Manager For Ingesting Secure User Information and Permitting Scope Limited Access

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claims 1, 2, 4, 6-11 and 20-22 have been examined. Claims 3 and 5 are cancelled. Claims 12-19 are withdrawn from consideration in response to restriction requirement. Information Disclosure Statement The information disclosure statement (IDS) submitted on 1/16/26 is being considered by the examiner. Response to Arguments Applicant’s arguments with respect to claims 1, 2, 4, 6-11 and 20-22 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 2, 4, 20 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Gross et al. U.S. 2025/0131994 (hereinafter Gross) in view of Sanchez, Jr. et al. U.S. 2022/0310219 (hereinafter Sanchez). As per claim 1 and 20, discloses a method/CRM for permitting limited access to segmented secure information, the method comprising: storing, at a secure data store, multidimensional secure user information according to a data schema organized via segment dimensions and segment dimension values, wherein, one or more data elements of the secure user information are received from a plurality of secure user information data sources, and the received data elements are ingested via an ingest manager, and the ingest manager stores the received data elements with segment dimension values that span multiple of the segment dimensions (Gross: [0028] and [0035]: database for storing various types of patient data, wherein a token scaffold comprises expandable set of tokens and sub-tokens is used to access and retrieve data elements with segment dimension values that span multiple segment dimensions); receiving, at a secure information manager from a requesting entity, a credential request comprising scope definitions, wherein the scope definitions comprise particular segment dimension values that span particular segment dimensions of the data schema (Gross: [0121]-[0123]: receive request to access specific patient information); validating, at the secure information manager, the credential request (Gross: [0123]: evaluate one or more validating inputs to determine whether the authorized physician-user originated the access request); assigning, to the requesting entity and in response to the validating, a credential comprising access privileges that correspond to the scope definitions (Gross: [0123]-[0125]: the server grants access to patient data by transmitting the token or key used to retrieve data); and permitting, in response to one or more access requests that comprise the assigned credential, scope limited access to the user's secure information to a limited set of data elements that are tagged with segment dimension values that correspond to the particular segment dimension values with respect to the particular segment dimensions (Gross: [0123]-[0125]: limited set of data elements based on sub-tokens). Gross discloses the data received are organized according to data structure corresponding to one or more anatomic, physiologic, and/or pathologic taxonomies, which allows server or other device to query the specimen information related to a given type of specimen for a patient according to the research request (Gross: [0028]: access various types of data; [0105]: data structure for querying and retrieving data). To further demonstrate the concept of organizing and indexing database record, including medical record received from various medical record sources, Sanchez discloses tagging the data elements with segment dimension values that span multiple of the segment dimensions; and storing the data elements according to the data schema of the secure data store, wherein a tagged segment dimension value for at least one of the data elements is derived from a contents of the at least one data element. Specifically, Sanchez discloses receiving medical records from medical record sources and organize the medical record by converting them to indexed medical records according to a plurality of categories of medical data, which can also include a plurality of tags within the medical record associated with items/elements (Sanchez: [0008]-[0016]: organize medical data by indexing them according to categories…the queries are based on category of record requested by user; [0084]-[0085]: retrieve data based on query to users authorized to access those data; Figs. 4A and 5A and corresponding paragraphs; [0131]: indexing process). It would have been obvious to one having ordinary skill in the art to organize and tag data elements according to different categories because Gross and Sanchez are analogous art involving medical data access. The motivation to combine would be to efficiently search and retrieve relevant data as well known in the art. Gross does not explicitly recite, verbatim, the terms “segment dimensions” and “segment dimension values.” However, it would have been obvious to one having ordinary skill in the art to appreciate the meaning to cover various types of medical data with different attribute values or categories consistent with the industry practice. As per claim 2, Gross as modified discloses the method of claim 1. Gross as modified further discloses wherein storing the multidimensional secure user information comprises: converting, by the ingest manager at least a portion of the received data elements to a first electronic record format from a second electronic record format, wherein the first electronic record format is formatted according to the data schema (Gross: [0128]: receive treatment data in various formats and generate sub-token using the treatment data; Sanchez: [0008]-[0016]). Same rationale applies here as above in rejecting claim 1. As per claim 4, Gross as modified discloses the method of claim 3. Gross as modified further discloses wherein at least a portion of the data elements are retrieved and stored via a master-patient index that links the portion of data elements to one or more identifiers of the user (Gross: [0009]: generate index based on patient token identifier/master-patient index and sub-token containing data elements are part of the patient token identifier; Sanchez: [0008]-[0016];[0131]). Same rationale applies here as above in rejecting claim 1. As per claim 22, Gross as modified discloses the method of claim 1. Gross as modified further discloses wherein the secure information manager enforces security for the user’s secure information by comparing the scope definitions of the assigned credentials to the segment dimension value tags of the stored data elements (Sanchez: [0014]: subscription/assigned credential can be one data structure including fields storing at least one identifier of the at least one subscription and at least one identifier of the medical record digest system; [0034]-[0036]). It would have