SECURE REMOTE COMMUNICATION WITH A MEDICAL DEVICE

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant's arguments filed 7/31/2025 have been fully considered but they are not persuasive. Applicant argues Rondoni does not teach the first encrypted messages wrapping the second encrypted messages as claimed. The Applicant argues Rondoni in Paragraph [0193] describes secure communication where the intermediary communication platform does not have access to the content of the secure communications and is not the same as the claimed nested encryption architecture where one encrypted message is wrapped within another. Applicant argues that standard secure communication with access control is not the same as the claimed nested encryption architecture where one encrypted message is wrapped within another. Therefore, Rondoni has a single-layer encryption with access control mechanism that prevent intermediate devices from accessing encrypted content. The Applicant contends that the references do not show or suggest a dual encryption process as recited in the claims. The examiner respectfully disagrees as Paragraph [0193] states “all communications between the communication platform 1040 (including application 1050) and the TA service provider 1060 can be further encrypted utilizing security protocols (emphasis added) to maintain communication confidentiality, integrity, and availability”. While Applicant appears to argue that security protocols are not the same as encryption architecture, the claim as currently written does not preclude using security protocols as further encryption. The examiner also notes Paragraph [0193] discloses an example of further encryption where the communications are preformed via a Secure Socket Layer (SSL) which is an encryption-based security protocol. This encrypts the data so that someone who might intercept the data only sees a scrambled mess of characters. Without SSL, someone who might intercept the data would see the originally sent data. This protocol is commonly used over the internet to encode credit card numbers between two devices. In Rondoni the data is first encrypted so the intermediate (1040) device is unable to access the data, and then the encrypted data is encrypted again (further encrypted) so that the data is secure when being transmitted between the clinician programmer (1060) and the intermediate device (1040) (e.g. Paragraph [0193]). The intermediate device decrypts the further encryption, leaving the original encrypted data. The intermediate device then sends the originally encrypted data to the IMD. The IMD decrypts this information to access the sent message. Therefore, the 103 rejection is being maintained as Rondoni does describe a dual encryption process as recited in the claim. The examiner additionally notes that claim 4 requires the first security protocol to be TLS, which has superseded SSL. Therefore, the nested teachings of Rondoni are consistent with the claimed invention. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-2, 4-17 and 19-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rondoni et al (US Publication 2020/086128) in view Horton et al (US Publication 2022/0392630). Referring to Claims 1 and 16, Rondoni et al teaches a system/method configured to communicate via at least one cloud server, comprising: a user device (e.g. Figure 1A, Element 40), a clinician programmer (e.g. Figure 1A, Element 60), wherein the clinician programmer and the user device are configured to establish, using a first security protocol, a first encrypted communication channel between the clinician programmer and the user device through the at least one cloud server, wherein the first security protocol authenticates entities and establishes a first key set for encrypting and decrypting messages transmitted within the first encrypted communication channel (e.g. Figure 1, channel 70B and Figure 1D, cloud 161 and Paragraph [0193] discloses the security protocol between the communication platform and the TA service provider (clinician programmer) is encrypted using security protocols); an implantable medical device, wherein the user device and the implantable medical device are configured to wirelessly communicate with each other through a secure wireless connection (e.g. Paragraph [0071] discloses the IMD using inductive communication with the communication platform 40), wherein the implantable medical device and the clinician programmer are configured to establish, using a second security protocol, a second encrypted communication channel at least partially within the first encrypted communication channel, wherein the second encrypted communicated channel is established by establishing at least a first secret key for exchanging encrypted messages, and wherein the second encrypted communication channel extends between implantable medical device and the clinician programmer (e.g. Figure 1A, Element 70A and 70 B and Paragraphs [0052], [0074]-[0075] discloses cryptographic protection protocol for communication between 60 and IMD 20 and intermediary communication platform 40 does not have access to the content of the secure communications), wherein the clinician programmer is configured to manage the implantable medical device (e.g. Paragraph [0040] states the trusted authority (TA) service provider at least partially manages operation of the IMD via the first secure communications) by encrypting digital data using the second security protocol to create second encrypted messages (e.g. Figure 1A, Element 70A and 70B and Paragraphs [0052], [0074]-[0075] discloses cryptographic protection protocol for