DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 16-17 are rejected under 35 U.S.C. 102(a)(1) and (2) as being anticipated by Douglass (US-20160147944-A1).

Claim 16: Douglass teaches:
A method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of method steps performed by the computing system) of accessing a client logic device (Figure 1 label 110 illustrating a computing device 110, considered to be a form of “client logic device”), comprising:
sending from a patient data server (Figure 2 label 240, page 5 paragraph 0049 illustrating an EHR server sending patient data) encrypted information (page 5 paragraph 0049 illustrating encrypted patient data) associated with a user (page 5 paragraph 49 illustrating that the patient 
detecting an offline network condition between the client logic device and the patient data server (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”), and
decrypting said encrypted information residing on said client logic device to determine whether to provide access to a user attempting to access said client logic device (page 5-6 paragraph 0056-0057 illustrating comparing the stored encryption key with an encryption key generated by the user when the user logs into the offline device to determine if the user is authorized to access encrypted patient records).

As per claim 17, Douglass teaches:
The method of claim 16, as discussed above and incorporated herein.
Douglass further teaches:
wherein said information associated with the user is encrypted using the user's password as a key (page 5 paragraph 0049 illustrating generating the encryption key using the user’s .

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 3, 5-8, 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over Douglass in view of Huang (Embedding a Hiding Function in a Portable Electronic Health Record for Privacy Preservation, previously mailed on 07 January 2022) and Yao (Design and Analysis of Password-Based Key Derivation Functions).

Claim 1, Douglass teaches:
In a client logic device (Figure 1 label 110 illustrating a computing device 110), a method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of 
detecting an offline network condition (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”) between the client logic device and a patient data server (Figure 1 illustrating that the network connection is between the computing device 110, considered to be a form of “client logic device”, and EHR System 130 including EHR server 134, considered to be a form of “patient data server”);
in response to said detection of the offline network condition (Figure 3 label 300 illustrating detecting offline network connection as discussed above), the user-generated passcode identifier configured to secure patient data stored in the client logic device (Figure 2 label 240, page 5 paragraph 0049 illustrating using the login credentials including username/password to generate an encryption key, Figure 3 label 310, page 5 paragraph 0056 to page 6 paragraph 0057 illustrating using the generated encryption key and comparing with an offline encryption key generated by the user entering username/password to determine if the user is authorized to access encrypted patient medical data records stored in the computing device 110’s browser application cache).
Douglass further teaches encrypting patient data so that it is no longer visible to unauthorized users (Figure 2 label 245, page 5 paragraph 0050) for offline retrieval (Figure 3 label 325, page 6 paragraph 0058).
Douglass does not explicitly teach:
de-identifying protected health information (PHI), if any, associated with patient data stored in the client logic device.

de-identifying protected health information (PHI), if any, associated with patient data stored in the client logic device (page 314 column 2 second to last paragraph illustrating a hiding function used to hide HIPAA’s 18 identifiers, page 316 Figure 2 illustrating that the hiding function visually removes the patient’s name, date of birth, social security number, address, phone number, etc.).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records disclosed by Douglass by hiding patient identifiers as disclosed by Huang. One of ordinary skill in the art would have been motivated to make this modification in order to comply with HIPAA when patient records are viewed in offline mode (Huang; page 314 paragraph 2-3), and to prevent other users from viewing private patient information while an authorized user is reading the private patient information (page 318 column 2 paragraph 2).
While the technique of Huang is directed towards patient devices while viewing their own record, it is well within the level of ordinary skill in the art to apply the technique to other devices regardless of who is using the device, including applying the hiding function to physicians who may be viewing patient records in offline mode. The technique of Huang is particularly adaptable to any technical environment for any user because the hiding function is embedded into a variety of platforms without specific limitation to any type of user or system, including deploying the hiding function on universal/generic systems such as XML and PDF (page 318 column 1 paragraph 1).
Douglass further teaches:

Douglass further teaches using the username and/or password to generate a salt as part of the encryption key, as is known in the art (page 5-6 paragraph 0056).
Douglass in view of Huang do no teach:
causing said client logic device to prompt a user to create at the client logic device a user-generated passcode identifier.
Yao teaches:
causing said client logic device to prompt a user to create at the client logic device a user-generated passcode identifier (page 246 paragraph 3 illustrating a password-based key derivation function used to derive the key from a password and a salt s, page 249 Section 2.2 paragraph 1 illustrating Alice deriving a key y as a function of the password and salt s, wherein the salt s was set by Alice, page 256 Section 6 paragraph 1 illustrating that each time the key derivation function (KDF) is executed, a salt is either selected by the user [considered to be a form of “prompt a user to create”] or generated at random).

