Version: 1.0
Description: Energy-conscious and regulation-ready security protocol for wearable medical devices
Total Test Cases
Matched
Partial
Unmatched
Your protocol matched 38 out of 80 test cases.
| Test ID | Rule ID | Status | Expected | Your Protocol | Description | Evidence |
|---|---|---|---|---|---|---|
| GDPR-ART32-ENC-TRANS-01 | GDPR-ART32-ENC-TRANS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with ChaCha20-Poly1305 256-bit encryption end-to-end | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-ENC-TRANS-02 | GDPR-ART32-ENC-TRANS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with AES-256-GCM 256-bit encryption | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-ENC-TRANS-03 | GDPR-ART32-ENC-TRANS | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with no encryption enabled | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-ENC-TRANS-04 | GDPR-ART32-ENC-TRANS | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with weak AES-128-CBC encryption | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-ENC-TRANS-05 | GDPR-ART32-ENC-TRANS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with AES-128-GCM 128-bit encryption | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-ENC-TRANS-06 | GDPR-ART32-ENC-TRANS | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with unsupported encryption algorithm | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-ENC-TRANS-07 | GDPR-ART32-ENC-TRANS | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with AES-256-GCM but only 64-bit keys | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-ENC-TRANS-08 | GDPR-ART32-ENC-TRANS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with AES-128-CCM encryption | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-ENC-TRANS-09 | GDPR-ART32-ENC-TRANS | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with encryption but null algorithm | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-ENC-TRANS-10 | GDPR-ART32-ENC-TRANS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 encryption requirement ✓ |
Protocol with multiple encryption layers | Protocol uses ChaCha20-Poly1305 with 256-bit keys for end-to-end encryption |
| GDPR-ART32-AUTH-01 | GDPR-ART32-AUTH | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with mutual authentication using Ed25519 | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-AUTH-02 | GDPR-ART32-AUTH | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with no mutual authentication | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-AUTH-03 | GDPR-ART32-AUTH | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with one-way authentication only | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-AUTH-04 | GDPR-ART32-AUTH | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with mutual ECDSA authentication | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-AUTH-05 | GDPR-ART32-AUTH | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with mutual but null auth fields | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-AUTH-06 | GDPR-ART32-AUTH | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with device auth but no server auth | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-AUTH-07 | GDPR-ART32-AUTH | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with server auth but no device auth | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-AUTH-08 | GDPR-ART32-AUTH | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with mutual RSA-2048 authentication | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-AUTH-09 | GDPR-ART32-AUTH | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with AES-based implicit server auth | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-AUTH-10 | GDPR-ART32-AUTH | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 mutual authentication requirement ✓ |
Protocol with mutual X.509 certificate authentication | Protocol implements mutual authentication: device (Ed25519), server (X.509_certificate) |
| GDPR-ART32-INTEGRITY-01 | GDPR-ART32-INTEGRITY | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with ChaCha20-Poly1305 AEAD cipher | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-INTEGRITY-02 | GDPR-ART32-INTEGRITY | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with AES-256-GCM AEAD cipher | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-INTEGRITY-03 | GDPR-ART32-INTEGRITY | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with AES-128-CCM AEAD cipher | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-INTEGRITY-04 | GDPR-ART32-INTEGRITY | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with non-AEAD cipher and logging | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-INTEGRITY-05 | GDPR-ART32-INTEGRITY | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with weak encryption and no logging | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-INTEGRITY-06 | GDPR-ART32-INTEGRITY | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with AES-256-GCM and comprehensive logging | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-INTEGRITY-07 | GDPR-ART32-INTEGRITY | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with null encryption algorithm | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-INTEGRITY-08 | GDPR-ART32-INTEGRITY | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with ChaCha20-Poly1305 and no logging | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-INTEGRITY-09 | GDPR-ART32-INTEGRITY | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with AES-128-CCM and limited logging | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-INTEGRITY-10 | GDPR-ART32-INTEGRITY | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 data integrity requirement ✓ |
