Prosecution Insights
Last updated: July 17, 2026
Application No. 18/482,436

SYSTEM AND METHOD FOR SECURED SHARING OF MEDICAL DATA GENERATED BY A PATIENT MEDICAL DEVICE

Non-Final OA §101§103
Filed
Oct 06, 2023
Priority
May 31, 2018 — provisional 62/678,640 +2 more
Examiner
PATEL, HARESH N
Art Unit
2496
Tech Center
2400 — Computer Networks
Assignee
Inspire Medical Systems Inc.
OA Round
4 (Non-Final)
78%
Grant Probability
Favorable
4-5
OA Rounds
3m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 78% — above average
78%
Career Allowance Rate
641 granted / 825 resolved
+19.7% vs TC avg
Strong +22% interview lift
Without
With
+21.9%
Interview Lift
resolved cases with interview
Typical timeline
3y 0m
Avg Prosecution
22 currently pending
Career history
866
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
67.4%
+27.4% vs TC avg
§102
23.3%
-16.7% vs TC avg
§112
1.5%
-38.5% vs TC avg
Black line = Tech Center average estimate • Based on career data from 825 resolved cases

Office Action

§101 §103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION Status of Claims Claims 1-15 are subject to examination. DETAILED ACTION In view of the appeal brief filed on 02/20/2026, PROSECUTION IS HEREBY REOPENED. New ground of rejection is set forth below. To avoid abandonment of the application, appellant must exercise one of the following two options: (1) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply under 37 CFR 1.113 (if this Office action is final); or, (2) initiate a new appeal by filing a notice of appeal under 37 CFR 41.31 followed by an appeal brief under 37 CFR 41.37. The previously paid notice of appeal fee and appeal brief fee can be applied to the new appeal. If, however, the appeal fees set forth in 37 CFR 41.20 have been increased since they were previously paid, then appellant must pay the difference between the increased fees and the amount previously paid. A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by signing below: Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Amended claims, 1-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Claims 1-15 are drawn to a method which is a statutory category of invention (Step 1: YES). Independent claim 1, recites, recognizing that the first medical practice and the second medical practice are treating the patient, and reviewing one or more requirements relating to accessing information of the patient on the server. The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of forwarding data to a second medical practice. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. Accordingly, the claims recite an abstract idea (Step 2A Prong One: YES). The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2), The judicial exception is not integrated into a practical application. The claims are abstract but for the inclusion of the additional elements including “remote server”, “first medical practice”, “first medical practice”, “access code”, are additional elements that are recited at a high level of generality (e.g., that the receiving, recognizing, reviewing, automatically forwarding, accessing, is no more than a statement that software instructions are executed to perform the claimed limitations). They amount to no more than mere instructions to apply the exception using generic computer components. See: MPEP 2106.05(f). The claimed “remote server”, “first medical practice”, “first medical practice”, “access code” are generic. Hence, the additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. Accordingly, the claims are directed to an abstract idea (Step 2A Prong Two: NO). The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, using the additional elements to perform the abstract idea amounts to no more than mere instructions to apply the exception using generic components. Mere instructions to apply an exception using a generic component cannot provide an inventive concept. See MPEP 2106.05(f). Further, the claimed additional elements, identified above, are not sufficient to amount to significantly more than the judicial exception because they are generic components that are configured to perform well-understood, routine, and conventional activities previously known to the industry. See MPEP 2106.05(d). Said additional elements are recited at a high level of generality and provide conventional functions that do not add meaningful limits to practicing the abstract idea. The healthcare industry generically uses “remote server”, “first medical practice”, “first medical practice”, “access code” for caring a patient. Viewing the limitations as an ordered combination, the claims simply use the additional elements to implement the concept described above in the identification of abstract idea with identify of caregiver (user) using sound signals and obtain information from directory/store for the caregiver/user, conventional activity (for verifying a user) specified at a high level of generality in a particular technological environment. Hence, the claims as a whole, considering the additional elements individually and as an ordered combination, do not amount to significantly more than the abstract idea (Step 2B: NO). Dependent claims 2-15, when analyzed as a whole, considering the additional elements individually and/or as an ordered combination, are held to be patent ineligible under 35 U.S.C. 101 because the additional recited limitations fail to establish that the claims are directed to an abstract idea without significantly more. These claims fail to remedy the deficiencies of their parent claims above, and therefore rejected for at least the same rationale as applied to their parent claims above, and incorporated herein. Claim 2, recites, receiving authorization from the first medical practice The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of receiving data from the first medical practice. