Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
The present application claims priority under 35 U.S.C. § 119 of German Patent Application No. 102016015440.3, filed Dec. 23, 2016, the entire disclosure of which is expressly incorporated by reference herein.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114 was filed in this application after a decision by the Patent Trial and Appeal Board, but before the filing of a Notice of Appeal to the Court of Appeals for the Federal Circuit or the commencement of a civil action. Since this application is eligible for continued examination under 37 CFR 1.114 and the fee set forth in 37 CFR 1.17(e) has been timely paid, the appeal has been withdrawn pursuant to 37 CFR 1.114 and prosecution in this application has been reopened pursuant to 37 CFR 1.114. Applicant’s submission filed on 02/20/2026 has been entered.
DETAILED ACTION
This Office Action is in response to a Request of Continued Examination (RCE) application received on 02/20/2026. In the RCE, claims 1, 4, and 20 have been amended. Claims 2-3, and 5-19 remain original.
For this Office Action, claims 1-20 have been received for consideration and have been examined.
Response to Arguments
In the RCE, Applicant has mentioned that independent claims have been amended with the alternative language from dependent claim 4 which has been rejected in the Official response. See below Office Action for details.
Claim Rejections - 35 USC § 101 (Abstract Idea)
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more analyzed according to MPEP 2106.
The claim recites
“sending, by the data processing device, the therapy data between the respirator machine and the remote station;
storing, by the data processing device, at least one authorization code;
identifying, by the data processing device, a user action indicating a user request for an authorization code;
upon identifying the user action, providing, by the data processing device, the authorization code to the user;
receiving, by the data processing device, an access request to the therapy data via the remote station, the access request comprising the authorization code;
in response to receiving the access request comprising the authorization code, providing, by the data processing device, access to the therapy data”.
Step 1: The claims 1, and 20 do fall into one of the four statutory categories of being device, method and system claims. Nevertheless, the claims still are considered as abstract idea for the following prongs and reasons.
Step 2A: Prong One: The limitation of claims 1 and 20 recites:
“sending, by a human [[the data processing device]], therapy data between the respirator machine and the remote station (Mental process: a patient assistant sends therapy data between the respirator machine and the remote station);
storing, by the human [[the data processing device]], at least one authorization code (Mental process: the patient assistant stores authorization codes);
identifying, by the human [[the data processing device]], a user action indicating a user request for an authorization code, the user action comprising at least one biometrical detection of the user (Mental process: the patient assistant receives a biometrical user action from a user for the request for an authorization);
upon identifying the user action, providing, by the human [[the data processing device]], the authorization code to the user (Mental process: based on identified biometrical user action, the patient assistant shares the stored authorization code to the user);
receiving, by the human [[the data processing device]], an access request to the therapy data via the remote station, the access request comprising the authorization code (Mental process: the patient assistant receives an access request to the therapy data via the remote station, the access request comprising the authorization code);
in response to receiving the access request comprising the authorization code, providing, by the human [[the data processing device]], access to the therapy data (Mental process: based on receiving the authorization code from the user, the patient assistant allow access to the therapy data)”.
The above-mentioned concept of claims falls into the bucket of ‘Mental Processes’ in which the steps cover performance of the limitation in the mind but for the recitation of generic computer components. That is, the claim recites an Abstract Idea grouping under Mental Processes - concepts performed in the human mind (including an observation, evaluation, judgment, opinion) and managing personal behavior or relationships or interactions between people (including social activities, teaching, and following rules or instructions).
In other words, the claim recites “the idea of collection and categorization of data, and based on the collection and categorization, providing the data when the data is requested by a user”, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the human mind and / or with pen and paper with/without a generic computer.
For example, “the idea of collection and categorization of data, and based on the collection and categorization, providing the data when the data is requested by a user” is simply an operation which can be implemented in any medical office or hospital environment and can be done manually by human in an orderly fashion. The additional element in this scenario is performing the operation in an automated manner.
Furthermore, in this context, if an ordinary skill in the art removes the machine such as claimed data processing device out of the claim, the structure of the claim language can be applied to a human and the steps of the claim can be performed by a trained human being.
These interpretation of claim elements delineates between the abstract idea and the additional elements of the claim which conclusively renders the claim to be an abstract idea.
