DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05 August 2022 has been entered.
 
Priority
Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Applicant has not complied with one or more conditions for receiving the benefit of an earlier filing date under 35 U.S.C. 119(e) as follows:
The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application). The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA  35 U.S.C. 112, except for the best mode requirement.  See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994)
The disclosure of the prior-filed application, Application No. 62658890, fails to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA  35 U.S.C. 112, first paragraph for one or more claims of this application.
Application No. 62658890 does not disclose the feature of sending a security token or encrypting information associated with the user using the user’s password as a key, as recited in claims 16-17.
Accordingly, claims 16-17 are not entitled to the benefit of the prior application, and thus are given a priority date of 17 April 2019.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 3, 5-8, 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over Douglass (20160147944) in view of Yao (Design and Analysis of Password-Based Key Derivation Functions, previously mailed on 07 March 2022) and Garfinkel (De-Identification of Personal Information).

Claim 1, Douglass teaches:
In a client logic device (Figure 1 label 110 illustrating a computing device 110), a method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of method steps performed by the computing system) for processing patient data (Abstract illustrating a method of processing patient medical data records), comprising:
detecting an offline network condition (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”) between the client logic device and a patient data server (Figure 1 illustrating that the network connection is between the computing device 110, considered to be a form of “client logic device”, and EHR System 130 including EHR server 134, considered to be a form of “patient data server”);
in response to the detection of the offline network condition (Figure 3 label 300 illustrating detecting offline network connection as discussed above), secure the patient data stored in the client logic device (Figure 2 label 240, page 5 paragraph 0049 illustrating using the login credentials including username/password to generate an encryption key, Figure 3 label 310, page 5 paragraph 0056 to page 6 paragraph 0057 illustrating using the generated encryption key and comparing with an offline encryption key generated by the user entering username/password to determine if the user is authorized to access encrypted patient medical data records stored in the computing device 110’s browser application cache, and generating an offline encryption key using the login credentials as in Figure 3 label 330, 335 with the generated offline encryption key, see also page 6 paragraph 0059);
applying a de-identification function to identify any protected health information (PHI), associated with the patient data stored in the client logic device so that the PHI is removed from any storage on the client logic device (page 2 paragraph 0017 illustrating encrypting patient records according to HIPAA Security Rule restrictions);
in response to detecting an online network condition between the client logic device and the patient data server (Figure 3 label 350, paragraph 6 paragraph 0062 illustrating determining that a network connection is available, considered to be a form of “online network condition”), forwarding the patient data associated with at least one patient (page 2 paragraph 0019 illustrating when the network connection is available, transmitting encrypted offline-updated patient medical data record) and the previously assigned medical record number associated with that patient (page 6 paragraph 0058 illustrating an identifier that uniquely identifies the patient medical data records, considered to be a form of “previously assigned medical record number”) to the patient data server via a network connection (page 2 paragraph 0019 illustrating transmitting the data via the available network connection).
Douglass does not explicitly teach:
prompt a user to create at the logic device a user-generated passcode identifier.
Yao teaches:
causing the client logic device to prompt a user to create at the logic device a user-generated passcode identifier (page 246 paragraph 3 illustrating a password-based key derivation function used to derive the key from a password and a salt s, page 249 Section 2.2 paragraph 1 illustrating Alice deriving a key y as a function of the password and salt s, wherein the salt s was set by Alice, page 256 Section 6 paragraph 1 illustrating that each time the key derivation function (KDF) is executed, a salt is either selected by the user [considered to be a form of “prompt a user to create”] or generated at random).
	Since protecting user’s login data is a key factor in the success of any patient record system, a common way to protect such login data is by generating a salt. As discussed by Yao, security systems have resorted to different techniques for generating the salt, including allowing the user to select the salt or randomly generating the salt. This practice is well known in the security art and would follow in the patient record world as well where there is need to securely authenticate the user.
	Therefore, it would have been obvious to try, by one of ordinary skill in the art before the effective filing date of the claimed invention, to pick the salt generation technique and incorporate it into the offline patient record system of Douglass since there is a finite number of identified, predictable potential solutions (i.e. user selected or random generation) to the recognized need (generation of a salt) and one of ordinary skill in the art could have pursued the known potential solutions with a reasonable expectation of success (the cost and benefits are known).
Douglass in view of Yao do not teach:
other than the previously assigned medical record number.
Garfinkel teaches: 
other than the previously assigned medical record number (page 15 Section 3.1 paragraph 3 illustrating a medical record number as an indirect identifiers, page 19 Section 3.4, page 20 paragraph 2 illustrating retaining medical record numbers to provide the utility of their inclusion).
	Garfinkel further teaches 18 HIPAA direct identifiers (page 15 Section 3.1 paragraph 4) in a manner similar to Douglass, as discussed above. Garfinkel further teaches techniques to de-identify these direct identifiers (page 15 last paragraph to page 16 first paragraph).
Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to include medical record numbers as in Garfinkel within the offline patient record system of Douglass in view of Yao with the motivation of retaining the utility afforded by the inclusion of such medical record numbers, and thereby improving efficiency and functionality of electronic medical records (Garfinkel; page 20 paragraph 2).