	Therefore, it would have been obvious to try, by one of ordinary skill in the art before the effective filing date of the claimed invention, to pick the salt generation technique and incorporate it into the system of Douglass in view of Huang since there is a finite number of identified, predictable potential solutions (i.e. user selected or random generation) to the recognized need (generation of a salt) and one of ordinary skill in the art could have pursued the known potential solutions with a reasonable expectation of success (the cost and benefits are known).

Claim 3: Douglass in view of Huang and Yao teach: 
The method of claim 1, as discussed above and incorporated herein.
Douglass further teaches:
generating, by the patient data server (Figure 4, page 6 paragraph 0063 illustrating the EHR server 134 of Figure 1 initiating a request), a communication session (Figure 6 paragraph 0063 illustrating WebSockets, considered to be a form of “communication session”) between said patient data server and an electronic health record (EHR) system of a medical facility (Figure 1 illustrating EHR server 134 and medical records database 138, considered to be a form of “electronic health record system of a medical facility”) to synchronize said received patient 

Claim 5: Douglass in view of Huang and Yao teach:
The method of claim 3, as discussed above and incorporated herein.
Douglass further teaches:
prior to detecting said offline network condition (Figure 2 label 230 illustrating the user accessing patient records during normal network operation, considered to be “prior” to the detecting the network coming offline), receiving said medical record number (page 5 paragraph 0047 illustrating receiving the unique identifier for the patient).

Claim 6: Douglass in view of Huang and Yao teach:
The method of claim 5, as discussed above and incorporated herein.
Douglass further teaches:
wherein the step of receiving said medical record number comprises:
establishing, by the patient data server, a communication session between said patient data server and said EHR system and receiving said medical record number from said patient data server (page 5 paragraph 0047 illustrating transmitting a request to the EHR server, Figure 6 paragraph 0063 illustrating WebSockets, considered to be a form of “a communication session”, to obtain requested patient medical records, the records including therein patient data, and the data can include a patient identifier).

Claim 7: Douglass in view of Huang and Yao teach:

Douglass further teaches:
wherein the step of receiving said medical record number comprises: 
receiving said medical record number via a user interface of said client logic device (Figure 6 illustrating a user interface with a home screen where the user could view patient data associated with patient records and interact with system functions by clicking/selecting the graphics on the screen and entering appropriate data, page 5 paragraph 0047 illustrating that patient data can include a patient identifier).

