DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in response to the application filed on 01/24/2020. Claims 4-9 are amended. Claims 12-15 are cancelled. Claims 1-11 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

 			 EXAMINER’S AMENDMENT
An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner's amendment was given over the phone from Christian Ehret (Reg. No. 69,743) on 12/10/2021. 
 The application has been amended as follows:
Please replace claim 1 with:
1. (Currently Amended) A method for providing a clientaccesses the confidential information using a resource identifier, the client 
as authorization code to a trusted communication path for delivery of the authorization code to the client receives the authorization code via the trusted communication path and to receive the person identifier in order to generate the encrypted person identifier based on the received authorization code and based on the received person identifier using the encryption algorithm; and to retrieve the at least part of the resource identifier from the server system on the basis of the generated encrypted person identifier; and, to use the at least part of the resource identifier for sending the request to the source system; the source system providing the client 

Please replace claim 5 with:
5. (Currently Amended) The method according to claim l

Please replace claim 6 with:
6. (Currently Amended) The method according to claim l

Please replace claim 7 with:
7. (Currently Amended) The method according to claim l

Please replace claim 9 with:
9. (Currently Amended) The method according to claim l

Please replace claim 10 with:
10. (Currently Amended) A source system for providing a client accesses the confidential information using a resource identifier, the client non-transitory computer readable storage medium having at least part of a non-transitory computer readable storage medium having computer readable program code embodied therewith, and a processor, preferably a microprocessor, coupled to the non-transitory computer readable storage medium, wherein responsive to executing the computer readable program code, the processor is configured to perform executable operations comprising: generating the resource identifier, preferably the resource identifier comprising a URL, the resource identifier being indicative of a data storage location at the source system, the data storage location comprising the confidential information of the person, the person being identified by a person identifier; obtaining, for example generating or receiving, a first code; using the encryption algorithm for generating a second code based on the first code and based on the person identifier;  transmitting a message to a server system, the message comprising at least part of the resource identifier, the message instructing the server system to store the first code or the second code as an encrypted person identifier in association with the at least part of the resource identifier; providing the second code or the first code respectively as authorization code to a trusted communication path for delivery of the authorization code to the client 

Please replace claim 11 with:
11. (Currently Amended) A method for a client system for accessing confidential information of a person stored at a source system, the client 

Allowable Subject Matter
Claims 1-11 are allowed.
The following is an examiner’s statement of reasons for allowance:
The invention relates to systems and methods for providing a client system access to confidential information of a person stored at a source system, the client system being configured to access the confidential information using a resource identifier, the client system and the source system comprising an encryption module for executing an encryption algorithm.

The closest relevant prior art made of record are:
Noordende(US2014/0047513)teaches A system and computer-implemented method for providing decentralized access to records. The method is performed on at least one computer system including at least one processor. The method includes the steps of: generating at least one reference for at least one record stored on a source system, the at least one reference comprising authorization information and a pointer to the at least one record; receiving, at the source system from a client system, a request to retrieve the at least one record from the source system, the request initiated using the at least one reference and including at least a portion of the at least one reference; authenticating or 
Shaikh(US8,613,105) teaches Techniques for securely storing confidential information associated with a transaction are disclosed. A method for securely storing confidential information may include storing a data set related to a first transaction in a first server, the data set configured to be searchable by an authorized administrator, storing a plurality of encrypted files that include confidential information related to a plurality of transactions in a second server, including a first encrypted file that includes confidential information related to the first transaction, storing an identifier for the first encrypted file, where the identifier is configured to include at least one key required to access the confidential information related to the first transaction, linking the data set to the identifier, and limiting the access to the plurality of encrypted files by the administrator.
Feisher(US2014/0222684) teaches a data security apparatus and method for controlling access to records provided within automated electronic databases, each record having an associated set of access rules, comprising: receiving, by a security processor, a request for access to records associated with at least one of an entity, attribute, and datum from a requestor; determining a set of records associated with the requested entity, attribute, or datum, contained in the automated electronic databases; authorizing access to the records within the determined set of records based on compliance with the associated set of access rules; defining an economic compensation rule, satisfaction of which is required for qualification for access to the set of records; selectively permitting access to records in dependence on satisfaction of the compensation rule; communicating the access permissions to the host automated electronic databases; and logging the request for retrieval and a respective access of each record.
Carner (US2014/0089008) teaches the application servicing system is further configured such that the temporary access to at least the image data is provided by allocating a dynamic URL address. The use of a dynamic URL assists in limiting the viewing and preserving the privacy of the data to be accessed. Further, the dynamically generated URL gives access to at least the image data and is only generated upon receiving the request from the person identified by the recipient identifier. The application server sends a link to the dynamic URL, to a recipient identifier identifying one or more recipients that are allowed access to the image data. However, in one embodiment, the link is sent to initiating user 30. In this case, as far as the server is concerned, the initiating user 30 is the intended recipient 40. That is, the recipient identifier is in this case the same as the sender identifier. Upon receiving the link, the initiating user can then sends the link to any further intended recipients.
Keefe(US2012/0177256) teaches multiple storage servers 14 can be combined on the same network 22 to transparently aggregate the operation of the servers from the perspective of the user. When multiple storage servers 14 are aggregated together, the servers can share information related to patient records and optionally, other capabilities such as resources related to data storage, processor, job queues, workload, etc. A user can connect to any storage server 14 in the aggregation set from a viewing station 340. When the initial connection is made, the user will be presented with a login screen from the specified storage server 14. For purposes of simplifying this description, the storage server 14 that the user chose to log into will be called the "master server" and the other servers in the aggregation set will be called "remote servers". When a search for patient 
Kiliccote(US2010/0191972) teaches a system for providing secure document distribution is disclosed. The system includes an application configured to: allow an author to create a document, allow the author to secure the document using an access code, wherein the access code is needed to gain access to the document, encrypt the access code, and forward a message to a recipient, wherein the message includes the document and the encrypted access code, a terminal configured to: allow the recipient to open the message, and generate an image, the image having information embedded therein, the embedded information including the encrypted access code, and a portable device configured to: allow the recipient to capture the image, store predetermined information, wherein the predetermined information is usable to decrypt the encrypted access code, capture input information from the recipient, the input information to be used to ensure that the recipient is authorized to use the portable device, extract the information embedded in the image, decrypt the encrypted access code using the predetermined information, and generate an output, the output including the access code. The terminal is further configured to receive the output generated by the portable device and evaluate the output to determine if the correct access code needed for access to the document is provided.
O’Rourke(US2002/0161795) 
Tanner(US10,366,204) teaches a system and method for a decentralized autonomous healthcare economy platform are provided. The system and method aggregates all of the healthcare data into a global graph-theoretic topology and processes the data via a hybrid federated and peer to peer distributed processing architectures.


However, none of closest prior arts mentioned above teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent claims 1, 10, and 11. For example, none of the cited prior art, alone or in combination, teaches or suggest the steps of “ the source system using the encryption algorithm for generating a second code based on the first code and based on the person identifier; wherein the client receives the authorization code via the trusted communication path and to receive the person identifier in order to generate the encrypted person identifier based on the received authorization code and based on the received person identifier using the encryption algorithm; and to retrieve the at least part of the resource identifier from the server system on the basis of the generated encrypted person identifier” in view of other limitations of claims 1, 10, and 11. Therefore the claims are allowable over the cited prior arts.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAHRIAR ZARRINEH/Examiner, Art Unit 2496