Claim 3: Douglass in view of Yao and Garfinkel teach: 
The method of claim 1, as discussed above and incorporated herein.
Douglass further teaches:
generating, by the patient data server (Figure 4, page 6 paragraph 0063 illustrating the EHR server 134 of Figure 1 initiating a request), a communication session (Figure 6 paragraph 0063 illustrating WebSockets, considered to be a form of “communication session”) between the patient data server and an electronic health record (EHR) system of a medical facility (Figure 1 illustrating EHR server 134 and medical records database 138, considered to be a form of “electronic health record system of a medical facility”) to synchronize the received patient data between the patient data server and the EHR system (Figure 6 paragraph 0063 illustrating synching the patient data received from offline updates).

Claim 5: Douglass in view of Yao and Garfinkel teach:
The method of claim 3, as discussed above and incorporated herein.
Douglass further teaches:
prior to detecting the offline network condition (Figure 2 label 230 illustrating the user accessing patient records during normal network operation, considered to be “prior” to the detecting the network coming offline), receiving the medical record number (page 5 paragraph 0047 illustrating receiving the unique identifier for the patient).

Claim 6: Douglass in view of Yao and Garfinkel teach:
The method of claim 5, as discussed above and incorporated herein.
Douglass further teaches:
wherein the step of receiving said medical record number comprises:
establishing, by the patient data server, a communication session between the patient data server and the EHR system and receiving the medical record number from the patient data server (page 5 paragraph 0047 illustrating transmitting a request to the EHR server, Figure 6 paragraph 0063 illustrating WebSockets, considered to be a form of “a communication session”, to obtain requested patient medical records, the records including therein patient data, and the data can include a patient identifier).

Claim 7: Douglass in view of Yao and Garfinkel teach:
The method of claim 5, as discussed above and incorporated herein.
Douglass further teaches:
wherein the step of receiving the medical record number comprises: 
receiving the medical record number via a user interface of the client logic device (Figure 6 illustrating a user interface with a home screen where the user could view patient data associated with patient records and interact with system functions by clicking/selecting the graphics on the screen and entering appropriate data, page 5 paragraph 0047 illustrating that patient data can include a patient identifier).