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 3, recites, comparing a first sharing key provided by the first medical practice to the and a second sharing key, provided by the second medical practice The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of comparing the keys (data) from the medical practices. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 4, recites, wherein the first patient-related data includes patient medical data and the first sharing key The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of comparing data from the medical practices. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 5, recites, wherein the second patient-related data includes patient medical data and the second sharing key The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of comparing data from the medical practices. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 6, recites, wherein the first sharing key is obtained by the first medical practice via interrogation of a medical device assigned to the patient The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of obtaining data from the patient. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 7, recites, wherein the medical device assigned to the patient is one of a therapy device and a diagnostic device The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of obtaining data from the generic device of the patient. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 8, recites, wherein the medical device assigned to the patient is one of an implanted medical device and an external medical device The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of obtaining data from the generic device of the patient. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 9, recites, receiving the first patient-related data includes receiving the first patient-related data from a first processor of a first medical patient system of the first medical practice The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of receiving data from the generic devices. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 10, recites, receiving the second patient-related data includes receiving the second patient-related data from a second processor of a second medical patient system of the second medical practice The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of receiving data from the generic devices. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 11, recites, wherein the first and second medical practices are legally unaffiliated such that the first patient system is distinct from and unavailable to the second patient system The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of receiving data from the generic devices/systems. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 12, recites, initially storing the first patient-related data in a first location of a memory and initially storing the second patient-related data in a second location of the memory, the second location being different from the first location. The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of storing/having/retaining data in the generic devices/systems. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 13, recites, automatically forwarding the second patient-related data to the first medical practice when the one or more requirements are satisfied. The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of forwarding data in the generic devices/systems. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 14, recites, granting, to the second medical practice, access to data associated with the patient saved in a memory. The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of granting another user/device/system to access data. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim 15, recites, granting, to the first medical practice, access to the data associated with the patient saved in a memory. The recited limitations, as drafted, under their broadest reasonable interpretation, cover certain methods of granting another user/device/system to access data. If a claim limitation, under its broadest reasonable interpretation, covers fundamental economic principles or practices and/or managing personal behavior or relationships or interactions between people (medical practices) and patient for whom the data is forwarded, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. The recited limitations, as drafted, under their broadest reasonable interpretation, also can be performed mentally, which falls within the “Mental Processes”. Please see MPEP, B A Claim That Encompasses a Human Performing the Step(s) Mentally With or Without a Physical Aid Recites a Mental Process, C A Claim That Requires a Computer May Still Recite a Mental Process, D Both Product and Process Claims May Recite a Mental Process, III. MENTAL PROCESSES, MPEP 2106.04(a)(2). Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1, 2, is/are rejected under 35 U.S.C. 103 as being unpatentable over Segal 2001/0041991-A1 in view of Shah et al., 2014/0074638 and Ueda et al., 20180234497. Referring to claim 1, Segal discloses a method comprising: receiving, at a remote server, first patient-related data originating from a first medical practice for a patient; [0027] an authorized user, who may be, for example, the patient, a relative of the patient, or the patient's physician, enters textual information through an online Internet connection that interfaces with the GUIs and the web server. The web server stores in the clinical database the textual data received through the GUIs. The image server receives the file and transmits the file to the archives for storage. [0028] With the data entered into the medical record, the present invention further provides means to retrieve and transmit the medical data. A user with authorized access to the medical record (e.g.primary physician) interfaces through an online Internet connection with the GUIs provisioned on the web server. the web server consults the clinical database, retrieves the record, and transmits it. the image server to retrieve the diagnostic-quality image from the archives. The image server returns the medical record to the web server and the web server transmits the record. the present invention can return the record to a destination (e.g., a distant medical specialist). receiving, at the remote server, second patient-related data originating from a second medical practice for the patient; [0024] encourage a network of participating physicians, preferably primary care physicians and radiologists, to create a medical record The primary physicians, aimed at deciding what data should be included in and excluded from a patient's medical record. Under the physician's guidance, the patient enters the data into the medical record and owns and controls the entire medical record. In the end, the patient owns a focused medical record that enables the primary physician and other specialists to make efficient medical assessments based on concise medical records. recognizing, by the remote server, that the first medical practice and the second medical practice are treating the patient; [0084] a website-accessible database on the Internet that gathers and disseminates information related to patient medical records. Users, e.g., patients and physicians, can access clinical database 118, image archive 128 [0106] controlling access to the medical records using UPIs, passwords, and physician access codes. A physician uses a separate access code (and the UPI), which allows access to a patient's record for viewing and/or updating. number unique to every patient, which is used to associate all records of a patient. With this unique tag, the present invention easily matches reviewing, by the remote server, requirement relating to accessing information of the patient on the server; and [0106] the patient with ownership and control of her own medical record, controlling access to the medical records using UPIs, passwords, and physician access codes. A physician uses a separate access code (and the UPI), which allows access to a patient's record when the patient has granted permission for viewing and/or updating. number unique to every patient, which is used to associate all records of a patient. With this unique tag, the present invention easily matches and gathers a patient's records across different proprietary patient information systems, such as non-affiliated clinics and hospitals. forwarding, by the remote server, the first patient-related data to the second medical practice when the requirement is satisfied. [0106] the patient with ownership and control of her own medical record, controlling access to the medical records using UPIs, passwords, and physician access codes. A physician uses a separate access code (and the UPI), which allows access to a patient's record when the patient has granted permission for viewing and/or updating. number unique to every patient, which is used to associate all records of a patient. With this unique tag, the present invention easily matches and gathers a patient's records across different proprietary patient information systems, such as non-affiliated clinics and hospitals. [0039] Another object of the present invention is to provide a safe, permanent digital storage system for a woman's mammograms and for the patient's other significant medical images (X-rays, other radiological examinations), which can be conveniently retrieved and forwarded to the medical professional . [0084] a website-accessible database on the Internet that gathers and disseminates information related to patient medical records. Users, e.g., patients and physicians, can access clinical database 118, image archive 128, web-enabler 104, and expanded memory image archive 105 via the website. A user can enter, modify, and obtain information contained in the server databases. [0106] A physician uses a separate access code (and the UPI), which allows access to a patient's record for viewing and/or updating. In the present invention easily matches and gathers a patient's records across different proprietary patient information systems, such as non-affiliated clinics and hospitals. [0140] A means for conveying a patient's entire medical record. [0111] While browsing the website of the present invention and entering data, the physician can access these components at any time by clicking on the structured tabs displayed on every screen. Each screen resembles a form from a conventional medical chart and includes explanatory remarks and instructions. [0139] As FIG. 8a shows, an authorized user, such as a patient or physician, accesses the medical record by first opening the web page of the present invention and logging in with the UPI and password or access code. [0084] The preferred embodiment of the present invention is implemented as a website-accessible database on the Internet that gathers and disseminates information related to patient medical records. Users, e.g., patients and physicians, can access clinical database 118, account database 132, image archive 128, web-enabler 104, and expanded memory [0082] The plurality of referral physicians 108 includes specialists and radiologists who receive through the Internet 99 medical records. The plurality of physicians 108 may also access and update patient medical records [0106] the patient with ownership