APPARATUS AND A METHOD FOR ANONYMIZING USER DATA

DETAILED ACTION Notices to Applicant This communication is a Non-Final Office Action on the merits. Claims 1-2, 5-12, and 15-22 as filed 01/21/2026, are currently pending and have been considered below. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 01/21/2026 has been entered. Priority This application claims the benefit of priority of U.S. Provisional Patent Application Serial No. 63/381,492, filed 10/28/2022. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-2, 5-12, and 15-22 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., an abstract idea) without significantly more. Claims 1-2, 5-10, and 21 are drawn to an apparatus for anonymizing user data, which is within the four statutory categories (i.e. machine). Independent Claim 1 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Claim 1 recites […] at least a processor; and a memory communicatively connected to the at least a processor, wherein the memory containing instructions configuring the at least a processor to: receive, from a first database, a plurality of user data comprising a plurality of metadata; detach the plurality of metadata from the plurality of user data; identify a plurality of patient identifiers within the plurality of user data and the plurality of metadata; generate anonymized data and anonymized metadata as a function of the plurality of patient identifiers, wherein generating the anonymized data comprises: receiving anonymization training data, wherein the anonymization training data comprises a plurality of exemplary patient identifiers as inputs correlated to exemplary anonymized data as outputs; iteratively training an anonymization machine learning model using the anonymization training data; generating an accuracy score for the anonymization machine learning model as a function of user feedback wherein the accuracy score is used to determine a degree of retraining cycles for the anonymization machine learning model; and generating the anonymized data and the anonymized metadata using the trained anonymization machine learning model; store the anonymized data and the anonymized metadata separately in a second database; determine an access level of a user using an authorization identifier of the user, wherein the authorization identifier comprises a decentralized token which is distributed to the user according to their access level; and construct an anonymized user record from the anonymized data and the anonymized metadata as a function of the access level of the user, wherein constructing the anonymized user record comprises: generating a distinct recipient-specific token for each of the plurality of patient identifiers such that a single patient identifier is transformed into different unique tokens for different users to prevent data triangulation between the different users, and creating a secure mapping entry within the memory that links the distinct recipient-specific token back to the single patient identifier, wherein the secure mapping entry configures the processor to reconstitute the single patient identifier from the distinct recipient-specific token. The above limitations, as drafted, is a machine that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting the above bolded elements, nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the above bolded language, collecting a plurality of user data comprising a plurality of metadata, analyzing the collected data to detach the user data and the metadata and to identify a plurality of patient identifiers within the collected data, analyze the identifiers to anonymize the collected data by receiving anonymous training data, generating an accuracy score for anonymizing the collected data as a function of user feedback, storing the anonymized data and the anonymized metadata separately, analyze the access level of a user using an authorization identifier to construct an anonymized user record from the anonymized data and the anonymized metadata as a function of the access level of the user by generating a distinct recipient-specific token for each of the plurality of patient identifiers and creating a secure mapping entry that links the distinct recipient-specific token back to the single patient identifier by reconstituting the single patient identifier from the distinct recipient-specific token in the context of this claim encompasses the user anonymizing user data through observation, evaluation, judgment, and/or opinion. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. The claim limitations, but for the recitation of generic computer components, also recite rules or instructions for managing personal behavior or interactions between people such that the claim is also directed to the abstract idea of “Certain Methods of Organizing Human Activity.” Accordingly, the claim recites an abstract idea. This judicial exception is not integrated into a practical application. In particular, the claim only recites the above bolded additional elements to perform the collecting, analyzing, storing, and generating limitations. The elements in each of these steps are recited at a high-level of generality (i.e., a processor, memory, and database, a dedicated hardware unit comprising circuitry configured to perform signal processing operations instructed by a computing device/processor as each element relates to general purpose computer components; the