Dependent claims 2-19 comprises mere structural amendments and steps that could be performed by human manually with/without need for a general-purpose computer. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in a human mind but for the recitation of generic computer components, then it falls within the “mental processes” grouping of abstract ideas and can be done manually. Accordingly, the claim recites an abstract idea.
Prong Two: This judicial exception is not integrated into a practical application. In particular, the claims do not recite any additional element to perform beyond routine steps of:
“sending, by the human [[the data processing device]], the therapy data between the respirator machine and the remote station;
storing, by the human [[the data processing device]], at least one authorization code;
identifying, by the human [[the data processing device]], a user action indicating a user request for an authorization code;
upon identifying the user action, providing, by the human [[the data processing device]], the authorization code to the user;
receiving, by the human [[the data processing device]], an access request to the therapy data via the remote station, the access request comprising the authorization code;
in response to receiving the access request comprising the authorization code, providing, by the human [[the data processing device]], access to the therapy data”.
These steps are recited at a high-level of generality (i.e., as generic terms performing generic computer functions such that it amounts no more than mere instructions to apply the exception using generic computer components).
Additionally, except for words “data processing device, at least one respirator machine, and at least one remote station”, there is nothing in the claim elements that precludes steps from practically being performed in human mind and/or with pen and paper.
Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Therefore, the claims are directed to an abstract idea.
Step 2B: The claims do not recite an inventive concept because it does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the recitation additional elements of “data processing device, at least one respirator machine, and at least one remote station” does not render the claims more significant because the operations of these elements can be implemented in any medical office or hospital environment and can be done manually by human in an orderly fashion. The additional element in this scenario is performing the operation in an automated manner.
Therefore, recitation of these terms’ amounts to no more than mere instructions to apply the exception using a generic computer term. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claims is / are not patent eligible.
Dependent claim 2 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, the claim fails to recite any limitations that create a difference in the 101 analyses as indicated for claim 1, because claim 2 merely recite “performing the user action with the patient medical device to access therapy data stored in the patient medical device” which is a mental process where can be performed by a human user and fails to recite any additional elements. Thus claim 2 is ineligible.
Dependent claim 3 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, the claim limitations further narrow a step of the abstract idea where human user operates a patient medical device which falls into a mental process category. Thus, claim 3 is ineligible.
Dependent claim 4 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, the claim recites limitations that merely further narrows a step of the abstract idea where a human user provides biometric details. Thus, claim 4 is ineligible.
Dependent claim 5 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim 5 merely recite “wherein the requested authorization code is stored on at least one storage medium” which falls into mental process category where human user saves the code using pen and paper and stores it in a safe place to later use. Thus claim 5 is ineligible.
Dependent claim 6 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, the claim further narrows a step of the abstract idea by reciting registration process of a user which can be performed by a human user and therefore falls into the mental process category. Thus, claim 6 is ineligible.
Dependent claim 7 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim recites limitations “wherein the user upon registration is assigned at least one certificate and wherein the certificate must be presented to the respirator machine in order to be able to request the authorization code” which further narrows a step of the abstract idea because a human user can generate a certificate as a credential and that credential can be provided for verification along with the stored code which is an action falls into a mental process category. Thus, claim 7 is ineligible.
Dependent claim 8 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim 8 merely recite “wherein the certificate is stored on a portable storage medium and wherein the authorization code may only be requested when the respirator machine is connected to the storage medium” which falls into mental process category where human user saves the code using pen and paper and stores it in a safe place to later use. Thus claim 8 is ineligible.
Dependent claim 9 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim 8 merely recite “wherein the remote station in addition to the certificate also stores at least one device certificate identifying the respirator machine on the storage medium” which falls into mental process category where human user saves the code using pen and paper and stores it in a safe place to later use. Thus claim 9 is ineligible.
Dependent claim 10 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim merely recite “wherein the authorization code is generated at least partly by the respirator machine [human user] with help of the certificate” which is an action that can be performed by a human user and that’s why this claim falls into mental process. Thus claim 10 is ineligible.
Dependent claim 11 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim merely recite “wherein access to therapy data is released when a registered user logs in to the remote station after having first requested the authorization code as a registered user” which is an action that can be performed by a human user where human only release the patient data once its verifies the user if that user provides a correct code as an authorized user who has access to the patient data and that’s why this claim falls into mental process. Thus claim 11 is ineligible.
