DETAILED ACTION

Response to Arguments
Applicant's arguments ("REMARKS") filed June 6, 2022 have been fully considered, and they are persuasive. However, upon further consideration, a new ground of rejection has been issued.
Claims 1-2, and 4-5 were amended. Claims 6-14 were added. Claims 1-2 and 4-5 are independent. Claims 1-14 are currently pending.  

Re: Objection to the Drawings
The Replacement Sheets for Figs. 3-5 have been received. The objections to the Drawings have been withdrawn in view of the amendments to the Specification and Figs. 3-6 as indicated on p. 10 of the REMARKS.

Re: Rejections Under 35 U.S.C. § 103
Applicant’s arguments, on pp. 10-12 of the REMARKS, in response to the rejection of the claims under 35 U.S.C. §103 with respect to Reid et al., US 2015/0074409 A1 and Rasovsky et al., US 2020/0160947 A1 have been fully considered and are persuasive. However, a new ground of rejection has been asserted in view of Uehara et al., US 2019/0207813 A1. See Claim Rejections – 35 USC § 103 below for further details.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-5 are rejected under 35 U.S.C. 103 as being unpatentable over Reid et al., US 2015/0074409 A1 (hereinafter, “Reid ‘409”), in view of Rasovsky et al., US 2020/0160947 A1 (hereinafter, “Rasovsky ‘947”), and further in view of Uehara et al., US 2019/0207813 A1 (hereinafter, “Uehara ‘813”).

As per claim 1: Reid ‘409 discloses: 
	An information management system (a system 100 for exchanging and managing data [Reid ‘409, ¶40; Fig. 1]) comprising: 
an information management device (Cloud Lockbox 130 for managing data, where the Cloud Lockbox 130 may be implemented as a storage server [Reid ‘409, ¶¶154, 191-194; Fig. 1]) that transmits target information of an information holder stored to an information user (Cloud Lockbox 130 transmits stored requested files, obtained from the Secondary Electronic Health Record (EHR) software 142, 143, 145, 147, 149, to the Electronic Health Record (EHR) software 110, where the EHR software 110 is utilized by a user, such as the Health Care Provider (HCP) 101 [Reid ‘409, ¶¶138, 140-142, 184; Fig. 1, Fig. 2]); 
an information holding device (a device running the Secondary EHR software 142-149 [Reid ‘409, ¶¶140-141, 270; Fig. 1, Fig. 2]) that holds the target information and provides the target information to the information management device (the device running the Secondary EHR software 142-149 holds the requested files and provides the files by writing to the Cloud Lockbox 130, [Reid ‘409, ¶¶138-143; Fig. 1, Fig. 2]); and 
an information using device (a device running EHR software 110 [Reid ‘409, ¶134-135, 157; Fig. 1]) that extracts the target information from the information management device (the device running EHR software 110 retrieves or reads requested files from the Cloud Lockbox 130 [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]), 
wherein the information using device adds an encryption public key (the device running EHR software 110 uses the key master 112 to add a public key to the HIE registry 120 [Reid ‘409, ¶136; Fig. 1]) 
the information holding device transmits, to the information management device, encrypted information (the device running the Secondary EHR software 142-149 transmits encrypted files to the Cloud Lockbox 130 [Reid ‘409, ¶¶140-143; Fig. 1]) as a result of acquiring the encryption public key (the device running the Secondary EHR software 142-149 acquires the public key and encrypts the files using the public key [Reid ‘409, ¶¶140-143; Fig. 1]), 
the information management device stores the encrypted information received (the Cloud Lockbox 130 stores the encrypted files [Reid ‘409, ¶141; Fig. 1]), and 
transmits a storage destination address of the encrypted information (the Cloud Lockbox 130 provides a File Handler 211 which indicates locations of encrypted files within the Cloud Lockbox 130 [Reid ‘409, ¶¶168, 202; Fig. 1]) to the information holding device (the File Handler 211, which indicates locations of encrypted files, is provided to the device running the Secondary EHR software 142-149, where the File Handler 211 must be used to retrieve encrypted files [Reid ‘409, ¶¶174, 202; Fig. 1, Fig. 2]),

the information using device acquires the storage destination address of the encrypted information (the device running EHR software 110 uses the locations specified in the File Handler 211 provided by the Cloud Lockbox 130 to access the encrypted files at the corresponding locations [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]), 
the information management device transmits the encrypted information at the storage destination address to the information using device, in response to the access from the information using device (the Cloud Lockbox 130 transmits encrypted files at the specified locations to the device running EHR software 110 in response to an access [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]), and 
the information using device decrypts the encrypted information received, using an encryption secret key (the device running EHR software 110 decrypts the encrypted files using a private key [Reid ‘409, ¶¶136, 138, 160, 167, 269; Fig. 1]) 

As stated above, Reid ‘409 does not explicitly disclose: “… adds an encryption public key of the information using device to a blockchain, … acquiring the encryption public key of the information using device from the blockchain and encrypting the target information … the information holding device adds the storage destination address of the encrypted information received to the blockchain, … acquires the storage destination address … from the blockchain, … decrypts the encrypted information received, using an encryption secret key of the information using device.”
	Rasovsky ‘947, however, discloses:
	… adds an encryption public key (adding a cryptographic key 290 to the blockchain 210 [Rasovsky ‘947, ¶¶50, 56, 58, 68; Fig. 2, Fig. 6]), 
… acquiring the encryption public key (retrieving the cryptographic key 290 from blockchain 210 [Rasovsky ‘947, ¶¶89-90; Fig. 8]) … 
the information holding device adds the storage destination address of the encrypted information received to the blockchain (a computing device adds identifiers, such as URLs, of locations of external storages to the blockchain, where the external storages store encrypted data, such as encrypted digital representations or encrypted images [Rasovsky ‘947, ¶¶46, 48, 51, 69-70; Fig. 3, Fig. 6]), 
… acquires the storage destination address … from the blockchain (acquire the locations of the corresponding external storages from the blockchain [Rasovsky ‘947, ¶¶38, 88; Fig. 8]), 


