Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communications received 3/28/2019. Claims 1-20 are pending.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on7/1/2019 and 8/24/2020 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 10 are rejected under 35 U.S.C. 103 as being unpatentable over US 20070232885 to Cook et al., hereinafter Cook, in view of US 20150046192 to Raduchel, hereinafter Raduchel and further view of 20130177157 to Li et al., hereinafter Li.
Regarding claim 1, Cook discloses 
A data transfer system comprising (Fig. 6): (a) a transfer module comprising a storage device, a wireless communication device, and a data interface, wherein the data interface is configured to couple with and receive data from an image guided surgery navigation system, wherein the wireless communication device is configured to connect to a wireless network ([0238] the transfer module is the software executing into the physician system ([0077]) that loads images into a memory of the system ((see Fig. 8, step 4 and also [0080] step 3) wirelessly from an imaging device ([0262])); (b) a transfer server configured to provide security and authentication services ([0238][0262]: authenticate user) ; and (c) a user device comprising a display and a user interface ([0094]), wherein the user device is in communication with the transfer module over the wireless network (0262] [0080][ step 12 reviewer receives the data); wherein the transfer module is configured to: (i) receive a set of medical procedure data from the image guided surgery navigation system ([0080] step 2, [0179]: receive image from imaging device), (ii) encrypt the set of medical procedure data as a set of encrypted medical procedure data using a current key, store the encrypted medical procedure data on the storage device (Fig. 8 step 5), (iii) receive a medical procedure data request from the user device, and (v) provide the set of encrypted medical procedure data to the user device ([0242]: reviewer request data, receives encrypted data, the encryption performed with the reviewer’s key).  
Cook discloses authenticating a user ([0238][0242]) but does not explicitly teach (b) a transfer server configured to provide security and authentication services associated with access to the transfer module. In an analogous art, Raduchel discloses storage systems storing user medical records (Fig. 1A, 140, 150; Fig. 7 [0138])) and receiving user request, authenticating user’s authentication token and user 
While Cook discloses deleting not needed records (Fig. 8, step 6), Cook in view of Raduchel does not explicitly teach delete the set of medical procedure data. 
However, storing encrypted data and deleting the original data is known in the art, as evidenced by Li. Li in an analogous art, discloses receiving data in a data center ([022]), encrypting the data and removing unencrypted form of the data from the data center  [0024]). Therefore it would have been obvious to a skilled artisan before the present application was effectively filed to apply storing encrypted data and deleting the original data as taught by Li to a set of medical procedure data as taught by Cook/Raduchel because it would reduce the chances of leaking the medical data and would enforce data privacy. 

Regarding claim 10, Cook in view of Raduchel and Li discloses the data transfer system of claim 1, wherein the wireless communication device is selected from the group consisting of a Wi-Fi transceiver (Cook [0255][0262] wireless communications inherently use a wireless transceiver), a Bluetooth transceiver, and a cellular data transceiver, wherein the data interface is selected from the group consisting of a USB .  

Claim 11 is rejected under 35 USC 103 as being unpatentable over Cook, Raduchel and Li, in view of US 20170257214 to Stufflebeam, hereinafter Stufflebeam.
Regarding claim 11, Cook in view of Raduchel and Li discloses the data transfer system of claim 1, but does not teach the rest of the claim. In an analogous art, Stufflebeam suggests or teaches encryption key lifecycle management ([0001])  wherein the transfer module is further configured to: (i) receive a configuration data set, the configuration data set comprising a previous key, a new key, and a new key version ([0006]: the configuration data set comprises a backup state assigned to the new key, an archive state to the old key, and [0032][0033] managing the security policies and keys using a version control system) , (ii) confirm that the current key is different from the new key ([0007]: mark the new key as active), (iii) decrypt the set of encrypted procedure data using the previous key to create a second set of medical procedure data (Fig. 6, step 604: decrypt data using the old key), (iv) encrypt the second set of medical procedure data using the new key to create a second set of encrypted medical procedure data (Fig. 6, step 605 re-encrypt data with the new key), and (v) update a local configuration to make the device key version equal to the new key version and make the current key equal to the new key ([0075]: record the new key as the current key, [0088] mark the new key as active (connote key version, using version control system see [0032][0033])).  It would have been obvious to a skilled artisan before the .