Claim 8, Douglass teaches:
In a client logic device (Figure 1 label 110 illustrating a computing device 110), a method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of method steps performed by the computing system) for processing patient data (page 2 paragraph 0018 illustrating a method of processing patient medical data records), comprising:
detecting an offline network condition (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”) between the client logic device and a patient data server (Figure 1 illustrating that the network connection is between the computing device 110, considered to be a form of “client logic device”, and EHR System 130 including EHR server 134, considered to be a form of “patient data server”);
in response to the detection of the offline network condition (Figure 3 label 300 illustrating detecting offline network connection as from above), causing the client logic device (Figure 3 label 305 page 5 paragraph 0055 illustrating computing device 110, considered to be a form of “client logic device”, performing the step 305 of Figure 3) to limit access to said logic device (Figure 2 label 240, page 5 paragraph 0049 illustrating using the login credentials including username/password to generate an encryption key, Figure 3 label 310, page 5 paragraph 0056 to page 6 paragraph 0057 illustrating using the generated encryption key and comparing with an offline encryption key generated by the user entering username/password to determine if the user is authorized to access encrypted patient medical data records stored in the computing device 110’s browser application cache);
storing patient data on the client logic device via a user interface thereof (Figure 6 illustrating a user interface with a screen display being used to enter patient data via the “Start a chart note” icon and interacting with the screen to enter such patient data), the patient data comprising a medical record number (page 5 paragraph 0047 illustrating patient data can include a patient identifier, considered to be a form of “medical record number”);
applying a de-identification function to identify any protected health information (PHI) associated with the patient data stored on the client logic device to generate de-identified patient data and so that the PHI are removed from any storage in the client logic device (page 2 paragraph 0017 illustrating encrypting patient records according to HIPAA Security Rule restrictions).
Douglass further teaches encrypting patient data so that it is no longer visible to unauthorized users (Figure 2 label 245, page 5 paragraph 0050) for offline retrieval (Figure 3 label 325, page 6 paragraph 0058).
Douglass does not teach:
causing the client logic device to prompt a user to create a user-generated access identifier.
Yao teaches:
causing the client logic device to prompt a user to create a user-generated access identifier  (page 246 paragraph 3 illustrating a password-based key derivation function used to derive the key from a password and a salt s, page 249 Section 2.2 paragraph 1 illustrating Alice deriving a key y as a function of the password and salt s, wherein the salt s was set by Alice, page 256 Section 6 paragraph 1 illustrating that each time the key derivation function (KDF) is executed, a salt is either selected by the user [considered to be a form of “prompt a user to create”] or generated at random).
	Since protecting user’s login data is a key factor in the success of any patient record system, a common way to protect such login data is by generating a salt. As discussed by Yao, security systems have resorted to different techniques for generating the salt, including allowing the user to select the salt or randomly generating the salt. This practice is well known in the security art and would follow in the patient record world as well where there is need to securely authenticate the user.
	Therefore, it would have been obvious to try, by one of ordinary skill in the art before the effective filing date of the claimed invention, to pick the salt generation technique and incorporate it into the offline patient record system of Douglass since there is a finite number of identified, predictable potential solutions (i.e. user selected or random generation) to the recognized need (generation of a salt) and one of ordinary skill in the art could have pursued the known potential solutions with a reasonable expectation of success (the cost and benefits are known).
Douglass in view of Yao do not teach:
other than the medical record number.
Garfinkel teaches:
other than the medical record number (page 15 Section 3.1 paragraph 3 illustrating a medical record number as an indirect identifiers, page 19 Section 3.4, page 20 paragraph 2 illustrating retaining medical record numbers to provide the utility of their inclusion).
	Garfinkel further teaches 18 HIPAA direct identifiers (page 15 Section 3.1 paragraph 4) in a manner similar to Douglass, as discussed above. Garfinkel further teaches techniques to de-identify these direct identifiers (page 15 last paragraph to page 16 first paragraph).
Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to include medical record numbers as in Garfinkel within the offline patient record system of Douglass in view of Yao with the motivation of retaining the utility afforded by the inclusion of such medical record numbers, and thereby improving efficiency and functionality of electronic medical records (Garfinkel; page 20 paragraph 2).

Claim 10: Douglass in view of Yao and Garfinkel teach:
The method of claim 8, as discussed above and incorporated herein.
Douglass further teaches:
further comprising:
detecting via the client logic device an online network condition between the client logic device and a patient data server (Figure 3 label 350, paragraph 6 paragraph 0062 illustrating determining that a network connection is available, considered to be “online network condition”); and
forwarding the de-identified patient data patient (page 2 paragraph 0019 illustrating when the network connection is available, transmitting encrypted offline-updated patient medical data record), including the medical record number (page 6 paragraph 0058 illustrating an identifier that uniquely identifies the patient medical data records, considered to be a form of “previously assigned medical record number”), stored on the client logic device via the network to the patient data server (page 2 paragraph 0019 illustrating transmitting the data via the available network connection).

