Content of Premarket Submissions for Management of Cybersecurity in Medical Devices; Draft Guidance for Industry and Food and Drug Administration Staff; Availability, 35940 [2013-14167]

Download as PDF 35940 Federal Register / Vol. 78, No. 115 / Friday, June 14, 2013 / Notices FOR FURTHER INFORMATION CONTACT: DEPARTMENT OF HEALTH AND HUMAN SERVICES Food and Drug Administration [Docket No. FDA–2013–D–0616] Content of Premarket Submissions for Management of Cybersecurity in Medical Devices; Draft Guidance for Industry and Food and Drug Administration Staff; Availability AGENCY: Food and Drug Administration, HHS. mstockstill on DSK4VPTVN1PROD with NOTICES ACTION: Notice. SUMMARY: The Food and Drug Administration (FDA) is announcing the availability of the draft guidance entitled ‘‘Content of Premarket Submissions for Management of Cybersecurity in Medical Devices.’’ This guidance identifies cybersecurity issues that manufacturers should consider in preparing premarket submissions for medical devices in order to maintain information confidentiality, integrity, and availability. This draft guidance is not final nor is it in effect at this time. DATES: Although you can comment on any guidance at any time (see 21 CFR 10.115(g)(5)), to ensure that the Agency considers your comment on this draft guidance before it begins work on the final version of the guidance, submit either electronic or written comments on the draft guidance by September 12, 2013. ADDRESSES: Submit written requests for single copies of the draft guidance document entitled ‘‘Content of Premarket Submissions for Management of Cybersecurity in Medical Devices’’ to the Division of Small Manufacturers, International, and Consumer Assistance, Center for Devices and Radiological Health, Food and Drug Administration, 10903 New Hampshire Ave., Bldg. 66, Rm. 4613, Silver Spring, MD 20993– 0002 or the Office of Communication, Outreach and Development (HFM–40), 1401 Rockville Pike, Suite 200N, Rockville, MD 20852. Send one selfaddressed adhesive label to assist that office in processing your request, or fax your request to 301–847–8149. See the SUPPLEMENTARY INFORMATION section for information on electronic access to the guidance. Submit electronic comments on the draft guidance to https://www. regulations.gov. Submit written comments to the Division of Dockets Management (HFA–305), Food and Drug Administration, 5630 Fishers Lane, Rm. 1061, Rockville, MD 20852. Identify comments with the docket number found in brackets in the heading of this document. VerDate Mar<15>2010 17:03 Jun 13, 2013 Jkt 229001 Abiy Desta, Center for Devices and Radiological Health, Food and Drug Administration, 10903 New Hampshire Ave., Bldg. 66, Rm. 1682, Silver Spring, MD 20993–0002, 301–796–0293, Abiy. Desta@fda.hhs.gov; or Stephen Ripley, Center for Biologics Evaluation and Research (HFM–17), Food and Drug Administration, 1401 Rockville Pike, Suite 200N, Rockville, MD 20852, 301– 827–6210. SUPPLEMENTARY INFORMATION: I. Background This draft guidance provides recommendations to consider and document in FDA medical device premarket submissions to provide effective cybersecurity management and to reduce the risk that device functionality is intentionally or unintentionally compromised. The need for effective cybersecurity to assure medical device functionality has become more important with the increasing use of wireless, Internet- and network-connected devices and the frequent electronic exchange of medical device-related health information. II. Significance of Guidance This draft guidance is being issued consistent with FDA’s good guidance practices regulation (21 CFR 10.115). The draft guidance, when finalized, will represent the Agency’s current thinking on management of cybersecurity in medical devices. It does not create or confer any rights for or on any person and does not operate to bind FDA or the public. An alternative approach may be used if such approach satisfies the requirements of the applicable statute and regulations. III. Electronic Access Persons interested in obtaining a copy of the draft guidance may do so by using the Internet. A search capability for all Center for Devices and Radiological Health guidance documents is available at https://www.fda.gov/MedicalDevices/ DeviceRegulationandGuidance/ GuidanceDocuments/default.htm. Guidance documents are also available at https://www.regulations.gov or from the Center for Biologics Evaluation and Research at https://www.fda.gov/ BiologicsBloodVaccines/Guidance ComplianceRegulatoryInformation/ default.htm. To receive ‘‘Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,’’ you may either send an email request to dsmica@fda.hhs.gov to receive an electronic copy of the document or send a fax request to 301–847–8149 to receive a hard copy. Please use the document PO 00000 Frm 00093 Fmt 4703 Sfmt 4703 number 1825 to identify the guidance you are requesting. IV. Paperwork Reduction Act of 1995 This draft guidance refers to previously approved collections of information found in FDA regulations. These collections of information are subject to review by the Office of Management and Budget (OMB) under the Paperwork Reduction Act of 1995 (44 U.S.C. 3501–3520). The collections of information in 21 CFR part 807, subpart E, have been approved under OMB control number 0910–0120; the collections of information in 21 CFR part 812 have been approved under OMB control number 0910–0078; the collections of information in 21 CFR part 814 have been approved under OMB control number 0910–0231; the collections of information in 21 CFR part 814, subpart H, have been approved under OMB control number 0910–0332; and the collections of information in 21 CFR part 820 have been approved under OMB control number 0910–0073. V. Comments Interested persons may submit either electronic comments regarding this document to https://www.regulations.gov or written comments to the Division of Dockets Management (see ADDRESSES). It is only necessary to send one set of comments. Identify comments with the docket number found in brackets in the heading of this document. Received comments may be seen in the Division of Dockets Management between 9 a.m. and 4 p.m., Monday through Friday, and will be posted to the docket at https:// www.regulations.gov. Dated: June 11, 2013. Leslie Kux, Assistant Commissioner for Policy. [FR Doc. 2013–14167 Filed 6–13–13; 8:45 am] BILLING CODE 4160–01–P DEPARTMENT OF HEALTH AND HUMAN SERVICES Food and Drug Administration [Docket No. FDA–2010–D–0616] Guidance for Industry on Codevelopment of Two or More New Investigational Drugs for Use in Combination; Availability AGENCY: Food and Drug Administration, HHS. ACTION: Notice. SUMMARY: The FDA is announcing the availability of a guidance for industry entitled ‘‘Codevelopment of Two or More New Investigational Drugs for Use E:\FR\FM\14JNN1.SGM 14JNN1