Claim 8, Douglass teaches:
In a client logic device (Figure 1 label 110 illustrating a computing device 110), a method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of method steps performed by the computing system) for processing patient data (page 2 paragraph 0018 illustrating a method of processing patient medical data records), comprising:
detecting an offline network condition (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”) between said client logic device and a patient data server (Figure 1 illustrating that the network connection is between the computing device 110, considered to be a form of “client logic device”, and EHR System 130 including EHR server 134, considered to be a form of “patient data server”);
in response to the detection of the offline network condition (Figure 3 label 300 illustrating detecting offline network connection as from above), causing the client logic device (Figure 3 label 305 page 5 paragraph 0055 illustrating computing device 110, considered to be a 
storing patient data on said client logic device via a user interface thereof (Figure 6 illustrating a user interface with a screen display being used to enter patient data via the “Start a chart note” icon and interacting with the screen to enter such patient data), said patient data comprising a medical record number (page 5 paragraph 0047 illustrating patient data can include a patient identifier, considered to be a form of “medical record number”).
Douglass further teaches encrypting patient data so that it is no longer visible to unauthorized users (Figure 2 label 245, page 5 paragraph 0050) for offline retrieval (Figure 3 label 325, page 6 paragraph 0058).
Douglass does not explicitly teach:
de-identifying protected health information (PHI), if any, associated with the patient data stored on said client logic device to generate de-identified patient data.
Huang teaches:
de-identifying protected health information (PHI), if any, associated with the patient data stored on said client logic device to generate de-identified patient data (page 314 column 2 second to last paragraph illustrating a hiding function to hide HIPAA’s 18 identifiers, page 316 
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records disclosed by Douglass by hiding patient identifiers as disclosed by Huang. One of ordinary skill in the art would have been motivated to make this modification in order to comply with HIPAA when patient records are viewed in offline mode (Huang; page 314 paragraph 2-3), and to prevent other users from viewing private patient information while an authorized user is reading the private patient information (page 318 column 2 paragraph 2).
While the technique of Huang is directed towards patient devices while viewing their own record, it is well within the level of ordinary skill in the art to apply the technique to other devices regardless of who is using the device, including applying the hiding function to physicians who may be viewing patient records in offline mode. The technique of Huang is particularly adaptable to any technical environment for any user because the hiding function is embedded into a variety of platforms without specific limitation to any type of user or system, including deploying the hiding function on universal/generic systems such as XML and PDF (page 318 column 1 paragraph 1).
Douglass further teaches using the username and/or password to generate a salt as part of the encryption key, as is known in the art (page 5-6 paragraph 0056).
Douglass in view of Huang do no teach:
causing the client logic device to prompt a user to create a user-generated access identifier.
Yao teaches:
s, page 249 Section 2.2 paragraph 1 illustrating Alice deriving a key y as a function of the password and salt s, wherein the salt s was set by Alice, page 256 Section 6 paragraph 1 illustrating that each time the key derivation function (KDF) is executed, a salt is either selected by the user [considered to be a form of “prompt a user to create”] or generated at random).
	Since protecting user’s login data is a key factor in the success of any patient record system, a common way to protect such login data is by generating a salt. As discussed by Yao, security systems have resorted to different techniques for generating the salt, including allowing the user to select the salt or randomly generating the salt. This practice is well known in the security art and would follow in the patient record world as well where there is need to securely authenticate the user.
	Therefore, it would have been obvious to try, by one of ordinary skill in the art before the effective filing date of the claimed invention, to pick the salt generation technique and incorporate it into the system of Douglass in view of Huang since there is a finite number of identified, predictable potential solutions (i.e. user selected or random generation) to the recognized need (generation of a salt) and one of ordinary skill in the art could have pursued the known potential solutions with a reasonable expectation of success (the cost and benefits are known).

Claim 10: Douglass in view of Huang and Yao teach:
The method of claim 8, as discussed above and incorporated herein.

further comprising:
detecting via said client logic device an online network condition between said client logic device and a patient data server (Figure 3 label 350, paragraph 6 paragraph 0062 illustrating determining that a network connection is available, considered to be “online network condition”); and
forwarding said de-identified patient data patient (page 2 paragraph 0019 illustrating when the network connection is available, transmitting encrypted offline-updated patient medical data record), including said medical record number (page 6 paragraph 0058 illustrating an identifier that uniquely identifies the patient medical data records, considered to be a form of “previously assigned medical record number”), stored on said client logic device via said network to said patient data server (page 2 paragraph 0019 illustrating transmitting the data via the available network connection).

Claim 11: Douglass in view of Huang and Yao teach:
The method of claim 1, as discussed above and incorporated herein.
Douglass further teaches:
further comprising generating (Figure 4, page 6 paragraph 0063 illustrating the EHR server 134 of Figure 1 initiating a request) a communication session (Figure 6 paragraph 0063 illustrating WebSockets, considered to be a form of  “communication session”) between said patient data server (Figure 4, page 6 paragraph 0063 illustrating the EHR server 134 of Figure 1 initiating a request) and an electronic health record (EHR) system of a medical facility (Figure 1 illustrating EHR server 134 and medical records database 138, considered to be the “electronic .

Claims 2 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Douglass in view of Huang as applied to claims 1 and 8 above as applicable, and further in view of Backholm (20150046587).

Claim 2: Douglass in view of Huang and Yao teach:
The method of claim 1, as discussed above and incorporated herein.
Douglass further teaches:
initiating a prompt to a user (Figure 3 label 305 illustrating a login page when the device is in offline mode).
Douglass in view of Huang and Yao do not teach:
in response to detecting the offline network condition between the client logic device and the patient data server:
checking a time interval associated with the offline network condition; and
initiating a prompt to a user after expiration of the time interval (it is noted that the feature of initiating a prompt is taught by Douglas as discussed above).
Backholm teaches:
in response to detecting the offline network condition between the client logic device and the patient data server:

initiating a prompt to a user after expiration of the time interval (Figure 26, page 5 paragraph 0078-0079 illustrating a heartbeat is not received within a certain interval by the client device, Abstract, page 11-12 paragraph 0154 illustrating declaring the application to be in offline mode).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records disclosed by Douglass in view of Huang and Yao by providing a polling interval to determine offline mode as disclosed by Backholm. One of ordinary skill in the art would have been motivated to make this modification in order to reduce network traffic between a remote device and a server when determining the connection status there between (Backholm; page 4 paragraph 0063-0065).

