CONNECTED DEVICE FOR MEDICAL DEVICE TRANSMISSIONS

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment Applicant’s amendment, filed on 02/11/2026, has been entered and carefully considered. Claim 1, 8, 10 and 14 have been amended; claim 13 is cancelled and Claims 1-4, 6-12, 14-22 are pending. Response to Arguments Applicant’s arguments filed on 02/11/2026 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Applicant amended the independent claims significantly, which necessitates the new ground rejection. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 8, 14 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Mahajan et al (US 2020/0016420) in view of Stair et al (US 2018/0241718 A1), further in view of Yoon et al (US 2020/0252436). Regarding claims 1, 8, Mahajan teaches a computing system, comprising: a cardiovascular implantable electronic device (CIED) ([0046], “Examples of the implantable device may include, but are not limited to, pacemakers, pacemaker/defibrillators, cardiac resynchronization therapy (CRT) devices”); and one or more connected devices (Fig. 1, external device 120) configured to communicate with a server over a computer network (Fig. 1, remote device 124, [0053], “the remote device 124 may include a centralized server”, it’s noted that external device 120 communicates with a remote device 124 over a computer network 122), each connected device of the one or more connected devices including ports (Fig. 1, external device 120 inherently as ports for transmission) and processing circuitry configured to: execute a firewall that controls permission to communicate via the ports of the connected devices; execute a processing agent on the connected device, the processing agent configured to identify a set of ports requested by the CIED and instruct the firewall to allow access to the connected device only via those identified ports; receive a wireless transmission from the CIED (Fig. 1, wireless transmission between IMD 110 and external device 120 via wireless link 115; [0051], “the external system 125 may receive device data from the AMD 110 via the communication link 115. Examples of the device data received by the external system 125 may include real-time or stored physiologic data from the patient 102”); upon determining that the wireless transmission originated from the CIED, read an upon determining that a cardiac event has occurred, transmit a notification of the cardiac event over the computer network to a recipient address ([0059], “One or more of the external device 120 or the remote device 124 may output the detected physiologic events to a user such as the patient or a clinician”) of a registered account at the server ([0057], “Users, such as clinicians or other qualified medical specialists, may use the clients to securely access stored patient data assembled in the database in the server”, it implies that the stored patient data each would have its own account in the server; also see [0056]). Mahajan doesn’t explicitly teach that execute a firewall that controls permission to communicate via the ports of the connected devices; execute a processing agent on the connected device, the processing agent configured to identify a set of ports requested by the CIED and instruct the firewall to allow access to the connected device only via those identified ports. Stairs teaches that execute a firewall that controls permission to communicate via the ports of the connected devices; execute a processing agent on the connected device, the processing agent configured to identify a set of ports requested by the CIED and instruct the firewall to allow access to the connected device only via those identified ports ([0008], “the SPA request specifies a port and a protocol to be allowed in accordance with the temporary firewall policy. For example, if the SPA request is for secure shell (“SSH”) access on Transmission Control Protocol (“TCP”) port 22, the temporary firewall policy can be added to the virtual firewall to allow packets from a client IP address of the SPA client with TCP protocol and a destination port of 22 to be forwarded to the cloud workload”, it’s that SPA service validate the request and instructs the firewall to implement a temporary policy allowing access only via the requested set of ports). Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to utilize the teaching of Stair in the system disclosed by Mahajan. The combination merely involves applying a known network security protocol (SPA/Dynamic Firewalling) to a known medical device communication environment to achieve the predictable result of a “hardended” medical gateway that reduces the attack surface of the bedside monitor. Mahajan doesn’t explicitly teach that read an encoded cardiac signal from the wireless transmission using a data management module. Yoon teaches that that read an encoded cardiac signal from the wireless transmission using a data management module ([0021], The second device may decode the message using a second encryption key; also see Fig. 3, memory 64 comprising encryption keys). Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to utilize the teaching of Yoon in the system disclosed by Mahajan in view of Ranjan to secure sensitive information such as collected patient data (see paragraph 0004 of Yoon). Regarding claim 14, Mahajan teaches a connected device, comprising: a communications suite including at least one module selected from the group consisting of a Zigbee module, a Bluetooth Low Energy (BLE) module, a narrow- band internet of things (NB-IoT) module, a Wi-Fi module, a LoRa module, and a long-term evolution (LTE) module ([0051], “IEEE 802.11 wireless fidelity “WiFi” interfacing standards”, it implies that a Wi-Fi module is used for the wireless communication); ports (Fig. 1, external device 120 inherently as ports for transmission); and processing circuitry configured to: receive a wireless transmission from the CIED via the at least one module of the communications suits (Fig. 1, wireless transmission between IMD 110 and external device 120 via wireless link 115; [0051], “the external system 125 may receive device data from the AMD 110 via the communication link 115. Examples of the device data received by the external system 125 may include real-time or stored physiologic data from the patient 102” and [0046]); upon determining that the wireless transmission originated form the CIED, read an upon determining that an adverse healthy or device event has occurred, transmit a notification of the adverse health or device event to a recipient address ([0059], “One or more of the external device 120 or the remote device 124 may output the detected physiologic events to a user such as the patient or a clinician”) of a registered account at a server ([0057], “Users, such as clinicians or other qualified medical specialists, may use the clients to securely access stored patient data assembled in the database in the server”, it implies that the stored patient data each would have its own account in the server; also see [0056]) via a wide area network ([0052], network 122 is a telecommunication network which is considered as a wide area network). Mahajan doesn’t explicitly teach that execute a firewall that controls permission to communicate via the ports of the connected devices; execute a processing agent on the connected device, the processing agent configured to identify a set of ports requested by the device and instruct the firewall to allow access to the device only via those identified ports. Stairs teaches that execute a firewall that controls permission to communicate via the ports of the connected devices; execute a processing agent on the connected device, the processing agent configured to identify a set of ports requested by the device and instruct the firewall to allow access to the connected device only via those identified ports ([0008], “the SPA request specifies a port and a protocol to be allowed in accordance with the temporary firewall policy. For example, if the SPA request is for secure shell (“SSH”) access on Transmission Control Protocol (“TCP”) port 22, the temporary firewall policy can be added to the virtual firewall to allow packets from a client IP address of the SPA client with TCP protocol and a destination port of 22 to be forwarded to the cloud workload”, it’s that SPA service validate the request and instructs the firewall to implement a temporary policy allowing access only via the requested set of ports). Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to utilize the teaching of Stair in the system disclosed by Mahajan. The combination merely involves applying a known network security protocol (SPA/Dynamic Firewalling) to a known medical device communication environment to achieve the predictable result of a “hardended” medical gateway that reduces the attack surface of the bedside monitor. Mahajan doesn’t explicitly teach that read an encoded cardiac signal from the wireless transmission using a data management module. Yoon teaches that that read an encoded cardiac signal from the wireless transmission using a data management module ([0021], The second device may decode the message using a second encryption key; also see Fig. 3, memory 64 comprising encryption keys). Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to utilize the teaching of Yoon in the system disclosed by Mahajan in view of Ranjan to secure sensitive information such as collected patient data (see paragraph 0004 of Yoon). Regarding claim 17, the aforementioned references further teach that the module is the Wi-Fi module or the Bluetooth Low Energy (BLE) module, the connected device further comprising: a Wi-Fi radio configured to receive the wireless transmission from the CIED (Mahajan, [0051], “The telemetry link 115 may be an inductive telemetry link, a capacitive telemetry link, or a radio-frequency (RF) telemetry link, or wireless telemetry based on, for example, “strong” Bluetooth or IEEE 802.11 wireless fidelity “WiFi” interfacing standards” and Fig. 1; it implied that a Wi-Fi radio is used for the Wi-Fi communication). Claims 3, 9 are rejected under 35 U.S.C. 103 as being unpatentable over Mahajan in view of Stair, Yoon, further in view of Zilbershlag (US 2021/0046234). Regarding claims 3, 9, the aforementioned references teach all of the limitations of the parent claim, Mahajan further teach: a radio transceiver configured to transmit and receive on …, wherein the wireless transmission is received via the radio transceiver, a Wi-Fi radio configured to receive the wireless transmission from the CIED ([0051], “IEEE 802.11 wireless fidelity “WiFi” interfacing standards”). However, Mahajan doesn’t explicitly teach that transmitting and receiving on medical device radiocommunications service spectrum. Zilbershalg teaches that transmitting and receiving on medical device radiocommunications service spectrum (“MedRadio Spectrum”). Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to utilize the teaching of Zilbershlag in the system disclosed by Mahajan in view of Stair and Yoon for the purpose of reduce interference for medical data transmission. Claims 2, 4, 10 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Mahajan in in view of Stair and Yoon, further in view of Bonn (US 9,877,332). Regarding claim 2, the aforementioned references teach all of the limitations except that the transmitting upon determining that a cardiac event has occurred includes prioritizing processing of data contained in the wireless transmission over processing of data contained in other wireless transmissions. Bonn teaches the above limitation (Col 6, lines 52-56, “increase the quality of service of the user’s connection when the medical data indicates that the user in a medical state or emergency situation”). Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to utilize the teaching of Bonn in the system disclosed by Mahajan in view of Stair and Yoon for the purpose of provide priority service for important data transmission such as urgent medical data. Regarding claim 4, 10, 18, the aforementioned references further teach that: execute a processing agent including a CIED detector configured to perform: the inspecting of the wireless transmission to identify the signal characteristic, header data, or payload data of the wireless transmission; and the determining that the signal characteristic, header data, and/or payload data of the wireless transmission matches a predetermined medical device signal characteristic, header data, and/or payload data (Bonn, Col 3, line 33, “Wireless access node 110 determines a quality of service level for communication device 101 based on the medical data”, “The medical data indicating high stress or anxiety levels would result in a higher quality of service level than medical data indicating a calm and relaxed physical state of the user”). Claims 19, 20-22 are rejected under 35 U.S.C. 103 as being unpatentable over Mahajan in in view of Stair and Yoon, further in view of Baker et al (US 2014/0331298 A1). Regarding claim 19, the aforementioned references teach all of the limitations except that the processing circuitry is configured to instruct the firewall to allow access to the connected device via the identified ports by allowing access of medical data from the connected device to the processing agent on the connected device via those identified ports. Baker teaches the above limitation ([0016], “In this disclosure, a process for configuring a RAP may also be referred to as provisioning the RAP. The firewall may also need to be configured to permit data of a specific type to a specific IP address of an access point controller at the medical facility, using a specific port”, it’s noted that data of the specific type could be medical data since Baker is directed at remote patient monitoring). Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to utilize the teaching of Baker in the system disclosed by Mahajan in view of Stair and Yoon for the purpose of improving system security. Regarding claim 20, 21 and 22, the aforementioned references further teaches that the processing circuitry further is configured to instruct the firewall to restrict access of non-medical data to the processing agent via those identified ports (Baker, [0016], “In this disclosure, a process for configuring a RAP may also be referred to as provisioning the RAP. The firewall may also need to be configured to permit data of a specific type to a specific IP address of an access point controller at the medical facility, using a specific port”, it’s noted that permit data of a specific type implies restrict access of data not belong to that specific type). Claims 6-7, 11-12, 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Mahajan in view of Stair, Yoon, further in view of Bardy et al (US 2022/0219001). Regarding claim 6, 11, 15, the aforementioned references teach the CIED ([0046], “Examples of the implantable device may include, but are not limited to, pacemakers, pacemaker/defibrillators, cardiac resynchronization therapy (CRT) devices”). However, the aforementioned references don’t teach that the processing circuitry is further configured to: store medical data transmitted by the medical device and forward the medical data at a subsequent point in time, the subsequent point in time being determined in part by at least one of the following: a user-selection of a time period. Bardy teaches the above limitation ([0105]- [0106]). Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to utilize the teaching of Bardy in the system disclosed by Mahajan in view of Stair and Yoon for the purpose of protecting patient privacy. Regarding claim 7, 12, 16, the aforementioned references teach all of the limitations except that the performing medical device-specific processing on the wireless transmission includes: encrypting the wireless transmission according to an encryption protocol; and transmitting the encrypted wireless transmission to a destination server. Bardy teaches the above limitation ([0113). Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to utilize the teaching of Bardy in the system disclosed by Mahajan in view of Stair and Yoon for the purpose of protecting patient privacy. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIMING LIU whose telephone number is (571)270-3859. The examiner can normally be reached M-F, 8:30am-5:00pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Derrick Ferris can be reached on 571-272-3123. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SIMING LIU/ Primary Examiner, Art Unit 2411