 3 is not found persuasive.
On Page 13 of the Response, in discussing Step 2B, Applicant argues “the claims recite an inventive concept under Step 2B and are not merely a combination generic or well-understood, routine, and conventional elements as Examiner appears to contend. Without citing any evidence, the Examiner states that the claims combine generic components, such as a ‘GUI’ and a ‘database’. But whether a claim element or a combination is generic (i.e., "well-understood, routine, and conventional") is a question of fact. (See Berkheimer…) Here, claim 1 is not merely a combination of generic components. For example, Claim 1 does not recite a generic database, but a specific privacy-enabled database architecture utilizing obfuscated unique identifiers combined with a hierarchical default/override rule engine (i.e., specialized travel policy may override the default main travel policy) and an automated blocking mechanism (e.g. using the computer comparator algorithm). There is no evidence in the record-and Applicants respectfully assert none exists-that this specific ordered combination of privacy-preserving database structures and hierarchical and automated enforcement logic was ‘well-understood, routine, and conventional’ in the art at the time of the invention. The Examiner must provide objective evidence and may not rely on official notice that the claimed specific privacy architecture, hierarchical rule engine, and automated blocking mechanism are generic, and that the currently pending claims, when viewed as a whole/ordered combination, are routine, well understood, and conventional. (See Berkheimer). Absent such evidence, the rejection under § 101 must be withdrawn.”
Examiner disagrees and notes that while Applicant argues that Examiner “appears to contend” that the claims are “well-understood, routine and conventional elements”, “appear[ing] to contend” and explicitly asserting that the additional elements are well-understood, routine, and conventional are not the same. (emphasis added) A close reading of the Non-Final Rejection would reveal that none of the additional elements were analyzed as “well-understood, routine and convention” (See Paras. 14, 16, and 20 of the Non-Final Rejection asserting that the additional elements, when viewed as a whole or combination, amount to no more than mere instructions to apply the judicial exception using generic computer components under MPEP 2106.05(f)).
Examiner urges Applicant to review MPEP 2106.07(a)(III) explaining that “At Step 2A Prong Two or Step 2B, there is no requirement for evidence to support a finding that the exception is not integrated into a practical application or that the additional elements do not amount to significantly more than the exception unless the examiner asserts that additional limitations are well-understood, routine, conventional activities in Step 2B.” (emphasis added) Therefore, Applicant’s arguments regarding any requisite Berkheimer evidence are moot.
Furthermore, as discussed above nothing in the claims or specification describes a “specific… database architecture” as alleged. For example, Paragraph [0044] of the specification explains “Database 2 may be a SQL, Non-SQL, relational, or non-relational database (e.g., MySQL, Oracle, Mongo, Cassandra, ElasticSearch, Neo4J, and others) or any other datastore or repository for persistently storing and managing collections of data according to the invention.” (emphasis added) Therefore, it is unclear what “specific privacy-enabled database architecture” is being claimed, such that claims recite an inventive feature. Lastly, as discussed above, the limitation “automatically block the booking request” is rejected under 35 U.S.C. 112(a) for reciting new matter, and merely recites the abstract idea. Thus, Applicant’s arguments are not found persuasive.
Applicant’s remarks on Pages 14-16 of the Response regarding the previous rejection of the claims under 35 U.S.C. 103 have been fully considered and are found persuasive in view of the amended claims.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1-9 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claim 1 has been amended to recite “wherein the system is configured to automatically block the booking request if the comparator algorithm determines the segment booking information is non-compliant with one or more of the main travel policy or the specialized travel policy.” Examiner notes the above bolded language recites new matter.
Examiner initially notes that while there is no haec verba requirement, newly added claim limitations must be supported in the specification through express, implicitly, or inherent disclosure (MPEP 2183). Further, when an explicit limitation in a claim "is not present in the written description whose benefit is sought it must be shown that a person of ordinary skilled would have understood, at the time the patent application was filed, that the description requires the limitation," Hyatt v. Boone, 146 F.3d 1348,1353, 47 USPQ2d 1128, 1131 (Fed. Cir. 1998), MPEP 2163.
