EMBEDDED SERVICING AND AUTHENTICATION FOR MEDICAL DEVICE

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 1. The following is a Final Office Action in response to applicant’s arguments filed on August 14, 2025 Claims 5-7 are cancelledClaims 1, 15, and 20 are amended Claims 1-4 and 8-20 are pending Examiner’s Note: Paragraph 0092 of the specification states that a processing device may include a CPU Response to Arguments Applicant’s amendment to claims 1-20 filed on 8/14/2025 regarding, “block access to the clinical software on the web browser while maintaining access to the clinical software on a built-in display of the medical device, wherein the clinical software includes protected health information from the patient.“ necessitated the new ground(s) of rejection presented in this Office action. Therefore, Applicant's arguments with respect to claims 1-4 and 8-20 have been considered but are moot in view of the new ground(s) of rejection. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 1.) Claims 1, 2, 4, 9, and 10 are rejected under 35 U.S.C. 103 as being unpatentable over IDS supplied reference, WO 2021243068, Chen in view of US 20130312077, Basson In regards to claim 1, Chen teaches a medical device for assessing a health status of a patient, the medical device comprising: one or more sensor modules each configured to obtain one or more physiological parameter measurements from the patient(WO 2021243068, Chen, para. 0029 and 0033: [0029]- Medical device 12 may be capable of operating in several different modes, or personalities, with each personality defined by a configuration database. A particular configuration database may be selected based, at least in part, by patient-specific information such as patient location, age, physical characteristics, or medical characteristics. Medical characteristics include, but are not limited to, patient diagnosis, treatment prescription, medical history, medical records, patient care provider identification, physiological characteristics or psychological characteristics[0033]- a medical device (e.g., medical device 12) includes a sensor and a plurality of electronic components (e.g., module-specific components 76). ); at least one processing device(WO 2021243068, Chen, para. 0034, a sensor reading may include one or more capacity measurements of the battery (e.g., state of charge, state of health, internal resistance, charging rate, and/or discharging rate), and a processor (e.g., CPU 50)); and a memory device(WO 2021243068, Chen, para. 0027, Each functional module 16, 18, 20, 22 may include module-specific components 76, a microprocessor 70, a volatile memory 72 and a nonvolatile memory 74 for storing information.) storing: firmware(WO 2021243068, Chen, para. 0049, The term “software” is meant to include, where appropriate, firmware residing in read-only memory or applications stored in magnetic storage, which can be read into memory for processing by a processor.) including: service software for servicing the one or more sensor modules, the service software including an embedded web server(WO 2021243068, Chen, para. 0067, Other kinds of devices can be used to provide for interaction with a user as well; e.g., feedback provided to the user can be any form of sensory feedback, e.g., visual feedback, auditory feedback, or tactile feedback; and input from the user can be received in any form, including acoustic, speech, or tactile input. In addition, a computer can interact with a user by sending documents to and receiving documents from a device that is used by the user; e.g., by sending web pages to a web browser on a user’s client device in response to requests received from the web browser.); and clinical software for acquiring the one or more physiological parameter measurements from the patient(WO 2021243068, Chen, para. 0022, Medical device 12 may include or incorporate pumps, physiological monitors (e.g., heart rate, blood pressure, ECG, EEG, pulse oximeter, and other patient monitors), therapy devices, medication delivery actuators, and other drug delivery devices may be utilized according to the teachings set forth herein. … Control unit 14 also, although not necessarily, includes a main non-volatile storage unit 56, such as a hard disk drive or non-volatile flash memory, for storing software and data and one or more internal buses 64 for interconnecting the aforementioned elements.); and instructions which, when executed by the at least one processing device, cause the at least one processing device to: establish a server-client communications connection with a web browser on a client device(WO 2021243068, Chen, para. 0068, Embodiments of the subject matter described in this specification can be implemented in a computing system that includes a back end component, e.g., as a data server, or that includes a middleware component, e.g., an application server, or that includes a front end component, e.g., a client computer having a graphical user interface or a Web browser through which a user can interact with an implementation of the subject matter described in this specification, or any combination of one or more such back end, middleware, or front end components.); and provide access on the web browser to the service software through the server-client communications connection, the access to the service software being provided without loading the service software onto the client device(WO 2021243068, Chen, para. 0069, The computing system can include clients and servers. A client and server are generally remote from each other and may interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. In some embodiments, a server transmits data (e.g., an HTML page) to a client device (e.g., for purposes of displaying data to and receiving user input from a user interacting with the client device). ); wherein the clinical software includes protected health information from the patient(WO 2021243068, Chen, para. 0037, the medical device may restrict access to patient care functions requiring authentication of healthcare personnel. In