DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
Claims 29-43 are pending in this application.
Information Disclosure Statement
The Information Disclosure Statement(s) submitted by applicant on 8/16/2023 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 signed and attached hereto.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 29-43 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-13 of U.S. Patent No. 12,107,960. Although the claims at issue are not identical, they are not patentably distinct from each other (see table below).
Instant Application
U.S. Patent No. 12,107,960
Claim 29: A system comprising one or more hardware processors configured to: receive encrypted patient data over a network from a remote computing system, wherein said encrypted patient data is encrypted with a first key, wherein said remote computing system does not have a decryption key to decrypt the encrypted patient data; and decrypt the encrypted patient data with a second key that is different than the first key at a computing device associated with a caregiver; wherein the second key is a private key, and wherein the private key is obtained by decrypting an encrypted private key (EPK) that was stored as part of a key hierarchy structure (KHS).
Claim 1: A system for communicating patient data between a first computing device associated with a patient and second computing device associates associated with a care provider, the system comprising one or more hardware processors configured to: request patient data over a network from a third computing system, wherein said patient data is encrypted with a first key and received from the first computing device without the first key, and wherein said third computing system does not have a decryption key to decrypt the patient data that is encrypted, wherein the second computing device is further configured to decrypt the encrypted data with a second key that is different than the first key and wherein the second key is a private key obtained by decrypting an encrypted private key (EPK) that was stored as part of a key hierarchy structure (KHS), wherein the private key is obtained by decrypting an encrypted private key (EPK) that was stored as part of a key hierarchy structure (KHS).
Although the conflicting claims are not identical, they are not patentably distinct from each other because both are directed to encrypting patient data with private key in a key hierarchy structure and is substantively-similar independent claims 34,39, said claims are merely a broader version of claim 1 of U.S. Patent No. 12,107,960 contains at least all of the limitations (or obvious equivalents) recited in claim 29 of the instant application.
With regard to claims of the 30-33,35-38,40-43, each depending from one of independent claims 29,34 and 39, said claims are rejected on the grounds of nonstatutory double patenting as being unpatentable over U.S. Patent No. 12,107,960 in view the foregoing nonstatutory double patenting rejection of claim 29.
Claims 29-43 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-15 of U.S. Patent No. 11,706,029. Although the claims at issue are not identical, they are not patentably distinct from each other (see table below).
Instant Application
U.S. Patent No. 11,706,029
Claim 29: A system comprising one or more hardware processors configured to: receive encrypted patient data over a network from a remote computing system, wherein said encrypted patient data is encrypted with a first key, wherein said remote computing system does not have a decryption key to decrypt the encrypted patient data; and decrypt the encrypted patient data with a second key that is different than the first key at a computing device associated with a caregiver; wherein the second key is a private key, and wherein the private key is obtained by decrypting an encrypted private key (EPK) that was stored as part of a key hierarchy structure (KHS).
Claim 1: A system for communicating patient data, the system comprising:
a first computing device associated with a patient, said first computing device configured to obtain patient data and encrypt the patient data with a first key, wherein the first computing device is further configured to transmit the encrypted patient data without providing the first key; and
a second computing device associated with the care provider, said second computing device configured to request the obtained patient data over a network from a third computing system, said third computing system does not have a decryption key to decrypt the encrypted patient data, wherein the second computing device is further configured to decrypt the encrypted data with a second key that is different than the first key and wherein the second key is a private key obtained by decrypting an encrypted private key(EPK) that was stored as part of a key hierarchy structure(KHS).
Although the conflicting claims are not identical, they are not patentably distinct from each other because both are directed to encrypting data between devices using a private key in key hierarchy structure and is substantively-similar independent claims 34,39, said claims are merely a broader version of claim 1 of U.S. Patent No. 11,706,029 contains at least all of the limitations (or obvious equivalents) recited in claim 29 of the instant application.
With regard to claims of the 30-33,35-38,40-43, each depending from one of independent claims 29,34 and 39, said claims are rejected on the grounds of nonstatutory double patenting as being unpatentable over U.S. Patent No. 11,706,029 in view the foregoing nonstatutory double patenting rejection of claim 29.
Claims 29-43 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-24 of U.S. Patent No. 10,608,817. Although the claims at issue are not identical, they are not patentably distinct from each other (see table below).
Instant Application
U.S. Patent No. 10,608,817
Claim 29: A system comprising one or more hardware processors configured to: receive encrypted patient data over a network from a remote computing system, wherein said encrypted patient data is encrypted with a first key, wherein said remote computing system does not have a decryption key to decrypt the encrypted patient data; and decrypt the encrypted patient data with a second key that is different than the first key at a computing device associated with a caregiver; wherein the second key is a private key, and wherein the private key is obtained by decrypting an encrypted private key (EPK) that was stored as part of a key hierarchy structure (KHS).