Paragraph [0138] and Figure 4 of Applicant’s specification explains that “[i]f the algorithm results in non-compliance” then an “approval workflow” is invoked, and if the workflow “results in a rejection step” then “travel interface 500 returns to step 1006 allowing the user to modify or input new trip segment data” (emphasis added). Nothing in the specification discloses that the “system is configured to automatically block the booking request” as recited in claim 1. Rather, a user is simply allowed to return to a step for modifying or inputting segment data for a subsequent booking request, instead of a “blocking” action being performed. Claims 2-9 are rejected by virtue of dependency.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-9 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Step 1
Claims 1-9 recite a system comprising a server (i.e., a machine). Therefore the claims all fall within one of the four statutory categories of invention.
Step 2A, Prong One
Claim 1 recites a privacy enabled system for secure visualization and enforcement of a travel policy for a clinical study by: storing data records with randomly generated unique identifiers to obfuscate personal information; providing a study dataset comprising a first travel policy condition, and a study travel policy dataset comprising a main travel policy and a specialized travel policy; wherein the first travel policy condition is selected from the group consisting of a country, a clinical site, a traveler policy label, a visit attribute, a visit policy label, and combinations thereof; wherein the specialized travel policy is associated with the first travel policy condition via a unique identifier corresponding to the first travel policy condition; wherein the system is configured to apply the main travel policy to the trip segment by default, and to apply the specialized travel policy to override the main travel policy only when the trip segment matches the first travel policy condition; wherein the system is configured to receive a booking request for the trip segment comprising segment booking information; wherein responsive to receiving the booking request the system executes a comparator algorithm to compare the segment booking information against the main travel policy by default or against the specialized travel policy when the specialized travel policy overrides the main travel policy; wherein the system is configured to block the booking request if the comparator algorithm determines the segment booking information is non-compliant with one or more of the main travel policy or the specialized travel policy; wherein the specialized travel policy is selected from a country policy, a site policy, a first visit policy, a second visit policy, a custom policy, and combinations thereof; receiving the travel policy condition and study travel policy dataset using the unique identifier for a query; displaying the travel policy condition, the main travel policy, and the specialized travel policy; visually associate the first travel policy condition with the specialized travel policy; enable modifying the specialized travel policy; and, wherein responsive modifying the specialized travel policy, is configured to (a) receive a modified specialized travel policy, (b) store the modified specialized travel policy replacing the specialized travel policy, (c) associate the modified specialized travel policy with the first travel policy condition by linking the modified specialized travel policy to the unique identifier, and (d) visually associate the travel policy condition with the modified specialized travel policy.
The claim as a whole recites a certain method of organizing human activity. The limitations recited above, under broadest reasonable interpretation, recite the abstract idea of a certain method of organizing human activity, e.g., commercial interactions or fundamental economic practices. Therefore, the claim recites an abstract idea.
Step 2A, Prong Two
The judicial exception is not integrated into a practical application. Claim 1 as a whole amounts to: “apply it” (or an equivalent) with the judicial exception, or merely include instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea.
Claim 1 recites the additional elements of: (i) a server secured within a private cloud; (ii) a database (to programmatically associate data; for being queried); (iii) a GUI (for updating interfaces) comprising a travel policies interface and a travel policy control, wherein the GUI is configured to be displayed on a networked workstation; and (iv) automated enforcement, automatically blocking, and programmatically associate data.
The above additional elements of: (i) –(iv) are recited at a high-level of generality such that, when viewed as whole/ordered combination, it amounts to no more than mere instructions to apply the judicial exception using generic computer components (See MPEP 2106.05(f)).
Accordingly, these additional elements, when viewed as a whole/ordered combination (See Figs. 1 and 4) do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Thus, the claim is directed to an abstract idea.
Step 2B
As discussed above with respect to Step 2A Prong Two, the additional elements amount to no more than reciting the words “apply it” (or an equivalent) with the judicial exception, or merely include instructions to implement an abstract idea on a computer, or merely use a computer as a tool to perform an abstract idea; or generally link the use of a judicial exception to a particular technological environment or field of use. The same analysis applies here in 2B, i.e., reciting the words “apply it” (or an equivalent) with the judicial exception, or merely including instructions to implement an abstract idea on a computer, does not integrate the abstract idea into a practical application at Step 2A or provide an inventive concept at Step 2B.