Reid ‘409 and Rasovsky ‘947 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 and Rasovsky ‘947 before them, to modify the method in Reid ‘409 to include the teachings of Rasovsky ‘947, namely to use a blockchain, as disclosed in Rasovsky ‘947, as a secure storage for public keys and encrypted file locations specified in the File Handler, as disclosed in Reid ‘409, where the blockchain also serves as a point of exchange, for public keys and file locations, between the device running the Secondary EHR software 142-149 and the device running EHR software 110, as disclosed in Reid ‘409. The motivation for doing so would be to increase protection to sensitive data, such as health data, by storing the data on a blockchain, where a blockchain is inherently immutable and consistent, while also addressing the limitations of a blockchain due to limited block sizes (see Rasovsky ‘947, ¶¶33, 37-38).

As stated above, Reid ‘409 in view of Rasovsky ‘947 does not explicitly disclose: “… adds an encryption public key of the information using device to a blockchain, … acquiring the encryption public key of the information using device from the blockchain … decrypts the encrypted information received, using an encryption secret key of the information using device.”
	Uehara ‘813, however, discloses:
… adds an encryption public key of the information using device to a blockchain (storing a public key on a blockchain, where the public key is unique to a device, and where the device receives and uses provisioning information [Uehara ‘813, ¶¶15-17, 67, 107]), 
… acquiring the encryption public key of the information using device from the blockchain (acquiring the device public key from the blockchain, where the device public key is used to encrypt the provisioning information [Uehara ‘813, ¶¶15, 31, 120, 141]) … 
decrypts the encrypted information received, using an encryption secret key of the information using device (decrypting the received provisioning data using the private key of the device [Uehara ‘813, ¶¶15, 31, 120, 141]).

Reid ‘409 (modified by Rasovsky ‘947) and Uehara ‘813 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947) and Uehara ‘813 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947) to include the teachings of Uehara ‘813, namely to implement the public key disclosed in Reid ‘409 as a unique device public key, as disclosed in Uehara ‘813, where the unique device public key is stored on a blockchain and then retrieved from the blockchain to encrypt information, such as the files disclosed in Reid ‘409. The motivation for doing so would be to prevent attacks from unknown devices by using unique public/private keys from validated devices during a device provisioning process (see Uehara ‘813, ¶¶11-12, 14-15).

As per claim 2: Reid ‘409 discloses: 
An information management system (a system 100 for exchanging and managing data [Reid ‘409, ¶40; Fig. 1]) comprising: 
an information management device (Cloud Lockbox 130 for managing data, where the Cloud Lockbox 130 may be implemented as a storage server [Reid ‘409, ¶¶154, 191-194; Fig. 1]) that transmits target information of an information holder stored to an information user (Cloud Lockbox 130 transmits stored requested files, obtained from the Secondary Electronic Health Record (EHR) software 142, 143, 145, 147, 149, to the Electronic Health Record (EHR) software 110, where the EHR software 110 is utilized by a user, such as the Health Care Provider (HCP) 101 [Reid ‘409, ¶¶138, 140-142, 184; Fig. 1, Fig. 2]); 
an information holding device (a device running the Secondary EHR software 142-149 [Reid ‘409, ¶¶140-141, 270; Fig. 1, Fig. 2]) that holds the target information and provides the target information to the information management device (the device running the Secondary EHR software 142-149 holds the requested files and provides the files by writing to the Cloud Lockbox 130, [Reid ‘409, ¶¶138-143; Fig. 1, Fig. 2]); and 
an information using device (a device running EHR software 110 [Reid ‘409, ¶134-135, 157; Fig. 1]) that extracts the target information from the information management device (the device running EHR software 110 retrieves or reads requested files from the Cloud Lockbox 130 [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]), 
wherein the information using device adds an encryption public key (the device running EHR software 110 uses the key master 112 to add a public key to the HIE registry 120 [Reid ‘409, ¶136; Fig. 1]) 
the information holding device transmits, to the information management device, encrypted information (the device running the Secondary EHR software 142-149 transmits encrypted files to the Cloud Lockbox 130 [Reid ‘409, ¶¶140-143; Fig. 1]) (the device running the Secondary EHR software 142-149 acquires the public key and encrypts the files using the public key [Reid ‘409, ¶¶140-143; Fig. 1]), 
the information management device stores the encrypted information (the Cloud Lockbox 130 stores the encrypted files [Reid ‘409, ¶141; Fig. 1]), and 
transmits a storage destination address of the encrypted information (the Cloud Lockbox 130 provides a File Handler 211 which indicates locations of encrypted files within the Cloud Lockbox 130 [Reid ‘409, ¶¶168, 202; Fig. 1]) to the information holding device (the File Handler 211, which indicates locations of encrypted files, is provided to the device running the Secondary EHR software 142-149, where the File Handler 211 must be used to retrieve encrypted files [Reid ‘409, ¶¶174, 202; Fig. 1, Fig. 2]), 

the information using device acquires the storage destination address of the encrypted information (the device running EHR software 110 uses the locations specified in the File Handler 211 provided by the Cloud Lockbox 130 to access the encrypted files at the corresponding locations [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]), 
the information management device performs authentication (the Cloud Lockbox 130 performs authentication by verifying the digital signature associated with the access request [Reid ‘409, ¶¶83, 161-162, 179, 200]), and 
in response to successful authentication (in response to successful authentication via the verification of the digital signature associated with the access request [Reid ‘409, ¶¶83, 161-162, 179, 200]), transmits the encrypted information at the storage destination address to the information using device (the Cloud Lockbox 130 transmits encrypted files at the specified locations to the device running EHR software 110 in response to an access [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]), and 
the information using device decrypts the encrypted information received, using an encryption secret key (the device running EHR software 110 decrypts the encrypted files using a private key [Reid ‘409, ¶¶136, 138, 160, 167, 269; Fig. 1]) 