this scenario, a healthcare clinician may be required to manually enter a passcode to gain access to the patient care functions.),and Chen does not teach block access to the clinical software on the web browser while maintaining access to the clinical software on a built-in display of the medical device However, Basson teaches block access to the clinical software on the web browser while maintaining access to the clinical software on a built-in display of the medical device (US 20130312077, Basson, para. 0026, A. Security manager software application 20 may temporarily block computing apparatus 9a from access or partial access (i.e., limit Website access) to the Internet so that Internet references may not be used to access answers to the screening questions. In order to continue to access security manager software application 20, while access to the Internet is temporarily blocked, synchronous communication may be established between security manager software application 20 and computing apparatus 9a. The synchronous communication allows the user to access security manager software application 20 with a screen transmitted back to computing apparatus 9a. Data entered on the screen will be transmitted as a transaction to the computing system 10. When the user begins to answer the screening questions, a software token may be placed on the computing apparatus 9a. The software token indicates that Web access will be blocked by: temporarily closing down a port used to access the Internet, shutting down the user's Web browsers, or by turning off access to the Internet.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Chen with the teaching of Basson because a user would have been motivated to execute a security manager software system, taught by Basson, to enable a user to have access control to specified medical functions in the system taught by Chen(Basson, para. 0023) In regards to claim 2, the combination of Chen and Basson teach the medical device of claim 1, wherein the server-client communications connection enables the client device to control the one or more sensor modules(WO 2021243068, Chen, para. 0009, In some implementations, the one or more processors are communicatively coupled to a medication delivery actuator, a transceiver, and the sensor, wherein the sensor is configured to monitor at least the first component.). In regards to claim 4, the combination of Chen and Basson teach the medical device of claim 1, wherein the service software includes one or more service software applications for calibration, functional verification tests, accuracy checks, component reporting, and log file display and download(WO 2021243068, Chen, para. 0021, Maintenance module 36 tracks the status and condition of a plurality of medical devices 12 included in the institutional patient care system 100. Status information for each medical device is stored in the database 37, including, for example, service needs, part failures, maintenance jobs, component replacement schedules (e.g., battery replacements), information regarding part ordering, inventory status, and so forth. Maintenance module 36 identifies specific device needs, reactive and/or proactive, for part repair, part ordering, and available inventory as well as preventative maintenance needs. In some implementations, maintenance module 36 causes a dashboard to be displayed on device terminals 33 associated with maintenance technicians.). In regards to claim 9, the combination of Chen and Basson teach the medical device of claim 1, wherein the server-client communications connection includes an Ethernet connection between the medical device and the client device(WO 2021243068, Chen, para. 0024, Network connection 52 may be a wired or wireless connection, such as by Ethernet, WiFi, BLUETOOTH, an integrated services digital network (ISDN) connection, a digital subscriber line (DSL) modem or a cable modem.). In regards to claim 10, the combination of Chen and Basson teach the medical device of claim 1, wherein the server-client communications connection is a wireless connection between the medical device and the client device(WO 2021243068, Chen, para. 0019, Each element 12 is connected to a healthcare network 10 by a transmission channel 32. Transmission channel 32 is any wired or wireless transmission channel, for example an 802.11 wireless local area network (LAN).). 2.) Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over IDS supplied reference, WO 2021243068, Chen in view of US 20130312077, Basson and further in view of US 20080307517, Grigoriev In regards to claim 3, the combination of Chen and Basson teach the medical device of claim 1. The combination of Chen and Basson do not teach does not teach wherein the server-client communications connection is established via Hypertext Transfer Protocol Secure (HTTPS) However, Grigoriev teaches wherein the server-client communications connection is established via Hypertext Transfer Protocol Secure (HTTPS) (US 20080307517, Grigoriev, para. 0019, Each of the mobile devices 12 additionally comprises at least one client 26, such as a JAVA midlet, which communicates with a server application 28 located on the external device 22. The client 26 communicates, or transacts, with the server 28 using a predefined protocol such as TCP/IP, HTTP, HTTPS, or the like.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen and Basson with the teaching of Grigoriev because a user would have been motivated to use a client identifier that is unavailable to a client, taught by Grigoriev, in order to establish a secure client-server communication session taught by Chen(Grigoriev, para. 0009) 3.) Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over IDS supplied reference, WO 2021243068, Chen in view of US 20130312077, Basson and further in view of US 20150300923, Halbert In regards to claim 8, the combination of Chen and Basson teach the medical device of claim 1. The combination of Chen and Basson do not teach wherein the instructions further cause the at least one processing device to: provide communication over an internet protocol between the client device and the medical device for live calibration of the one or more sensor modules However, Halbert teaches wherein the instructions further cause the at least one processing device to: provide communication over an internet protocol between the client device and the medical device for live calibration of the one or more sensor modules (US 20150300923, Halbert, para. 0060, Application server 415 can host a remote maintenance application that allows a user (e.g., maintenance personnel) to remotely conduct maintenance tests on intelligent medical device module 550. Unlike conventional maintenance applications which may require a user to be in the same location as the medical device module when performing maintenance tests, the remote maintenance application allows a user to administer these tests remotely via network 405.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen and Basson with the teaching of Halbert because a user would have been motivated to enhance the maintenance procedures, taught by Chen, by transmitting test data to the medical system, taught by Halbert, in order to automate maintenance testing procedures(Halbert, para. 0064) 4.) Claims 11-13, 15-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over IDS supplied reference, WO 2021243068, Chen in view of US 20130312077, Basson and further in view of US 20060064582, Teal In regards to claim 11, the combination of Chen and Basson teach the medical device of claim 1, wherein the instructions further cause the at least one processing device to: receive a password assigned to an authentication device(WO 2021243068, Chen, para. 0037, a healthcare clinician may be required to manually enter a passcode to gain access to the patient care functions.); the combination of Chen and Basson do not teach receive a signed certificate stored on the authentication device; validate the signed certificate by using a public key stored on the memory device; and determine an accessibility level based on the signed certificate, wherein the accessibility level determines a level of access on the web browser to the service software However, Teal teaches receive a signed certificate stored on the authentication device(US 20060064582, Teal, para. 0080, The private key affiliated with the Root Certificate 600 is used to sign all level 2 certificates in the keychain); validate the signed certificate by using a public key stored on the memory device(US 20060064582, Teal, para. 0080, and the corresponding public key, which is contained in the Root Certificate 600 itself, is used to authenticate all level 2 certificates); and determine an accessibility level based on the signed certificate, wherein the accessibility level determines a level of access on the web browser to the service software(US 20060064582, Teal, para. 0080, The Administrator Certificate 802 is used to identify various individuals to the system 100 and manage their level of access to system resources via the e-token mentioned previously.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen and Basson teach with the teaching of Teal because a user would have been motivated to enhance security of end-user platforms, taught by Chen, by using unique information for a system manager and unique end-user platform authentication information, taught by Teal, in order to establish a secure connection between the system manager and the end-user platform(Teal, para. 0008) In regards to claim 12, the combination of Chen, Basson and Teal teach the medical device of claim 11, further comprising: at least one port for plugging the authentication device, and wherein the medical device receives the signed certificate via the at least one port(US 20060064582, Teal, para. 0042, After turning on the manager 104, the administrator must insert the e-token, which is provided with the manager 104, into the USB port on the console 106. This e-token contains a digital certificate that allows secure and authenticated communication with the manager 104. The console 106 thereafter prompts the administrator to select a manager from the menu (there can be up to 20 managers identified on each e-token) and to enter an initial passphrase to be used for authentication). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen and Basson with the teaching of Teal because a user would have been motivated to enhance security of end-user platforms, taught by Chen, by using unique information for a system manager and unique end-user platform authentication information, taught by Teal, in order to establish a secure connection between the system manager and the end-user platform(Teal, para. 0008) In regards to claim 13, the combination of Chen, Basson and Teal teach the medical device of claim 11, wherein the medical device receives the signed certificate from the authentication device via a wireless signal(US 20060064582, Teal, para. 0021 and 0055: [0021]- The network 110 may be any suitable network known to those having ordinary skill in the art, including wired and wireless networks.[0055]- The receiver is also assured that the level 3 certificate truly came from the identified sender, in this case, another manager 104, a console 106, or a Client Setup program (discussed later herein)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen and Basson with the teaching of Teal because a user would have been motivated to enhance security of end-user platforms, taught by Chen, by using unique information for a system manager and unique end-user platform authentication information, taught by Teal, in order to establish a secure connection between the system manager and the end-user platform(Teal, para. 0008) In regards to claim 15, Chen teaches a medical device for assessing a health status of a patient, the medical device comprising: at least one processing device(WO 2021243068, Chen, para. 0008, a sensor for monitoring at least a first component of the system; a transceiver; one or more processors); and a memory device storing instructions which, when executed by the at least