ABC-TT-01 VersionV 1.0 PageV 1V2 Confidential V All rights reserved. Passing on and copying of this document, use and communication of its contents not permitted without written authorization. Security Requirements The use of security mechanisms is critical for the reduction of possible falsification or theft of information. To ensure the security of these modules Vfocusing here on the application, application equipment and software needsV and its information, the following shall be providedV Require password entry to gain initial access to the system. Require password entry immediately before non-standard high-level activity. Not display passwords on the screen during entry. Allow individual user access rights to be tailored to specific tasks or task groups. Validate passwords to prevent use of trivial or insecure passwords. Support an automatic log-off after a certain time period, e.g. 2 minutes or system administrator configurable time period. Enforce password expiry after a specified time span, and prevent reuus of passwords. Store passwords in an encrypted form, separately from the main database. Disable or disconnect terminals which have been inactive for a specified period of time. Provide the necessary technical specifications for recognition of passwords, digital signatures, fingerprints and other personal recognition methods to prove the integrity and authenticity of data and protect against forgery. A log file shall be kept with the usersV actions recorded by module functionality. All users of a module shall have a unique username and password. The users shall be forced to change their password on regular basis Ve.g. every V0 daysV. Reporting and registering in a log file any attempts for breaching access codes. Each module shall provide a maximum number of login attempts in case of a wrong password. When that maximum number is reached the user account will be temporarily disabled until the problem is located and the proper measures are taken. Include the necessary mechanisms for safeguarding the continuous availability, confidentiality and integrity of the data stored in the system. Ensure that before connecting to the system the user's identity, authority level and security profile are verified. ABC-TT-01 VersionV 1.0 PageV 2V2 Confidential V All rights reserved. Passing on and copying of this document, use and communication of its contents not permitted without written authorization. Be capable of preventing the use of unique identification numbers for any other purpose other than the provision of healthcare services. Be able to detect and report any breaches of security. Allow the application of consent by multiple authorized users for the opening and processing of certain files containing identification fields and sensitive personal data that can possibly be matched with external files. Support a single password to access different modules and levels of data. Vse audit trails to track all activity of data editing and editing persons at all times in order to minimize the possibility of undetectable alteration of data. Support security mechanisms and a list of European and international standards in every module