Agencies

[Federal Register Volume 78, Number 115 (Friday, June 14, 2013)]
[Notices]
[Page 35940]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2013-14167]



[[Page 35940]]

-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Food and Drug Administration

[Docket No. FDA-2013-D-0616]


Content of Premarket Submissions for Management of Cybersecurity 
in Medical Devices; Draft Guidance for Industry and Food and Drug 
Administration Staff; Availability

AGENCY: Food and Drug Administration, HHS.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: The Food and Drug Administration (FDA) is announcing the 
availability of the draft guidance entitled ``Content of Premarket 
Submissions for Management of Cybersecurity in Medical Devices.'' This 
guidance identifies cybersecurity issues that manufacturers should 
consider in preparing premarket submissions for medical devices in 
order to maintain information confidentiality, integrity, and 
availability. This draft guidance is not final nor is it in effect at 
this time.

DATES: Although you can comment on any guidance at any time (see 21 CFR 
10.115(g)(5)), to ensure that the Agency considers your comment on this 
draft guidance before it begins work on the final version of the 
guidance, submit either electronic or written comments on the draft 
guidance by September 12, 2013.

ADDRESSES: Submit written requests for single copies of the draft 
guidance document entitled ``Content of Premarket Submissions for 
Management of Cybersecurity in Medical Devices'' to the Division of 
Small Manufacturers, International, and Consumer Assistance, Center for 
Devices and Radiological Health, Food and Drug Administration, 10903 
New Hampshire Ave., Bldg. 66, Rm. 4613, Silver Spring, MD 20993-0002 or 
the Office of Communication, Outreach and Development (HFM-40), 1401 
Rockville Pike, Suite 200N, Rockville, MD 20852. Send one self-
addressed adhesive label to assist that office in processing your 
request, or fax your request to 301-847-8149. See the SUPPLEMENTARY 
INFORMATION section for information on electronic access to the 
guidance.
    Submit electronic comments on the draft guidance to https://www.regulations.gov. Submit written comments to the Division of Dockets 
Management (HFA-305), Food and Drug Administration, 5630 Fishers Lane, 
Rm. 1061, Rockville, MD 20852. Identify comments with the docket number 
found in brackets in the heading of this document.