Therefore, the additional elements discussed above do not integrate the abstract idea into a practical application at Step 2A or provide an inventive concept at Step 2B. Thus, even when viewed as a whole/ordered combination, nothing in the claim adds significantly more (i.e., an inventive concept) to the abstract idea. Thus, the claim is ineligible.
Dependent claims 2-5, and 8-9 further recite details which merely narrow the previously recited abstract idea limitiaitions. For these reasons, as described above with respect to claim 1, these judicial exceptions are not meaningfully integrated into a practical application or significantly more than the abstract idea. Thus, claims 2-5 and 8-9 are also ineligible.
Claim 6 describes wherein the clinical dataset further comprises a second participant dataset; receiving and displaying the second participant dataset; associating the second participant dataset with the second travel policy condition; and, responsive to associating the second participant dataset with the second travel policy condition: associate the new specialized travel policy with the second participant dataset – which merely narrows the previously recited abstract idea.
The claim adds the additional element of a participant travel policies interface having a participant policy control, wherein using the participant policy control the GUI is configured to cause the database to programmatically associate data with the second participant dataset. The abstract idea is not integrated into a practical application because the additional element merely serves as generic computer components on which the abstract idea is implemented. See MPEP 2106.05(f). The claim does not include limitations sufficient, either alone or in combination, to amount to significantly more than the claimed abstract idea because the aforementioned additional elements merely serve as generic computer components on which the abstract idea is implemented. See MPEP 2106.05(f)
Dependent claim 7 further recite details which merely narrow the previously recited abstract idea limitiaitions. For these reasons, as described above with respect to claim 6, these judicial exceptions are not meaningfully integrated into a practical application or significantly more than the abstract idea. Thus, claim 7 is also ineligible
Allowable over the Prior Art
Claims 1-9 are allowable over the prior art, but subject to the above and rejections.
The closest prior art includes:
U.S. Patent Application Publication No. 2015/0046187 to Johnson et al. (hereinafter “Johnson”). Johnson discloses a clinical trial participant transportation system that has a transportation request portal in the form of an online interface. The clinical trial participant transportation system examines the details of the desired transportation and determine whether the specific desired transportation matches up with what would be expected and allowable under the parameters of the clinical trial.
U.S. Patent Application Publication No. 2019/0034805 to Cohen-Zur et al. (hereinafter “Cohen-Zur”). Cohen-Zur discloses a user interface where a manager can use on/off switches to control whether a particular criterion is to be used in the determination of the recommended action.
U.S. Patent Application Publication No. 2021/0209522 to Shaw et al. (hereinafter “Shaw”). Shaw discloses merging a set of rules, wherein the specified manner of merging the respective policies comprises resolving any conflicts between the policies, wherein: additional travel policy properties of the corporate body override corporate body travel rules, additional travel policies of the travelers override travel policies of the travelers, and corporate body travel rules and additional policies override travel policies and additional policies of the travelers.
U.S. Patent Application Publication No. 2014/0019176 to Mandelbaum et al. (hereinafter “Mandelbaum”). Mandelbaum discloses importing information associated with one or more appointments from a traveler's calendar to automatically plan and book a complete itinerary.
U.S. Patent Application Publication No. 2018/0182055 to Jepson et al. (hereinafter “Jepson”). Jepson discloses systems and methods for coordinating, arranging and/or managing transportation. These systems and methods can be used and applied in a variety of settings and industries, including healthcare.
U.S. Patent Application Publication No. 2014/0278597 to Wilkinson et al. (hereinafter “Wikinson”). Wilkinson discloses an administrator interface in which an administrator accesses the system. An administrator may set a user's travel policy with and may access the administrator module and enter travel policy in the travel policy database. The administrator module provides the ability of the administrator to access and view stored travel search criteria and in-policy booking options (and other information) across the entire organization.
“Transportation innovation to aid Parkinson disease trial recruitment” by Frank et al., dated December 2019 (hereinafter “Frank”). Frank discloses pre-arranged rides through a third-party ride sharing service for a clinical trial.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Rupangini Singh whose telephone number is (571)270-0192. The examiner can normally be reached Mon-Fri 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shannon Campbell can be reached on (571) 272-5587. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/RUPANGINI SINGH/Primary Examiner, Art Unit 3628