Claim 9: Douglass in view of Huang and Yao teach:
The method of claim 8, as discussed above and incorporated herein.
Douglass further teaches:
initiating a prompt to a user (Figure 3 label 305 illustrating a login page when the device is disconnected from the network and in offline mode).
Douglass in view of Huang do not teach:
in response to detecting the offline network condition between the client logic device and the patient data server:
checking a time interval associated with the offline network condition; and
after expiration of the time interval (the feature of initiating a prompt has been taught by Douglass, from above).
Backholm teaches:
in response to detecting the offline network condition between the client logic device and the patient data server:
checking a time interval associated with the offline network condition (Figure 26, page 5 paragraph 0078 illustrating a polling interval between the client device and the server); and
initiating a prompt to a user after expiration of the time interval (Figure 26, page 5 paragraph 0078-0079 illustrating a heartbeat is not received within a certain interval by the client device, Abstract, page 11-12 paragraph 0154 illustrating declaring the application to be in offline mode).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records disclosed by Douglass in view of Huang by providing a polling interval to determine offline mode as disclosed by Backholm. One of ordinary skill in the art would have been motivated to make this modification in order to reduce network traffic between a remote device and a server when determining the connection status there between (Backholm; page 4 paragraph 0063-0065).

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Douglass in view of Huang as applied to claim 3 above, and further in view of Johnson (5664109).

Claim 4: Douglass in view of Huang and Yao teach
The method of claim 3, as discussed above and incorporated herein.

Douglass in view of Huang and Yao do not explicitly teach:
utilizing said medical record number to identify the patient associated with said patient data.
Johnson teaches:
utilizing said medical record number to identify the patient associated with said patient data (Figure 5 label 502 illustrating a patient MRN, Figure 6 label 606 illustrating extracting the MRN from the document, Figure 6 label 610, 622 illustrating using the MRN to identify the associated patient, Figure 7 label 712 illustrating linking patient documents to a master patient identifier using the MRN extracted from the document).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records synching disclosed by Douglass in view of Huang and Yao by identifying patient records by an identifier that uniquely identifies the patient medical data record as disclosed by Johnson. One of ordinary skill in the art would have been motivated to make this modification in order to provide a convenient way to identify different patients and linking patient documents for a patient (Johnson; column 11 line 44-47).

s 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Douglass in view of Smith (20130138608) and Huang (Embedding a Hiding Function in a Portable Electronic Health Record for Privacy Preservation)

Claim 12, Douglass teaches:
A method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of method steps performed by the computing system) of processing patient data (Abstract illustrating a method of processing patient medical data records), comprising:
receiving via at least two client logic devices patient data corresponding to a common patient (Figure 4 label 430 illustrating two devices accessing and updating the same patient’s data), said patient data comprising a medical record number (page 5 paragraph 0047 illustrating a patient identifier);
detecting an offline network condition (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”) between at least one of said client logic devices and a patient data server (Figure 1 illustrating that the network connection is between the computing device 110, considered to be a form of “client logic device”, and EHR System 130 including EHR server 134, considered to be a form of “patient data server”).
While Douglass teaches that the second computing device is also sending data in offline mode (Figure 4 label 430, page 6-7 paragraph 0066-0067 illustrating both a nurse and a doctor updating the same patient record while both are offline), Douglass does not explicitly teach a collision between a computing device that was offline and a computing device that was constantly online, i.e. the recited limitation:

Smith teaches:
while at least another one of said client logic devices (herein "second logic device") continues to be in an online network condition relative to the patient data server and forwards said patient data to said patient data server (page 6 paragraph 0063 illustrating a situation where the conflict was created by the server having an update by a user and an offline mobile device having an update by a different user, thereby suggesting that such a conflict is commonplace in an environment with a plurality of mobile device users).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the conflicting updates between two offline devices disclosed by Douglass by resolving conflict between a mobile device in connection with the server and having already uploaded the update to the server, and an offline device that has just recently come online as disclosed by Smith. One of ordinary skill in the art would have been motivated to make this modification in order to resolve the conflicting updates that are commonplace with mobile device users (Smith; page 6 paragraph 0063).
Additionally, the same conflict resolution technique of Douglass would be equally applicable to conflicts between an update already uploaded to the server and one from a recently online device because the solution of Douglass is not specifically limited to how the data was uploaded. Instead, Douglass would be able to resolve the conflict using the techniques discussed therein for the situation discussed by Smith, and such modification to Douglass is well within the level of ordinary skill in the art.