communication between 60 and IMD 20 and intermediary communication platform 40 does not have access to the content of the secure communications), encrypting the second encrypted messages using the first security protocol to create first encrypted messages that wrap the second encrypted messages (e.g. Figure 1, channel 70B and Figure 1D, cloud 161 and Paragraph [0193] discloses further encrypting), and communicating with the user device using the first encrypted messages within the first encrypted communication channel (e.g. Paragraph [0193] discloses communication between platform 40 (1040) and TA/programmer 60 and Paragraph [0075] discloses platform 40 cannot decrypt the second encryption), and communicating with the implantable medical device using the second encrypted messages within the second encrypted communication channel (e.g. Figure 1A, Element 70A and 70 B and Paragraphs [0052], [0074]-[0075] discloses cryptographic protection protocol for communication between 60 and IMD 20 and intermediary communication platform 40 does not have access to the content of the secure communications), wherein the at least one cloud server does not know the first secret key and is unable to decipher messages between the clinician programmer and the implantable device using the first secret key (e.g. Figure 1D, Cloud 161 and Paragraph [0052]). However, Rondoni et al does not disclose the clinician programmer is configured to program the implantable medical device. Horton et al teaches that it is known to use a remote monitoring server where CP 3 is used to remotely program medical device 7 as set forth in Figure 1 and Paragraph [0181] to provide improved quality of care for the patients and efficiency in the clinic workflow. It would have been obvious before the effective filing date of the claimed invention to one having ordinary skill in the art to modify the system/method as taught by Rondoni et al, with using a remote clinician programmer to program the implantable medical device as taught by Horton et al, since such a modification would provide the predictable results of improved quality of care for the patients and efficiency in the clinic workflow. Referring to Claims 2 and 17, Rondoni et al in view of Horton et al teaches the claimed invention, wherein the user device does not know the first secret key and is unable to decipher messages between the clinician programmer and the implantable device using the first secret key (e.g. Paragraph [0052]). Referring to Claim 4, Rondoni et al in view of Horton et al teaches the system of claim 1, except wherein the first security protocol includes Transport Layer Security (TLS). Horton et al teaches that it is known to use security protocol that include TLS as an alternative as set forth in Paragraph [0188] to provide a simple substitution of one known security protocol for another to provide secure communications and reduce unwanted access to the IMD. It would have been obvious before the effective filing date of the claimed invention to one having ordinary skill in the art to modify the system as taught by Rondoni et al, with security protocol that include TLS as taught by Horton et al, since such a modification would provide the predictable results of simple substitution of one known security protocol for another to provide secure communications and reduce unwanted access to the IMD. Referring to Claim 5, Rondoni et al in view of Horton et al teaches the system of claim 1, wherein the user device includes a smart phone or a tablet with a downloadable app configured to communicate over the first encrypted communication channel with the clinician programmer, configured to communicate over the secure wireless connection with the implantable medical device, and configured to relay messages between the implantable medical device and the clinician programmer using the second encrypted communication channel within the first encrypted communication channel (e.g. Figure 1A, Element 40 and Paragraphs [0040] and [0049]). Referring to Claim 6, Rondoni et al in view of Horton et al teaches the system of claim 1, wherein the user device includes a remote control programming device configured to communicate over the first encrypted communication channel with the clinician programmer, configured to communicate over the secure wireless connection with the implantable medical device, and configured to relay messages between the implantable medical device and the clinician programmer using the second encrypted communication channel within the first encrypted communication channel (e.g. Figure 1A). Referring to Claim 7, Rondoni et al in view of Horton et al teaches the system of claim 1, wherein the implantable medical device is configured to deliver a therapy (e.g. Paragraph [0060] discloses treating diseases via therapy). Referring to Claim 8, Rondoni et al in view of Horton et al teaches the system of claim 7, wherein the implantable medical device includes a neuromodulator (e.g. Paragraph [0060] disclose neurostimulation). Referring to Claim 9, Rondoni et al in view of Horton et al teaches the system of claim 8, wherein the neuromodulator includes a spinal cord stimulator (SCS), a deep brain stimulator (DBS), a peripheral nerve stimulator (PNS), a peripheral nerve field stimulator (PNFS), or a functional electric stimulator (FES) (the examiner notes the claim has been carefully reviewed and the recitation of functional use of the neuromodulator does not appear to further limit the claimed structure. There is no indication that the device of Rondoni et al is not capable of performing the above uses). However, in order