As stated above, Reid ‘409 does not explicitly disclose: “… adds an encryption public key of the information using device and an authentication public key of the information using device to a blockchain, ... transmits … the authentication public key of the information using device as a result of acquiring the encryption public key of the information using device and the authentication public key of the information using device from the blockchain … stores the … authentication public key received, … the information holding device adds the storage destination address of the encrypted information received to the blockchain, … acquires the storage destination address … from the blockchain, … performs authentication using the authentication public key … decrypts the encrypted information received, using an encryption secret key of the information using device.”
	Rasovsky ‘947, however, discloses:
	… adds an encryption public key (adding a cryptographic key 290 to the blockchain 210 [Rasovsky ‘947, ¶¶50, 56, 58, 68; Fig. 2, Fig. 6]), 
(retrieving the cryptographic key 290 from blockchain 210 [Rasovsky ‘947, ¶¶89-90; Fig. 8]) 

… the information holding device adds the storage destination address of the encrypted information received to the blockchain (a computing device adds identifiers, such as URLs, of locations of external storages to the blockchain, where the external storages store encrypted data, such as encrypted digital representations or encrypted images [Rasovsky ‘947, ¶¶46, 48, 51, 69-70; Fig. 3, Fig. 6]), 
… acquires the storage destination address … from the blockchain (acquire the locations of the corresponding external storages from the blockchain [Rasovsky ‘947, ¶¶38, 88; Fig. 8]), 



Reid ‘409 and Rasovsky ‘947 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 and Rasovsky ‘947 before them, to modify the method in Reid ‘409 to include the teachings of Rasovsky ‘947.

As stated above, Reid ‘409 in view of Rasovsky ‘947 does not explicitly disclose: “… adds an encryption public key of the information using device and an authentication public key of the information using device to a blockchain, ... transmits … the authentication public key of the information using device as a result of acquiring the encryption public key of the information using device and the authentication public key of the information using device from the blockchain … stores the … authentication public key received, … performs authentication using the authentication public key … decrypts the encrypted information received, using an encryption secret key of the information using device.”
	Uehara ‘813, however, discloses:
	… adds an encryption public key of the information using device (storing a public key on a blockchain, where the public key is unique to a device, and where the device receives and uses provisioning information [Uehara ‘813, ¶¶15-17, 67, 107]) and an authentication public key of the information using device to a blockchain (storing a second public key on the blockchain, where the second public key may be unique to the device, and where the second public key is used to perform verification and authentication [Uehara ‘813, ¶¶27-28, 69, 73]), 
... transmits … the authentication public key of the information using device as a result of acquiring the encryption public key of the information using device (acquiring the device public key from the blockchain, where the device public key is used to encrypt the provisioning information [Uehara ‘813, ¶¶15, 31, 120, 141]) and the authentication public key of the information using device from the blockchain … stores the … authentication public key received (transmitting the second public key to the provisioning execution means 42 after acquiring and storing the second public key by the public key providing means 13 from the blockchain 2, where the second public key may be unique to the device, and where the second public key is used to perform verification and authentication [Uehara ‘813, ¶¶27-28, 69, 73, 89; Fig. 3, Fig. 6]), 
… performs authentication using the authentication public key (performing authentication and verification of an electronic signature by using the second public key [Uehara ‘813, ¶¶27-28])
… decrypts the encrypted information received, using an encryption secret key of the information using device (decrypting the received provisioning data using the private key of the device [Uehara ‘813, ¶¶15, 31, 120, 141]).

Reid ‘409 (modified by Rasovsky ‘947) and Uehara ‘813 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947) and Uehara ‘813 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947) to include the teachings of Uehara ‘813, namely to implement the public key disclosed in Reid ‘409 as a unique device public key, as disclosed in Uehara ‘813, where the unique device public key is stored on a blockchain and then retrieved from the blockchain to encrypt information, such as the files disclosed in Reid ‘409; furthermore, to implement a second public key associated with the device used to perform authentication and verification services during the provisioning process, as disclosed in Uehara ‘813. The motivation for doing so would be to prevent attacks from unknown devices by using unique public/private keys from validated devices during a device provisioning process; and to increase security by adding another layer of protection via a second pair of public/private keys to perform verification and authentication (see Uehara ‘813, ¶¶14-15, 27-28).

As per claim 3: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 1, as stated above, from which claim 3 is dependent upon. Reid ‘409 in view of Uehara ‘813 does not explicitly disclose the limitations of claim 3. Rasovsky ‘947, however, discloses:
wherein when the information holding device adds the storage destination address of the encrypted information to the blockchain (a computing device adds identifiers, such as URLs, of locations of external storages to the blockchain, where the external storages store encrypted data, such as encrypted digital representations or encrypted images [Rasovsky ‘947, ¶¶46, 48, 51, 69-70; Fig. 3, Fig. 6]), 
pre-encryption information or a checksum of the encrypted information is generated (under the broadest reasonable interpretation, ‘pre-encryption information’ is interpreted to be any unencrypted information that is generated prior to the encryption of the associated data; unencrypted medical record data items 260A-260N, which may be textual/numerical content or an index, is generated, where the medical record data items 260A-260N is associated with data, such as digital representations or images, that will be subsequently stored in external storage locations and encrypted [Rasovsky ‘947, ¶¶45-48, 50, 53; Fig. 2]) to be added to the blockchain together with the storage destination address of the encrypted information (the medical record data items 260A-260N is added to the blockchain, together with the corresponding identifiers of the external storage locations of the encrypted data [Rasovsky ‘947, ¶¶46, 48, 50; Fig. 2]).