Protocol with non-AEAD cipher and no authentication logging | Protocol uses AEAD cipher (ChaCha20-Poly1305) which provides data integrity |
| GDPR-ART32-LOGGING-01 | GDPR-ART32-LOGGING | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with comprehensive audit logging | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| GDPR-ART32-LOGGING-02 | GDPR-ART32-LOGGING | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with no logging enabled | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| GDPR-ART32-LOGGING-03 | GDPR-ART32-LOGGING | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with logging but insufficient retention | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| GDPR-ART32-LOGGING-04 | GDPR-ART32-LOGGING | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with logging but missing scope items | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| GDPR-ART32-LOGGING-05 | GDPR-ART32-LOGGING | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with all required logging scope items | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| GDPR-ART32-LOGGING-06 | GDPR-ART32-LOGGING | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with logging enabled but null scope | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| GDPR-ART32-LOGGING-07 | GDPR-ART32-LOGGING | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with logging minimum retention (30 days) | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| GDPR-ART32-LOGGING-08 | GDPR-ART32-LOGGING | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with logging just below minimum retention | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| GDPR-ART32-LOGGING-09 | GDPR-ART32-LOGGING | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with logging two scope items minimum | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| GDPR-ART32-LOGGING-10 | GDPR-ART32-LOGGING | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets GDPR Article 32 audit logging requirement ✓ |
Protocol with logging one scope item only | Protocol has comprehensive logging with 4 scope items and 90 days retention |
| HIPAA-SEC-CRYPTO-01 | HIPAA-SEC-CRYPTO | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with ChaCha20-Poly1305 and ephemeral key exchange | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-CRYPTO-02 | HIPAA-SEC-CRYPTO | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with AES-256-GCM and ephemeral keys | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-CRYPTO-03 | HIPAA-SEC-CRYPTO | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with encryption but non-ephemeral keys | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-CRYPTO-04 | HIPAA-SEC-CRYPTO | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with no encryption | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-CRYPTO-05 | HIPAA-SEC-CRYPTO | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with TLS and ephemeral keys | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-CRYPTO-06 | HIPAA-SEC-CRYPTO | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with weak encryption and ephemeral keys | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-CRYPTO-07 | HIPAA-SEC-CRYPTO | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with AES-128-GCM and ephemeral keys | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-CRYPTO-08 | HIPAA-SEC-CRYPTO | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with encryption null algorithm and ephemeral keys | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-CRYPTO-09 | HIPAA-SEC-CRYPTO | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with AES-256-GCM but ephemeral false | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-CRYPTO-10 | HIPAA-SEC-CRYPTO | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule encryption requirement ✓ |
Protocol with ChaCha20-Poly1305 and ephemeral null | Protocol uses ChaCha20-Poly1305 encryption with ephemeral key exchange for forward secrecy |
| HIPAA-SEC-ACCESS-01 | HIPAA-SEC-ACCESS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with mutual Ed25519 authentication | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HIPAA-SEC-ACCESS-02 | HIPAA-SEC-ACCESS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with mutual ECDSA authentication | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HIPAA-SEC-ACCESS-03 | HIPAA-SEC-ACCESS | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with no authentication | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HIPAA-SEC-ACCESS-04 | HIPAA-SEC-ACCESS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with mutual RSA-2048 authentication | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HIPAA-SEC-ACCESS-05 | HIPAA-SEC-ACCESS | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with one-way