Claim 11: Douglass in view of Yao and Garfinkel teach:
The method of claim 10, as discussed above and incorporated herein.
Douglass further teaches:
further comprising generating (Figure 4, page 6 paragraph 0063 illustrating the EHR server 134 of Figure 1 initiating a request) a communication session (Figure 6 paragraph 0063 illustrating WebSockets, considered to be a form of  “communication session”) between the patient data server (Figure 4, page 6 paragraph 0063 illustrating the EHR server 134 of Figure 1 initiating a request) and an electronic health record (EHR) system of a medical facility (Figure 1 illustrating EHR server 134 and medical records database 138, considered to be the “electronic health record system”) to synchronize the patient data between the patient data server and the EHR system (Figure 6 paragraph 0063 illustrating synching the patient data received from offline updates).

Claims 2 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Douglass in view of Yao and Garfinkel as applied to claims 1 and 8 above as applicable, and further in view of Backholm (20150046587).

Claim 2: Douglass in view of Yao and Garfinkel teach:
The method of claim 1, as discussed above and incorporated herein.
Douglass further teaches:
initiating a prompt to a user (Figure 3 label 305 illustrating a login page when the device is in offline mode).
Douglass in view of Yao and Garfinkel do not teach:
in response to detecting the offline network condition between the client logic device and the patient data server:
checking a time interval associated with the offline network condition; and
initiating a prompt to a user after expiration of the time interval (it is noted that the feature of initiating a prompt is taught by Douglas as discussed above).
Backholm teaches:
in response to detecting the offline network condition between the client logic device and the patient data server:
checking a time interval associated with the offline network condition (Figure 26, page 5 paragraph 0078 illustrating a polling interval between the client device and the server); and
initiating a prompt to a user after expiration of the time interval (Figure 26, page 5 paragraph 0078-0079 illustrating a heartbeat is not received within a certain interval by the client device, Abstract, page 11-12 paragraph 0154 illustrating declaring the application to be in offline mode).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records disclosed by Douglass in view of Yao and Garfinkel by providing a polling interval to determine offline mode as disclosed by Backholm. One of ordinary skill in the art would have been motivated to make this modification in order to reduce network traffic between a remote device and a server when determining the connection status there between (Backholm; page 4 paragraph 0063-0065).

Claim 9: Douglass in view of Yao and Garfinkel teach:
The method of claim 8, as discussed above and incorporated herein.
Douglass further teaches:
initiating a prompt to a user (Figure 3 label 305 illustrating a login page when the device is disconnected from the network and in offline mode).
Douglass in view of Yao and Garfinkel do not teach:
in response to detecting the offline network condition between the client logic device and the patient data server:
checking a time interval associated with the offline network condition; and
initiating a prompt to a user after expiration of the time interval (the feature of initiating a prompt has been taught by Douglass, from above).
Backholm teaches:
in response to detecting the offline network condition between the client logic device and the patient data server:
checking a time interval associated with the offline network condition (Figure 26, page 5 paragraph 0078 illustrating a polling interval between the client device and the server); and
initiating a prompt to a user after expiration of the time interval (Figure 26, page 5 paragraph 0078-0079 illustrating a heartbeat is not received within a certain interval by the client device, Abstract, page 11-12 paragraph 0154 illustrating declaring the application to be in offline mode).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records disclosed by Douglass in view of Yao and Garfinkel by providing a polling interval to determine offline mode as disclosed by Backholm. One of ordinary skill in the art would have been motivated to make this modification in order to reduce network traffic between a remote device and a server when determining the connection status there between (Backholm; page 4 paragraph 0063-0065).

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Douglass in view of Yao and Garfinkel as applied to claim 3 above, and further in view of Johnson (5664109).

Claim 4: Douglass in view of Yao and Garfinkel teach:
The method of claim 3, as discussed above and incorporated herein.
Douglass teaches identifying patients by an identifier that uniquely identifies the patient medical data record (considered to be a form of “medical record number”) (page 6 paragraph 0058). Douglass further teaches synching patient records to the patient record database (Figure 4, paragraph 6 paragraph 0063).
Douglass in view of Huang and Yao do not explicitly teach:
utilizing the medical record number to identify the patient associated with said patient data.
Johnson teaches:
utilizing the medical record number to identify the patient associated with said patient data (Figure 5 label 502 illustrating a patient MRN, Figure 6 label 606 illustrating extracting the MRN from the document, Figure 6 label 610, 622 illustrating using the MRN to identify the associated patient, Figure 7 label 712 illustrating linking patient documents to a master patient identifier using the MRN extracted from the document).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records synching disclosed by Douglass in view of Huang and Yao by identifying patient records by an identifier that uniquely identifies the patient medical data record as disclosed by Johnson. One of ordinary skill in the art would have been motivated to make this modification in order to provide a convenient way to identify different patients and linking patient documents for a patient (Johnson; column 11 line 44-47).