Claim 1: A method, comprising:
obtaining, by one or more processors of a first client device, a private key for a first user of the first client device that is paired to a public key for the first user of the first client device;
receiving, by one or more processors of the first client device, encrypted user data over a network, the encrypted user data having been created by a second user of a second client device;
receiving, by one or more processors of the first client device, a shared data key hierarchy structure(SD-KHS) over the network, the SD-KHS comprising one or more encrypted shared data encryption keys(ESDEKs);
decrypting, by one or more processors of the first client device, an ESDEK with the private key to make available a shared data encryption key (SDEK); and
decrypting, by one or more processors of the first client device, the encrypted user data with the SDEK to make available the user data;
editing, by one or more processors of the first client device, one or more elements of the user data;
encrypting, by one or more processors of the first client device, a notification message using a public key for the second user of the second user device, wherein the notification message comprises an indication of the user data having been edited to at least the second user of the second user device; and
sending, by one or more processors of the first client device, the notification message over the network.
Although the conflicting claims are not identical, they are not patentably distinct from each other because both are directed to encrypt data between devices using a private key in key hierarchy structure and is substantively-similar independent claims 34,39, said claims are merely a broader version of claim 1 of U.S. Patent No. 10,608,817 contains at least all of the limitations (or obvious equivalents) recited in claim 29 of the instant application.
With regard to claims of the 30-33,35-38,40-43, each depending from one of independent claims 29,34 and 39, said claims are rejected on the grounds of nonstatutory double patenting as being unpatentable over U.S. Patent No. 10,608,817 in view the foregoing nonstatutory double patenting rejection of claim 29.
Claims 29-43 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-5 of U.S. Patent No. 11,153,089. Although the claims at issue are not identical, they are not patentably distinct from each other (see table below).
Instant Application
U.S. Patent No. 11,153,089
Claim 29: A system comprising one or more hardware processors configured to: receive encrypted patient data over a network from a remote computing system, wherein said encrypted patient data is encrypted with a first key, wherein said remote computing system does not have a decryption key to decrypt the encrypted patient data; and decrypt the encrypted patient data with a second key that is different than the first key at a computing device associated with a caregiver; wherein the second key is a private key, and wherein the private key is obtained by decrypting an encrypted private key (EPK) that was stored as part of a key hierarchy structure (KHS).
Claim 1: A method of communicating data between a first computing device associated with a patient and a second computing device associated with a care provider, comprising:
obtaining patient data with the first computing device associated with a patient;
encrypting the patient data with the first computing device;
transmitting the encrypted patient data without providing a first key to decrypt the data to a server;
storing the encrypted data at the server; wherein the server does not have access to any key to decrypt the encrypted data;
receiving a request for the stored encrypted data from the second computing device associated with the care provider; and
decrypting the encrypted data with a second key that is different than the first key, wherein the second key is a private key obtained by decrypting an encrypted private key(EPK) that was stored as part of a key hierarchy structure(KHS).
Although the conflicting claims are not identical, they are not patentably distinct from each other because both are directed to encrypting patient data using a private key in key hierarchy structure and is substantively-similar independent claims 34,39, said claims are merely a broader version of claim 1 of U.S. Patent No. 11,153,089 contains at least all of the limitations (or obvious equivalents) recited in claim 29 of the instant application.
With regard to claims of the 30-33,35-38,40-43, each depending from one of independent claims 29,34 and 39, said claims are rejected on the grounds of nonstatutory double patenting as being unpatentable over U.S. Patent No. 10,608,817 in view the foregoing nonstatutory double patenting rejection of claim 29.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 34-36 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Haaksma et al(US 2006/0195341).
Claim 34: Haaksma disclose storing encrypted patient data associated with a patient without access to any decryption keys to decrypt the encrypted patient data wherein the encrypted patient data is encrypted with a first key and transmit the encrypted patient data based on a request for stored patient data(fig.2,3;page 7[0087]), the encrypted patient data is decrypted with a second key that is different than the first key and wherein the second key is a private key in (pages 6-8[0080],[0090];fig.3: Note that since system employs public key system, it uses different key to encrypt and decrypt data, specifically public and private key. Further, since public key is already published to the public it does not need to transmit to the specific party).
Claim 35: Haaksma disclose first key is a public key in (page 6[0080]).
Claim 36: Haaksma disclose first and the second keys are generated at a time of registration of the patient as a new user in (pages 7-8[0090]).
Allowable Subject Matter
Claims 37,38 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
USPTO Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOSUK SONG whose telephone number is (571)272-3857. The examiner can normally be reached Mon-Fri: 7:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached at 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HOSUK SONG/Primary Examiner, Art Unit 2435