Authentication, Authorization, Syncing, Security, Provenance, Exchange, Alerts, Upgrades, and Auditing
A breakdown of Consumer Health App usage requirements that includes aspects of Authentication, Authorization, Syncing, Security, Provenance, Exchange, Alerts, Upgrades, and Auditing.
Protecting against unauthorized access
This category is about the system[1] protecting against unauthorized access (e.g., by persons other than the consumer).
[1] “System” includes the app itself (on the device) as well as its supporting infrastructure (e.g., cloud-based or other services provided outside the device)
Auditing methods for consumer health apps
This category is about auditing, which is a mechanism for user and system accountability. Important events, such as logins and access to particular functions and data, are recorded and can be used to detect instances of non-compliant behavior and to facilitate detection of improper creation, access, modification, and deletion of personal health information.
Protecting against unauthorized access
This category is about personal data collection and use, including access to device features, being understood and explicitly authorized (consented to) by the users of the app.
Pairing or Syncing User Accounts with Devices and Data Repositories
This category is about consumer verification of all devices to which they wish to pair or sync data.