Download:
pdf |
pdf21274
Federal Register / Vol. 83, No. 90 / Wednesday, May 9, 2018 / Notices
• Security Continuous Monitoring—
monitoring for unauthorized
personnel, devices, software,
connections
Æ vulnerability management—
includes vulnerability scanning and
remediation
Æ patch management
Æ system configuration security
settings
Æ user account usage (local and
remote) and user behavioral
analytics
amozie on DSK3GDR082PROD with NOTICES
Respond (RS)
• Response Planning—response plan
executed after an event, mitigation
of security issues
Recover (RC)
• Recovery and Restoration—recovery
and restoration activities executed
after an event
Æ business continuity and business
resumption processes
D In addition to restoration capability
from archival media, the project
should consider high availability
and continuity for data storage.
Implicitly, disk arrays used for
image storage should have the
capability to implement various
Redundant Array of Independent
Disks (RAID) configurations. RAID
0, 1, 5, 6, and 1+0 should be
supported. Disk arrays should also
be made available for cold or warm
restore/failover capability. Other
data storage solutions that provide
the same (or better) reliability and
durability are considered.
Responding organizations need to
understand and, in their letters of
interest, commit to provide:
1. Access for all participants’ project
teams to component interfaces and the
organization’s experts necessary to make
functional connections among security
platform components
2. Support for development and
demonstration of the Securing Picture
Archiving and Communication System
(PACS) Cybersecurity for the healthcare
sector use case in NCCoE facilities
which will be conducted in a manner
consistent with the following standards
and guidance: FIPS 200, FIPS 201, SP
800–53 and FIPS 140–2, SP 800–30, SP
800–37, SP 800–39, SP 800–41, SP 800–
52, SP 800–57, SP 800–63–3, SP 800–66,
SP 800–77, SP 800–95, SP 800–144, SP
800–146, SP 800–171, SP 800–181, ISO
12052:2011 Health Informatics—Digital
Imaging and Communication in
Medicine (DICOM) including Workflow
and Data Management, AAMI TIR57,
ANSI/AAMI/IEC 80001–1:2010, IEC
Technical Report 80001–2–1, IEC
Technical Report 80001–2–2, internet
VerDate Sep<11>2014
17:39 May 08, 2018
Jkt 244001
Engineering Task Force Request for
Comments 4301, Food & Drug
Administration (FDA) Content of
Premarket Submissions for Management
of Cybersecurity in Medical Devices,
FDA Postmark Management of
Cybersecurity in Medical Devices, FDA
Guidance for Industry—Cybersecurity
for Networked Medical Devices
Containing Off-the-Shelf Software, FDA
Guidance for Submission of Premarket
Notifications for Medical Image
Management Devices, FDA Medical
Device Data Systems, Medical Image
Storage Devices, Medical Image
Communications Device, Department of
Health & Human Services Office for
Civil Rights Health Insurance Portability
and Accountability Act Security Rule
Crosswalk to NIST Cybersecurity
Framework, Department of Homeland
Security Attack Surface: Healthcare and
Public Sector, Integrating the Healthcare
Enterprise Radiology Technical
Framework.
Additional details about the Securing
Picture Archiving and Communication
System (PACS) Cybersecurity for the
healthcare sector use case are available
at: https://nccoe.nist.gov/projects/usecases/health-it/pacs.
NIST cannot guarantee that all of the
products proposed by respondents will
be used in the demonstration. Each
prospective participant will be expected
to work collaboratively with NIST staff
and other project participants under the
terms of the consortium CRADA in the
development of the Securing Picture
Archiving and Communication System
(PACS) Cybersecurity for the healthcare
sector capability. Prospective
participants’ contribution to the
collaborative effort will include
assistance in establishing the necessary
interface functionality, connection and
set-up capabilities and procedures,
demonstration harnesses, environmental
and safety conditions for use, integrated
platform user instructions, and
demonstration plans and scripts
necessary to demonstrate the desired
capabilities. Each participant will train
NIST personnel, as necessary, to operate
its product in capability demonstrations
to the healthcare community. Following
successful demonstrations, NIST will
publish a description of the security
platform and its performance
characteristics sufficient to permit other
organizations to develop and deploy
security platforms that meet the security
objectives of the Securing Picture
Archiving and Communication System
(PACS) Cybersecurity for the healthcare
sector use case. These descriptions will
be public information.
