Comprehensive Regulatory Compliance
By design, CMINDS® fully complies with all
applicable regulatory agency requirements regarding the collection and
management of clinical data, including the FDA's "Computer Systems Used
in Clinical Research"; the Department of Health and Human Services (DHHS): 21
CFR Part 11 for Electronic Health Records and Electronic Signatures and the
Health Insurance Portability and Accountability Act (HIPAA) of 1996.
System functions and capabilities relevant to compliance with regulatory
agency requirements are conferred by the following:
- A hierarchical password system
- Role-based access control (RBAC) and function-based access control (FBAC)
- Automatic program log-off
- Automatic password expiration
- Automatic database checksum (to corroborate that the database file has
not been altered in any unauthorized manner)
- Database encryption
- Comprehensive audit log (records all relevant information pertaining to
the Examiner's activities, including: date-stamped and time-stamped log-in,
log-off; file access; and program operations)
- Automatic database backup to optical media, enabling off-site storage and
rotation
Collectively, these features ensure highly controlled data access and full
accountability.
CMINDS® has been developed in compliance with IEEE guidelines.