Reid ‘409 (modified by Uehara ‘813) and Rasovsky ‘947 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Uehara ‘813) and Rasovsky ‘947 before them, to modify the method in Reid ‘409 (modified by Uehara ‘813) to include the teachings of Rasovsky ‘947, namely to generate other unencrypted information associated with the encrypted files, as disclosed in Reid ‘409, and store the unencrypted information together with the corresponding encrypted file locations on the blockchain, as disclosed in Rasovsky ‘947. The motivation for doing so would be to store small-sized identifying information, such as an index or a date, directly in blocks to allow for easy search, identification, and retrieval of the requested data, such as storage location of encrypted data (see Rasovsky ‘947, ¶¶48, 53-54).

As per claim 4: Reid ‘409 discloses: 
An information management method (a system 100 for exchanging and managing data [Reid ‘409, ¶40; Fig. 1]) that uses 
an information management device (Cloud Lockbox 130 for managing data, where the Cloud Lockbox 130 may be implemented as a storage server [Reid ‘409, ¶¶154, 191-194; Fig. 1]) that transmits target information of an information holder stored to an information user (Cloud Lockbox 130 transmits stored requested files, obtained from the Secondary Electronic Health Record (EHR) software 142, 143, 145, 147, 149, to the Electronic Health Record (EHR) software 110, where the EHR software 110 is utilized by a user, such as the Health Care Provider (HCP) 101 [Reid ‘409, ¶¶138, 140-142, 184; Fig. 1, Fig. 2]), 
an information holding device (a device running the Secondary EHR software 142-149 [Reid ‘409, ¶¶140-141, 270; Fig. 1, Fig. 2]) that holds the target information and provides the target information to the information management device (the device running the Secondary EHR software 142-149 holds the requested files and provides the files by writing to the Cloud Lockbox 130, [Reid ‘409, ¶¶138-143; Fig. 1, Fig. 2]), and 
an information using device (a device running EHR software 110 [Reid ‘409, ¶134-135, 157; Fig. 1]) that extracts the target information from the information management device (the device running EHR software 110 retrieves or reads requested files from the Cloud Lockbox 130 [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]), the information management method comprising: 
by the information using device, adding an encryption public key (the device running EHR software 110 uses the key master 112 to add a public key to the HIE registry 120 [Reid ‘409, ¶136; Fig. 1]) 
by the information holding device, transmitting, to the information management device, encrypted information (the device running the Secondary EHR software 142-149 transmits encrypted files to the Cloud Lockbox 130 [Reid ‘409, ¶¶140-143; Fig. 1]) as a result of acquiring the encryption public key (the device running the Secondary EHR software 142-149 acquires the public key and encrypts the files using the public key [Reid ‘409, ¶¶140-143; Fig. 1]); 
by the information management device, storing the encrypted information received (the Cloud Lockbox 130 stores the encrypted files [Reid ‘409, ¶141; Fig. 1]), and 
transmitting a storage destination address of the encrypted information (the Cloud Lockbox 130 provides a File Handler 211 which indicates locations of encrypted files within the Cloud Lockbox 130 [Reid ‘409, ¶¶168, 202; Fig. 1]) to the information holding device (the File Handler 211, which indicates locations of encrypted files, is provided to the device running the Secondary EHR software 142-149, where the File Handler 211 must be used to retrieve encrypted files [Reid ‘409, ¶¶174, 202; Fig. 1, Fig. 2]); 

by the information using device, acquiring the storage destination address of the encrypted information (the device running EHR software 110 uses the locations specified in the File Handler 211 provided by the Cloud Lockbox 130 to access the encrypted files at the corresponding locations [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]); 
by the information management device, transmitting the encrypted information at the storage destination address to the information using device, in response to the access from the information using device (the Cloud Lockbox 130 transmits encrypted files at the specified locations to the device running EHR software 110 in response to an access [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]); and 
by the information using device, decrypting the encrypted information received, using an encryption secret key (the device running EHR software 110 decrypts the encrypted files using a private key [Reid ‘409, ¶¶136, 138, 160, 167, 269; Fig. 1]) 

As stated above, Reid ‘409 does not explicitly disclose: “… adding an encryption public key of the information using device to a blockchain, … acquiring the encryption public key of the information using device from the blockchain and encrypting the target information … by the information holding device, adding the storage destination address of the encrypted information received to the blockchain; … acquiring the storage destination address … from the blockchain, … decrypting the encrypted information received, using an encryption secret key of the information using device.”
	Rasovsky ‘947, however, discloses:
	… adding an encryption public key (adding a cryptographic key 290 to the blockchain 210 [Rasovsky ‘947, ¶¶50, 56, 58, 68; Fig. 2, Fig. 6]), 
… acquiring the encryption public key (retrieving the cryptographic key 290 from blockchain 210 [Rasovsky ‘947, ¶¶89-90; Fig. 8]) … 
by the information holding device, adding the storage destination address of the encrypted information received to the blockchain (a computing device adds identifiers, such as URLs, of locations of external storages to the blockchain, where the external storages store encrypted data such as digital representations [Rasovsky ‘947, ¶¶46, 48, 51, 69-70; Fig. 3, Fig. 6]); 
… acquiring the storage destination address … from the blockchain (acquire the locations of the corresponding external storages from the blockchain [Rasovsky ‘947, ¶¶38, 88; Fig. 8]),


Reid ‘409 and Rasovsky ‘947 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 and Rasovsky ‘947 before them, to modify the method in Reid ‘409 to include the teachings of Rasovsky ‘947.