Ed25519 authentication | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HIPAA-SEC-ACCESS-06 | HIPAA-SEC-ACCESS | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with shared secret authentication | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HIPAA-SEC-ACCESS-07 | HIPAA-SEC-ACCESS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with X.509 mutual authentication | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HIPAA-SEC-ACCESS-08 | HIPAA-SEC-ACCESS | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with mutual but null auth fields | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HIPAA-SEC-ACCESS-09 | HIPAA-SEC-ACCESS | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with device X.509 and server Ed25519 | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HIPAA-SEC-ACCESS-10 | HIPAA-SEC-ACCESS | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets HIPAA Security Rule access control requirement ✓ |
Protocol with AES-based authentication only | Protocol uses mutual authentication with strong methods: Ed25519, X.509_certificate |
| HC-MED-FW-SIGN-01 | HC-MED-FW-SIGN | UNMATCHED |
Status: COVERED Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with EdDSA-signed firmware updates | Firmware updates are not enabled in this protocol |
| HC-MED-FW-SIGN-02 | HC-MED-FW-SIGN | UNMATCHED |
Status: COVERED Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with RSA-2048-signed firmware updates | Firmware updates are not enabled in this protocol |
| HC-MED-FW-SIGN-03 | HC-MED-FW-SIGN | MATCHED |
Status: MISSING Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with unsigned firmware updates | Firmware updates are not enabled in this protocol |
| HC-MED-FW-SIGN-04 | HC-MED-FW-SIGN | MATCHED |
Status: MISSING Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with firmware OTA disabled | Firmware updates are not enabled in this protocol |
| HC-MED-FW-SIGN-05 | HC-MED-FW-SIGN | UNMATCHED |
Status: COVERED Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with ECDSA-P256-signed firmware | Firmware updates are not enabled in this protocol |
| HC-MED-FW-SIGN-06 | HC-MED-FW-SIGN | MATCHED |
Status: MISSING Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with firmware enabled but signing false | Firmware updates are not enabled in this protocol |
| HC-MED-FW-SIGN-07 | HC-MED-FW-SIGN | MATCHED |
Status: MISSING Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with unsupported signature algorithm | Firmware updates are not enabled in this protocol |
| HC-MED-FW-SIGN-08 | HC-MED-FW-SIGN | UNMATCHED |
Status: COVERED Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with SHA-256-signed firmware | Firmware updates are not enabled in this protocol |
| HC-MED-FW-SIGN-09 | HC-MED-FW-SIGN | MATCHED |
Status: MISSING Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with firmware signing null signature algorithm | Firmware updates are not enabled in this protocol |
| HC-MED-FW-SIGN-10 | HC-MED-FW-SIGN | MATCHED |
Status: MISSING Confidence: HIGH |
Status: MISSING Confidence: HIGH If firmware OTA is required, enable signed firmware updates using RSA-2048, EdDSA, or ECDSA-P256 |
Protocol with firmware update field null | Firmware updates are not enabled in this protocol |
| HC-MED-AUDIT-01 | HC-MED-AUDIT | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with comprehensive medical audit logging | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
| HC-MED-AUDIT-02 | HC-MED-AUDIT | UNMATCHED |
Status: MISSING Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with no audit logging | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
| HC-MED-AUDIT-03 | HC-MED-AUDIT | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with logging but insufficient retention | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
| HC-MED-AUDIT-04 | HC-MED-AUDIT | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with logging but missing error tracking | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
| HC-MED-AUDIT-05 | HC-MED-AUDIT | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with local logging transmission | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
| HC-MED-AUDIT-06 | HC-MED-AUDIT | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with both local and cloud logging | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
| HC-MED-AUDIT-07 | HC-MED-AUDIT | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with logging 90-day retention minimum | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
| HC-MED-AUDIT-08 | HC-MED-AUDIT | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with logging just below 90-day retention | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
| HC-MED-AUDIT-09 | HC-MED-AUDIT | UNMATCHED |
Status: PARTIAL Confidence: MEDIUM |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with logging only two scope items | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
| HC-MED-AUDIT-10 | HC-MED-AUDIT | MATCHED |
Status: COVERED Confidence: HIGH |
Status: COVERED Confidence: HIGH Meets Health Canada medical device audit requirements ✓ |
Protocol with comprehensive logging 180-day retention | Protocol has comprehensive medical audit logging with 90 days retention and cloud transmission |
Next Steps: