| Requirement |
Assessment |
| Audit Trails -- COMPLIANT |
The independent and non-modifiable Audit function provides for secure,
computer-generated date / time stamped records of record changes and key
operator entries and activities. Actions that create, modify or delete records
are retained for viewing / printing. |
| System Security -- COMPLIANT |
The INTELLAPAC PRO provides for initial and periodic testing, as well as
periodic reviews and revisions. Password expiration dates are defined and set by
the Administrator (from 10 - 90 days in 5 day increments). Only the
Administrator has access to Security Maintenance. Passwords can never be reused. |
| Record Retention, Protection, Retrievability, and Reproducibility -- COMPLIANT |
The INTELLAPAC PRO has been designed and tested to accurately retrieve and
generate all reports and database records. All electronically stored records are
validated to be able to be accurately generated, retained, protected, and
readily retrieved in both "human readable and electronic form", throughout the
retention period. A validated archive and unarchive feature further adds to the
record retention and reporting capability. |
| Operational Checks -- COMPLIANT |
Where necessary, the appropriate operational checks have been put in place to
enforce step and event sequencing. The program will only allow you to perform
events in the appropriate sequence. It is not possible to perform certain steps
before others are complete. |
| Password Security -- COMPLIANT |
Controls ensure the security, integrity, and uniqueness of the identification
and password combination used for electronic signature. Passwords must be
between 6 and 8 characters. Each username is unique, so two users cannot have the same username and password combination. |
| Electronic Signature Assignment -- COMPLIANT |
Each user's unique electronic signature cannot be reused or reassigned to
another user. Each username and password is unique. Once a password expires it can never be reused again by anyone. |
| Electronic Signatures Not Based Upon Biometrics -- COMPLIANT |
Both a user name and password are required for initial login. Both are required
on subsequent logins when security logoff has occurred due to inactivity in the
INTELLAPAC PRO, or when access to specific functions is necessary. |
| Electronic Signature With Biometric Links -- COMPLIANT |
The system is designed to preclude use by anyone except a genuine user. If an
individual is not established in the User Maintenance database there is no
ability to access the INTELLAPAC PRO. |
| Name Display |
The printed name of the individual who signs a record electronically is always
clearly displayed. His / her user name will appear on relevant documents and
reports generated by the program.. |