to advance prosecution, Horton et al teaches that it is known to use the neuromodulator includes a SCS as set forth in Paragraph [0025] to provide treatment for pain. It would have been obvious before the effective filing date of the claimed invention to one having ordinary skill in the art to modify the system as taught by Rondoni et al, with the neuromodulator includes a spinal cord stimulator (SCS) as taught by Horton et al, since such a modification would provide the predictable results of treatment for pain. Referring to Claim 10, Rondoni et al in view of Horton et al teaches the system of claim 7, wherein the implantable medical device includes a cardiac stimulator configured to stimulate myocardia (e.g. Paragraph [0200] discloses treating cardiac irregularities). Referring to Claim 11, Rondoni et al in view of Horton et al teaches the system of claim 7, wherein the implantable medical device includes at least one sensor configured to sense at least one health-related parameter (e.g. Figure 2A, Element 422). Referring to Claim 12, Rondoni et al in view of Horton et al teaches the system of claim 1, wherein the secure wireless connection includes inductive near-field communication, a Bluetooth connection, or a wireless local area network (e.g. Paragraph [0071] discloses communication with Bluetooth). Referring to Claim 13, Rondoni et al in view of Horton et al teaches the system of claim 1, except wherein the first security protocol uses certificates to authenticate entities. Horton et al teaches that it is known to use certificates for the of communication of the elements of the system and the clinician programmer as set forth in Paragraphs [0069], [0108] and [0305] to provide a simple substitution of one known security protocol for another to provide secure communications and reduce unwanted access to the IMD. It would have been obvious before the effective filing date of the claimed invention to one having ordinary skill in the art to modify the system as taught by Rondoni et al, with wherein the first security protocol uses certificates to authenticate entities as taught by Horton et al, since such a modification would provide the predictable results of a simple substitution of one known security protocol for another to provide secure communications and reduce unwanted access to the IMD. Referring to Claims 14 and 15, Rondoni et al in view of Horton et al teaches the system of claim 1, except wherein the second security protocol authenticates the user device to communicate with the implantable medical device and wherein the authentication includes at least one of one or more passwords and two-factor or multi-factor authentication. Horton et al teaches that it is known to use 2 factor input or multi-factor authentication to authenticate a device as set forth in Paragraphs [0045], [0108], [0204], and [0214] to provide a simple substitution of one known security protocol for another to provide secure communications and reduce unwanted access. It would have been obvious before the effective filing date of the claimed invention to one having ordinary skill in the art to modify the system as taught by Rondoni et al, with using 2 factor input or multi-factor authentication to authenticate a device as taught by Horton et al, since such a modification would provide the predictable results of a simple substitution of one known security protocol for another to provide secure communications and reduce unwanted access. Referring to Claim 19, Rondoni et al in view of Horton et al teaches the method of claim 16, except wherein the using the clinician programmer to program the implantable medical device includes programming the implantable medical device to deliver a therapy (). Horton et al teaches that it is known to use the clinician programmer to change device parameters for delivery of stimulation such as changes to the active program, program strength, or program start strength as set forth in Paragraphs [0215] and [302] to provide improved quality of care for the patients and efficiency in the clinic workflow. It would have been obvious before the effective filing date of the claimed invention to one having ordinary skill in the art to modify the method as taught by Rondoni et al, with using the clinician programmer to program the implantable medical device includes programming the implantable medical device to deliver a therapy as taught by Horton et al, since such a modification would provide the predictable results of improved quality of care for the patients and efficiency in the clinic workflow. Referring to Claim 20, Rondoni et al teaches a method for using a clinician programmer to remotely program an implantable medical device, the method comprising: establishing, using a first security protocol (e.g. Figure 1, channel 70B and Figure 1D, cloud 161 and Paragraph [0193] discloses the security protocol between the communication platform and the TA service provider (clinician programmer) is encrypted using security protocols), a first encrypted communication channel between the clinician programmer and a user device through at least one cloud server (e.g. cloud 161), wherein the user device includes a smart phone or a tablet with a downloadable app in the smart phone or the tablet (e.g. Paragraph [0042]), wherein the user device is configured to wirelessly communicate with the implantable medical device through a secure wireless connection, wherein the secure wireless connection includes inductive near-field communication, a Bluetooth connection, or a wireless local area network, and wherein the first security protocol authenticates entities