causing said first logic device to limit access to said first client logic device, thereby securing patient data stored on said first client logic device (Figure 3 label 310, page 5 paragraph 0056 to page 6 paragraph 0057 illustrating using the generated encryption key and comparing with an offline encryption key generated by the user entering username/password to determine if the user is authorized to access encrypted patient medical data records stored in the computing device 110’s browser application cache).
Douglass further teaches encrypting patient data so that it is no longer visible to unauthorized users (Figure 2 label 245, page 5 paragraph 0050) for offline retrieval (Figure 3 label 325, page 6 paragraph 0058).
Douglass does not explicitly teach:
de-identifying protected health information (PHI), if any, associated with patient data stored on the first client logic device.
Huang teaches:
de-identifying protected health information (PHI), if any, associated with patient data stored on the first client logic device (page 314 column 2 second to last paragraph illustrating a hiding function used to hide HIPAA’s 18 identifiers, page 316 Figure 2 illustrating that the hiding function visually removes the patient’s name, date of birth, social security number, address, phone number, etc.).
Additionally, Huang teaches a hiding function used to hide HIPAA’s 18 identifiers (page 314 column 2 second to last paragraph), wherein the hiding function visually removes the patient’s name, date of birth, social security number, address, phone number, etc. (page 316 Figure 2).

While the technique of Huang is directed towards patient devices while viewing their own record, it is well within the level of ordinary skill in the art to apply the technique to other devices regardless of who is using the device, including applying the hiding function to physicians who may be viewing patient records in offline mode. The technique of Huang is particularly adaptable to any technical environment for any user because the hiding function is embedded into a variety of platforms without specific limitation to any type of user or system, including deploying the hiding function on universal/generic systems such as XML and PDF (page 318 column 1 paragraph 1).
Douglass further teaches:
detecting an online network condition between said first client logic device and said patient data server (Figure 3 label 350, paragraph 6 paragraph 0062 illustrating determining that a network connection is available, considered to be a form of “online network condition”);
forwarding said de-identified patient data (page 2 paragraph 0019 illustrating when the network connection is available, transmitting encrypted offline-updated patient medical data record), including said medical record number patient (page 6 paragraph 0058 illustrating an identifier that uniquely identifies the patient medical data records, considered to be the 
resolving conflicts between the de-identified patient data sent to the patient data server by said first client logic device and the patient data sent to the patient data server by said second client logic device based on a time stamp associated with at least one patient data segment so as to generate consolidated patient data on said patient data server (Figure 4 label 430, page 6-7 paragraph 0066-0067 illustrating using dates and time of the conflicting updates to request confirmation when updating with an older version of the patient data).
Douglass further teaches using the username and/or password to generate a salt as part of the encryption key, as is known in the art (page 5-6 paragraph 0056).
Douglass in view of Smith and Huang do no teach:
prompt a user to create a user-generated access identifier.
Yao teaches:
causing said first logic device to prompt a user to create a user-generated access identifier (page 246 paragraph 3 illustrating a password-based key derivation function used to derive the key from a password and a salt s, page 249 Section 2.2 paragraph 1 illustrating Alice deriving a key y as a function of the password and salt s, wherein the salt s was set by Alice, page 256 Section 6 paragraph 1 illustrating that each time the key derivation function (KDF) is executed, a salt is either selected by the user [considered to be a form of “prompt a user to create”] or generated at random).
	Since protecting user’s login data is a key factor in the success of any patient record system, a common way to protect such login data is by generating a salt. As discussed by Yao, 
	Therefore, it would have been obvious to try, by one of ordinary skill in the art before the effective filing date of the claimed invention, to pick the salt generation technique and incorporate it into the system of Douglass in view of Huang since there is a finite number of identified, predictable potential solutions (i.e. user selected or random generation) to the recognized need (generation of a salt) and one of ordinary skill in the art could have pursued the known potential solutions with a reasonable expectation of success (the cost and benefits are known).