Claim 13 is rejected under 35 USC 103 as being unpatentable over Cook, Raduchel and Li, in view of US 20170230871 to Rangaswamy et al., hereinafter Rangaswamy.
Regarding claim 13, Cook in view of Raduchel and Li discloses the data transfer system of claim 1, wherein the transfer module is configured to: (i) provide a web server that the user device may communicate with over the wireless network(Cook [0090] use https to send encrypted image, [0262] wireless communication); the combined teachings of Cook, Raduchel and Li do not but Rangaswamy discloses routing in a wireless networks of nodes ([0004]). Rangaswamy teaches connect to the wireless network using a static address ([0032]: assign a static IP address), wherein the wireless network consists of peers that are either transfer modules such as the transfer module or user devices such as the user device ([0027]: wireless connections for network nodes).  It would have been obvious to a skilled artisan before the present application was effectively filed to provide a web server communicating with the user device and connect using a static IP address as taught by Rangaswamy because using a web .

Claim 15 is rejected under 35 USC 103 as being unpatentable over Cook, in view of Li.
Regarding claim 15, Cook discloses 
A method for transferring data from an image guided surgery navigation system comprising the steps:(a) installing a transfer module on the image guided surgery navigation system, the transfer module comprising a storage device, a wireless communication device, and a data interface, wherein the data interface is configured to couple with and receive data from an image guided surgery navigation system, wherein the wireless communication device is configured to connect to a wireless network ([0238] the transfer module is the software executing into the physician system ([0077]) that loads images into a memory of the system ((see Fig. 8, step 4 and also [0080] step 3) wirelessly from an imaging device ([0262])); (b) receiving a set of medical procedure data from the image guided surgery navigation system at the transfer module ([0080] step 2, [0179]: receive image from imaging device); (c) encrypting the set of medical procedure data as a set of encrypted medical procedure data using a current key, storing the encrypted medical procedure data on the storage device (Fig. 8 step 5); and (d) providing the set of encrypted medical procedure data to a user device ([0242]: reviewer request data, receives encrypted data, the encryption performed with the reviewer’s key), the user device comprising a display and a user interface ([0094]), wherein the user device is in communication with the transfer module over the wireless network ( [0262] [0080] step 12 reviewer receives the data).  
While Cook discloses deleting not needed records (Fig. 8, step 6), Cook in view of Raduchel does not explicitly teach delete the set of medical procedure data. 
However, storing encrypted data and deleting the original data is known in the art, as evidenced by Li. Li in an analogous art, discloses receiving data in a data center ([022]), encrypting the data and removing unencrypted form of the data from the data center  [0024]). Therefore it would have been obvious to a skilled artisan before the present application was effectively filed to apply storing encrypted data and deleting the original data as taught by Li to a set of medical procedure data as taught by Cook because it would reduce the chances of leaking the medical data and would enforce data privacy.

Claim 18 is rejected under 35 USC 103 as being unpatentable over Cook and Li, in further view of Stufflebeam.
The limitations in claim 18 are taught by Stufflebeam, combined to Cook and Li (See claim 11 rejection).