utilization of a machine learning model such as a processes whereby a computing device and/or any module and/or component operating thereon derives a classifier from training data and may be performed using, without limitation, linear classifiers such as without limitation logistic regression and/or naive Bayes classifiers, nearest neighbor classifiers such as k-nearest neighbors classifiers, support vector machines, least squares support vector machines, fisher's linear discriminant, quadratic classifiers, decision trees, boosted trees, random forest classifiers, learning vector quantization, and/or neural network-based classifiers, and a decentralized token as a digital asset on a decentralized network, typically utilizing an immutable sequential listing (Application Specification [0009], [0011], [0022], [0047], [0060], [0065], [0082])). As such, the limitations amount to no more than mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea. See MPEP 2106.05(f). Further, the additional element of “receive, from a first database, a plurality of user data comprising a plurality of metadata,” is mere data gathering recited at a high level of generality, and thus is insignificant extra-solution activity. See MPEP2108.05(g). Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the above bolded additional elements to perform the collecting, analyzing, storing, and generating limitations amounts to no more than mere instructions to apply the exception using a generic computer component. (i.e., a processor, memory, and database, a dedicated hardware unit comprising circuitry configured to perform signal processing operations instructed by a computing device/processor as each element relates to general purpose computer components; the utilization of a machine learning model such as a processes whereby a computing device and/or any module and/or component operating thereon derives a classifier from training data and may be performed using, without limitation, linear classifiers such as without limitation logistic regression and/or naive Bayes classifiers, nearest neighbor classifiers such as k-nearest neighbors classifiers, support vector machines, least squares support vector machines, fisher's linear discriminant, quadratic classifiers, decision trees, boosted trees, random forest classifiers, learning vector quantization, and/or neural network-based classifiers, and a decentralized token as a digital asset on a decentralized network, typically utilizing an immutable sequential listing (Application Specification [0009], [0011], [0022], [0047], [0060], [0065], [0082])). Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. See MPEP 2106.05(f). Further, the additional element of “receive, from a first database, a plurality of user data comprising a plurality of metadata,” amounts to receiving or transmitting data over a network and is well-understood, routine, conventional activity. See MPEP 2106.05(d), subsection II. The claim is not patent eligible. Dependent claims 2, 5-10, and 21 include limitations of the independent claim and are directed to the same abstract idea as discussed above and incorporated herein. The dependent claims are rejected under 35 U.S.C. § 101 because they are directed to non-statutory subject matter. These additional claims recite what the data is and how it is analyzed. These information characteristics do not integrate the judicial exception into a practical application, and, when viewed individually or as a whole, they do not add anything substantial beyond the identified abstract idea. Dependent claim 5 recites the additional element of “a data compression process,” claim 7 recites the additional element of “a named entity recognition system,” claim 8 recites “a sandbox database,” however, these elements are recited at a high level such that it amounts to applying a generic computer component to perform the abstract idea and further amounts to adding insignificant extra-solution activity to the abstract idea (i.e. compression of the anonymized user records may be done using lossless compression ... It is commonly used for text-based medical records and structured data like EHRs; a NER system as software that identifies a plurality of named entities in from text; and a database (Application Specification at [0022], [0025], [0054])). See MPEP 2106.05(f), (g). Furthermore, the combination of elements does not indicate a significant improvement to the functioning of a computer or any other technology. Therefore the dependent claims are rejected under 35 U.S.C. § 101. Claims 11-12, 15-20, and 22 are drawn to a method for anonymizing user data, which is within the four statutory categories (i.e. method). Independent Claim 11 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Claim 11 recites […] receiving, using at least a processor, a plurality of user data comprising a plurality of metadata from a first database; detaching, using the at least a processor, the plurality of metadata from the plurality of user data; identifying, using the at least a processor, a plurality of patient identifiers within the plurality of user data and the plurality of metadata; generating, using the at least a processor, anonymized data and anonymized metadata as a function of the plurality of patient identifiers, wherein generating the anonymized data comprises: receiving anonymization training data, wherein the anonymization training data comprises a