one processing device(WO 2021243068, Chen, para. 0008, a sensor for monitoring at least a first component of the system; a transceiver; one or more processors communicatively coupled with the medication delivery actuator, sensor, and transceiver; and memory including instructions that, when executed by the one or more processors,), cause the at least one processing device to: receive a password assigned to an authentication device(WO 2021243068, Chen, para. 0037, a healthcare clinician may be required to manually enter a passcode to gain access to the patient care functions.); establish a server-client communications connection between an embedded web server installed on the medical device and a web browser installed on a client device(WO 2021243068, Chen, para. 0068, Embodiments of the subject matter described in this specification can be implemented in a computing system that includes a back end component, e.g., as a data server, or that includes a middleware component, e.g., an application server, or that includes a front end component, e.g., a client computer having a graphical user interface or a Web browser through which a user can interact with an implementation of the subject matter described in this specification, or any combination of one or more such back end, middleware, or front end components.); and provide access on the web browser to service software installed on the medical device through the server-client communications connection, the accessibility level determines a level of access on the web browser to the service software(WO 2021243068, Chen, para. 0069, The computing system can include clients and servers. A client and server are generally remote from each other and may interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. In some embodiments, a server transmits data (e.g., an HTML page) to a client device (e.g., for purposes of displaying data to and receiving user input from a user interacting with the client device). );wherein the clinical software includes protected health information from the patient(WO 2021243068, Chen, para. 0037, the medical device may restrict access to patient care functions requiring authentication of healthcare personnel. In this scenario, a healthcare clinician may be required to manually enter a passcode to gain access to the patient care functions.), Chen does not teach receive a signed certificate stored on the authentication device, the signed certificate created by a certificate authority; validate the signed certificate by using a public key stored on the memory device; determine an accessibility level based on the signed certificate However, Teal teaches receive a signed certificate stored on the authentication device, the signed certificate created by a certificate authority(US 20060064582, Teal, para. 0080, The private key affiliated with the Root Certificate 600 is used to sign all level 2 certificates in the keychain); validate the signed certificate by using a public key stored on the memory device(US 20060064582, Teal, para. 0080, and the corresponding public key, which is contained in the Root Certificate 600 itself, is used to authenticate all level 2 certificates); determine an accessibility level based on the signed certificate(US 20060064582, Teal, para. 0080, The Administrator Certificate 802 is used to identify various individuals to the system 100 and manage their level of access to system resources via the e-token mentioned previously.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Chen with the teaching of Teal because a user would have been motivated to enhance security of end-user platforms, taught by Chen, by using unique information for a system manager and unique end-user platform authentication information, taught by Teal, in order to establish a secure connection between the system manager and the end-user platform(Teal, para. 0008); and the combination of Chen and Teal do not teach block access to the clinical software on the web browser while maintaining access to the clinical software on a built-in display of the medical device However, Basson teaches block access to the clinical software on the web browser while maintaining access to the clinical software on a built-in display of the medical device (US 20130312077, Basson, para. 0026, A. Security manager software application 20 may temporarily block computing apparatus 9a from access or partial access (i.e., limit Website access) to the Internet so that Internet references may not be used to access answers to the screening questions. In order to continue to access security manager software application 20, while access to the Internet is temporarily blocked, synchronous communication may be established between security manager software application 20 and computing apparatus 9a. The synchronous communication allows the user to access security manager software application 20 with a screen transmitted back to computing apparatus 9a. Data entered on the screen will be transmitted as a transaction to the computing system 10. When the user begins to answer the screening questions, a software token may be placed on the computing apparatus 9a. The software token indicates that Web access will be blocked by: temporarily closing down a port used to access the Internet, shutting down the user's Web browsers, or by turning off access to the Internet.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen and Teal with the teaching of Basson because a user would have been motivated to execute a security manager software system, taught by Basson, to enable a user to have access control to specified medical functions in the system taught by Chen(Basson, para. 0023) In regards to claim 16, the combination of Chen, Basson and Teal teach the medical device of claim 15, further comprising: at least one port for plugging the authentication device, and wherein the medical device receives the signed certificate from a connection inside the at least one port(US 20060064582, Teal, para. 0042, After turning on the manager 104, the administrator must insert the e-token, which is provided with the manager 104, into the USB port on the console 106. This e-token contains a digital certificate that allows secure and authenticated communication with the manager 104. The console 106 thereafter prompts the administrator to select a manager from the menu (there can be up to 20 managers identified on each e-token) and to enter an initial passphrase to be used for authentication). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen and Basson with the teaching of Teal because a user would have been motivated to enhance security of end-user platforms, taught by Chen, by using unique information for a system manager and unique end-user platform authentication information, taught by Teal, in order to establish a secure connection between the system manager and the end-user platform(Teal, para. 0008) In regards to claim 17, the combination of Chen, Basson and Teal teach the medical device of claim 15, wherein the medical device receives the signed certificate from the authentication device via a wireless signal(US 20060064582, Teal, para. 0021 and 0055: [0021]- The network 110 may be any suitable network known to those having ordinary skill in the art, including wired and wireless networks.[0055]- The receiver is also assured that the level 3 certificate truly came from the identified sender, in this case, another manager 104, a console 106, or a Client Setup program (discussed later herein)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen and Basson with the teaching of Teal because a user would have been motivated to enhance security of end-user platforms, taught by Chen, by using unique information for a system manager and unique end-user platform authentication information, taught by Teal, in order to establish a secure connection between the system manager and the end-user platform(Teal, para. 0008) In regards to claim 20, Chen teaches a method of authenticating a user for servicing a medical device, the method comprising: activating an authentication device(WO 2021243068, Chen, para. 0060, the medical device may present an interface to receive user identification information. The medical device may receive the information directly such as via a user interface input, badge scan, barcode scan, or other input.);establishing a server-client communications connection between an embedded web server installed on the medical device and a web browser installed on a client device(WO 2021243068, Chen, para. 0068, Embodiments of the subject matter described in this specification can be implemented in a computing system that includes a back end component, e.g., as a data server, or that includes a middleware component, e.g., an application server, or that includes a front end component, e.g., a client computer having a graphical user interface or a Web browser through which a user can interact with an implementation of the subject matter described in this specification, or any combination of one or more such back end, middleware, or front end components.); and providing access on the web browser to service software installed on the medical device through the server-client communications connection, wherein the accessibility level determines a level of access on the web browser to the service software(WO 2021243068, Chen, para. 0069, The computing system can include clients and servers. A client and server are generally remote from each other and may interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. In some embodiments, a server transmits data (e.g., an HTML page) to a client device (e.g., for purposes of displaying data to and receiving user input from a user interacting with the client device). ); wherein the clinical software includes protected health information from the patient(WO 2021243068, Chen, para. 0037, the medical device may restrict access to patient care functions requiring authentication of healthcare personnel. In this scenario, a healthcare clinician may be required to manually enter a passcode to gain access to the patient care functions.), Chen does not teach receiving a signed certificate stored on the authentication device; validating the signed certificate by using a public key; and when the signed certificate is validated, determining an accessibility level based on the signed certificate for the user However, Teal teaches receiving a signed certificate stored on the authentication device(US 20060064582, Teal, para. 0080, The private key affiliated with the Root Certificate 600 is used to sign all level 2 certificates in the keychain); validating the signed certificate by using a public key(US 20060064582, Teal, para. 0080, and the corresponding public key, which is contained in the Root Certificate 600 itself, is used to authenticate all level 2 certificates); and when the signed certificate is validated, determining an accessibility level based on the signed certificate for the user(US 20060064582, Teal, para. 0080, The Administrator Certificate 802 is used to identify various individuals to the system 100 and manage their level of access to system resources via the e-token mentioned previously.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Chen with the teaching of Teal because a user would have been motivated to enhance security of end-user platforms, taught by Chen, by using unique information for a system manager and unique end-user platform authentication information, taught by Teal, in order to establish a secure connection between the system manager and the end-user platform(Teal, para. 0008); and the combination of Chen and Teal do not teach block access to the clinical software on the web browser while maintaining access to the clinical software on a built-in display of the medical device However, Basson teaches block access to the clinical software on the web browser while maintaining access to the clinical software on a built-in display of the medical device (US 20130312077, Basson, para. 0026, A. Security manager software application 20 may temporarily block computing apparatus 9a from access or partial access (i.e., limit Website access) to the Internet so that Internet references may not be used to access answers to the screening questions. In order to continue to access security manager software application 20, while access to the Internet is temporarily blocked, synchronous communication may be established between security manager software application 20 and computing apparatus 9a. The synchronous communication allows the user to access security manager software application 20 with a screen transmitted back to computing apparatus 9a. Data entered on the screen will be transmitted as a transaction to the computing system 10. When the user begins to answer the screening questions, a software token may be placed on the computing apparatus 9a. The software token indicates that Web access will be blocked by: temporarily closing down a port used to access the Internet, shutting down the user's Web browsers, or by turning off access to the Internet.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen and Teal with the teaching of Basson because a user would have been motivated to execute a security manager software system, taught by Basson, to enable a user to have access control to specified medical functions in the system taught by Chen(Basson, para. 0023) 5.) Claims 14 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over IDS supplied reference, WO 2021243068, Chen in view of US 20130312077, Basson and further in view of US 20060064582, Teal and further in view of US 20150319178, Desai In regards to claim 14, the combination of Chen, Basson and Teal teach the medical device of claim 11. The combination of Chen, Basson and Teal do not teach wherein the instructions further cause the at least one processing device to: block the access on the web browser to the service software when the authentication device is removed from a port of the medical device or is moved away such that the authentication device is no longer in close proximity to the medical device However, Desai teaches wherein the instructions further cause the at least one processing device to: block the access on the web browser to the service software when the authentication device is removed from a port of the medical device or is moved away such that the authentication device is no longer in close proximity to the medical device (US 20150319178, Desai, para. 0008, The managed application launcher may be modified by the user device to remove managed applications or otherwise prevent access to applications that have a policy indicating that remote assistance is not allowed.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen, Basson and Teal with the teaching of Desai because a user would have been motivated to provide various policies, taught by Desai, to permit remote assistance, taught by the combination of Chen, Basson and Teal, while maintaining separation between a user’s personal data and manages spaces(Desai, para. 0006) In regards to claim 18, the combination of Chen, Basson and Teal teach the medical device of claim 15. The combination of Chen, Basson and Teal do not teach wherein the instructions further cause the at least one processing device to: block the access on the web browser to the service software when the authentication device is removed from a port of the medical device or when the authentication device is no longer in close proximity to the medical device However, Desai teaches wherein the instructions further cause the at least one processing device to: block the access on the web browser to the service software when the authentication device is removed from a port of the medical device or when the authentication device is no longer in close proximity to the medical device (US 20150319178, Desai, para. 0008, The managed application launcher may be modified by the user device to remove managed applications or otherwise prevent access to applications that have a policy indicating that remote assistance is not allowed.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen, Basson and Teal with the teaching of Desai because a user would have been motivated to provide various policies, taught by Desai, to permit remote assistance, taught by the combination of Chen and Teal, while maintaining separation between a user’s personal data and manages spaces(Desai, para. 0006) 6.) Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over IDS supplied reference, WO 2021243068, Chen in view of US 20130312077, Basson and further in view of US 20060064582, Teal and further in view of US 20080307517, Grigoriev In regards to claim 19, the combination of Chen, Basson and Teal teach the medical device of claim 15. The combination of Chen, Basson and Teal do not teach wherein the server-client communications connection is established via Hypertext Transfer Protocol Secure (HTTPS) ) However, Grigoriev teaches wherein the server-client communications connection is established via Hypertext Transfer Protocol Secure (HTTPS) ) (US 20080307517, Grigoriev, para. 0019, Each of the mobile devices 12 additionally comprises at least one client 26, such as a JAVA midlet, which communicates with a server application 28 located on the external device 22. The client 26 communicates, or transacts, with the server 28 using a predefined protocol such as TCP/IP, HTTP, HTTPS, or the like.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Chen, Basson and Teal with the teaching of Grigoriev because a user would have been motivated to use a client identifier that is unavailable to a client, taught by Grigoriev, in order to establish a secure client-server communication session taught by Chen(Grigoriev, para. 0009) CONCLUSION Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREGORY LANE whose telephone number is (571)270-7469. The examiner can normally be reached on 571 270 7469 from 8:00 AM to 6:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Taghi Arani, can be reached on 571 272 3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). /GREGORY A LANE/ Examiner, Art Unit 2438 /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438