and control of her own medical record, controlling access to the medical records using UPIs, passwords, and physician access codes. A physician uses a separate access code (and the UPI), which allows access to a patient's record when the patient has granted permission for viewing and/or updating. number unique to every patient, which is used to associate all records of a patient. With this unique tag, the present invention easily matches and gathers a patient's records across different proprietary patient information systems, such as non-affiliated clinics and hospitals. [0021] creating, storing, accessing, updating, and distributing patient medical records, especially the coordinated care of the patient and physician. focused online medical record storage, facilitates a patient-physician partnership by which to create and maintain the focused online medical records, provides means for obtaining and storing diagnostic-quality images, establishes Internet-based communication through which to transmit medical records, provides immediate means for conveying critical medical information in emergency situations, and provides means for storing, receiving, and transmitting information. [0072] providing web-based medical record management for patients. A website operation that registers, establishes, and manages patient medical record accounts. implementing a medical record management service . [0081] The plurality of primary physicians 106, including primary doctors' offices and radiological imaging centers, provides consultations with patients to assist in formulating focused medical records. The plurality of primary physicians 106 also serves as a location for registering patients, Finally, the plurality of primary physicians 106 also accesses and updates patient medical records. [0082] The plurality of referral physicians 108 includes specialists and radiologists who receive through the Internet 99 medical records for further analysis, e.g., second opinions. The plurality of referral physicians 108 may also access and update patient medical records. [0084] a website-accessible database on the Internet that gathers and disseminates information related to patient medical records. Users, e.g., patients and physicians, can access clinical database 118, image archive 128, web-enabler 104, and expanded memory image archive 105 via the website. A user can enter, modify, and obtain information contained in the server databases. [0091] My Medical Folder is to assist a patient in working with a primary physician to establish a focused medical record. Segal does not specifically mention about which Shah discloses, separate, review of an access code entered by a practitioner of the second medical practice, [0054] sharing the medical records by the patients 202 with the server 204 for the purpose of such as authorizing the third party 208 to access the medical records. At step 602, the method includes receiving a registration request with the central repository 302 through the sign in scheme 210 from the patient 202a. At step 604, the method 600 includes receiving information from the patient 202a such as including personal details of the patient 202a and details related to the patient 202a indicative at least of the medical records associated with the patient 202a. The details related to the patient 202a indicative of the medical records may be the medical records associated with the patient 202a which are submitted by the patient 202a for storage on the server 204 upon registration and further sharing with others such as the third party 208 later on as per the conditions specified by the patient 202a such as through the set of rules. At step 606, the method 600 includes defining access rules dictating access rights for the third party 208. In an embodiment, the access rules can form a part of the entire set of rules as defined by the patient 202a along with other information such as payment related rules. At step 608, the method 600 includes defining pricing and billing rules or payment related rules. In an embodiment, the access rules and the pricing and billing rules together make up the set of rules. However, in some embodiments, the set of rules may include some more rules governing the access, authorization, and payment and data sharing and management other than the access and pricing and billing rules [0017] FIG. 5 illustrates generally, but not by way of limitation, an example of an interface providing a capability to the third party such as to access the server for requesting the authorization to access or create the medical records, at least in part, stored at the server [0026] As shown, the architecture 100 also includes a third party 108 which may be communicatively connected with the entities 102 directly or indirectly through the server 104 over the network 106. The third party 108 may serve as a customer who may desire to access the electronic records, at least in part. In embodiments, the third party 108 may include patients, financial service providers such as insurance companies, healthcare professionals or healthcare service providers, and the like. [0028] The network 106 can be a wireless or a wired network. The network 106 can operate as a communications network configuring communication among the entities 102, the server 104, and the third party 108. In an embodiment, the network 106 can be an internet. The entities 102, the server 104, and the third party 108 can be distributed over a wide area and can connect remotely among themselves over the network 106. [0053] Upon patient authorization, the third party 208 receives a patient authorization code which may be required to be submitted through the interface 500 along with other details such as through another