Dependent claim 12 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim merely recite “wherein access to therapy data is only released when the at least one user has communicated the authorization code provided to the at least one user to the remote station” which is an action that can be performed by a human user where human only release the patient data once its verifies the user if that user provides a correct code as an authorized user who has access to the patient data and that’s why this claim falls into mental process. Thus claim 12 is ineligible.
Dependent claim 13 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim further narrows a step of the abstract idea which is provide the authorization code that is an action can be performed by a human user and that’s why this claim falls into mental process. Thus, claim 13 is ineligible.
Dependent claim 14 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim merely recite “wherein the respirator machine [human user] relays the authorization code at least partly independently to the remote station” which is an action that can be performed by a human user where human user provides the code to the remote entity and that’s why this claim falls into mental process. Thus, claim 14 is ineligible.
Dependent claim 15 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim merely recite “wherein the authorization code comprises a code which is at least in part generated from a serial number and/or a device identification number of the respirator machine” which is an action that can be performed by a human user where human user generates the code base on the identification number of the patient assigned medical device and that’s why this claim falls into mental process. Thus, claim 15 is ineligible.
Dependent claim 16 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim merely recite “wherein the authorization code comprises at least one piece of information about at least one read right and/or a write right of the user” which is an action that can be performed by a human user where the generated the code provides indication what kind of data access the user has to the patient data and that’s why this claim falls into mental process. Thus, claim 16 is ineligible.
Dependent claim 17 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim merely recite “wherein the authorization code has a onetime validity” which is an action that can be performed by a human user where the generated code has a validation based on date and time and that’s why this claim falls into mental process. Thus, claim 17 is ineligible.
Dependent claim 18 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim merely recite “wherein a validity of the authorization code is connected to the user” which is an action that can be performed by a human user where the generated code has a validation based on date and time and that’s why this claim falls into mental process. Thus, claim 18 is ineligible.
Dependent claim 19 is a method claim and hence falls into one of the statutory categories and therefore passes step 1 analysis. However, under step 2, 2A & 2B analysis, claim recite “wherein the authorization code which is requested by the at least one user is at least partly stored in the respirator machine” which falls into mental process category where human user saves the code using pen and paper and stores it in a safe place for later use and that’s why this claim falls into mental process. Thus, claim 19 is ineligible.
Overall analysis of the claims 1-20 demonstrates that limitations are directed to a mental process performable by a human being in their head using a pen and paper in a methodical and orderly manner.
Therefore, the claims recite an abstract idea.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-5, 12-14 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Connor, (US20120075060A1) in view of Mizon et al., (US20120068818A1) in view of Joao (US20010032099A1) and further in view of Scholler et al., (DE102009008070A1).
Regarding claim 1, Connor discloses:
A method for operating at least one data processing device of a respiration system comprising at least one patient utilized medical machine and at least one remote station physically separated from the respirator machine, wherein the method comprises (Connor discloses a method for operating at least one data processing device (patient “monitor”), particularly those aspects of the “monitor” that involve communication management) of a medical system comprising at least one patient utilized medical machine (Any and all functions, sensors, or machinery between the “monitor”, particularly the functions that involve communication management, and the patient, including the monitor; see claim 1, [0003]-[0004]; [0020] the “monitor” is getting real-time sensor data from a medical device, sensor, or machine) and at least one remote station physically separated from the respirator machine, the method comprises (PDA device, but in other embodiments potentially central station 128) physically separated from the patient related machine (Fig. 1; See generally [0020]-[0030]):
sending, by the data processing device, the therapy data between the patient utilized medical machine and the remote station (Fig 3, [0051], provides patient data is sent from a monitor, itself received from the medical devices (such as O2, temp, or ecg sensoring equipment, see par 0003-0004, 0020), to remote stations such as central station 128 and healthcare professional PDA devices);
storing, by the data processing device, at least one authorization code (Connor: Fig 5, [0054] provides the monitor may generate and store the ephemeral key; See also Fig 3, [0051]-[0052] for embodiment with a magic code);
receiving, by the data processing device, an access request to the therapy data via the remote station, the access request comprising the authorization code (Connor: Fig 5, [0054] provides for monitor receiving an “access request” including the request access and challenge response; See [0051]-[0052] for response comprising the actual code);
in response to receiving the access request comprising the authorization code, providing, by the data processing device, access to the therapy data (Connor: Fig 5, [0054], Fig 3, [0052] provides the entire point of this check is to allow access to patient monitored data).
