In a new draft guidance (for electrosurgical devices; but in our opinion representative of information needed for other devices) FDA stated that cybersecurity information including but not limited to the following should be provided:
- Confidentiality assures that no unauthorized users have access to the information.
- Integrity is the assurance that the information is correct – that is, it has not been improperly modified.
- Availability suggests that the information will be available when needed.
- Accountability is the application of identification and authentication to assure that the prescribed access process is being done by an authorized user.