Claims 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Douglass in view of Smith (20130138608), Yao, and Garfinkel.

Claim 12: Douglass teaches:
A method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of method steps performed by the computing system) of processing patient data (Abstract illustrating a method of processing patient medical data records), comprising:
receiving via at least two client logic devices patient data corresponding to a common patient (Figure 4 label 430 illustrating two devices accessing and updating the same patient’s data), the patient data comprising a medical record number (page 5 paragraph 0047 illustrating a patient identifier);
detecting an offline network condition (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”) between at least one of the client logic devices (herein “first logic device”) and a patient data server (Figure 1 illustrating that the network connection is between the computing device 110, considered to be a form of “client logic device”, and EHR System 130 including EHR server 134, considered to be a form of “patient data server”).
While Douglass teaches that the second computing device is also sending data in offline mode (Figure 4 label 430, page 6-7 paragraph 0066-0067 illustrating both a nurse and a doctor updating the same patient record while both are offline), Douglass does not explicitly teach a collision between a computing device that was offline and a computing device that was constantly online, i.e. the recited limitation:
while at least another one of the client logic devices (herein "second logic device") continues to be in an online network condition relative to the patient data server and forwards the patient data to the patient data server.
Smith teaches:
while at least another one of the client logic devices (herein "second logic device") continues to be in an online network condition relative to the patient data server and forwards the patient data to the patient data server (page 6 paragraph 0063 illustrating a situation where the conflict was created by the server having an update by a user and an offline mobile device having an update by a different user, thereby suggesting that such a conflict is commonplace in an environment with a plurality of mobile device users).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the conflicting updates between two offline devices disclosed by Douglass by resolving conflict between a mobile device in connection with the server and having already uploaded the update to the server, and an offline device that has just recently come online as disclosed by Smith. One of ordinary skill in the art would have been motivated to make this modification in order to resolve the conflicting updates that are commonplace with mobile device users (Smith; page 6 paragraph 0063).
Additionally, the same conflict resolution technique of Douglass would be equally applicable to conflicts between an update already uploaded to the server and one from a recently online device because the solution of Douglass is not specifically limited to how the data was uploaded. Instead, Douglass would be able to resolve the conflict using the techniques discussed therein for the situation discussed by Smith, and such modification to Douglass is well within the level of ordinary skill in the art.
Douglass further teaches:
causing the first logic device to limit access to the first client logic device, thereby securing data stored on the first client logic device (Figure 2 label 240, page 5 paragraph 0049 illustrating using the login credentials including username/password to generate an encryption key, Figure 3 label 310, page 5 paragraph 0056 to page 6 paragraph 0057 illustrating using the generated encryption key and comparing with an offline encryption key generated by the user entering username/password to determine if the user is authorized to access encrypted patient medical data records stored in the computing device 110’s browser application cache, and generating an offline encryption key using the login credentials as in Figure 3 label 330, 335 with the generated offline encryption key, see also page 6 paragraph 0059);
creating de-identified patient data by applying a de-identification function to de-identify any protected health information (PHI) associated with the patient data stored on the first client logic device so that the PHI is removed from any storage in the client logic device (page 2 paragraph 0017 illustrating encrypting patient records according to HIPAA Security Rule restrictions);