As stated above, Reid ‘409 in view of Rasovsky ‘947 does not explicitly disclose: “… adding an encryption public key of the information using device to a blockchain, … acquiring the encryption public key of the information using device from the blockchain … decrypting the encrypted information received, using an encryption secret key of the information using device.”
	Uehara ‘813, however, discloses:
… adding an encryption public key of the information using device to a blockchain (storing a public key on a blockchain, where the public key is unique to a device, and where the device receives and uses provisioning information [Uehara ‘813, ¶¶15-17, 67, 107]), 
… acquiring the encryption public key of the information using device from the blockchain (acquiring the device public key from the blockchain, where the device public key is used to encrypt the provisioning information [Uehara ‘813, ¶¶15, 31, 120, 141]) … 
decrypting the encrypted information received, using an encryption secret key of the information using device (decrypting the received provisioning data using the private key of the device [Uehara ‘813, ¶¶15, 31, 120, 141]).

Reid ‘409 (modified by Rasovsky ‘947) and Uehara ‘813 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947) and Uehara ‘813 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947) to include the teachings of Uehara ‘813.

As per claim 5: Reid ‘409 discloses: 
An information management method (a system 100 for exchanging and managing data [Reid ‘409, ¶40; Fig. 1]) that uses 
an information management device (Cloud Lockbox 130 for managing data, where the Cloud Lockbox 130 may be implemented as a storage server [Reid ‘409, ¶¶154, 191-194; Fig. 1]) that transmits target information of an information holder stored to an information user (Cloud Lockbox 130 transmits stored requested files, obtained from the Secondary Electronic Health Record (EHR) software 142, 143, 145, 147, 149, to the Electronic Health Record (EHR) software 110, where the EHR software 110 is utilized by a user, such as the Health Care Provider (HCP) 101 [Reid ‘409, ¶¶138, 140-142, 184; Fig. 1, Fig. 2]), 
an information holding device (a device running the Secondary EHR software 142-149 [Reid ‘409, ¶¶140-141, 270; Fig. 1, Fig. 2]) that holds the target information and provides the target information to the information management device (the device running the Secondary EHR software 142-149 holds the requested files and provides the files by writing to the Cloud Lockbox 130, [Reid ‘409, ¶¶138-143; Fig. 1, Fig. 2]), and 
an information using device (a device running EHR software 110 [Reid ‘409, ¶134-135, 157; Fig. 1]) that extracts the target information from the information management device (the device running EHR software 110 retrieves or reads requested files from the Cloud Lockbox 130 [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]), 
the information management method comprising:
by the information using device, adding an encryption public key (the device running EHR software 110 uses the key master 112 to add a public key to the HIE registry 120 [Reid ‘409, ¶136; Fig. 1]) 
by the information holding device, transmitting, to the information management device, encrypted information (the device running the Secondary EHR software 142-149 transmits encrypted files to the Cloud Lockbox 130 [Reid ‘409, ¶¶140-143; Fig. 1]) (the device running the Secondary EHR software 142-149 acquires the public key and encrypts the files using the public key [Reid ‘409, ¶¶140-143; Fig. 1]);
by the information management device, storing the encrypted information (the Cloud Lockbox 130 stores the encrypted files [Reid ‘409, ¶141; Fig. 1]), and 
transmitting a storage destination address of the encrypted information (the Cloud Lockbox 130 provides a File Handler 211 which indicates locations of encrypted files within the Cloud Lockbox 130 [Reid ‘409, ¶¶168, 202; Fig. 1]) to the information holding device (the File Handler 211, which indicates locations of encrypted files, is provided to the device running the Secondary EHR software 142-149, where the File Handler 211 must be used to retrieve encrypted files [Reid ‘409, ¶¶174, 202; Fig. 1, Fig. 2]); 

by the information using device, acquiring the storage destination address of the encrypted information (the device running EHR software 110 uses the locations specified in the File Handler 211 provided by the Cloud Lockbox 130 to access the encrypted files at the corresponding locations [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]); 
by the information management device, performing authentication (the Cloud Lockbox 130 performs authentication by verifying the digital signature associated with the access request [Reid ‘409, ¶¶83, 161-162, 179, 200]), and 
in response to successful authentication (in response to successful authentication via the verification of the digital signature associated with the access request [Reid ‘409, ¶¶83, 161-162, 179, 200]), transmitting the encrypted information at the storage destination address to the information using device (the Cloud Lockbox 130 transmits encrypted files at the specified locations to the device running EHR software 110 in response to an access [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1]), 
decrypting the encrypted information received, using an encryption secret key (the device running EHR software 110 decrypts the encrypted files using a private key [Reid ‘409, ¶¶136, 138, 160, 167, 269; Fig. 1]) 

As stated above, Reid ‘409 does not explicitly disclose: “… adding an encryption public key of the information using device and an authentication public key of the information using device to a blockchain; ... transmitting … the authentication public key of the information using device as a result of acquiring the encryption public key of the information using device and the authentication public key of the information using device from the blockchain … storing the … authentication public key received, … by the information holding device, adding the storage destination address of the encrypted information received to the blockchain; … acquiring the storage destination address … from the blockchain, … performing authentication using the authentication public key … decrypting the encrypted information received, using an encryption secret key of the information using device.”
	Rasovsky ‘947, however, discloses:
	… adding an encryption public key (adding a cryptographic key 290 to the blockchain 210 [Rasovsky ‘947, ¶¶50, 56, 58, 68; Fig. 2, Fig. 6]), 
(retrieving the cryptographic key 290 from blockchain 210 [Rasovsky ‘947, ¶¶89-90; Fig. 8]) 