Connor fails to discuss how the authorization code is initially provisioned or disclosed to the user of the PDA device (Fig 3 embodiment) or that the PDA device user can request provisioning of authorization code (Fig 3 embodiment) or that the PDA device user can request issuance of the ephemeral key (Fig 5 embodiment), and thus Connor fails to disclose:
identifying, by the data processing device, a user action indicating a user request for an authorization code; upon identifying the user action, providing, by the data processing device, the authorization code to the user and the user action comprising at least one biometrical detection of the user.
Connor further fails to disclose the patient utilized medical device being a respirator device or machine:
wherein the patient utilized medical machine is a respirator machine.
However, Mizon discloses the concept of a user (or user device) requesting the issuance or provisioning of an access code, and thus teaches:
identifying, by the data processing device, a user action indicating a user request for an authorization code (Fig 5, step 3 and 3’; [0049] provides mobile telephone requests issuance of access code to access node);
upon identifying the user action, providing, by the data processing device, the authorization code to the user (Fig 5, step 4 and 4’; [0050] provides access node may provide access code to the mobile telephone and its user).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of Conner reference with the Mizon reference teachings regarding issuance or provisioning of access codes based on user request, as disclosed by Mizon.
The motivation to modify the Connor reference would be to enable the user of the PDA device to obtain an authorization code if they do not have one and require one to access data.
The combination of Connor and Mizon fails to discloses:
wherein the patient utilized medical machine is a respirator machine.
However, Joao discloses:
a respiration system comprising at least one respirator machine (See FIG. 3; [0175] The user input device 20D can also be, or can include a respiration monitoring or measurement device … respiration rate monitoring or measurement device).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify Connor access authorization processes, as modified by Mizon, and use a patient assigned medical machine such as respiration monitoring or measurement device, as disclosed by Joao.
The motivation to include a medical device such as a respiration monitoring or measurement device would enable monitoring any known medical device that has sensors in Connor’s system, and allow medical professionals to easily access medical data from any and all commonly used (or obscurely used) medical sensor devices such as a respirator machine.
The combination of Connor in view of Mizon and in view Joao fails to disclose:
the user action comprising at least one biometrical detection of the user.
However, Scholler discloses:
the user action comprising at least one biometrical detection of the user ([0067] Possible events: Voice input on the device).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the Connor, Mizon and Joao references and consider a device connected to a storage medium, as disclosed by Scholler, as the trigger for displaying information on the device, such as the initial authorization/access code.
The motivation to utilize such a user action to trigger the display of an authorization code would be to allow the user to learn the default access code and be able to access code-protected information when the device has detected an initial state, such as originally connecting to a storage medium.
Regarding claim 2, the combination of Connor, Mizon and Joao discloses:
The method of claim 1, wherein the user action is performed at least in part with the respirator machine and wherein the authorization code only authorizes an access to the therapy data of that respirator machine with which the user action is performed (Mizon: [0049]).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify Connor, as modified by Mizon, and use a patient utilized medical machine such as respiration monitoring or measurement device, as disclosed by Joao.
The motivation to include a medical device such as a respiration monitoring or measurement device would enable monitoring any known medical device that has sensors in Connor’s system, and allow medical professionals to easily access medical data from any and all commonly used (or obscurely used) medical sensor devices such as a respirator machine.
Regarding claim 3, the combination of Connor, Mizon and Joao fails to disclose:
The method of claim 1, wherein the user action comprises at least one placement of the respirator machine in operation.
However, Scholler discloses:
wherein the user action comprises at least one placement of the respirator machine in operation (See [0067] for possible events when ventilation device is used by the user which is construed as user actions which places the ventilation machine in operation).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the Connor, Mizon and Joao references and consider placing a device into operation, as disclosed by Scholler, as the trigger for displaying information on the device, such as the initial authorization/access code.
The motivation to utilize such a user action to trigger the display of an authorization code would be to allow the user to learn the default access code and be able to access code-protected information.
Regarding claim 4, the combination of Connor, Mizon and Joao fails to disclose:
The method of claim 1, wherein the user action further comprises at least one voice command.
However, Scholler discloses:
wherein the user action comprises at least one biometrical detection of the user and/or at least one voice command ([0067] Possible events: Voice input on the device).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the Connor, Mizon and Joao references and consider a device connected to a storage medium, as disclosed by Scholler, as the trigger for displaying information on the device, such as the initial authorization/access code.
The motivation to utilize such a user action to trigger the display of an authorization code would be to allow the user to learn the default access code and be able to access code-protected information when the device has detected an initial state, such as originally connecting to a storage medium.
Regarding claim 5, the combination of Connor, Mizon and Joao discloses:
The method of claim 1, wherein the requested authorization code is indicated to the user on at least one display device and/or stored on at least one storage medium (Connor: [0052]).
Regarding claim 12, the combination of Connor, Mizon and Joao discloses:
The method of claim 1, wherein access to therapy data is only released when the at least one user has communicated the authorization code provided to her to the remote station (Connor: [0052]).
Regarding claim 13, the combination of Connor, Mizon and Joao discloses:
The method of claim 1, wherein the authorization code is entered by the at least one user in the remote station (Connor: [0052]).
Regarding claim 14, the combination of Connor, Mizon and Joao discloses:
The method of claim 1, wherein the respirator machine relays the authorization code (i.e. Ephemeral secret key) at least partly independently to the remote station (Connor: [0054]).
Regarding claim 19, the combination of Connor, Mizon and Joao discloses:
The method of claim 1, wherein the authorization code which is requested by the at least one user is at least partly stored in the respirator machine (Mizon: [0028]).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify Connor, as modified by Mizon, and use a patient utilized medical machine such as respiration monitoring or measurement device, as disclosed by Joao.
The motivation to include a medical device such as a respiration monitoring or measurement device would enable monitoring any known medical device that has sensors in Connor’s system, and allow medical professionals to easily access medical data from any and all commonly used (or obscurely used) medical sensor devices such as a respirator machine.
Regarding claim 20, Connor discloses:
A respiration system, wherein the system comprises at least one patient monitoring machine comprising at least one patient device, at least one remote station physically separated from the patient monitoring machine, and at least one data processing device (Connor discloses: A method for operating at least one data processing device (patient “monitor”), particularly those aspects of the “monitor” that involve communication management; Connor further discloses that any and all functions, sensors, or machinery between the “monitor”, particularly the functions that involve communication management, and the patient, including the monitor; see claim 1, [0003]-[0004]; [0020] the “monitor” is getting real-time sensor data from a medical device, sensor, or machine), and
wherein the data processing device (i.e. monitor 102) comprises a transceiver for sending the therapy data between the respirator machine and the remote station (See FIG. 1, [0020]),
a memory for storing at least one authorization code (see [0052]), and a processor configured to:
receiving, by the data processing device, an access request to the therapy data via the remote station, the access request comprising the authorization code (Connor: Fig 5, [0054] provides for monitor receiving an “access request” including the request access and challenge response; See [0051]-[0052] for response comprising the actual code);
in response to receiving the access request comprising the authorization code, providing, by the data processing device, access to the therapy data (Connor: Fig 5, [0054], Fig 3, [0052] provides the entire point of this check is to allow access to patient monitored data).
Connor fails to discuss how the authorization code is initially provisioned or disclosed to the user of the PDA device (Fig 3 embodiment) or that the PDA device user can request provisioning of authorization code (Fig 3 embodiment) or that the PDA device user can request issuance of the ephemeral key (Fig 5 embodiment), and thus Connor fails to disclose:
identifying, by the data processing device, a user action indicating a user request for an authorization code; upon identifying the user action, providing, by the data processing device, the authorization code to the user.
Connor further fails to disclose the patient utilized medical device being a respirator device or machine:
wherein the patient utilized medical machine is a respirator machine.
