Prosecution Insights
Last updated: July 17, 2026
Application No. 19/015,104

SYSTEMS AND METHODS FOR OPTIMIZED DE-IDENTIFICATION OF PATIENT DATA

Non-Final OA §101§102§112
Filed
Jan 09, 2025
Priority
Jan 11, 2024 — provisional 63/620,046
Examiner
RONI, SYED A
Art Unit
2432
Tech Center
2400 — Computer Networks
Assignee
Truveta, Inc.
OA Round
1 (Non-Final)
82%
Grant Probability
Favorable
1-2
OA Rounds
1y 3m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 82% — above average
82%
Career Allowance Rate
543 granted / 662 resolved
+24.0% vs TC avg
Strong +22% interview lift
Without
With
+22.2%
Interview Lift
resolved cases with interview
Typical timeline
2y 9m
Avg Prosecution
19 currently pending
Career history
686
Total Applications
across all art units

Statute-Specific Performance

§101
2.9%
-37.1% vs TC avg
§103
63.0%
+23.0% vs TC avg
§102
29.7%
-10.3% vs TC avg
§112
0.9%
-39.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 662 resolved cases

Office Action

§101 §102 §112
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statement (IDS) submitted on 01/15/2025, 07/11/2025 and 01/09/2026 are being considered by the examiner. Specification The abstract of the disclosure is objected to because of the following; The abstract refers to purported merits or speculative applications of the invention and compares the invention with the prior art i.e., “providing significant performance advantages over conventional methods” (See Abstract). Correction is required. See MPEP § 608.01(b). Claim Objections Claims 13 – 14 and 16 – 20 are objected to because of the following informalities: Regarding claim 13; there appears to be a typographical error “component” of -- a component -- in the claim. Claim 14 is a dependent claim and thus also objected. Regarding claim 16; there appears to be a missing -- and -- at end of line 26 of the claim. Claims 17 – 20 are dependent claims and thus also objected. Appropriate correction is required. Claim Interpretation The following is a quotation of 35 U.S.C. 112(f): (f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph: An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked. As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph: (A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; (B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and (C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: “a component configured to receive healthcare data”; “a component configured to receive…a customer identifier”; “a component configured to…identify a data field” and “a component configured to generate” in claim 10, “a component configured to…store an indication…” in claim 11, “a component configured to traverse…”; “a component configured to access a reference…”; and “a component configured to retrieve…” in claim 14, “a component configured to transform”; “a component configured to provide”; “a component configured to generate” and “a component configured to store”, “a component configured to…generate a message” and “a component configured to transmit the message” in claim 15. Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Regarding claim 4, the limitation “minimum precision value” is indefinite because the claim fails to provide objective boundaries for determining the scope of the limitation. Specifically, the claim does not define how the precision value is calculated, what constitute the precision or the unit or scale of the precision value etc., Although, the specification generally discusses de-identification of data fields, the specification does not provide sufficient objective standards for determining when a particular precision value satisfies the claimed “minimum precision value” Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 16 – 20 are rejected under 35 U.S.C. 101 because the claims are directed to non-statutory subject matter. Claims 16 - 20 recite "computer readable medium". Claim language does not comply with the requirement of MPEP 2106.01.1. Paragraph [0152] of the specification discloses various medium. However, the specification fails to exclude signals or carrier waves as being a "computer readable medium". Therefore, the Examiner is obligated to give the phrase its broadest reasonable interpretation as encompassing transitory forms of signal transmission, such as carrier waves or propagated signals which are non-statutory subject matter under 35 U.S.C. 101. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claim(s) 10 - 15 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Gkoulalas-Divanis (US 2019/0266353 A1) (hereinafter “Gkoulalas”). Gkoulalas discloses; Regarding claim 10, a computing system for de-identifying healthcare data [i.e., data de-identification and multiple different de-identification processes to iteratively de-identify data (see Abstract), (page 1, para 0001- 0004), (page 2, para 0013)], the computing system comprising: one or more processors [i.e., server 140 including processors 14 (see figure 5)]; one or more computer-readable memories [i.e., memory 16, RAM 24, cache 26, persistent storage 18 (see figure 5)]; a component configured to receive healthcare data from each of a plurality of healthcare data providers [i.e., user device 110 providing datasets to database 120/server 140 where the datasets include medical data and personally identifiable information (pages 2 – 3, para 0019 – 0021)], the healthcare data including a plurality of entries, each entry including a patient identifier and values for one or more of a plurality of data fields [i.e., figures 3A – 3B disclose dataset 300 including direct identifiers and quasi-identifiers. The records include NAME, PHONE, SSN, AGE, GENDER, and ZIP CODE fields (see Figures 3A – 3B), (page 4, para 0043 – 0044)]; a component configured to receive, from a customer, a customer identifier and a de- identification policy [i.e., a data owner using user device 110 to provide datasets and interact with evaluations and selections regarding the de-identification process (page 1, para 0019), (page 2, para 0026), (pages 2 – 3, para 0038)], the de-identification policy specifying a de-identification policy identifier and a ranking of one or more data fields [i.e., provider evaluation module 160 evaluating and ranking de-identification providers according to privacy metrics and utility metrics. Evaluation table 400 and dashboards 402/404 comparatively evaluate algorithm associated with attributes and quasi-identifiers (para 0033 – 0038), (pages 3 – 4, para 0045), (pages 5 – 6), (figures 4A – 4C)]; a component configured to, for each of a plurality of de-identification iterations [i.e., iterative de-identification processing in which operations 230 – 260 are repeated until the dataset is sufficiently de-identified (see figure 2), (page 3, para 0014, 0029, 0040 – 0041)], identify a data field from the plurality of data fields based on the ranking of the one or more data fields of the received de-identification policy [i.e., vulnerability analysis module 150 identifies direct identifiers, quasi-identifiers, and sensitive attributes in dataset fields. Provider evaluation module 160 associates selected de-identification providers with identified attribute (para 0024 – 0025), (pages 2 – 3, para 0030 – 0031)], generate a plurality of replacement values for the identified data field [i.e., replacing names with randomly-selected names, gender-preserving replacement names, SHA-512 hashed values, generalized dates, generalized telephone numbers, and generalized ZIP codes (para 0031 – 0032), (page 3, para 0053), (see figures 4C)], for each ungrouped entry in the healthcare data, replace a value corresponding to the identified data field with one of the generated replacement values to generate modified entries [i.e., de-identification module 170 applying masking, pseudonymization, encryption, hashing, generalization, and suppression operations to attributes of the dataset (para 0027, 0031 – 0032)], based on the replaced values, determine whether at least a threshold number of the ungrouped entries have identical values for each of a first set of data fields [i.e., equivalence classes and k-anonymity processing. The privacy metric may correspond to the size of the smallest equivalence class (e.g., the number of records having the same values for the quasi-identifiers (para 0036), (page 4, para 0040)], and in response to determining that at least a threshold number of ungrouped entries have identical values for each of the first set of data fields, group the entries that have identical values for each of the first set of data fields [i.e., applying anonymization techniques according to formal privacy models including k-anonymity and I-diversity using equivalence classes of records sharing the same quasi-identifiers value (para 0032), (page 3, para 0040)]; and a component configured to generate encrypted de-identified healthcare data at least in part by encrypting a modulated patient identifier [i.e., de-identification providers including data encryption and hashing techniques and one-way hash provider (such as SHA 512) to generate a unique alphanumeric value for the name (para 0031 – 0032), (page 3), (figure 4C)]. Regarding claim 11, the computing system of claim 10, further comprising: a component configured to, for each of the plurality of de-identification iterations, after replacing values corresponding to an identified data field with one of the generated replacement values [i.e., iterative de-identification processing in which selected de-identification providers are successively applied to dataset attributes and the process iterates until sufficient de-identification is achieved (figure 2, operation 230 – 270), (page 2, para 0014, 0039 – 0041)], store an indication of the grouped entries and modified entries as an intermediate data set [i.e., storing de-identified datasets and intermediate transformed datasets in storage 180 and/or database 120 during iterative de-identification operations (para 0021), (0028), (pages 2 – 3 para 0041)], and add an entry to a policy tree data store, the added entry including an indication of the identified data field and a reference to the intermediate data set [i.e., associating dataset attributes with selected de-identification providers and configuration options, and iteratively evaluating/storing provider selection and associated transformed datasets (para 0025 – 0026), (pages 2 – 3 para 0031 – 0033), (see figures 4A – 4C)]. Regarding claim 12, the computing system of claim 10, wherein each of the ranked data fields is a quasi- identifier [i.e., quasi-identifiers including AGE, GENDER, and ZIP CODE, and ranking/evaluation de-identification providers associated with quasi-identifier fields (see figures 3A – 3B), (para 0013, 0024, 0030 and 0032)]. Regarding claim 13, the computing system of claim 10, further comprising: component configured to identify at least one policy tree based on the received de- identification policy [i.e., selecting and evaluating multiple de-identification providers and corresponding configuration options for identified dataset attributes according to privacy and utility policies/metrics (para 0025 – 0026), (pages 2 – 3 para 0033 – 0038), (see figures 4A – 4C)]. Regarding claim 14, the computing system of claim 13, further comprising: a component configured to traverse the identified at least one policy tree based on the ranking of the received de-identification policy [i.e., iterative selection and evaluation of de-identification providers and corresponding configuration options according to privacy scores, utility scores, and ranking criteria (see figure 2, operations 220 – 250), (page 2, para 0033 – 0038)]; a component configured to access a reference associated with a node of the identified at least one policy tree [i.e., provider evaluation module 160 associating each attribute with multiple de-identification providers and associated configuration options for iterative selection and evaluation (para 0025, 0031 – 