Claim 20 is rejected under 35 USC 103 as being unpatentable over Cook, in view of US 20130006867 to Dove et al., hereinafter Dove, and in further view of Li.
Regarding claim 20, Cook discloses 
A data transfer system comprising (Fig. 6): (a) a transfer module comprising a storage device, a wireless communication device, and a data interface, wherein the data interface is configured to couple with and receive data from an image guided surgery navigation system, wherein the wireless communication device is configured to connect to a wireless network via a Wi-Fi or cellular signal ([0238] the transfer module is the software executing into the physician system ([0077]) that loads images into a memory of the system ((see Fig. 8, step 4 and also [0080] step 3) wirelessly from an imaging device ([0262])); (b) a storage system, wherein the storage system is in communication with the transfer module ([0080], step 3) over the wireless network via a Wi-Fi or cellular signal ([0262])); and (c) a user device comprising a display  and a user interface ([0094]); wherein the transfer module is configured to: (i) receive a set of medical procedure data from the image guided surgery navigation system ([0080] step 2, [0179]: receive image from imaging device), (ii) encrypt the set of medical procedure data as a set of encrypted medical procedure data using a current key, store the encrypted medical procedure data on the storage device, and (iii) provide the set of encrypted medical procedure data to the storage system (Fig. 8 step 5); wherein the storage system is configured to: (i) receive a medical procedure data request from the user device, and (ii) provide the set of encrypted medical procedure data to the user device ([0242]: reviewer request data, receives encrypted data, the encryption performed with the reviewer’s key); and wherein the user device is configured to: (i) receive the encrypted medical procedure data from the storage system, (ii) decrypt the medical procedure data ([0242]: reviewer receives encrypted data, decrypts for review), and (ii) display at least some of the medical procedure data to an end user ([0080] step 15-16: the reviewer reviews the images including the annotations meaning the images are displayed). 
Cook does not teach the storage system is a cloud storage system. However, Dove discloses a computer receiving images data from an imaging device (Fig. 2B, item 112), encrypt the images and send to a cloud storage (Fig. 2B items 232, 240, [0041]); the encrypted images can be downloaded to a user computer and decrypted ([0042]). . It would have been obvious to a skilled artisan before the present application was effectively filed to store the  encrypted images in a cloud storage and retrieve the encrypted images from the cloud storage as taught by Dove because storing encrypt[ted data in a cloud is cost effective (Dove [0001]), while providing data privacy.
While Cook discloses deleting not needed records (Fig. 8, step 6), Cook in view of Dove does not explicitly teach delete the set of medical procedure data. 
However, storing encrypted data and deleting the original data is known in the art, as evidenced by Li. Li in an analogous art, discloses receiving data in a data center ([022]), encrypting the data and removing unencrypted form of the data from the data center  [0024]). Therefore it would have been obvious to a skilled artisan before the present application was effectively filed to apply storing encrypted data and deleting the original data as taught by Li to a set of medical procedure data as taught by Cook/Dove because it would reduce the chances of leaking the medical data and would enforce data privacy.