However, Mizon discloses the concept of a user (or user device) requesting the issuance or provisioning of an access code, and thus teaches:
identifying, by the data processing device, a user action indicating a user request for an authorization code (Fig 5, step 3 and 3’; [0049] provides mobile telephone requests issuance of access code to access node);
upon identifying the user action, providing, by the data processing device, the authorization code to the user (Fig 5, step 4 and 4’; [0050] provides access node may provide access code to the mobile telephone and its user).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of Conner reference with the Mizon reference teachings regarding issuance or provisioning of access codes based on user request, as disclosed by Mizon.
The motivation to modify the Connor reference would be to enable the user of the PDA device to obtain an authorization code if they do not have one and require one to access data.
The combination of Connor and Mizon fails to discloses:
wherein the patient utilized medical machine is a respirator machine.
However, Joao discloses:
a respiration system comprising at least one respirator machine (See FIG. 3; [0175] The user input device 20D can also be, or can include a respiration monitoring or measurement device … respiration rate monitoring or measurement device).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify Connor, as modified by Mizon, and use a patient utilized medical machine such as respiration monitoring or measurement device, as disclosed by Joao.
The motivation to include a medical device such as a respiration monitoring or measurement device would enable monitoring any known medical device that has sensors in Connor’s system, and allow medical professionals to easily access medical data from any and all commonly used (or obscurely used) medical sensor devices such as a respirator machine.
The combination of Connor in view of Mizon and in view Joao fails to disclose:
the user action comprising at least one biometrical detection of the user.
However, Scholler discloses:
the user action comprising at least one biometrical detection of the user ([0067] Possible events: Voice input on the device).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the Connor, Mizon and Joao references and consider a device connected to a storage medium, as disclosed by Scholler, as the trigger for displaying information on the device, such as the initial authorization/access code.
The motivation to utilize such a user action to trigger the display of an authorization code would be to allow the user to learn the default access code and be able to access code-protected information when the device has detected an initial state, such as originally connecting to a storage medium.
Claims 6-11, and 15-18 are rejected under 35 U.S.C. 103 as being unpatentable over Connor, (US20120075060A1) in view of Mizon, (US20120068818A1) in view of Joao (US20010032099A1) in view of Scholler et al., (DE102009008070A1) and further in view of Blume et al., (US20100146264A1).
Regarding claim 6, the combination of Connor, Mizon, Joao and Scholler does not disclose:
The method of claim 1, wherein the user action comprises at least one registration of the user vis-à-vis the data processing device so that only a registered user can request the authorization code.
However, Blume discloses:
wherein the user action comprises at least one registration of the user vis-à-vis the data processing device so that only a registered user can request the authorization code (FIG. 2, Registration; [0026] the registration at a registration authority has to be requested; [0027] The request for registration is manually processed by the certificate authority by administrative action and can be compared with the activation of a new user in a network).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Mizon, Joao and Scholler and include function of user registration to gain access to the authorization code, as disclosed by Blume.
The motivation to include user registration function is to allow the only registered users to gain access to the authorization code.
Regarding claim 7, the combination of Connor, Mizon, Joao and Scholler does not disclose:
The method of claim 1, wherein the user upon registration is assigned at least one certificate and wherein the certificate must be presented to the respirator machine in order to be able to request the authorization code.
However, Blume discloses:
wherein the user upon registration is assigned at least one certificate and wherein the certificate must be presented to the respirator machine in order to be able to request the authorization code ([0021] FIG. 2 shows a sequence for requesting, creating and storing a certificate for a user on a USB memory stick; [0025] the certificate server 22 checks whether the logged on current user can be authenticated as a user of the user group “Technicians” in that the certificate server 22 checks with the aid of the certificates 25 stored in the non-volatile storage area 24).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Mizon, Joao and Scholler and include verification of user through digital certificate, as disclosed by Blume.
The motivation to include user verification through digital certificate is to ensure legitimate user is accessing the patient medical device.
Regarding claim 8, the combination of Connor, Mizon, Joao and Scholler does not disclose:
The method of claim 7, wherein the certificate is stored on a portable storage medium and wherein the authorization code may only be requested when the respirator machine is connected to the storage medium.
However, Blume discloses:
wherein the certificate is stored on a portable storage medium and wherein the authorization code may only be requested when the respirator machine is connected to the storage medium ([0025] the certificate server 22 checks whether the logged on current user can be authenticated as a user of the user group “Technicians” in that the certificate server 22 checks with the aid of the certificates 25 stored in the non-volatile storage area 24).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Mizon, Joao and Scholler and include function of user registration to gain access to the authorization code, as disclosed by Blume.
