from the United States District Court for the Middle District
of Florida in No. 8:14-cv-02685-SDM-MAP, Judge Steven D.
A. PASSINO, Hauptman Ham, LLP, Alexandria, VA, argued for
plaintiff-appellant. Also represented by Rachel Karen
Pilloff; Michael S. Hooker, Jason Paul Stearns, Phelps Dunbar
LLP, Tampa, FL.
M. Tittemore, Sunstein Kann Murphy & Timbers LLP, Boston,
MA, argued for defendant-appellee. Also represented by
BRANDON TAYLOR SCRUGGS.
LOURIE, Plager, and Stoll, Circuit Judges.
IP, LLC, appeals a judgment of the United States District
Court for the Middle District of Florida dismissing its suit
with prejudice after holding that the asserted patent, U.S.
Patent No. 8, 578, 500, claims patent-ineligible subject
matter under 35 U.S.C. § 101. Because we agree with the
district court that FairWarning's '500 patent claims
patent-ineligible subject matter, we affirm.
sued Iatric Systems, Inc. for infringing claims of the
'500 patent. The '500 patent is titled "System
and Method of Fraud and Misuse Detection" and discloses
ways to detect fraud and misuse by identifying unusual
patterns in users' access of sensitive data. The
specification describes systems and methods to detect fraud
by an otherwise-authorized user of a patient's protected
health information ("PHI"). According to the
specification, pre-existing systems were able to record audit
log data concerning user access of digitally stored PHI. The
claimed systems and methods record this data, analyze it
against a rule, and provide a notification if the analysis
detects misuse. Claim 1 recites:
1. A method of detecting improper access of a patient's
protected health information (PHI) in a computer environment,
the method comprising:
generating a rule for monitoring audit log data representing
at least one of transactions or activities that are executed
in the computer environment, which are associated with the
patient's PHI, the rule comprising at least one criterion
related to accesses in excess of a specific volume, accesses
during a pre-determined time in-terval, accesses by a
specific user, that is indicative of improper access of the
patient's PHI by an authorized user wherein the improper
access is an indication of potential snooping or identity
theft of the patient's PHI, the authorized user having a
pre-defined role comprising authorized computer access to the
applying the rule to the audit log data to determine if an
event has occurred, the event occurring if the at least one
criterion has been met;
storing, in a memory, a hit if the event has occurred; and
providing notification if the event has occurred.
'500 patent col. 16 11. 27-46.
the district court, Iatric moved to dismiss the complaint,
arguing the asserted patent claimed patent-ineligible subject
matter under § 101. FairWarning filed an amended
complaint asserting all claims of the '500 patent, and
Iatric again moved to dismiss. The district court granted