tab 510 meant for patient authorization code. It must be appreciated that the patient authorization can be completely automated, in an embodiment, such that the request for access can be authorized or denied automatically based on the set of rules stored in the second repository 316 and based on the information received from the third party 208 such as during submitting of the information through the interface 500. The authorization can also be almost simultaneously processed during the submission of the details through the interface 500. If the authorization is granted, a button 514 meant for such as to create the medical records is made operable or visible to the third party 208 on the interface 500 for clicking resulting in extraction of the medical records on a local disk or space, or emailing of the medical records on a personal email inbox, or retrieval in any other possible manner, upon clicking. Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Segal to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known access code for the access. The user would be able to access information if the access code is determined to be correct. Others would not be able to access information without the access code in order to provide security and confidentiality of the information. Segal and Shah does not specifically mention about automatic forwarding the data, which Ueda discloses ( [0026] medical images and data are exchanged among various healthcare facilities that are given permission to access a cloud data repository or database (“cloud repository”) on a cloud server. In such an environment, for example, all the users of the cloud-based PACS (e.g., healthcare professionals) would be able to send requests to a cloud server to retrieve a patient's medical images and data obtained at the other healthcare facilities that are “in-network” [0001] Medical images and medical data play a crucial role in the diagnosis of a patient. Healthcare facilities (e.g., hospitals) have realized the benefits of electronically storing medical images and medical data. The digitalization of the medical images and data not only enables users to easily access medical images and medical data, but also enables the images and data to be easily exchanged between multiple healthcare facilities. Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Segal to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known automatically forwarding data by devices such as a server. The goal of server automation is to reduce human error, increase efficiency, and ensure consistent execution of server management processes to provide and data to be easily exchanged between multiple healthcare facilities (healthcare professionals of different hospitals), para 26, 1. Referring to claim(s) 2, Shah discloses wherein the requirement includes the remote server receiving authorization from the first medical practice, para 26, 53. Ueda also discloses it, para 26, 1 Claim(s) 3, 4, 9-15, is/are rejected under 35 U.S.C. 103 as being unpatentable over Segal in view of Shah, Godfrey et al., 20110154041, Ueda and Wold et al., 10805071. Referring to claim(s) 3, Segal discloses, medical practices, the remote server, first entity and second entity as cited in claim 1. Segal does not disclose, which Godfrey discloses, a first sharing key provided (among various devices, para 27, server generating a shared key that is unique to server and a first device, claim 22, authenticating by the server the shared key which includes comparing, claim 9, para 15). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Segal to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing a well-known sharing key. The sharing key would enable a message to communicate among devices that has a key that is known to both client and a server. The key would enable encrypted communication for security. C Segal, Shah and Godfrey do not disclose, which Wold discloses, a second sharing key provided, and comparing ( protecting and sharing digital data between entities in a network, comprising: a communication network, devices, a network connected server, computing resources in each of the devices for encryption and decryption of user data and encryption key parts, computing resources in the network connected server for encryption and decryption of the user data and the encryption key parts, a key management services, an identity management services, and user data to be protected, stored and shared in the network connected server, wherein the each of the devices is configured to: generate, a Personal Key Pair comprising a first public key and a first private key, each of the user devices being connected to the network connected server, wherein the network connected server is configured to store and provide access to first public keys of each of the devices; access, via the network connected server, a respective Store and a corresponding StoreKeyPair comprising a StorePublic and a StoreKey, the StorePublic being a second public key and the StoreKey being a second private key, wherein the StorePublic of the devices is stored at the network connected server and is available to each of the devices authorized to access the respective Store, and wherein each Store belongs to a an entity, and the entity shares the keys via the server; wherein the entities are further configured to encrypt the StoreSecret with the first public key of a corresponding entity being authorized to access the respective Store; and store the encrypted StoreKey at the network connected server, claim 10 secure sharing of encrypted information in a cloud system, each entity joining and accessing a shared folder by individual encrypted key material transferred, abstract (98) how to generate on a