Under the terms of the consortium
CRADA, NIST will support
PO 00000
Frm 00018
Fmt 4703
Sfmt 4703
development of interfaces among
participants’ products by providing IT
infrastructure, laboratory facilities,
office facilities, collaboration facilities,
and staff support to component
composition, security platform
documentation, and demonstration
activities.
The dates of the demonstration of the
Securing Picture Archiving and
Communication System (PACS)
Cybersecurity for the healthcare sector
capability will be announced on the
NCCoE website at least two weeks in
advance at http://nccoe.nist.gov/. The
expected outcome of the demonstration
is to improve securing picture archiving
and communications system (PACS)
cybersecurity across an entire healthcare
sector enterprise. Participating
organizations will gain from the
knowledge that their products are
interoperable with other participants’
offerings.
For additional information on the
NCCoE governance, business processes,
and NCCoE operational structure, visit
the NCCoE website http://
nccoe.nist.gov/.
Kevin A. Kimball,
Chief of Staff.
[FR Doc. 2018–09897 Filed 5–8–18; 8:45 am]
BILLING CODE 3510–13–P
DEPARTMENT OF COMMERCE
National Oceanic and Atmospheric
Administration
Proposed Information Collection;
Comment Request; Observer
Programs’ Information That Can Be
Gathered Only Through Questions
National Oceanic and
Atmospheric Administration (NOAA),
Commerce.
ACTION: Notice.
AGENCY:
The Department of
Commerce, as part of its continuing
effort to reduce paperwork and
respondent burden, invites the general
public and other Federal agencies to
take this opportunity to comment on
proposed and/or continuing information
collections, as required by the
Paperwork Reduction Act of 1995.
DATES: Written comments must be
submitted on or before July 9, 2018.
ADDRESSES: Direct all written comments
to Jennifer Jessup, Departmental
Paperwork Clearance Officer,
Department of Commerce, Room 6616,
14th and Constitution Avenue NW,
Washington, DC 20230 (or via the
internet at pracomments@doc.gov).
SUMMARY:
E:\FR\FM\09MYN1.SGM
09MYN1
Federal Register / Vol. 83, No. 90 / Wednesday, May 9, 2018 / Notices
FOR FURTHER INFORMATION CONTACT:
Requests for additional information or
copies of the information collection
instrument and instructions should be
directed to Liz Chilton, (301) 427–8201
or elizabeth.chilton@noaa.gov.
SUPPLEMENTARY INFORMATION:
amozie on DSK3GDR082PROD with NOTICES
I. Abstract
The National Oceanic and
Atmospheric Administration (NOAA),
National Marine Fisheries Service
(NMFS) deploys fishery observers on
United States (U.S.) commercial fishing
vessels and to fish processing plants in
order to collect biological and economic
data. NMFS has at least one observer
program in each of its five Regions.
These observer programs provide the
most reliable and effective method for
obtaining information that is critical for
the conservation and management of
living marine resources. Observer
programs primarily obtain information
through direct observations by
employees or agents of NMFS; and such
observations are not subject to the
Paperwork Reduction Act (PRA).
However, observer programs also collect
the following information that requires
clearance under the PRA: (1)
Standardized questions of fishing vessel
captains/crew or fish processing plant
managers/staff, which include gear and
performance questions, safety questions,
and trip costs, crew size and other
economic questions; (2) questions asked
by observer program staff/contractors to
plan observer deployments; (3) forms
that are completed by observers and that
fishing vessel captains are asked to
review and sign; (4) questionnaires to
evaluate observer performance; and (5)
a form to certify that a fisherman is the
permit holder when requesting observer
data from the observer on the vessel.
NMFS seeks to renew OMB PRA
clearance for these information
collections.