Allowable Subject Matter
Regarding claim 2, Cook in view of Raduchel and Li discloses the data transfer system of claim 1, wherein the user device is configured to: (i) store a device key and a device key version, (ii) authenticate a user of the user device (Raduchel [0075]: authenticate user name and password), (iii) validate the user device based upon the device key and the current key (Raduchel [0075] grant access to records if user device is authenticated and [0062] records encrypted with current key), (iv) when the user device is not validated, prompt the user for a new key and set it as the device key, then delete any information on the user device associated with a previous device key, and (v) when the user device is validated, receive the set of encrypted procedure data and decrypt the set of encrypted procedure data using the device key.  
The cited prior arts in combination with other prior art of the records fail to teach claim 2. Therefore, claim 2 is found allowable. Claims 3-9 depending from claim 2 are also found allowable.
Regarding claim 12, Cook in view of Raduchel and Li discloses the data transfer system of claim 1. The cited prior arts in combination with other prior art of the records fail to teach: wherein the transfer server is configured to: (i) store a set of email templates, wherein each email template is associated with a user, and wherein each email template is configured to format the set of medical procedure data for transmission to that user, (ii) receive a template request from the user device, wherein the template request comprises an identifier for the user and a terms acceptance, (iii) provide an email template of the set of email templates that is associated with the user to the user device, and (iv) store the terms acceptance, wherein the user terms 
Therefore, claim 12 is allowable.
Regarding claim 14, Cook in view of Raduchel, Li and Rangaswamy discloses the data transfer system of claim 13. The cited prior arts in combination with other prior art of the records fail to teach: wherein the transfer module is further configured to:   (i) restrict the function of the web server to prevent use of a set of commands, the set of commands comprising POST, PUT, and DELETE, (ii) generate a self-signed secure sockets layer certificate, wherein the self-signed secure sockets layer certificate has a duration of time, and (iii) generate a new self-signed secure sockets layer certificate when the duration of time has passed.  
Therefore, claim 14 is allowable.
Regarding claim 16, the claim recites substantially the subject matter found allowable in claim 2, therefore, claim 16 is found allowable for the same reasons as claim 2. Claim 17 dependent from claim 16 is also allowable.
Regarding claim 19, Cook in view of Li discloses the method of claim 15. The cited prior arts in combination with other prior art of the records fail to teach:  the steps:(a) providing a web server on the transfer module that the user device may communicate with over the wireless network; (b) connecting the transfer module to the wireless network using a static address; (c) restricting the function of the web server to prevent use of a set of commands, the set of commands comprising POST, PUT, and DELETE; (d) generating a self-signed secure sockets layer certificate, wherein the self- 
Therefore, claim 19 is allowable.
Claims 2-9, 12, 14, 16-17 and 19 are being objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Perez et al. 20170293718 disclose recording medical imagery data, the image can be encrypted and stored in a secure processing system; selecting image, encrypting the image and sending to mobile device for decryption.
Westin et al 20150278444 disclose capturing a medical image, converting it to a to standard format, encrypting and transmitting to a party, deleting the image a time period.
Ferrara et al 20130191647 disclose a server performing authentication of a patient, identifying the patient medical data, encrypting the data  and sending wirelessly to the patient.
Gotthardt 20110123027 disclose a database storing medical data encrypted with a symmetric key, which is encrypted with a  public key of a user.
Vettival et al. 20160063187 disclose personal health info (phi) encrypted and stored, original removed.
Minami et al 20180268164 disclose distribution of health data , encrypted and signed.
Chen et al 20150347682 disclose sharing of imaging data (xray or other) in a wired or wireless communication.
Grow et al 20170262585 disclose a system storing medical data for each patient, the data encrypted for each user with a different key, authenticating a user, sending the encrypted data to the user.
Takahashi et al 20140156988 disclose a medical server storing encrypted medical record , receiving a request from a user, if the user is authenticated by an authentication server, identifying the key associated with the user to decrypt the requested data, re-encrypting it with the user public key and transmitting to the user.
 Grimme 20190356479 disclose a cloud server sending image  to user mobile, encrypted with a public key of user , the user decrypts the encrypted iamge.
Ahmed 20190386814 disclose a health monitoring device collecting medical data, encrypting, storing in cloud, medical data encrypted with patient pub key, sent to client for decrypting.
Chu et al 20160234176 discloses imaging device encrypting images and sending to a server in wired or wireless communication.
Menschik et al 8874453 disclose a server coupled to hospital system comprising user devices, imaging system, providing data to user after authentication.
Baruch et al 10146961 disclose journal data encrypted with key, when the key expires, remove journal data and delete expired key.
Matsuda 20180131573 disclose restricting access to a web server if command not authorized.
Ford et al 20150310188 disclose receiving a user request to view files, determining the key used to encrypt the files and when the key has rotated, decrypting data with old key and re-encrypting with new key before sending to user.
Lee et al 20120140923 disclose an encryption key versioning and rotation in a multi-environment, checking whether a key is if active, decrypting data with old and encrypting it with a new key.
Martin et al 20090326985 disclose delivering pre-populated progress note to a health care provider using a template specific to a patient.
Westin et al 8108432 disclose delivering medical images formatted for messaging to a  phone, or for email transmission, based on templates for a specific format.
Baldwin et al  20190198138 disclose a medical information system receiving inputs for template definition that specifies terms or concepts to medical professionals regarding a patient.
Choi 20150248526 discloses signing terms of acceptance to receive colonoscopy procedure- 
Higgs 20170011174 disclose a cloud-based system storing personal health information including images.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138.  The examiner can normally be reached on Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.