0033), (see figures 4A – 4C)]; and a component configured to retrieve an intermediate data set based on the accessed reference [i.e., iterative de-identification processing using stored transformed dataset and repeated applying selected providers until the dataset satisfies the required privacy threshold (page 4 , para 0039 – 0042)]. Regarding claim 15, the computing system of claim 10, wherein two or more of the healthcare providers provide healthcare data records in different formats, the computing system further comprising: a component configured to transform the healthcare data records provided by each of the two or more healthcare providers into a standardized format [i.e., datasets received from different data owners and different data sources including public and proprietary datasets (para 0019 – 0022), (pages 2 – 3, para 0034)]; a component configured to provide, to users over a network, remote access to healthcare records so that any one or more of the users can provide at least one updated healthcare data record in real time through an interface, wherein at least one of the users provides an updated healthcare data record in a format other than the standardized format, wherein the format other than the standardized format is dependent on hardware and software platform used by the at least one user [i.e., transforming dataset attributes using de-identification providers including masking, pseudonymization, hashing, encryption, suppression, and generalization operations applied to datasets (para 0025 – 0032)]; a component configured to convert the at least one updated record into the standardized format [i.e., transforming and processing datasets using de-identification providers and associated configuration options to modify dataset attributes into transformed format (para 0031 – 0032)]; a component configured to generate a set of at least one normalized record from the at least one updated record [i.e., generating de-identified datasets and transformed records though masking, hashing, generalization, suppression, and anonymization operations (para 0027, 0031 – 0032)]; a component configured to store the generated set of at least one normalized record [i.e., outputting and storing de-identified datasets in storge 180 and/or database 120 (see figure 1), (para 0028)]; a component configured to, after the generated set of at least one normalized record is stored, generate a message containing the generated set of at least one normalized record [i.e., communicating evaluations, recommendations, dashboards, and datasets between server 140, database 120 and user device 110 over network 130 (see figure 1), (page 0019 – 0023 and 0037)]; and a component configured to transmit the message to one or more users over the network in real time, so that the users have access to the updated record [i.e., communications over network 130 between server 140, database 120, user device 110, including presenting updated de-identification evaluations and datasets to user/data owner (see figure 1), (para 0018 – 0023), (page 2 – 3, para 0059)]. Allowable Subject Matter Claim 1 – 3, and 5 - 9 allowed. The following is a statement of reasons for the indication of allowable subject matter: Regarding claim 1; the prior art of record, Gkoulalas discloses a method, performed by a computing system having at least one processor and at least one memory, for de-identifying healthcare data, the method comprising: receiving healthcare data from each of a plurality of healthcare data providers, the healthcare data including a plurality of entries, each entry including a patient identifier and values for one or more of a plurality of data fields; receiving, from a customer, a customer identifier and a de-identification policy, the de- identification policy specifying a de-identification policy identifier and a ranking of one or more data fields; However, Gkoulalas do not disclose “applying the received de-identification policy to the received healthcare data to generate de-identified healthcare data and generating encrypted de-identified healthcare data at least in part by, for each entry in the generated de-identified healthcare data, modulating the patient identifier included in the entry based on the received customer identifier and the received de-identification policy identifier, and encrypting the modulated patient identifier; and transmitting the encrypted de-identified healthcare data to the customer”. These claimed limitations are not present in the prior arts of record and would not have been obvious. They in combination with other elements cited present subject matter that is novel and nonobvious. Thus, claim 1 is allowed. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED A RONI whose telephone number is (571)270-7806. The examiner can normally be reached M-F 9:00-5:00 pm (EST). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached at (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SYED A RONI/Primary Examiner, Art Unit 2432
Read full office action

Prosecution Timeline

Jan 09, 2025
Application Filed
May 20, 2026
Non-Final Rejection mailed — §101, §102, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12675609
ENERGY STORAGE SYSTEM AND OPERATING METHOD THEREOF
2y 5m to grant Granted Jul 07, 2026
Patent 12675569
METHOD OF PREVENTING FRAUD
2y 1m to grant Granted Jul 07, 2026
Patent 12671687
SYSTEM, TERMINAL, CONTROL METHOD OF TERMINAL, AND STORAGE MEDIUM
3y 7m to grant Granted Jun 30, 2026
Patent 12657293
METHOD AND SYSTEM FOR A VBMC FOR A COMPOSED SERVER INSTANCE
2y 9m to grant Granted Jun 16, 2026
Patent 12659309
Method and Apparatus for Utilization of Domain Name System for Efficient Certificate Data Retrieval in Plug and Charge Ecosystems
2y 2m to grant Granted Jun 16, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
82%
Grant Probability
99%
With Interview (+22.2%)
2y 9m (~1y 3m remaining)
Median Time to Grant
Low
PTA Risk
Based on 662 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month