The information collected will be
used to: (1) Monitor catch and bycatch
in federally managed commercial
fisheries; (2) understand the population
status and trends of fish stocks and
protected species, as well as the
interactions between them; (3)
determine the quantity and distribution
of net benefits derived from living
marine resources; (4) predict the
biological, ecological, and economic
impacts of existing management action
and proposed management options; and
(5) ensure that the observer programs
can safely and efficiently collect the
information required for the previous
four uses. In particular, these biological
and economic data collection programs
contribute to legally mandated analyses
VerDate Sep<11>2014
17:39 May 08, 2018
Jkt 244001
required under the Magnuson-Stevens
Fishery Conservation and Management
Act (MSA), the Endangered Species Act
(ESA), the Marine Mammal Protection
Act (MMPA), the National
Environmental Policy Act (NEPA), the
Regulatory Flexibility Act (RFA),
Executive Order 12866 (E.O. 12866), as
well as a variety of state statutes. The
confidentiality of the data will be
protected as required by the MSA,
Section 402(b).
II. Method of Collection
The information will be collected by
(1) NMFS observers while they are
deployed on a vessel to observe a
particular fishing trip; questions will be
asked in-person to the captain, crew
and/or owner (if on board the vessel)
during the course of the observed trip;
(2) via mail through follow up surveys
of economic information not available
during the trip; (3) via telephone or mail
survey by the observer program staff or
contractor planning to deploy observers;
or (4) via feedback questionnaires
mailed to the vessel owners or captains
to evaluate observer performance.
III. Data
OMB Control Number: 0648–0593.
Form Number: None.
Type of Review: Regular submission.
Affected Public: Business or other forprofit organizations.
Estimated Number of Respondents:
20,643.
Estimated Time per Response: 51
minutes. Information will be collected
for observed fishing trips and
deployments to fish processing plants;
therefore, there will be multiple
responses for some respondents, but
counted as one response per trip or
plant visit.
Estimated Total Annual Burden
Hours: 26,172.
Estimated Total Annual Cost to
Public: $1,160.
IV. Request for Comments
Comments are invited on: (a) Whether
the proposed collection of information
is necessary for the proper performance
of the functions of the agency, including
whether the information shall have
practical utility; (b) the accuracy of the
agency’s estimate of the burden
(including hours and cost) of the
proposed collection of information; (c)
ways to enhance the quality, utility, and
clarity of the information to be
collected; and (d) ways to minimize the
burden of the collection of information
on respondents, including through the
use of automated collection techniques
or other forms of information
technology.
PO 00000
Frm 00019
Fmt 4703
Sfmt 4703
21275
Comments submitted in response to
this notice will be summarized and/or
included in the request for OMB
approval of this information collection;
they also will become a matter of public
record.
Dated: May 3, 2018.
Sarah Brabson,
NOAA PRA Clearance Officer.
[FR Doc. 2018–09835 Filed 5–8–18; 8:45 am]
BILLING CODE 3510–22–P
DEPARTMENT OF COMMERCE
National Oceanic and Atmospheric
Administration
Proposed Extension of a Currently
Approved Information Collection;
Comment Request; Aleutian Islands
Pollock Fishery
National Oceanic and
Atmospheric Administration (NOAA),
Commerce.
ACTION: Notice.
AGENCY:
The Department of
Commerce, as part of its continuing
effort to reduce paperwork and
respondent burden, invites the general
public and other Federal agencies to
take this opportunity to comment this
continuing information collection, as
required by the Paperwork Reduction
Act of 1995.
DATES: Written comments must be
submitted on or before July 9, 2018.
ADDRESSES: Direct all written comments
to Jennifer Jessup, Departmental
Paperwork Clearance Officer,
Department of Commerce, Room 6616,
14th and Constitution Avenue NW,
Washington, DC 20230 (or via the
internet at pracomments@doc.gov).
FOR FURTHER INFORMATION CONTACT:
Requests for additional information or
copies of the information collection
instrument and instructions should be
directed to Gabrielle Aberle, 907–586–
7228.
SUMMARY:
SUPPLEMENTARY INFORMATION:
I. Abstract
This request is for extension of a
currently approved information
collection.
Amendment 82 to the Fishery
Management Plan for Groundfish of the
Bering Sea and Aleutian Islands
Management Area (FMP) established a
framework for the management of the
Aleutian Islands subarea (AI) directed
pollock fishery. An AI pollock fishery
was allocated to the Aleut Corporation,
Adak, Alaska, for the purpose of
economic development in Adak, Alaska.
E:\FR\FM\09MYN1.SGM
09MYN1
File Type | application/pdf |
File Modified | 2018-05-09 |
File Created | 2018-05-09 |