Abstract: Aspects of this disclosure include a recall notification method, a method for communicating an action to be performed by a device, and a method of operating a relay service by a network device. One embodiment of the recall notification method may comprise periodically transmitting, by a network interface of a medical device implanted in a user's body, a poll request to a recall service endpoint. The method may further comprise receiving, by the network interface in response to the poll request, a recall notification; and in response to receiving the recall notification, directly notifying the user.

Abstract: An emergency token for one-time, highly restricted, access to an arbitrary WiFi network, while maintaining full network security and integrity, is disclosed. When an IoT medical device (IMD) detects failure in the IMD, or detects the patient having a medical emergency, IMD detects local active WiFi networks, and attempts connecting to a monitoring center through one of the networks. If the network is password protected, the connection may fail. The IMD retries the connection request using factory-installed one-time use token that is only for emergency calls only. If successful, the IMD sends an emergency message to the monitoring center, which dispatches emergency responder to the location of the IMD. Monitoring center invalidates the token with the central on-line token registrar when both the IMD and the monitoring center acknowledges that the notification is successful. A person having the proper security authorization can install a new one-time use token.

Abstract: An emergency token for one-time, highly restricted, access to an arbitrary WiFi network, while maintaining full network security and integrity, is disclosed. When an IoT medical device (MD) detects failure in the IMD, or detects the patient having a medical emergency, IMD detects local active WiFi networks, and attempts connecting to a monitoring center through one of the networks. If the network is password protected, the connection may fail. The IMD retries the connection request using factory-installed one-time use token that is only for emergency calls only. If successful, the IMD sends an emergency message to the monitoring center, which dispatches emergency responder to the location of the IMD. Monitoring center invalidates the token with the central on-line token registrar when both the IMD and the monitoring center acknowledges that the notification is successful. A person having the proper security authorization can install a new one-time use token.