DETAILED ACTION
The Amendment filed on January 05th, 2022 has been entered and made of record.
Authorization for this Examiner’s Amendment was given in a telephone interview with Applicant’s representative, Mr. Jon Gibbons on February 09th, 2022. During the telephone conference, Mr. Gibbons has agreed and authorized the Examiner to amend claims 1, 5, 7-8,  10-11, 20, 24, 26-27 & 29 and to cancel claims 7 & 17.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Examiner’s Amendment
An Examiner’s Amendment to the record appears below. Should the changes and/or additions be unacceptable to the Applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Claims
Replacing claim 1, 5, 7-8,  10-11, 20, 24, 26-27 & 29 as following:
Claim 1: (Currently Amended) A method for applying access groups for controlling data access with intelligent caching, by a processor device, comprising:

b) receiving from the user, a request to access requested data associated with the person from a file system, whereby the request invokes at least one software method;
c) performing a method interception by matching the at least one software method;
d) accessing at least one group membership of the user and at least one group membership of the person;
e) determining [[if]] whether two conditions are both verified i) the user is a member of a specific group and ii) the specific group contains the person;
f) in response to the two conditions both being verified, then sending the requested data to a user device to display to the user; 
g) in response to the two conditions both being unverified, then denying access to the requested data; and
[[g)]] h) updating the cache in response to one or more changes of the criteria denoting the at least one group membership, the group membership of the person,  the group membership of the user, the hierarchical structure of the group, the hierarchical structure of any subgroups, and any temporal data.

Claim 5: (Currently Amended) The method of claim 4, wherein after accessing the group of the person includes determining if at least one or more criteria denotes the at least one group membership of the person further comprising:
i) in response to the conditions not being verified, then determining if the at least one group membership includes more than one criterion in the one or more criteria; and
j) in response to determining there is more than one or more criterion, then iteratively repeating each of steps c through [[i]] j using the criterion in place of a criterion that was previously used in the group membership of the person.

Claim 7: (Currently Amended) The method of claim 4, wherein after accessing the group membership of the person includes determining if any temporal data which is clinical data, personal information data or a combination of both, 

Claim 8: (Currently Amended) The method of claim 1, further comprising:
i) in response to the conditions not being verified, then determining if the at least one group membership includes at least one subgroup membership; and
j) in response to the at least one group membership including the at least one subgroup membership, then recursively repeating each of steps c through [[i]] j using the subgroup membership in place of the group membership of the person.

Claim 10: (Currently Amended) The method of claim 4, wherein the accessing the group membership of the person and the group membership of 
the user includes accessing at least one of the one or more criteria denoting the at least on group membership, 

the hierarchical structure of the group, 
the hierarchical structure of any subgroups, and
temporal data, which is clinical data, personal information data or a combination of both from cache memory rather than the file system.

Claim 11: (Currently Amended) The method of claim 1, further comprising:
i) logging the response to the conditions being verified in a database, wherein the logging includes the request from the user, the group membership of the user, the person, the at least one group membership of the person, and a result of whether of the conditions were verified.

Claim 20: (Currently Amended) A non-transitory computer program product tangibly embodying computer readable instructions which, when implemented, cause a computer to carry out the steps of a method for applying access groups for controlling data access with intelligent caching, comprising:
a) storing in a cache, at least one criteria denoting group membership, group membership of a person, group membership of a user, hierarchical structure of a group, hierarchical structure of any subgroups, and any temporal data;
b) receiving from the user, a request to access requested data associated with the person from a file system, whereby the request invokes at least one software method;

d) accessing at least one group membership of the user and at least one group membership of the person;
e) determining [[if]] whether two conditions are both verified i) the user is a member of a specific group and ii) the specific group contains the person; 
f) in response to the two conditions both being verified, then sending the requested data to a user device to display to the user;
g) in response to the two conditions both being unverified, then denying access to the requested data; and
[[g)]] h) updating the cache in response to one or more changes of the criteria denoting the at least one group membership, the group membership of the person, the group membership of the user, the hierarchical structure of the group, the hierarchical structure of any subgroups, and any temporal data.

Claim 24: (Currently Amended) The non-transitory computer program product of claim 23, wherein after accessing the group of the person includes determining if at least one or more criteria denotes the at least one group membership of the person further comprising:
[[h)]] i) in response to the conditions not being verified, then determining if the at least one group membership includes more than one criterion in the one or more criteria; and
[[i)]] j) in response to determining there is more than one or more criterion, then iteratively repeating each of steps c through [[i]] j using the criterion in place of a criterion that was previously used in the group membership of the person.

Claim 26: (Currently Amended) The non-transitory computer program product of claim 23, wherein after accessing the group membership of the person includes determining if any temporal data which is clinical data, personal information data or a combination of both, 

Claim 27: (Currently Amended) The non-transitory computer program product of claim 20, further comprising:
[[h)]] i) in response to the conditions not being verified, then determining if the at least one group membership includes at least one subgroup membership; and
[[i)]] j) in response to the at least one group membership including the at least one subgroup membership, then recursively repeating each of steps c through [[i]] j using the subgroup membership in place of the group membership of the person.

Claim 29: (Currently Amended) The non-transitory computer program product of claim 23, wherein the accessing the group membership of the person and the group membership of the user includes accessing at least one of
the one or more criteria denoting the at least on group membership, the at least one group membership of the person, 
the at least one group membership of the user,
the hierarchical structure of the group, 
the hierarchical structure of any subgroups, and
, which is clinical data, personal information data or a combination of both from cache memory rather than the file system.

Examiner’s Statement of reason for Allowance
Claims 12-19 were canceled. Claims 1-11 and 20-29 are allowed.
The following is an examiner’s statement of reasons for allowance:
The present invention is directed a method and a non-transitory computer program product for controlling data access, especially patient data access. The closest prior arts, as previously recited, Saunders (U.S. Pub. Number 2018/0150650) and Wood (U.S. Pub. Number 2007/0288759) are also generally direct to various aspects for controlling permissions for selected recipients by owners of data and fraud management and enhanced security protection. However, none of Saunders and Wood teaches or suggests, alone or in combination, the particular combinations of steps or elements as recited in the independent claims 1 and 20. For example, none of the cited prior arts teaches or suggests the elements of “a) storing in a cache, at least one criteria denoting group membership, group membership of a person, group membership of a user, hierarchical structure of a group, hierarchical structure of any subgroups, and any temporal data; b) receiving from the user, a request to access requested data associated with the person from a file system, whereby the request invokes at least one software method; c) performing a method interception by matching the at least one software method; d) accessing at least one group membership of the user and at least one group membership of the person; e) determining whether two conditions are both verified i) the user is a member of a specific group and ii) the specific group contains the person; f) in response to the two conditions both being verified, then sending the requested data to a user device to display to the user; g) in response to the two conditions both being unverified, then denying access to the requested data; and h) updating the cache in response to one or more changes of the criteria denoting the at least one group membership, the group membership of the person,  the group membership of the user, the hierarchical structure of the group, the hierarchical structure of any subgroups, and any temporal data.” Therefore, the claims are allowable over the cited prior arts.
Claims 2-11 & 21-29 are allowed because of their dependence from independent claims 1 & 20.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
           
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHOI V LE whose telephone number is (571)270-5087.  The examiner can normally be reached on 9:00 AM - 5:00 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/KHOI V LE/
Primary Examiner, Art Unit 2436