Claim 13, Douglass in view of Smith, Huang, and Yao teach:
The method of claim 12, as discussed above and incorporated herein.
Douglass further teaches:
generating a communication session (Figure 6 paragraph 0063 illustrating WebSockets, considered to be a form of “communication session”) between said patient data server and an electronic health record (EHR) system of a medical facility (Figure 1 illustrating EHR server 134 and medical records database 138, considered to be a form of “electronic health record system”) to synchronize said consolidated patient data stored on the patient data server and corresponding patient data stored on said EHR system (Figure 6 paragraph 0063 illustrating synching the patient data received from offline updates).

s 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Douglass in view of Johnson and Fors (20070168223).

As per claim 14, Douglass teaches:
In a patient data server (Figure 1 label 134 illustrating an EHR server 134), a method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of method steps performed by the computing system) with a patient database (Figure 1 label 138 illustrating a medical records database), comprising:
detecting an online network condition between a client logic device and the patient data server (Figure 3 label 350, paragraph 6 paragraph 0062 illustrating determining that a network connection is available, considered to be a form of “online network condition”), the online network condition following an offline network condition (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”);
receiving from the client logic device patient data including a medical record number that identifies a patient associated with the patient data (page 6 paragraph 0058 illustrating identifying patients by an identifier that uniquely identifies the patient medical data record, considered to be a form of “medical record number”);
Douglass does not explicitly teach performing this synching via:
identifying previous patient data, if any, previously stored on the patient data server associated with said received medical record number (it is noted that the feature of identifying patient records for consolidation has been discussed above as taught by Douglass); and
updating said previous patient data based on said received patient data;

Identifying previous patient data, if any, previously stored on the patient data server associated with said received medical record number (Figure 5 label 502 illustrating a patient MRN, Figure 6 label 606 illustrating extracting the MRN from the document, Figure 6 label 610, 622 illustrating using the MRN to identify the associated patient); and
updating said previous patient data based on said received patient data (Figure 7 label 712 illustrating linking patient documents to a master patient identifier using the MRN extracted from the document).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records synching disclosed by Douglass in view of Huang by identifying patient records by an identifier that uniquely identifies the patient medical data record as disclosed by Johnson. One of ordinary skill in the art would have been motivated to make this modification in order to provide a convenient way to identify different patients and linking patient documents for a patient (Johnson; column 11 line 44-47).
Douglass in view of Johnson do not teach:
de-identified patient data.
Fors teaches:
de-identified patient data (page 13 paragraph 0157 illustrating generating a patient identifier, page 13 paragraph 0157 illustrating printing and reporting the patient using only the alias, e.g. patient identifier, without using the patient’s legal name).
Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to include the teachings of Fors within the embodiment of 

Claim 15: Douglass in view of Johnson and Fors teach:
The method of claim 14, as discussed above and incorporate herein.
Douglass further teaches:
wherein updating said previous patient data based on said received patient data comprises updating said previous patient data based on a timestamp (Figure 4 label 430, page 6-7 paragraph 0066-0067 illustrating using dates and time of the conflicting updates to request confirmation when updating with an older version of the patient data).

Response to Arguments
In the Remarks filed on 07 January 2022, Applicant presents several arguments. Examiner will address these arguments in the order presented.

On page 6 (and throughout the Remarks) Applicant refers to the published application for support.
The Pre-Grant Publication of the instant pending application is not part of the Official file for examination purposes. Applicant is requested to refer to the Specification as originally filed.

On page 8 Applicant argues that Douglass does not teach creating a user-generated passcode identifier in response to detection of an offline condition.


On page 8-9 Applicant argues that Huang does not teach de-identify PHI data stored on a device.
In response to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., stripping a data record of unspecified identifier(s), i.e. “de-identifying”, and storing the stripped data in a particular location) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
The limitation of claim 1 merely recites: “de-identifying protected health information (PHI), if any, associated with patient data stored in the client logic device”.
First, the limitation “if any” renders the step optional, if there were no PHI. Applicant does not specifically define what is considered to be “PHI”. Therefore, the broadest reasonable interpretation of “PHI” could include any data considered to be “protected”, or nothing at all.
In the interest of compact prosecution for Applicant, Examiner has applied art to this limitation.
Regarding Applicant’s assertion that a person of ordinary skill in the art would understand that “de-identifying” PHI would involve removing or “stripping” the PHI from storage on the client logic device, Applicant points to paragraph [0046], without citing a specific document.

