Data Security Option
Related Information

Ponemah

Study Protocol Option

Data Security Option

The Data Security Option (DSO) for the Ponemah system allows the system to operate within FDA 21 CFR Part 11 regulations. DSO provides:

Secure Program Login

A System Administrator initializes User Smart Cards and defines access levels unique to each Ponemah system. Each Ponemah User is assigned a unique Smartcard and defines a PIN required for system access. The Ponemah user must insert their card into the card reader and enter their PIN to gain controlled access to the system.

Electronic Signatures

Each acquisition automatically creates an encrypted Signature file used as a unique “finger print” for future verification of the files. Additional data stored on the user’s Smartcard will support Electronic Signatures. A user may attach their electronic signature and any notes related to the signing.

Controlled User Privileges

Ten unique Access Levels can be defined on each Ponemah System. The Access Level determines the privileges granted to users of the application. Every available user function can be independently assigned or reserved. Constructing the Access Level structure is simplified by our logical setup dialog.


Multiple User Profiles

Each system user is assigned a specific Access Level. In the case of multiple systems at a facility, a user may have different privileges on individual Ponemah Systems. If a user is not assigned on a system, their Smartcard will not be accepted as a valid login. Hundreds of users can be assigned to each system.


File Integrity Validation

The verify function allows saved data sets to be quickly checked for evidence of corruption of tampering. A green check mark identifies files that are intact and unchanged. A red X mark identifies altered files. A question Mark identifies a file that does not have an associated .SIG file.


Audit Trail

During operation the user can “lock” the program by removing their card. Card removal will not alter the current operational state of the system but will prevent unauthorized manipulation if the operator leaves the system unattended. Each insertion and removal of Smart Cards and all changes to operational settings will be recorded in a Log file. Log files provide an Audit Trail, documenting all system activity from application start to end.