first device d.sub.1,1 of a first user u.sub.1, store in the cloud c.sub.1 and retrieve to a first device d.sub.1,2 of the second user u.sub.2, a ShareKeyPair (k, k′.sub.2) and a ShareSecret S.sub.2. When the entity generates the Share k.sub.2 the first time a ShareKeyPair k,k.sub.2 generated on the first device d.sub.1,1 of the device. Next a ShareSecret s.sub.2is generated on the same device d.sub.1,1. Sharing with a second user u.sub.2, the first entity retrieve the second users Certificate, col., 11, lines 31-55 (99) When Certificate of the second entity retrieved and now exists on the device of the first entity, the ShareSecret is enrypted with the Certificate of both the first and second devices. Then the ShareKey is used to encrypt the ShareSecret. Now the information is put on the cloud which can now be retrieved by the entity of the second user, col., 11, lines 31-55 (100) The share key is retrieved on the device of the second entity. Now the ShareKayPair has been successfully been retrieved by and exists on the device, col., 11, lines 31-55, (103) how to share the share discussed above with the first u.sub.1 and further user u.sub.3, called the third user u.sub.3, with a fourth user u.sub.4 has generated own UserKeyPair, Now a new ShareSecret s.sub.4 is generated on the first device of the first user whereupon this new ShareSecret s.sub.4 is used to encrypt the ShareKeys . Now {s.sub.4{k′.sub.2},s.sub.4{k′.sub.3}} exists on d.sub.1,1. New ShareSecret s.sub.4 is eitherstored on a separate cloud store c.sub.2, or equivalent, not accessible by the first cloud c.sub.1., col., 12, lines 25-35. Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Segal to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing a well-known second sharing key. The second sharing key would enable a message to communicate a key among devices that is known to both client and a server. The second shared key would enable encrypted communication for security. C Referring to claim(s) 4, Segal discloses, patient medical data as cited in claim 1. Godfrey discloses a first sharing key provided as cited in claim 3. Referring to claim(s) 9, Segal discloses, above claim 1 citations disclose, medical patient system of the first medical practice. Above Claim 3 citations disclose the remote server receiving the first patient-related data from a first processor of a first entity. Ueda also discloses it, para 26, 1 Referring to claim(s) 10, Segal discloses, above claim 1 citations disclose, medical patient system of the second medical practice. Above Claim 3 citations disclose remote server receiving the second patient-related data from a second processor of a second entity. Ueda also discloses it, para 26, 1 Referring to claim(s) 11, Segal discloses, wherein the first and second medical practices are legally unaffiliated such that the first patient system is distinct from and unavailable to the second patient system ( [0106] The present invention provides the patient with ownership and control of her own medical record, controlling access to the medical records using UPIs, passwords, and physician access codes. Thus, before opening a medical record, a patient must log in and provide the UPI and password. A physician uses a separate access code (and the UPI), which allows access to a patient's record when the patient has granted permission for viewing and/or updating. In the preferred embodiment of the present invention, a UPI is an 18-digit number unique to every patient, which is used to associate all records of a patient. The first nine digits of the UPI are the patient's social security number, or if the patient desires not to use her social security number, are a series of nine random numbers and letters. The tenth digit indicates whether the preceding nine are the patient's social security number or are random, e.g., a "1" would indicate a social security number and a "0" would indicate random numbers and letters. The remaining eight digits are the patient's date of birth, e.g., a four digit year, a two digit month, and a two digit day. With this unique tag, the present invention easily matches and gathers a patient's records across different proprietary patient information systems, such as non-affiliated clinics and hospitals. Ueda also discloses it, para 26, 1 Referring to claim(s) 12, Segal discloses, in above claim 1 citations, and claim 3 citations also disclose initially storing the first patient-related data in a first location of a memory of the remote server; and initially storing the second patient-related data in a second location of the memory of the remote server, the second location being different from the first location. (Also, [0079] placing the file in a database at a particular address and location for later accessing of the file). Ueda also discloses it, para 26, 1 Referring to claim(s) 13, Segal discloses, in above claim 1 citations, and claim 3 citations also disclose automatically forwarding, by the remote server, the second patient-related data to the first medical practice when the requirement is satisfied. Ueda also discloses it, para 26, 1 Referring to claim(s) 14, Segal discloses, in above claim 1 citations, medical practice, and claim 3 citations also disclose granting, to the second entity by the remote server, access to data associated with the patient saved in a memory of the remote server. Ueda also discloses it, para 26, 1 Referring to claim(s) 15, Segal discloses, in above claim 1 citations, medical practice, and claim 3 citations also disclose granting, to the first medical practice by the remote server, access to the data associated with the patient saved in a memory of the remote server. Ueda also discloses it, para 26, 1 Claim(s) 5-8, is/are rejected under 