detecting an online network condition between the first client logic device and the patient data server (Figure 3 label 350, paragraph 6 paragraph 0062 illustrating determining that a network connection is available, considered to be a form of “online network condition”);
forwarding the de-identified patient data (page 2 paragraph 0019 illustrating when the network connection is available, transmitting encrypted offline-updated patient medical data record), including the medical record number patient (page 6 paragraph 0058 illustrating an identifier that uniquely identifies the patient medical data records, considered to be the “previously assigned medical record number”), from the first client logic device to the patient data server (page 2 paragraph 0019 illustrating transmitting the data via the available network connection);
resolving conflicts between the de-identified patient data sent to the patient data server by the first client logic device and the patient data sent to the patient data server by the second client logic device based on a time stamp associated with at least one patient data segment so as to generate consolidated patient data on the patient data server (Figure 4 label 430, page 6-7 paragraph 0066-0067 illustrating using dates and time of the conflicting updates to request confirmation when updating with an older version of the patient data).
Douglass further teaches using the username and/or password to generate a salt as part of the encryption key, as is known in the art (page 5-6 paragraph 0056).
Douglass in view of Smith do not teach:
prompt a user to create a user-generated access identifier.
Yao teaches:
prompt a user to create a user-generated access identifier (page 246 paragraph 3 illustrating a password-based key derivation function used to derive the key from a password and a salt s, page 249 Section 2.2 paragraph 1 illustrating Alice deriving a key y as a function of the password and salt s, wherein the salt s was set by Alice, page 256 Section 6 paragraph 1 illustrating that each time the key derivation function (KDF) is executed, a salt is either selected by the user [considered to be a form of “prompt a user to create”] or generated at random).
	Since protecting user’s login data is a key factor in the success of any patient record system, a common way to protect such login data is by generating a salt. As discussed by Yao, security systems have resorted to different techniques for generating the salt, including allowing the user to select the salt or randomly generating the salt. This practice is well known in the security art and would follow in the patient record world as well where there is need to securely authenticate the user.
	Therefore, it would have been obvious to try, by one of ordinary skill in the art before the effective filing date of the claimed invention, to pick the salt generation technique and incorporate it into the offline patient record system of Douglass in view of Smith since there is a finite number of identified, predictable potential solutions (i.e. user selected or random generation) to the recognized need (generation of a salt) and one of ordinary skill in the art could have pursued the known potential solutions with a reasonable expectation of success (the cost and benefits are known).
Douglass in view of Smith and Yao do not teach:
other than the medical record number.
Garfinkel teaches: 
other than the previously assigned medical record number (page 15 Section 3.1 paragraph 3 illustrating a medical record number as an indirect identifiers, page 19 Section 3.4, page 20 paragraph 2 illustrating retaining medical record numbers to provide the utility of their inclusion).
	Garfinkel further teaches 18 HIPAA direct identifiers (page 15 Section 3.1 paragraph 4) in a manner similar to Douglass, as discussed above. Garfinkel further teaches techniques to de-identify these direct identifiers (page 15 last paragraph to page 16 first paragraph).
Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to include medical record numbers as in Garfinkel within the offline patient record system of Douglass in view of Smith and Yao with the motivation of retaining the utility afforded by the inclusion of such medical record numbers, and thereby improving efficiency and functionality of electronic medical records (Garfinkel; page 20 paragraph 2).

