Consumer Mobile Health Application Functional Framework, Release 2
2.0.1 - CI build
Consumer Mobile Health Application Functional Framework, Release 2, published by HL7 International / Mobile Health. This guide is not an authorized publication; it is the continuous build for version 2.0.1 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/cmhaff-ig/ and changes regularly. See the Directory of published versions
Page standards status: Informative |
<Requirements xmlns="http://hl7.org/fhir">
<id value="CMHAFFR2-PIM.2"/>
<meta>
<profile
value="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/FMHeader"/>
</meta>
<text>
<status value="extensions"/>
<div xmlns="http://www.w3.org/1999/xhtml">
<span id="description"><b>Statement <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b> <div/></span>
<span id="requirements"><b>Criteria <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b></span>
<table id="statements" class="grid dict">
<tr>
<td style="padding-left: 4px;">
<span>PIM.2#54</span>
</td>
<td style="padding-left: 4px;">
<span>SHALL</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>A user can review the app’s Terms of Use before personal data about the user is collected and used.</p>
</div></span>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
<span>PIM.2#55</span>
</td>
<td style="padding-left: 4px;">
<span>SHALL</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>[The app creates user accounts] User acceptance of the app’s Terms of Use is logged before a user account is authorized (See section 3.4.10 for information about audit log record creation).</p>
</div></span>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
<span>PIM.2#56</span>
</td>
<td style="padding-left: 4px;">
<span>SHALL</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>[User is allowed to use pre-existing account credentials from an Identity Provider (IDP) to access the app] Before a user chooses to use pre-existing account credentials to access the app: (a) The user is informed about what attribute information will be used by the app associated with the pre-existing credentials; (b) The user is informed about what data is communicated back to the IDP at the time of account creation and at each subsequent user authentication.</p>
</div></span>
</td>
</tr>
<tr>
<td style="padding-left: 4px;">
<span>PIM.2#57</span>
</td>
<td style="padding-left: 4px;">
<span>SHOULD</span>
</td>
<td style="padding-left: 4px;" class="requirement">
<span><div><p>For purposes of establishing an account, the minimum necessary amount of a user’s personally identifiable information (PII) is collected, e.g., the information is necessary to authenticate the user, provide customer support, or affect the app logic.</p>
</div></span>
</td>
</tr>
</table>
</div>
</text>
<extension
url="http://hl7.org/fhir/StructureDefinition/structuredefinition-wg">
<valueCode value="mobile"/>
</extension>
<url value="http://hl7.org/fhir/uv/cmhaffr2/Requirements/CMHAFFR2-PIM.2"/>
<version value="2.0.1"/>
<name value="PIM_2_Launch_App_and_Establish_User_Account"/>
<title value="PIM.2 Launch App and Establish User Account (Header)"/>
<status value="active"/>
<date value="2025-05-28T08:01:49+00:00"/>
<publisher value="HL7 International / Mobile Health"/>
<contact>
<telecom>
<system value="url"/>
<value value="http://www.hl7.org/Special/committees/mobile"/>
</telecom>
</contact>
<jurisdiction>
<coding>
<system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/>
<code value="001"/>
<display value="World"/>
</coding>
</jurisdiction>
<statement>
<extension
url="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="CMHAFFR2-PIM.2-54"/>
<label value="PIM.2#54"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="A user can review the app’s Terms of Use before personal data about the user is collected and used."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="CMHAFFR2-PIM.2-55"/>
<label value="PIM.2#55"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="[The app creates user accounts] User acceptance of the app’s Terms of Use is logged before a user account is authorized (See section 3.4.10 for information about audit log record creation)."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="CMHAFFR2-PIM.2-56"/>
<label value="PIM.2#56"/>
<conformance value="SHALL"/>
<conditionality value="false"/>
<requirement
value="[User is allowed to use pre-existing account credentials from an Identity Provider (IDP) to access the app] Before a user chooses to use pre-existing account credentials to access the app: (a) The user is informed about what attribute information will be used by the app associated with the pre-existing credentials; (b) The user is informed about what data is communicated back to the IDP at the time of account creation and at each subsequent user authentication."/>
</statement>
<statement>
<extension
url="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent">
<valueBoolean value="false"/>
</extension>
<key value="CMHAFFR2-PIM.2-57"/>
<label value="PIM.2#57"/>
<conformance value="SHOULD"/>
<conditionality value="false"/>
<requirement
value="For purposes of establishing an account, the minimum necessary amount of a user’s personally identifiable information (PII) is collected, e.g., the information is necessary to authenticate the user, provide customer support, or affect the app logic."/>
</statement>
</Requirements>