… by the information holding device, adding the storage destination address of the encrypted information received to the blockchain (a computing device adds identifiers, such as URLs, of locations of external storages to the blockchain, where the external storages store encrypted data, such as encrypted digital representations or encrypted images [Rasovsky ‘947, ¶¶46, 48, 51, 69-70; Fig. 3, Fig. 6]); 
… acquiring the storage destination address … from the blockchain (acquire the locations of the corresponding external storages from the blockchain [Rasovsky ‘947, ¶¶38, 88; Fig. 8]), 



Reid ‘409 and Rasovsky ‘947 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 and Rasovsky ‘947 before them, to modify the method in Reid ‘409 to include the teachings of Rasovsky ‘947.

As stated above, Reid ‘409 in view of Rasovsky ‘947 does not explicitly disclose: “… adding an encryption public key of the information using device and an authentication public key of the information using device to a blockchain, ... transmitting … the authentication public key of the information using device as a result of acquiring the encryption public key of the information using device and the authentication public key of the information using device from the blockchain … storing the … authentication public key received, … performing authentication using the authentication public key … decrypting the encrypted information received, using an encryption secret key of the information using device.”
	Uehara ‘813, however, discloses:
	… adding an encryption public key of the information using device (storing a public key on a blockchain, where the public key is unique to a device, and where the device receives and uses provisioning information [Uehara ‘813, ¶¶15-17, 67, 107]) and an authentication public key of the information using device to a blockchain (storing a second public key on the blockchain, where the second public key may be unique to the device, and where the second public key is used to perform verification and authentication [Uehara ‘813, ¶¶27-28, 69, 73]), 
... transmitting … the authentication public key of the information using device as a result of acquiring the encryption public key of the information using device (acquiring the device public key from the blockchain, where the device public key is used to encrypt the provisioning information [Uehara ‘813, ¶¶15, 31, 120, 141]) and the authentication public key of the information using device from the blockchain … storing the … authentication public key received (transmitting the second public key to the provisioning execution means 42 after acquiring and storing the second public key by the public key providing means 13 from the blockchain 2, where the second public key may be unique to the device, and where the second public key is used to perform verification and authentication [Uehara ‘813, ¶¶27-28, 69, 73, 89; Fig. 3, Fig. 6]), 
… performing authentication using the authentication public key (performing authentication and verification of an electronic signature by using the second public key [Uehara ‘813, ¶¶27-28])
… decrypting the encrypted information received, using an encryption secret key of the information using device (decrypting the received provisioning data using the private key of the device [Uehara ‘813, ¶¶15, 31, 120, 141]).

Reid ‘409 (modified by Rasovsky ‘947) and Uehara ‘813 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. For the reasons stated in claim 2, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947) and Uehara ‘813 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947) to include the teachings of Uehara ‘813.


Claims 6-7 are rejected under 35 U.S.C. 103 as being unpatentable over Reid ‘409, in view of Rasovsky ‘947, and further in view of Uehara ‘813, and further in view of D’Ambrosia et al., US2010/0063841 A1 (hereinafter, “D’Ambrosia ‘841”).

As per claim 6: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 1, as stated above, from which claim 6 is dependent upon. Furthermore, Reid ‘409 discloses: 
wherein when the information using device acquires the target information from the information management device (the device running EHR software 110 retrieves or reads requested files from the Cloud Lockbox 130 [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1])

As stated above, Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 does not explicitly disclose: “… the information management device or the information using device notifies the information holding device of the acquisition together with information for identifying the information using device.”
D’Ambrosia ‘841, however, discloses: 
… the information management device (medical information server 104 [D’Ambrosia ‘841, ¶31; Fig. 1]) or the information using device (accessing entity communications device 108 [D’Ambrosia ‘841, ¶32; Fig. 1]) notifies the information holding device (notifying entity communications device 106 [D’Ambrosia ‘841, ¶32; Fig. 1]) of the acquisition (the medical information server 104 sends a notification to the notifying entity communications device 106, where the notification indicates the access of records within the medical information server 104 by the accessing entity communications device 108 [D’Ambrosia ‘841, ¶34; Fig. 1, Fig. 2]) together with information for identifying the information using device (the notification may include identifying information of the accessing entity communications device 108, such as identity of the accessing entity and communication device type [D’Ambrosia ‘841, ¶¶35, 39]).

Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and D’Ambrosia ‘841 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and D’Ambrosia ‘841 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) to include the teachings of D’Ambrosia ‘841, namely to provide a notification of access, as disclosed in D’Ambrosia ‘841, by the Cloud Lockbox 130 to the device running the Secondary EHR software, as disclosed in Reid ‘409, where the notification specifies the access of data by the device running EHR software 110 from the Cloud Lockbox 130, and where the notification also includes identification information of the device running EHR software 110. The motivation for doing so would be to prevent misuse and unauthorized access to sensitive information by provide timely notification to the relevant entities of access to the information (see D’Ambrosia ‘841, ¶¶4-6).