and establishes a first key set for encrypting and decrypting messages transmitted within the first encrypted communication channel (e.g. Paragraph [0071]); establishing, using a second security protocol, a second encrypted communication channel at least partially within the first encrypted communication channel, wherein the second encrypted communication channel extends between implantable medical device and the clinician programmer, wherein the establishing the second encrypted communication channel includes establishing at least a first secret key for exchanging encrypted messages (e.g. Figure 1A, Element 70A and 70 B and Paragraphs [0052], [0074]-[0075] discloses cryptographic protection protocol for communication between 60 and IMD 20 and intermediary communication platform 40 does not have access to the content of the secure communications); using the clinician programmer to program the implantable medical device by: encrypting digital data using the second security protocol to create second encrypted messages (e.g. Figure 1A, Element 70A and 70 B and Paragraphs [0052], [0074]-[0075]); encrypting the second encrypted messages using the first security protocol to create first encrypted messages (e.g. Paragraph [0193] further encrypted); communicating between the clinician programmer and the user device using the first encrypted messages within the first encrypted communication channel (e.g. Paragraph [0193] discloses communication between platform 40 (1040) and TA/programmer 60 and Paragraph [0075] discloses platform 40 cannot decrypt the second encryption), and communicating between the clinician programmer and the implantable medical device using the second encrypted messages within the second encrypted communication channel (e.g. Figure 1A, Element 70A and 70 B and Paragraphs [0052], [0074]-[0075] discloses cryptographic protection protocol for communication between 60 and IMD 20 and intermediary communication platform 40 does not have access to the content of the secure communications. However, Rondoni et al does not explicitly disclose the use security protocol including Transport Layer Security (TLS); and using the message to program the IMD. Horton et al teaches that it is known to use a remote monitoring server where CP 3 is used to remotely program medical device 7 as set forth in Figure 1 and Paragraph [0181] to provide improved quality of care for the patients and efficiency in the clinic workflow; and it is known to use security protocol that include TLS as an alternative as set forth in Paragraph [0188] to provide a simple substitution of one known security protocol for another to provide secure communications and reduce unwanted access to the IMD. It would have been obvious before the effective filing date of the claimed invention to one having ordinary skill in the art to modify the system/method as taught by Rondoni et al, with using a remote clinician programmer to program the implantable medical device; and with security protocol that include TLS as taught by Horton et al, since such a modification would provide the predictable results of improved quality of care for the patients and efficiency in the clinic workflow; and as a simple substitution of one known security protocol for another to provide secure communications and reduce unwanted access to the IMD. Claim(s) 3 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rondoni et al (US Publication 2020/086128) in view Horton et al (US Publication 2022/0392630) as applied above, and further in view of Horton et al (US Publication 2021/0383922) hereby referred to as “Horton ‘922). Referring to Claims 3 and 18, Rondoni et al in view of Horton et al teaches the claimed invention, except wherein: the first secret key is used to exchange encrypted messages within the second encrypted communication channel between the clinician programmer and the user device, the second encrypted communication channel is established by establishing a second secret key used to exchange encrypted messages between the implantable medical device and the user device, and the user device is configured to use the first secret key to decipher messages between the clinician programmer and the implantable medical device, and is further configured to relay the deciphered messages to the implantable medical device using the second secret key . Horton ‘922 teaches that it is known to use a patient device that receives and deciphers the encrypted communication from the clinician programmer and uses a second key to relay the deciphered message to the IMD as set forth in Figure 3 and Paragraphs [0027] and [0039] to provide verification of the authenticity of each of the signals along the communication route. It would have been obvious before the effective filing date of the claimed invention to one having ordinary skill in the art to modify the system/method as taught by Rondoni et al, with a patient device that receives and deciphers the encrypted communication from the clinician programmer and uses a second key to relay the deciphered message to the IMD as taught by Horton ‘922, since such a modification would provide the predictable results of verification of the authenticity of each of the signals along the communication route. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to William J Levicky whose telephone number is (571)270-3983. The examiner can normally be reached Monday-Thursday 8AM-5PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, David Hamaoui can be reached at (571)270-5625. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /WILLIAM J LEVICKY/Primary Examiner, Art Unit 3796