Claim 13, Douglass in view of Smith, Yao, and Garfinkel teach:
The method of claim 12, as discussed above and incorporated herein.
Douglass further teaches:
generating a communication session (Figure 6 paragraph 0063 illustrating WebSockets, considered to be a form of “communication session”) between the patient data server and an electronic health record (EHR) system of a medical facility (Figure 1 illustrating EHR server 134 and medical records database 138, considered to be a form of “electronic health record system”) to synchronize the consolidated patient data stored on the patient data server and corresponding patient data stored on the EHR system (Figure 6 paragraph 0063 illustrating synching the patient data received from offline updates).

Claims 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Douglass in view of Johnson.

As per claim 14, Douglass teaches:
In a patient data server (Figure 1 label 134 illustrating an EHR server 134), a method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of method steps performed by the computing system) with a patient database (Figure 1 label 138 illustrating a medical records database), comprising:
detecting an online network condition between a client logic device and the patient data server (Figure 3 label 350, paragraph 6 paragraph 0062 illustrating determining that a network connection is available, considered to be a form of “online network condition”), the online network condition following an offline network condition (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”);
receiving from the client logic device de-identified patient data (Figure 3 label 330, 335, and also from above illustrating encrypting patient data) page including a medical record number that identifies a patient associated with the patient data (page 6 paragraph 0058 illustrating identifying patients by an identifier that uniquely identifies the patient medical data record, considered to be a form of “medical record number”);
Douglass does not explicitly teach performing this synching via:
identifying previous patient data, if any, previously stored on the patient data server associated with the received medical record number (it is noted that the feature of identifying patient records for consolidation has been discussed above as taught by Douglass); and
updating the previous patient data based on the received patient data.
Johnson teaches:
identifying previous patient data, if any, previously stored on the patient data server associated with the received medical record number (Figure 5 label 502 illustrating a patient MRN, Figure 6 label 606 illustrating extracting the MRN from the document, Figure 6 label 610, 622 illustrating using the MRN to identify the associated patient); and
updating the previous patient data based on the received de-identified patient data (Figure 7 label 712 illustrating linking patient documents to a master patient identifier using the MRN extracted from the document).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the patient records synching disclosed by Douglass by identifying patient records by an identifier that uniquely identifies the patient medical data record as disclosed by Johnson. One of ordinary skill in the art would have been motivated to make this modification in order to provide a convenient way to identify different patients and linking patient documents for a patient (Johnson; column 11 line 44-47).

Claim 15: Douglass in view of Johnson teach:
The method of claim 14, as discussed above and incorporate herein.
Douglass further teaches:
wherein updating the previous patient data based on the received patient data comprises updating the previous patient data based on a timestamp (Figure 4 label 430, page 6-7 paragraph 0066-0067 illustrating using dates and time of the conflicting updates to request confirmation when updating with an older version of the patient data).

Claims 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Douglass  in view of Chawdhury (Security enhancement of MD5 hashed passwords by using the unused bits of TCP header).

Claim 16: Douglass teaches:
A method (page 2 paragraph 0018 illustrating a method, at least Figures 2-3 illustrating a flowchart of method steps performed by the computing system) of accessing a client logic device (Figure 1 label 110 illustrating a computing device 110, considered to be a form of “client logic device”), comprising:
sending from a patient data server (Figure 2 label 240, page 5 paragraph 0049 illustrating an EHR server sending patient data) encrypted information (page 5 paragraph 0049 illustrating encrypted patient data) associated with a user (page 5 paragraph 49 illustrating that the patient data is accessible to the user, considered to be a form of “associated” with the user), including a security token (page 5 paragraph 0049 illustrating an encryption key, page 6 paragraph 0050-0051 illustrating sending the encryption key, considered to be a form of “security token”), to a client logic device in communication with the patient data server (page 5 paragraph 0051 illustrating sending the encryption key to the computing device from the EHR server) when the user logs into the patient data server (page 5 paragraph 0049 illustrating step 240 when the encryption key was generated based on the user’s login credential solicited previously in Figure 2 label 215);
detecting an offline network condition between the client logic device and the patient data server (Figure 2 label 265 illustrating determining if a network connection is available, and if NO, then proceed to step 300, page 5 paragraph 0054 illustrating that this is considered to be “offline”);
causing presentation of a prompt on the client logic device, wherein the prompt is configured to receive additional log in information (Figure 3 label 305 illustrating presenting an offline login page); 
receiving the additional log in information (Figure 3 label 305 illustrating entering login credentials); and 
provide access to the client logic device (Figure 3 label 310, 320 illustrating providing access to authenticated users).
Douglass specifically teaches sending the hash of the username and password to the device where authentication will take place (Figure 2 label 240, page 5 paragraph 0049).
Douglass does not teach:
decrypting the encrypted information residing on the client logic device.
Chawdhury teaches:
decrypting the encrypted information residing on the client logic device (page 716 column 1 paragraph 4 illustrating encrypting the hashed password, page 716 column 2 paragraph 4 illustrating decrypting of the hashed password to review the decrypted hashed password).
Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to encrypt the hashed password and sending the ciphertext to the device for decryption prior to comparing to the hash of the user login credentials, as in Chawdhury, within the hashed password storage of Douglass with the motivation of preventing interception of the plaintext hashed password when sending over a network, as in Douglass, and thereby avoiding a dictionary attack (Chawdhury; page 715 column 1 paragraph 3-5 whereby an adversary, after having intercepted the hashed password in plaintext, may simply perform a brute force attack by hashing dictionary words, thereby reducing the brute force search space, and comparing the hashed dictionary words with the hashed password plaintext).