plurality of exemplary patient identifiers as inputs correlated to exemplary anonymized data as outputs; iteratively training an anonymization machine learning model using sanitized anonymization training data, generating an accuracy score for the anonymization machine learning model as a function of user feedback wherein the accuracy score is used to determine a degree of retraining cycles for the anonymization machine learning model; and generating the anonymized data and anonymized metadata using the trained anonymization machine learning model; storing, using the at least a processor, the anonymized data and the anonymized metadata separately in a second database; determining, using the at least a processor, an access level of a user using an authorization identifier of the user, wherein the authorization identifier comprises a decentralized token which is distributed to the user according to their access level; and constructing, using the at least a processor, an anonymized user record from the anonymized data and the anonymized metadata as a function of the access level of the user, wherein constructing the anonymized user record comprises: generating a distinct recipient-specific token for each of the plurality of patient identifiers such that a single patient identifier is transformed into different unique tokens for different users to prevent data triangulation between the different users, and creating a secure mapping entry within the memory that links the distinct recipient-specific token back to the single patient identifier, wherein the secure mapping entry configures the processor to reconstitute the single patient identifier from the distinct recipient-specific token. The above limitations, as drafted, is a method that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting the above bolded elements, nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the above bolded language, collecting a plurality of user data comprising a plurality of metadata, analyzing the collected data to detach the user data and the metadata and to identify a plurality of patient identifiers within the collected data, analyze the identifiers to anonymize the collected data by receiving anonymous training data, generating an accuracy score for anonymizing the collected data as a function of user feedback, storing the anonymized data and the anonymized metadata separately, analyze the access level of a user using an authorization identifier to construct an anonymized user record from the anonymized data and the anonymized metadata as a function of the access level of the user by generating a distinct recipient-specific token for each of the plurality of patient identifiers and creating a secure mapping entry that links the distinct recipient-specific token back to the single patient identifier by reconstituting the single patient identifier from the distinct recipient-specific token in the context of this claim encompasses the user anonymizing user data through observation, evaluation, judgment, and/or opinion. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. The claim limitations, but for the recitation of generic computer components, also recite rules or instructions for managing personal behavior or interactions between people such that the claim is also directed to the abstract idea of “Certain Methods of Organizing Human Activity.” Accordingly, the claim recites an abstract idea. This judicial exception is not integrated into a practical application. In particular, the claim only recites the above bolded additional elements to perform the collecting, analyzing, storing, and generating limitations. The elements in each of these steps are recited at a high-level of generality (i.e., a processor, memory, and database a dedicated hardware unit comprising circuitry configured to perform signal processing operations instructed by a computing device/processor as each element relates to general purpose computer components, the utilization of a machine learning model such as a processes whereby a computing device and/or any module and/or component operating thereon derives a classifier from training data and may be performed using, without limitation, linear classifiers such as without limitation logistic regression and/or naive Bayes classifiers, nearest neighbor classifiers such as k-nearest neighbors classifiers, support vector machines, least squares support vector machines, fisher's linear discriminant, quadratic classifiers, decision trees, boosted trees, random forest classifiers, learning vector quantization, and/or neural network-based classifiers, and a decentralized token as a digital asset on a decentralized network, typically utilizing an immutable sequential listing (Application Specification [0009], [0011], [0022], [0047], [0060], [0065], [0082])). As such, the limitations amount to no more than mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea. See MPEP 2106.05(f). Further, the additional element of “receiving, using at least a processor, a plurality of user data comprising a plurality of metadata from a first database,” is mere data gathering recited at a high level of generality, and thus is insignificant extra-solution activity. See MPEP2108.05(g). Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the above bolded additional elements to perform the collecting, analyzing, storing, and generating limitations amounts to no more than mere instructions to apply the exception using generic computer components. (i.e., a processor, memory, and database, a dedicated hardware unit comprising circuitry configured to perform signal processing operations instructed by a computing device/processor as each element relates to general purpose computer components, the utilization of a machine learning model such as a processes whereby a computing device and/or any module and/or component operating thereon derives a classifier from training data and may be performed using, without limitation, linear classifiers such as without limitation logistic regression and/or naive Bayes classifiers, nearest neighbor classifiers such as k-nearest neighbors classifiers, support vector machines, least squares support vector machines, fisher's linear discriminant, quadratic classifiers, decision trees, boosted trees, random forest classifiers, learning vector quantization, and/or neural network-based classifiers, and a decentralized token as a digital asset on a decentralized network, typically utilizing an immutable sequential listing (Application Specification [0009], [0011], [0022], [0047], [0060], [0065], [0082])). Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. See MPEP 2106.05(f). Further, the additional element of “receiving, using at least a processor, a plurality of user data comprising a plurality of metadata from a first database;,” amounts to receiving or transmitting data over a network and is well-understood, routine, conventional activity. See MPEP 2106.05(d), subsection II. The claim is not patent eligible. Dependent claims 12, 15-20, and 22 include limitations of the independent claim and are directed to the same abstract idea as discussed above and incorporated herein. The dependent claims are rejected under 35 U.S.C. § 101 because they are directed to non-statutory subject matter. These additional claims recite what the data is and how it is analyzed. These information characteristics do not integrate the judicial exception into a practical application, and, when viewed individually or as a whole, they do not add anything substantial beyond the identified abstract idea. Dependent claim 15 recites the additional element of “a data compression process,” claim 17 recites the additional element of “a named entity recognition system,” claim 18 recites “a sandbox database,” however, these elements are recited at a high level such that it amounts to applying a generic computer component to perform the abstract idea and further amounts to adding insignificant extra-solution activity to the abstract idea (i.e. compression of the anonymized user records may be done using lossless compression ... It is commonly used for text-based medical records and structured data like EHRs; a NER system as software that identifies a plurality of named entities in from text; and a database (Application Specification at [0022], [0025], [0054])). See MPEP 2106.05(f), (g). Furthermore, the combination of elements does not indicate a significant improvement to the functioning of a computer or any other technology. Therefore the dependent claims are rejected under 35 U.S.C. § 101. Response to Arguments Applicant's arguments filed 01/21/2026 have been fully considered but they are not persuasive. Applicant’s arguments will be addressed herein below in the order in which they appear in the response filed on 01/21/2026. In the remarks, Applicant argues in substance that: Regarding the 101 rejection of claims 1-2, 5-12, and 15-22, Applicant argues that the claims are not directed to an abstract idea and provide an inventive concept amounting to significantly more than any alleged abstract idea. In response to Applicant’s argument that (a) regarding the 103 rejection of claims 1-2, 5-12, and 15-22, Examiner respectfully disagrees. Applicant argues, under Step 2A, Prong One, that the amended limitations of independent claim 1 cannot be fairly characterized as reciting a mental process. Examiner respectfully disagrees and submits that the limitations of “generating an accuracy score for the anonymization machine learning model as a function of user feedback, wherein the accuracy score is used to determine a degree of retraining cycles for the anonymization machine learning model,” is currently recited as a wholly distinct limitation separate from training the machine learning model itself. That is, the limitation is directed to the abstract idea of determining an accuracy score for the model as a function of user feedback, which is recited at a high level of generality that, under broadest reasonable interpretation in view of the application specification, is a determination of accuracy based on user feedback judgment (i.e. a mental process) as to the accuracy of the model. Further, in addition to a Mental Process, Examiner respectfully submits, as applied in the above Office Action, that the claim limitations are also directed to the abstract idea of “Certain Methods of Organizing Human Activity”) as rules or instructions for managing personal behavior. By way of example, the above claim limitation of generating an accuracy score is a rule or instruction for managing a user to generate an accuracy score based on user feedback to determine the number of retraining cycles for the model. Applicant’s arguments regarding the newly amended limitations of creating a secure mapping entry to reconstitute the single patient identifier