Consumer Mobile Health Application Functional Framework, Release 2
2.0.1 - CI build International flag

Consumer Mobile Health Application Functional Framework, Release 2, published by HL7 International / Mobile Health. This guide is not an authorized publication; it is the continuous build for version 2.0.1 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/cmhaff-ig/ and changes regularly. See the Directory of published versions

: PIM.2 Launch App and Establish User Account (Header) - XML Representation

Page standards status: Informative

Raw xml | Download


<Requirements xmlns="http://hl7.org/fhir">
  <id value="CMHAFFR2-PIM.2"/>
  <meta>
    <profile
             value="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/FMHeader"/>
  </meta>
  <text>
    <status value="extensions"/>
    <div xmlns="http://www.w3.org/1999/xhtml">
    <span id="description"><b>Statement <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b> <div/></span>

    

    
    
    

    
    <span id="requirements"><b>Criteria <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b></span>
    
    <table id="statements" class="grid dict">
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>PIM.2#54</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>A user can review the app’s Terms of Use before personal data about the user is collected and used.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>PIM.2#55</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>[The app creates user accounts] User acceptance of the app’s Terms of Use is logged before a user account is authorized (See section 3.4.10 for information about audit log record creation).</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>PIM.2#56</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>[User is allowed to use pre-existing account credentials from an Identity Provider (IDP) to access the app] Before a user chooses to use pre-existing account credentials to access the app: (a) The user is informed about what attribute information will be used by the app associated with the pre-existing credentials; (b) The user is informed about what data is communicated back to the IDP at the time of account creation and at each subsequent user authentication.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>PIM.2#57</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHOULD</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>For purposes of establishing an account, the minimum necessary amount of a user’s personally identifiable information (PII) is collected, e.g., the information is necessary to authenticate the user, provide customer support, or affect the app logic.</p>
</div></span>
                
                
            </td>
        </tr>
        
    </table>
</div>
  </text>
  <extension
             url="http://hl7.org/fhir/StructureDefinition/structuredefinition-wg">
    <valueCode value="mobile"/>
  </extension>
  <url value="http://hl7.org/fhir/uv/cmhaffr2/Requirements/CMHAFFR2-PIM.2"/>
  <version value="2.0.1"/>
  <name value="PIM_2_Launch_App_and_Establish_User_Account"/>
  <title value="PIM.2 Launch App and Establish User Account (Header)"/>
  <status value="active"/>
  <date value="2025-05-28T08:01:49+00:00"/>
  <publisher value="HL7 International / Mobile Health"/>
  <contact>
    <telecom>
      <system value="url"/>
      <value value="http://www.hl7.org/Special/committees/mobile"/>
    </telecom>
  </contact>
  <jurisdiction>
    <coding>
      <system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/>
      <code value="001"/>
      <display value="World"/>
    </coding>
  </jurisdiction>
  <statement>
    <extension
               url="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="CMHAFFR2-PIM.2-54"/>
    <label value="PIM.2#54"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="A user can review the app’s Terms of Use before personal data about the user is collected and used."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="CMHAFFR2-PIM.2-55"/>
    <label value="PIM.2#55"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="[The app creates user accounts] User acceptance of the app’s Terms of Use is logged before a user account is authorized (See section 3.4.10 for information about audit log record creation)."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="CMHAFFR2-PIM.2-56"/>
    <label value="PIM.2#56"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="[User is allowed to use pre-existing account credentials from an Identity Provider (IDP) to access the app] Before a user chooses to use pre-existing account credentials to access the app: (a) The user is informed about what attribute information will be used by the app associated with the pre-existing credentials; (b) The user is informed about what data is communicated back to the IDP at the time of account creation and at each subsequent user authentication."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="CMHAFFR2-PIM.2-57"/>
    <label value="PIM.2#57"/>
    <conformance value="SHOULD"/>
    <conditionality value="false"/>
    <requirement
                 value="For purposes of establishing an account, the minimum necessary amount of a user’s personally identifiable information (PII) is collected, e.g., the information is necessary to authenticate the user, provide customer support, or affect the app logic."/>
  </statement>
</Requirements>