35 U.S.C. 103 as being unpatentable over Segal in view of Shah, Godfrey, Wold, Ueda and Krishnan et al. 20150089590 Referring to claim(s) 5, Segal discloses, medical practices, the remote server, first entity and second entity, patient medical data as cited in claim 1. Segal does not disclose, which Krishnan discloses, discloses a second sharing key. [0052] The central device is the Implantable Cardioverter Defibrillator (ICD). The protocol describes that only one Smartphone or other mobile device is registered with the patient-ICD. At the beginning of the implantation process, a symmetric secret key (K.sub.ICD in our example) is exchanged between the Smartphone or other mobile device and the ICD. It is designed such that no Smartphone or other mobile device other than the registered one will be able to communicate with the ICD. At the hospital where the patient had the ICD device implanted, one or more External Programmers (EP) may be available. The external programmers are assumed to be only operated by the authorized medical staffs from the hospital. One or more external programmer can be registered to the Smartphone or other mobile device. That means a Smartphone or other mobile device can share different secret keys with different external programmers or can share a single key with all of them. It is recommended, though, that a unique key be shared with each EP. The programmers with which the Smartphone or other mobile device share the secret key are known as preregistered external programmers (EP). There can be situation where the patient is not located in a regular hospital and is in need of treatment. In that scenario an external programmer without a pre-shared key may be used. Those are categorized as unknown external programmers. Unknown external programmers may be temporarily or permanently registered to the authentication proxy. [0004] Certain embodiments are directed to a smartphone or other mobile device-based security scheme for permanent pacemakers and Implantable Cardioverter-Defibrillators (ICDs). Smartphone or other mobile device leverages the Guardian [2] and the Shield [7]. They are external wearable devices that manage communication between the IMD and the external programmer to provide security in regular conditions and safety in emergency situations. External programmers are usually operated by an authorized medical practitioner or a doctor. The described security protocol for access control is based on symmetric key cryptography and uses Smartphone or other mobile device as an authentication and key management device. Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Segal to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing a well-known sharing key. The sharing key would enable a message to communicate a key among devices that is known to both client and a server. The key would enable encrypted communication for security. C Referring to claim(s) 6, Krishnan also discloses, the second sharing key. Krishnan also discloses wherein the first sharing key is obtained by the first medical practice via interrogation of a medical device assigned to the patient, para 52, 4. Ueda also discloses it, para 40 Referring to claim(s) 7, Krishnan also discloses, one of a therapy device and a diagnostic device, para 52, 4. Ueda also discloses it, para 40 Referring to claim(s) 8, Krishnan also discloses, one of an implanted medical device and an external medical device, para 52, 4. Ueda also discloses it, para 40 Response to Arguments Applicant’s arguments, see 2/20/26, with respect to the rejection(s) of claim(s) Official Notice have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Ueda. Please see updated rejections. Conclusion Pertinent refences: Maresh et al., US 20090112882 A1 discloses the server to automatically forward the data, for example, medical data, para 177. Hayes et al., US 20160296143 A1 discloses the server to automatically forward the data, for example, medical data, para 70. Miodownik et al., US 20060089539 A1 discloses the server to automatically forward the data, for example, medical data, para 110 Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARESH PATEL whose telephone number is (571)272-3973. The examiner can normally be reached on M-F 9-5:30. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado, can be reached at (571) 272-7624. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /HARESH N PATEL/Primary Examiner, Art Unit 2496
Read full office action

Prosecution Timeline

Show 9 earlier events
Dec 10, 2025
Response after Non-Final Action
Dec 27, 2025
Response after Non-Final Action
Jan 15, 2026
Response after Non-Final Action
Jan 24, 2026
Response after Non-Final Action
Jan 28, 2026
Response after Non-Final Action
Feb 20, 2026
Response after Non-Final Action
Mar 13, 2026
Response after Non-Final Action
Jun 10, 2026
Non-Final Rejection mailed — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683936
COMMUNICATION DEVICE AND COMMUNICATION CONTROL METHOD
2y 4m to grant Granted Jul 14, 2026
Patent 12659729
Electronic Monitoring System Including Low Energy Button with Crowd Sourced Alarm and Dispatch Service
2y 9m to grant Granted Jun 16, 2026
Patent 12659740
REGISTRATION AUTHENTICATION BASED ON A TYPE OF AUTHENTICATION PROCEDURE AND A CAPABILITY
2y 9m to grant Granted Jun 16, 2026
Patent 12657325
SECRETS MANAGER
2y 0m to grant Granted Jun 16, 2026
Patent 12640928
DEVICE-INDEPENDENT AUTHENTICATION BASED ON A PASSPHRASE AND A POLICY
5y 8m to grant Granted May 26, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

4-5
Expected OA Rounds
78%
Grant Probability
99%
With Interview (+21.9%)
3y 0m (~3m remaining)
Median Time to Grant
High
PTA Risk
Based on 825 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month