amounts to the abstract idea of Mental Processes and/or Certain Methods of Organizing Human activity but for the recitation of generic computer components (i.e. the process and memory). The present Application Specification describes these limitations: “As used in the current disclosure, "tokenization" is a process where sensitive data elements are replaced with unique tokens or references. Tokenization may rely on a secure mapping or lookup table that links tokens to original data, but this mapping is kept separate and secure. Tokenization of patient identifier 120 may use alphanumeric codes to replace name, geographic locations, temporal data, and the like. In an non- limiting example, a patient identifier 120 associated with a user's name may be replaced by the alphanumeric code of TKN-9876.” ([0030]). Under broadest reasonable interpretation, the limitation is directed to a mapping of patient identifier data to a mapping/lookup table that links a “token” to original data, which is analogous to an abstract analysis method for pseudonymization. Accordingly, the above claim limitations are directed to an abstract idea, as well as the other claim limitations of the claim as a whole as applied in the above Office Action. Turning to Step 2A, Prong Two, Applicant argues that currently amended claim limitations creating a secure mapping entry to reconstitute the single patient identifier integrates the abstract idea into a practical application by providing an improvement to technology through improving the computer security architecture itself by fundamentally altering how patient identify is represented across a distributed network to defeat automated database collusion. Examiner respectfully disagrees. As discussed above, the present Application Specification describes these limitations: “As used in the current disclosure, "tokenization" is a process where sensitive data elements are replaced with unique tokens or references. Tokenization may rely on a secure mapping or lookup table that links tokens to original data, but this mapping is kept separate and secure. Tokenization of patient identifier 120 may use alphanumeric codes to replace name, geographic locations, temporal data, and the like. In an non- limiting example, a patient identifier 120 associated with a user's name may be replaced by the alphanumeric code of TKN-9876.” ([0030]). Under broadest reasonable interpretation, the limitation is directed to a mapping of patient identifier data to a mapping/lookup table that links a “token” to original data, which is analogous to an abstract analysis method for pseudonymization/anonymization. In this case, the limitations use a memory to store the mapping of tokens to original data, and a processor to reconstitute the mapping of the token to original data. As such, the limitations, as currently drafted at a high-level of generality, amount to no more than mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea. See MPEP 2106.05(f). Examiner further notes that triangulation of anatomized data is not a problem inherent in a network environment itself (See Remarks at Pg. 6), but a problem lying within the abstract idea itself. Applicant argues that that the claim limitations addresses a vulnerability where “recipients A and B cannot collude to match documents with the same IDs,” which is a problem inherent in the abstract idea of data anonymization using identifiers. Applicant’s alleged improvement is directed to a problem with this abstract idea, not one specific to the functioning of a computer or technology or technical field. Examiner respectfully submits that the instant claims recite an alleged improvement to the abstract idea itself, and not a technical solution to a technical problem. See MPEP 2106.04, subsection I (Myriad, 569 U.S. at 591, 106 USPQ2d at 1979 ("Groundbreaking, innovative, or even brilliant discovery does not by itself satisfy the §101 inquiry."). Ultramercial, Inc. v. Hulu, LLC, 772 F.3d 709, 714-15, 112 USPQ2d 1750, 1753-54 (Fed. Cir. 2014). Cf. Synopsys, Inc. v. Mentor Graphics Corp., 839 F.3d 1138, 1151, 120 USPQ2d 1473, 1483 (Fed. Cir. 2016) ("a new abstract idea is still an abstract idea") (emphasis in original)) A new abstract idea is still an abstract idea. In contrast to Example 47 of the 2024 Guidance (wherein Example 47, claim 3, is reflects improvement in the technical field of network intrusion detection, and thus, the claim as a whole integrates the judicial exception into a practical application), the instant claims are directed to an improvement to the abstract idea itself, as discussed above. In view of Applicant’s arguments regarding Ex Parte Desjardins et al., Examiner respectfully submits that the instant claims are distinguishable from the teaching of Desjardins et al, which solved the technical problem inherent in machine learning of “catastrophic forgetting” and enabling the AI to “use less of their storage capacity” and achieve “reduced system complexity,”. That is, DesJardins et al. is very much directed to improving a problem inherent in machine learning and the functioning of a computer within the machine learning technical field. In contrast, the instant claims do not provide a technical improvement to machine learning, but merely uses machine learning as a tool under its ordinary capacity using generic computer components to perform anonymization steps (i.e. the Mental Process/Method of Organizing