As per claim 7: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 2, as stated above, from which claim 7 is dependent upon. Furthermore, Reid ‘409 discloses: 
wherein when the information using device acquires the target information from the information management device (the device running EHR software 110 retrieves or reads requested files from the Cloud Lockbox 130 [Reid ‘409, ¶¶138, 184-186, 234; Fig. 1])

As stated above, Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 does not explicitly disclose: “… the information management device or the information using device notifies the information holding device of the acquisition together with information for identifying the information using device.”
D’Ambrosia ‘841, however, discloses: 
… the information management device (medical information server 104 [D’Ambrosia ‘841, ¶31; Fig. 1]) or the information using device (accessing entity communications device 108 [D’Ambrosia ‘841, ¶32; Fig. 1]) notifies the information holding device (notifying entity communications device 106 [D’Ambrosia ‘841, ¶32; Fig. 1]) of the acquisition (the medical information server 104 sends a notification to the notifying entity communications device 106, where the notification indicates the access of records within the medical information server 104 by the accessing entity communications device 108 [D’Ambrosia ‘841, ¶34; Fig. 1, Fig. 2]) together with information for identifying the information using device (the notification may include identifying information of the accessing entity communications device 108, such as identity of the accessing entity and communication device type [D’Ambrosia ‘841, ¶¶35, 39]).

Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and D’Ambrosia ‘841 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. For the reasons stated in claim 6, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and D’Ambrosia ‘841 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) to include the teachings of D’Ambrosia ‘841.


Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Reid ‘409, in view of Rasovsky ‘947, and further in view of Uehara ‘813, and further in view of Reeves et al., US 8,554,912 B1 (hereinafter, “Reeves ‘912”), and further in view of Carlson US 2016/0324210 A1 (hereinafter, “Carlson ‘210”).

As per claim 8: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 2, as stated above, from which claim 8 is dependent upon. Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 does not explicitly disclose the limitations of claim 8. Reeves ‘912, however, discloses:
wherein when authentication for the information using device fails (authentication for a communication device fails in the service node device [Reeves ‘912, Col. 1 lines 39-67, Col. 7 line 60-Col. 8 line 7]), the information management device notifies of the failure (service node device transmits a failure notification [Reeves ‘912, Col. 1 lines 39-67]) together with information for identifying the information using device (the transferred notification includes a device identifier that identifies the communication device [Reeves ‘912, Col. 1 lines 39-67]).
Reid ‘409 (modified by Rasovsky ‘947 & Uehara ‘813) and Reeves ‘912 are analogous art because they are from the same field of endeavor, namely that of the secure and efficient transmission and storage of data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Reid ‘409 (modified by Rasovsky ‘947 & Uehara ‘813) and Reeves ‘912 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 & Uehara ‘813) to include the teachings of Reeves ‘912, namely to have the Cloud Lockbox 130, as disclosed in Reid ‘409, transmit a failure notification, as disclosed in Reeves ‘912, after the failed authentication of the device running EHR software 110. The motivation for doing so would be to prevent illegitimate devices from accessing a system by providing detailed and timely notifications after a failed authentication attempt of the device (see Reeves ‘912, Col. 1 lines 25-67).

As stated above, Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813, and further in view of Reeves ‘912 does not explicitly disclose: “… authentication for the information using device fails for a predetermined number of times … device notifies of the failure …”.
 Carlson ‘210, however discloses: 
… authentication for the information using device fails for a predetermined number of times … device notifies of the failure … (after the authentication for the mobile device 108 fails for a predetermined number of times, a notification regarding the failure is sent [Carlson ‘210, ¶44]).

Reid ‘409 (modified by Rasovsky ‘947 & Uehara ‘813 & Reeves ‘912) and Carlson ‘210 are analogous art because they are from the same field of endeavor, namely that of the secure and efficient transmission and storage of data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Reid ‘409 (modified by Rasovsky ‘947 & Uehara ‘813 & Reeves ‘912) and Carlson ‘210 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 & Uehara ‘813 & Reeves ‘912) to include the teachings of Carlson ‘210, namely to have the Cloud Lockbox 130, as disclosed in Reid ‘409, transmit a failure notification after a predetermined number of failed authentication attempts, as disclosed in Carlson ‘210, of the device running EHR software 110. The motivation for doing so would be to prevent unauthorized devices from accessing and modifying a system by providing notifications after a number failed authentication attempts of the device (see Carlson ‘210, ¶44).


Claims 9-10 are rejected under 35 U.S.C. 103 as being unpatentable over Reid ‘409, in view of Rasovsky ‘947, and further in view of Uehara ‘813, and further in view of Song, US 2007/0050513 A1 (hereinafter, “Song ‘513”).

As per claim 9: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 1, as stated above, from which claim 9 is dependent upon. Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 does not explicitly disclose the limitations of claim 9.  Song ‘513, however, discloses:
wherein the information management device (first storing unit 120 [Song ‘513, ¶41; Fig. 1]) deletes the target information stored therein when a predetermined period of time elapses (first storing unit 120 deletes the data stored within after a preset time [Song ‘513, ¶41; Fig. 1]) after the information using device (destination device 100b [Song ‘513, ¶41]) has acquired the target information from the information management device (first storing unit 120 transmits the data to the destination device 100b, and then deletes the data stored within after a preset time [Song ‘513, ¶41; Fig. 1]).

Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Song ‘513 are analogous art because they are from the same field of endeavor, namely that of the efficient transmission and storage of data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Song ‘513 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) to include the teachings of Song ‘513, namely to have the Cloud Lockbox 130, as disclosed in Reid ‘409, delete the record data when a preset amount of time passes, as disclosed in Song ‘513, after the transmission of the record data to the device running EHR software 110. The motivation for doing so would be to ensure the efficient transmission of data between devices by reducing the amount of redundant data stored on the devices (see Song ‘513, ¶¶8-9, 74-75).