The motivation to include user registration function is to allow the only registered users to gain access to the authorization code.
Regarding claim 9, the combination of Connor, Mizon Joao, and Scholler does not disclose:
The method of claim 8, wherein the remote station in addition to the certificate also stores at least one device certificate identifying the respirator machine on the storage medium.
However, Blume discloses:
wherein the remote station in addition to the certificate also stores at least one device certificate identifying the respirator machine on the storage medium ([0025] the certificate server 22 checks whether the logged on current user can be authenticated as a user of the user group “Technicians” in that the certificate server 22 checks with the aid of the certificates 25 stored in the non-volatile storage area 24).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Mizon, Joao and Scholler and include verification of user through digital certificate, as disclosed by Blume.
The motivation to include user verification through digital certificate is to ensure legitimate user is accessing the patient medical device.
Regarding claim 10, the combination of Connor, Mizon, Joao, and Scholler does not disclose:
The method of claim 7, wherein the authorization code is generated at least partly by the respirator machine with help of the certificate.
However, Blume discloses:
wherein the authorization code is generated at least partly by the respirator machine with help of the certificate. ([0006]).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Mizon, Joao and Scholler and include verification of user through digital certificate, as disclosed by Blume.
The motivation to include user verification through digital certificate is to ensure legitimate user is accessing the patient medical device.
Regarding claim 11, the combination of Connor, Mizon, Joao, Scholler and Blume disclose:
The method of claim 6, wherein access to therapy data is released when a registered user logs in to the remote station after having first requested the authorization code as a registered user (Mizon: [0039]).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Joao, Scholler, and Blume and include function of user registration to gain access to the authorization code, as disclosed by Mizon.
The motivation to include user registration function is to allow the only registered users to gain access to the authorization code.
Regarding claim 15, the combination of Connor, Mizon, Joao, and Scholler does not disclose:
The method of claim 1, wherein the authorization code comprises a code which is at least in part generated from a serial number and/or a device identification number of the respirator machine.
However, Blume discloses:
wherein the authorization code comprises at least one serial number and/or at least one device identification number of the respirator machine or is generated at least in part from the latter ([0008]).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Mizon, Joao, and Scholler and include function of user registration to gain access to the authorization code, as disclosed by Blume.
The motivation to include user registration function is to allow the only registered users to gain access to the authorization code.
Regarding claim 16, the combination of Connor, Mizon, Joao, and Scholler does not disclose:
The method of claim 1, wherein the authorization code comprises at least one piece of information about at least one read right and/or a write right of the user.
However, Blume discloses:
wherein the authorization code comprises at least one piece of information about at least one read right and/or a write right of the user ([0008] & [0049-0050]).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Mizon, Joao and Scholler and include function of checking whether user has read or write access to the concerned device, as disclosed by Blume.
The motivation to include such functionality is to allow only registered users to gain access to the concerned device.
Regarding claim 17, the combination of Connor, Mizon Joao and Scholler does not disclose:
The method of claim 1, wherein the authorization code has a onetime validity.
However, Blume discloses:
wherein the authorization code has a onetime validity ([0009] & [0041]).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Mizon, Joao and Scholler and include function of user registration to gain access to the authorization code, as disclosed by Blume.
The motivation to include user registration function is to allow the only registered users to gain access to the authorization code.
Regarding claim 18, the combination of Connor, Mizon Joao and Scholler does not disclose:
The method of claim 1, wherein a validity of the authorization code is connected to the user.
However, Blume discloses:
wherein a validity of the authorization code is connected to the user ([0009]).
It would have been obvious to one of the ordinary skilled in the art before the effective filing date of the claimed invention to modify the access authorization processes of references of Connor, Mizon, Joao and Scholler and include function of user registration to gain access to the authorization code, as disclosed by Blume.
The motivation to include user registration function is to allow the only registered users to gain access to the authorization code.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED M AHSAN whose telephone number is (571)272-5018. The examiner can normally be reached 8:30 AM - 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Korzuch can be reached at 571-272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SYED M AHSAN/Primary Examiner, Art Unit 2491