Human Activity). The optimization of the claimed machine learning model is, as drafted, determined by a user feedback based accuracy score, which is a direct recitation of a Mental Process (unlike Desjardins et al., which is claims the direct adjustment of the machine learning model directed to a problem within the machine learning technical field). Further, as discussed above, the tokenization limitations of the instant independent claims, in view of the present application specification and broadest reasonable interpretation, is directed to an alleged improvement to the abstract idea itself using generic computer components of a memory and processor. Accordingly, the claim fails to recite a technical improvement under Step 2A, Prong Two. Lastly, under Step 2B, Applicant argues that the claims recite significantly more than the abstract idea because the claims are not well-understood, routine, or conventional activity. Examiner respectfully disagrees and submits that, as discussed above with respect to Step 2A, Prong Two, the additional elements to perform the claim limitations amount to no more than mere instructions to apply the exception using a generic computer component. See Application Specification [0009], [0011], [0022], [0047], [0060], [0065], [0082]. Specifically, as discussed above regarding the newly amended limitations related to the generating a distinct recipient-specific token and creating a secure mapping entry, these limitations, in view of the present Application Specification, amount to limitations directed to the abstract idea as instructions performed by a memory and processor. Further, the recitation of a “secure mapping” is at a high level of generality, such that it does not recite anything beyond using a memory in its ordinary capacity for storing an entry of mapping tokens to original data. See Application Specification at [0030]. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. See MPEP 2106.05(f). Therefore, the claim limitations do not recite significantly more than the abstract idea. Accordingly, the 101 rejection of claims 1-2, 5-12, and 15-22 is maintained as applied in the above Office Action. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. U.S. Patent Application Pub. No. 2016/0292456 A1 teaches Syndicated data provider performs patient matching by comparing the de-identified patient tokens against a patient master to assign the appropriate anonymous ID to each record. The tokens may then be removed from the dataset and stored in a separate secure environment ([0098]); U.S. Patent Application Pub. No. 20220293272 A1 teaches time series data is used as both a confidential longitudinal record for each specific patient and their associated medical professionals, and as the substrate for constructing training examples for the machine learning system through an anonymization and tokenization process ([0090]); U.S. Patent No. 10,949,568 B1 teaches an anonymization system for patient data (Abstract); U.S. Patent Application Pub. No. 2023/0282322 A1 teaches anonymization of medical records using a combination of deep learning and smart templatization (Abstract); U.S. Patent Application Pub No. 2022/0365908 A1 teaches iteratively training a machine learning model with a feedback value ([0268]-[0270]); U.S. Patent Application Pub. No. 2007/0130070 A1 teaches storing anonymized data in a sandbox database ([0065], [0076], [0082]); U.S. Patent Application Pub. No. 2018/0060496 A1 teaches enabling electronic access to protected health information according to the wishes of a patient and/or other authorized parties and place conditional stipulations e.g. time periods, redactions, locations, number of views, device types, anonymity, etc., by which a designee may access authorized PHI and/or other HIRs ([0006]); U.S. Patent Application Pub. No. 20190156060 A1 teaches a machine learning anonymization model and the selection thereof based on user feedback (Abstract, [0033]); U.S. Patent Application Pub. No. 2021/0042796 A1 teaches granting varies access based on associated permission with tokens distributed to account holders ([0193]); U.S. Patent Application Pub. No. 2021/0398676 A1 teaches machine learning algorithms configured to automatically process, aggregate, and anonymize (e.g. de-identify) data, this enables greater access to patient health data by making it easier or less onerous to comply with regulations protecting such data ([0063]); U.S. Patent Application Pub. No. 2022/0101964 A1 teaches user and/or output devices with an increased privacy access level to request a re-identification of the pseudonymized data so as to additionally get access to the non-pseudonymized patient identifier; evaluating whether the conversion request has sufficient rights may be based on credentials associated with the originator of the request ([0014], [0068]); and U.S. Patent Application Pub No. 2020/017612 A1 teaches he machine learning algorithm may generate the model by iterating through a corrective or positive feedback loop ([0048]). Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANTHONY BALAJ whose telephone number is (571)272-8181. The examiner can normally be reached 8:00 - 4:00 M-F. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Fonya Long can be reached at (571) 270-5096. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /A.M.B./Examiner, Art Unit 3682 /FONYA M LONG/Supervisory Patent Examiner, Art Unit 3682