As per claim 17, Douglass in view of Chawdhury teach:
The method of claim 16, as discussed above and incorporated herein.
Douglass further teaches:
wherein the information associated with the user is encrypted using the user's password as a key (page 5 paragraph 0049 illustrating generating the encryption key using the user’s username and password as a decryption key, page 5 paragraph 0050-0051 illustrating using this encryption key to encrypt patient records the user wishes to view).

Response to Arguments
In the Remarks filed on 05 August 2022, Applicant presents several arguments. Examiner will address these arguments in the order presented.

On page 8 Applicant argues that Yao does not teach creating a user-generated passcode identifier in response to detection of an offline condition.
Douglass teaches that when an offline condition is detected, login credentials is received (Figure 3 label 305).
Specifically, Douglass teaches using the login credentials to generate an offline encryption key (Figure 3 label 310), and comparing the offline encryption key with a stored encryption key to determine a match (Figure 3 label 320).
The only difference between the argued limitation and Douglass is that Douglass does not teach the creation of a user-generated passcode identifier; however, Yao teaches that it is known to provide a user-generated salt in addition to a standard password (page 256 Section 6 paragraph 1).
Therefore, the argued limitation would have been obvious for the reason as discussed in the section above, and incorporated herein.

On page 9 Applicant argues that the claim does not require a salt, and that only a passcode identifier is required, with a PIN as an example.
In response to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., a PIN code) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
As claimed, the broadest reasonable interpretation of “passcode identifier” would include any type of data that would be suitable for the purpose of authenticating the user, as Applicant has not come forth with any controlling definition for this limitation.
To this end, the password and user-generated salt of Yao would be properly considered as a form of “passcode identifier”, and especially because the claim does not preclude such interpretation from being included in the metes and bounds of the claimed “passcode identifier”.

On page 9-10 Applicant argues hindsight reconstruction.
In response to applicant's argument that the examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning.  But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper.  See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971).
In this case, Yao was merely relied upon for the addition of a user-generated salt. All other argued limitations were found in Douglass.

Applicant’s arguments with respect to claim(s) 1 on page 10-11 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

On page 12 Applicant argues that the applied art do not teach “de-identified” patient data.
In making this argument, Applicant does not specifically define what is included or excluded by “de-identify”.
Evidentiary reference Garfinkel discloses that “de-identification” may include various techniques, including transforming the de-identified data (page 15 last paragraph). To this end, encrypting the patient record is a form of “de-identification” because the patient data is otherwise transformed and is not comprehensible to the reader.

On page 12 Applicant argues that the applied art do not teach “in a patient data server”.
In making this argument, Applicant does not come forth with any special definition for “server”.
It is noted that the Specification as originally filed uses the “patient server 112” and “patient server device 112” interchangeably (see at least page 6 paragraph 0025 as originally filed on 17 April 2018 in parent application 62658890).
Accordingly, the limitation “patient data server [device]” has been broadly interpreted to include any computer capable of performing the recited functionality.
In response to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., serving data to another computer, server/client model) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
Examiner relies on The Authoritative Dictionary of IEEE Standards Terms, Seventh Edition, which defines “server” as “The software component on one device that provides services for use by clients on the same or another device”.
For this reason, since no specific function has been recited as being associated with the claimed “server” other than what was taught by the applied art, the claimed limitation is fully taught by the applied art.

Applicant’s argument on page 14 merely rehashes arguments previously addressed above, and incorporated herein.

Applicant’s arguments with respect to claim(s) 16-17 on page 14-15 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Ahamed (ERAP: ECC based RFID Authentication Protocol) discloses an RFID generating a random number to authenticate a user against a card reader (page 223 column 1 Section 4.2).
Akinyele (Securing Electronic Medical Records Using Attribute-Based Encryption On Mobile Devices) teaches generating private keys in offline mode for use to access patient records when the device is offline (page 81 column 1 paragraph 1).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRAN N NGUYEN whose telephone number is (571)272-0259. The examiner can normally be reached Monday-Friday 9AM-5PM Eastern.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, MORGAN ROBERT W (SPE) can be reached on (571)272-6773. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/T.N.N./Examiner, Art Unit 3626                                                                                                                                                                                                        



/JOSHUA B BLANCHETTE/Primary Examiner, Art Unit 3626