FOR FURTHER INFORMATION CONTACT: Abiy Desta, Center for Devices and 
Radiological Health, Food and Drug Administration, 10903 New Hampshire 
Ave., Bldg. 66, Rm. 1682, Silver Spring, MD 20993-0002, 301-796-0293, 
Abiy.Desta@fda.hhs.gov; or Stephen Ripley, Center for Biologics 
Evaluation and Research (HFM-17), Food and Drug Administration, 1401 
Rockville Pike, Suite 200N, Rockville, MD 20852, 301-827-6210.

SUPPLEMENTARY INFORMATION:

I. Background

    This draft guidance provides recommendations to consider and 
document in FDA medical device premarket submissions to provide 
effective cybersecurity management and to reduce the risk that device 
functionality is intentionally or unintentionally compromised. The need 
for effective cybersecurity to assure medical device functionality has 
become more important with the increasing use of wireless, Internet- 
and network-connected devices and the frequent electronic exchange of 
medical device-related health information.

II. Significance of Guidance

    This draft guidance is being issued consistent with FDA's good 
guidance practices regulation (21 CFR 10.115). The draft guidance, when 
finalized, will represent the Agency's current thinking on management 
of cybersecurity in medical devices. It does not create or confer any 
rights for or on any person and does not operate to bind FDA or the 
public. An alternative approach may be used if such approach satisfies 
the requirements of the applicable statute and regulations.

III. Electronic Access

    Persons interested in obtaining a copy of the draft guidance may do 
so by using the Internet. A search capability for all Center for 
Devices and Radiological Health guidance documents is available at 
https://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/default.htm. Guidance documents are also available at 
https://www.regulations.gov or from the Center for Biologics Evaluation 
and Research at https://www.fda.gov/BiologicsBloodVaccines/GuidanceComplianceRegulatoryInformation/default.htm. To receive 
``Content of Premarket Submissions for Management of Cybersecurity in 
Medical Devices,'' you may either send an email request to 
dsmica@fda.hhs.gov to receive an electronic copy of the document or 
send a fax request to 301-847-8149 to receive a hard copy. Please use 
the document number 1825 to identify the guidance you are requesting.

IV. Paperwork Reduction Act of 1995

    This draft guidance refers to previously approved collections of 
information found in FDA regulations. These collections of information 
are subject to review by the Office of Management and Budget (OMB) 
under the Paperwork Reduction Act of 1995 (44 U.S.C. 3501-3520). The 
collections of information in 21 CFR part 807, subpart E, have been 
approved under OMB control number 0910-0120; the collections of 
information in 21 CFR part 812 have been approved under OMB control 
number 0910-0078; the collections of information in 21 CFR part 814 
have been approved under OMB control number 0910-0231; the collections 
of information in 21 CFR part 814, subpart H, have been approved under 
OMB control number 0910-0332; and the collections of information in 21 
CFR part 820 have been approved under OMB control number 0910-0073.

V. Comments

    Interested persons may submit either electronic comments regarding 
this document to https://www.regulations.gov or written comments to the 
Division of Dockets Management (see ADDRESSES). It is only necessary to 
send one set of comments. Identify comments with the docket number 
found in brackets in the heading of this document. Received comments 
may be seen in the Division of Dockets Management between 9 a.m. and 4 
p.m., Monday through Friday, and will be posted to the docket at https://www.regulations.gov.

    Dated: June 11, 2013.
Leslie Kux,
Assistant Commissioner for Policy.
[FR Doc. 2013-14167 Filed 6-13-13; 8:45 am]
BILLING CODE 4160-01-P
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.