This paragraph from the instant pending Specification discloses:
[00046] Further, to store the patient data 126 in a secure manner, the client logic device 110 is configured to de-identify protected health information (PHI), if any, associated with patient data 126, as indicated in block 142 of Fig. 3. For example, during a de-identification process, the client logic device 110 is configured to apply a de-identification function 150 to the patient data 126 to strip the patient data 126 of any of eighteen (18) identifiers provided by the HIPAA Privacy Rule. These identifiers include names, geographic data, dates, telephone numbers, FAX numbers, email addresses, Social Security numbers, medical record numbers, health plan beneficiary numbers, account numbers, certificate or license numbers, vehicle identifiers, device identifiers, web URLs, Internet protocol addresses, biometric identifiers, facial images, or unique identifiers or codes.

This portion, at best, merely provides exemplary, non-committal examples of “de-identify” without providing a controlling definition for “de-identify”, e.g. the “for example” language does not clearly set forth a specific definition of a claim term, MPEP 2111.01).
Additionally, while the Specification discloses stripping the patient data of unique identifiers or codes, the claim further recites “forwarding patient data associated with at least one patient and a previously assigned medical record number associated with that patient”.
A previously assigned medical record number is considered to be a form of unique identifiers or codes. Therefore, assuming arguendo that Applicant’s asserted definition for “de-identify” is correct, it is clear from the claim that the “de-identified” data is different from the forwarded data because the forwarded data contains a medical record number.
Turning to Huang, as acknowledged by Applicant, Huang recognizes at least 18 HIPPA identifiers that should not be displayed when viewing patient record. Accordingly, the step of 
Regarding Applicant’s argument that this data is not stored, it is noted that the claim does not require storing of any such de-identified data in any particular location or format. Therefore, data that is retrieved from storage and then “de-identified” for display fully meets the claimed limitations.

Applicant’s argument on page 9-11 merely rehashes arguments previously addressed with respect to claim 1 above, and incorporated herein.
It is noted that on page 10 (paragraphs 3, 6) Applicant asserts that “de-identified” data includes a medical record number, while paragraph [0046] of the instant pending Specification discloses that a unique identifier or code would be considered PHI.
Additional clarification is requested.

On page 11-12 Applicant argues that Douglass does not teach “determine whether to provide access to a user attempting to access said client logic device”.
In making this argument, Applicant does not specifically assert what “provide access” would include. From Applicant’s argument on page 12, Applicant appears to assert that denying “access” precludes any function from being performed on the device.
The broadest reasonable interpretation of this limitation would involve denying the user access to any data or function of the device.
In response to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., precluding all ) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
Attention is turned to Douglass (Figure 2 label 205 Network connection available?, label 300 N[o], Figure 3 label 300, label 302 Access browser application cache, label 305 Present offline login page of the EHR system to user, and receive login credentials, label 310 Generate offline encryption key using login credentials, label 320 When the offline encryption key matches the encryption key, decrypt stored patient medical data record). 
Douglass does not teach any other function prior to matching the offline encryption key.
Douglass further teaches that computing device 110 is a low memory device (page 5 paragraph 0050), and that in an embodiment, only selected data are encrypted and stored in the browser application cache (page 5 paragraph 0050).
Referring to the Specification as originally filed on 14 April 2018 in parent application 62658890, page 12 paragraph [00045] discloses that the user is presented with a prompt which requests the user’s previously generated user-generated passcode identifier, and if the user cannot provide this, the client logic device 110 maintains itself in an inaccessible or locked state to limit or prevent user access to the stored patient data 126.
From Douglass (page 5 paragraph 0050 and Figure 2-3), the browser application cache is nothing more than a prompt that requests the user to enter authentication data, and if authentication data is not correct, no patient data is provided to the user.
Accordingly, while the claim does not specifically recite what “access” is denied, Douglass fully teaches the disclosed example in the Specification.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Chowdhury (Salty Secret: Let us secretly salt the secret) teaches entering a different password each time the user logs in (considered to be a form of “creating” the password) (Section III, paragraph 2). 
Hannah (20160097648) teaches the user providing the salt (page 8-9 paragraph 0073).

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRAN N NGUYEN whose telephone number is (571)272-0259. The examiner can normally be reached Monday-Friday 9AM-5PM Eastern.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, MORGAN ROBERT W (SPE) can be reached on (571)272-6773. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/T.N.N./Examiner, Art Unit 3626                                                                                                                                                                                                        



/JOSHUA B BLANCHETTE/Primary Examiner, Art Unit 3626