PTAB

IPR2024-00226

Datavant Inc v. Vigilytics LLC

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: De-Identifying Medical History Information for Medical Underwriting
  • Brief Description: The ’641 patent discloses methods and systems for de-identifying healthcare data using encrypted tokens. This allows third parties, such as insurance companies, to access and analyze aggregated health information for purposes like underwriting without violating patient privacy regulations like HIPAA.

3. Grounds for Unpatentability

Ground 1: Claims 1-19 are obvious over Evenhaim

  • Prior Art Relied Upon: Evenhaim (Patent 7,823,207).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Evenhaim teaches all limitations of the challenged claims. Evenhaim discloses a system for manipulating privacy-sensitive data while preserving individual privacy by replacing personally identifiable information (PII) with a unique, non-reversible "encryption key," such as a one-way hash. This key functions as the claimed "token." Petitioner asserted Evenhaim’s "data aggregator" is an "encryption server" that creates these tokens upon request, and its "data sources" are the claimed "data servers" that store de-identified records. The system uses these tokens to match and retrieve de-identified patient data from multiple sources without compromising patient identity.
    • Motivation to Combine (for §103 grounds): Not applicable (single reference ground).
    • Expectation of Success (for §103 grounds): Not applicable (single reference ground).

Ground 2: Claims 1-19 are obvious over Evenhaim in view of Settimi

  • Prior Art Relied Upon: Evenhaim (Patent 7,823,207) and Settimi (Application # 2007/0294111).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner contended that Evenhaim teaches a distributed system where queries are sent to various separate healthcare organizations. Settimi improves upon this by disclosing a centralized warehouse of de-identified patient records collected from various providers. Settimi’s system also uses encrypted tokens (called "EPIDs") to link records to an individual without revealing PII. The combination renders obvious a system where de-identified data from various sources (as in Evenhaim) is consolidated into a central data server (as in Settimi) for more efficient querying.
    • Motivation to Combine (for §103 grounds): A person of ordinary skill in the art (POSITA) would combine Evenhaim with Settimi’s centralized repository to simplify querying, ensure no information is missing from results, and use a standardized vocabulary for more reliable searches. Storing only de-identified records in a central warehouse, as taught by Settimi, would further enhance HIPAA compliance, a stated goal of Evenhaim.
    • Expectation of Success (for §103 grounds): Petitioner asserted a POSITA would have a high expectation of success, as the combination merely involves changing the database architecture where known tokenized records are stored, a straightforward modification.

Ground 3: Claims 7-10 and 13 are obvious over Dick in view of Landi

  • Prior Art Relied Upon: Dick (Application # 2002/0111833) and Landi (Patent 7,519,591).

  • Core Argument for this Ground:

    • Prior Art Mapping: Petitioner argued that Dick describes a system for requesting and retrieving de-identified medical information for a group of individuals (e.g., for insurance underwriting) from a medical repository. However, Dick does not describe a specific de-identification method. Landi supplies this missing element by teaching a robust de-identification method using encrypted tokens ("Encrypted IDs") created from PII with a common public key. The de-identified records are stored in a central repository that can be queried using these tokens, which allows for patient record matching while preserving anonymity.
    • Motivation to Combine (for §103 grounds): A POSITA implementing Dick’s system, which requires but does not detail a de-identification process, would naturally look to known, HIPAA-compliant methods like Landi’s. Landi’s token-matching system was a well-understood technique to achieve the secure, anonymous data retrieval described in Dick. The combination would use Landi’s public key to create query tokens for the group of individuals identified in Dick’s request.
    • Expectation of Success (for §103 grounds): Success was expected because both references are directed at HIPAA-compliant access to medical records stored in central repositories, and Landi merely implements a well-known tokenization technique to solve the problem posed in Dick.

  • Additional Grounds: Petitioner asserted an additional obviousness challenge (Ground 4) against claims 1-6, 11, 12, and 14-19 based on Dick in view of Landi and Murphy (a 2002 article), arguing Murphy teaches the motivation to require a minimum number of records in a query result to further enhance privacy.

4. Key Claim Construction Positions

  • Petitioner argued that for the purposes of this inter partes review (IPR), it adopted the claim constructions proposed by the Patent Owner in a related district court litigation. Key adopted constructions include:
    • Token: "An identifier associated with an individual that does not reveal the identity of the individual."
    • Encryption server: "A server that produces tokens in response to a request."
    • Similarly encrypted: "Generated such that tokens generated from corresponding information can be compared to one another to detect a match."

5. Arguments Regarding Discretionary Denial

  • Petitioner argued that discretionary denial under §314(a) would be inappropriate. Although the ’641 patent is asserted in a co-pending litigation, Petitioner stated that it is neither a party nor a real party-in-interest in that lawsuit, suggesting that the Fintiv factors should not weigh in favor of denial.

6. Relief Requested

  • Petitioner requests institution of an IPR and cancellation of claims 1-19 of the ’641 patent as unpatentable.