As per claim 10: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 2, as stated above, from which claim 10 is dependent upon. Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 does not explicitly disclose the limitations of claim 10.  Song ‘513, however, discloses:
wherein the information management device (first storing unit 120 [Song ‘513, ¶41; Fig. 1]) deletes the target information stored therein when a predetermined period of time elapses (first storing unit 120 deletes the data stored within after a preset time [Song ‘513, ¶41; Fig. 1]) after the information using device (destination device 100b [Song ‘513, ¶41]) has acquired the target information from the information management device (first storing unit 120 transmits the data to the destination device 100b, and then deletes the data stored within after a preset time [Song ‘513, ¶41; Fig. 1]).

Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Song ‘513 are analogous art because they are from the same field of endeavor, namely that of the efficient transmission and storage of data. For the reasons stated in claim 9, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Song ‘513 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) to include the teachings of Song ‘513.


Claims 11-14 are rejected under 35 U.S.C. 103 as being unpatentable over Reid ‘409, in view of Rasovsky ‘947, and further in view of Uehara ‘813, and further in view of Davis et al., US 9,912,752 B1 (hereinafter, “Davis ‘752”).

As per claim 11: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 1, as stated above, from which claim 11 is dependent upon. Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 does not explicitly disclose the limitations of claim 11.  Davis ‘752, however, discloses:
wherein the information management device (persistent storage devices 110, 112, 114 [Davis ‘752, Col. 2 line 65-Col. 3 line 16; Fig. 1]) deletes the target information stored therein in response to receiving a deletion request from the information holding device (persistent storage devices 110, 112, 114 deletes data stored therein in response to receiving a deletion request from a client device 130 [Davis ‘752, Col. 2 lines 35-42, Col. 9 lines 56-61, Col. 14 lines 22-33; Fig. 1, Fig. 8]).

Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Davis ‘752 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Davis ‘752 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) to include the teachings of Davis ‘752, namely to delete record data within the Cloud Lockbox 130, as disclosed in Reid ‘409, upon receiving a deletion request, as disclosed in Davis ‘752, from the device running the Secondary EHR software. The motivation for doing so would be to provide clients with greater management of data on a data storage system, such that a client may be able to request certain management operations on the data such as deletions (see Davis ‘752, Col. 1 lines 6-26, Col. 2 lines 23-34).

As per claim 12: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 2, as stated above, from which claim 12 is dependent upon. Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 does not explicitly disclose the limitations of claim 12.  Davis ‘752, however, discloses:
wherein the information management device (persistent storage devices 110, 112, 114 [Davis ‘752, Col. 2 line 65-Col. 3 line 16; Fig. 1]) deletes the target information stored therein in response to receiving a deletion request from the information holding device (persistent storage devices 110, 112, 114 deletes data stored therein in response to receiving a deletion request from a client device 130 [Davis ‘752, Col. 2 lines 35-42, Col. 9 lines 56-61, Col. 14 lines 22-33; Fig. 1, Fig. 8]).

Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Davis ‘752 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. For the reasons stated in claim 11, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Davis ‘752 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) to include the teachings of Davis ‘752.

As per claim 13: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 1, as stated above, from which claim 13 is dependent upon. Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 does not explicitly disclose the limitations of claim 13.  Davis ‘752, however, discloses:
wherein the information management device (persistent storage devices 110, 112, 114 [Davis ‘752, Col. 2 line 65-Col. 3 line 16; Fig. 1]) deletes the target information stored therein when a predetermined period of time elapses after the target information has been stored in the information management device (persistent storage devices 110, 112, 114 deletes data stored therein after an established retention time [Davis ‘752, Col. 14 lines 22-33; Fig. 8]).

Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Davis ‘752 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Davis ‘752 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) to include the teachings of Davis ‘752, namely to delete record data within the Cloud Lockbox 130, as disclosed in Reid ‘409, after a determined retention time, as disclosed in Davis ‘752. The motivation for doing so would be to improve performance of the data storage system by delaying costly deletion operations (see Davis ‘752, Col. 14 lines 7-54).

As per claim 14: Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 discloses all limitations of claim 2, as stated above, from which claim 14 is dependent upon. Reid ‘409 in view of Rasovsky ‘947, and further in view of Uehara ‘813 does not explicitly disclose the limitations of claim 14.  Davis ‘752, however, discloses:
wherein the information management device (persistent storage devices 110, 112, 114 [Davis ‘752, Col. 2 line 65-Col. 3 line 16; Fig. 1]) deletes the target information stored therein when a predetermined period of time elapses after the target information has been stored in the information management device (persistent storage devices 110, 112, 114 deletes data stored therein after an established retention time [Davis ‘752, Col. 14 lines 22-33; Fig. 8]).

Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Davis ‘752 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and management of sensitive data. For the reasons stated in claim 13, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) and Davis ‘752 before them, to modify the method in Reid ‘409 (modified by Rasovsky ‘947 and Uehara ‘813) to include the teachings of Davis ‘752.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Menon, US 2020/0118124 A1: generating a public key based on a private key where the public key is stored on a blockchain. The public key stored on the blockchain can be retrieved by a third-party user via the smart contract functionality to authenticate a user on the blockchain.
Wood et al., US 2020/0159697 A1: storing sensitive data on an immutable distributed ledger and using cryptographic keys to implement the efficient deletion of the sensitive data without compromising the integrity of the ledger.
Mehedy et al., US 2019/0342084 A1: distributing encrypted files to a plurality of storing peers for storing off-blockchain, and storing the encryption keys on the distributed ledger such that each encryption key is associated with the respective encrypted files.
Novotny et al., 2020/0092088 A1: receiving a request into a node of a blockchain, the request comprising an encryption key, encrypting the transaction and storing the encrypted transaction in the blockchain, and storing the encryption key in a key store of the blockchain.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN LINGQIAN KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 8:30am-6:00pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALAN LINGQIAN KONG/Examiner, Art Unit 2494

/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494