been obvious to one having ordinary skill in the art to compare access credential in the request with data attributes to enforce security as well known in the art. Claims 6 and 7 are rejected under 35 U.S.C. 103 as being unpatentable over Gross in view of Sanchez and further in view of Cordonnier et al. U.S. 11,443,838 (hereinafter Cordonnier). As per claim 6, Gross as modified discloses the method of claim 1. Gross as modified further discloses wherein a portion of data elements comprise user biometric data (Gross: [0032]: various types of patient data). Gross does not explicitly recite biometric data obtained from wearable devices. However, Cordonnier, in the same field of endeavor, discloses receiving and storing patient healthcare data from sources such as wearable device, an implant, patient devices, healthcare provider devices, etc., and store the data on blockchain (Cordonnier: Abstract; col. 2 line 54 – col. 3 line 13). It would have been obvious to one having ordinary skill in the art to collect and store patient data from wearable devices since it is well known in the art. As per claim 7, Gross as modified discloses the method of claim 6. Gross as modified further discloses wherein ingesting, via the ingest manager, the portion of data elements comprises: converting the biometric data obtained via the wearable device into the portion of data elements and for formatting the portion of data elements according to the schema (Gross: [0128]: receive treatment data in various formats and generate sub-token using the treatment data; Sanchez: [0008]-[0016]; [0131]; Cordonnier: col. 2 lines 60-64: convert healthcare data into non-fungible token). Same rationale applies here as above in rejecting claim 1. Claims 8-11 are rejected under 35 U.S.C. 103 as being unpatentable over Gross in view of Sanchez and further in view of Chen et al. U.S. 2020/0168306 (hereinafter Chen). As per claim 8, Gross as modified discloses the method of claim 1. Gross does not explicitly disclose wherein the requesting entity generates the credential request in response to scanning a portable access point of the user. However, Chen discloses scanning a portable access point of patient to request and obtain patient data (Chen: Figs. 5 and 8; and [0042]: medical staff scan code/access point presented by patient in order to request and obtain patient’s medical data). It would have been obvious to one having ordinary skill in the art to share medical data by presenting authorization code to be scanned by medical staff because Gross and Chen both disclose sharing healthcare data via distributed ledger using blockchain ID. The motivation to combine would be to increase flexibility of obtaining user data through mobile devices (Chen: [0008]). As per claim 9, Gross as modified discloses the method of claim 8. Gross as modified further discloses wherein, the portable access point of the user comprises encoded information, and in response to scanning the portable access point, the requesting entity is configured to decipher the scope definitions from the encoded information (Chen: [0042] and [0050]: authorization message is encoded in the trust anchor in the form of QR/bar code). It would have been obvious to one having ordinary skill in the art to embed authorization message in QR/bar code to retrieve data from blockchain because they are analogous art involving storing healthcare data as Non-Fungible Tokens (NFTs). The motivation to combine would be to share data conveniently and securely. As per claim 10, Gross as modified discloses the method of claim 9. Gross as modified further discloses wherein, the user provides selections via input at a portable device, the portable device is configured to generate the portable access point in response to the user selections, and the requesting entity scans the portable access point from the portable device (Chen: [0009]-[0010]: user provides data to blockchain system in order to generate sharable indexes). Same rationale applies here as above in rejecting claim 8. As per claim 11, Gross as modified discloses the method of claim 10. Gross as modified further discloses wherein the user selections correspond to segment dimension values that span segment dimensions of the user's secure information selected by the user for sharing with the requesting entity, the encoded information of the portable access point comprises encoded representations of the segment dimension values, the requesting system is configured to decipher the encoded representations of the segment dimension values in response to scanning the portable access point, and the scope definitions provided in the credential request comprise the deciphered segment dimension values (Chen: [0009]; [0049]: user can select one or more records to be shared). It would have been obvious to one having ordinary skill in the art to allow user to selectively share data with other entities by presenting code because they are analogous art involving storing healthcare data as Non-Fungible Tokens (NFTs). The motivation to combine would be to share data conveniently and securely. Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over Gross in view of Sanchez and further in view of Schneider et al. U.S. 2023/0207082 (hereinafter Schneider). As per claim 21, Gross as modified discloses the method of claim 1. Gross as modified does not explicitly disclose wherein the tagged segment dimension value for at least one of the data elements is derived by: analyzing, via a computer vision model, visual data of the at least one data element to derive the tagged segment dimension value. However, Schneider discloses prior to indexing and reconciling the data, an OCR engine may consume free-form electronic medical records and convert them into machine readable data sources (Schneider: [0053]). It would have been obvious to one having ordinary skill in the art to index medical data generated via OCR/computer vision model to efficiently process large volume of data on paper instead of manual process. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Gorski et al. U.S. 2024/0378683 discloses method for collecting, evaluating and transforming animal data for use as a digital currency or collateral. Roberts et al. U.S. 2022/0222364 discloses non-fungible token content items, access controls, and discovery. Karkanias et al. U.S. 2009/0254466 discloses smart secure storage for storing healthcare data tagged by category. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHIN HON (ERIC) CHEN whose telephone number is (571)272-3789. The examiner can normally be reached Monday to Thursday 9am- 7pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached at 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SHIN-HON (ERIC) CHEN/ Primary Examiner, Art Unit 2431