{
  "resourceType" : "Requirements",
  "id" : "CMHAFFR2-PIM.2",
  "meta" : {
    "profile" : ["http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/FMHeader"]
  },
  "language" : "en",
  "text" : {
    "status" : "extensions",
    "div" : "<div xml:lang=\"en\" xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\">\n    \n    \n    \n    \n    <div id=\"requirements\"><b>Criteria <a href=\"https://hl7.org/fhir/versions.html#std-process\" title=\"Normative Content\" class=\"normative-flag\">N</a>:</b></div>\n    \n    <table id=\"statements\" class=\"grid dict\">\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n            PIM.2#54\n            </td>\n            <td style=\"padding-left: 4px;\">\n            SHALL\n            \n            \n            \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                <div><p>A user can review the app’s Terms of Use before personal data about the user is collected and used.</p>\n</div>\n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n            PIM.2#55\n            </td>\n            <td style=\"padding-left: 4px;\">\n            SHALL\n            \n            \n            \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                <div><p>[The app creates user accounts] User acceptance of the app’s Terms of Use is logged before a user account is authorized (See section 3.4.10 for information about audit log record creation).</p>\n</div>\n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n            PIM.2#56\n            </td>\n            <td style=\"padding-left: 4px;\">\n            SHALL\n            \n            \n            \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                <div><p>[User is allowed to use pre-existing account credentials from an Identity Provider (IDP) to access the app] Before a user chooses to use pre-existing account credentials to access the app: (a) The user is informed about what attribute information will be used by the app associated with the pre-existing credentials; (b) The user is informed about what data is communicated back to the IDP at the time of account creation and at each subsequent user authentication.</p>\n</div>\n                \n            </td>\n        </tr>\n        \n        <tr>\n            <td style=\"padding-left: 4px;\">\n            PIM.2#57\n            </td>\n            <td style=\"padding-left: 4px;\">\n            SHOULD\n            \n            \n            \n            </td>\n            <td style=\"padding-left: 4px;\" class=\"requirement\">\n                <div><p>For purposes of establishing an account, the minimum necessary amount of a user’s personally identifiable information (PII) is collected, e.g., the information is necessary to authenticate the user, provide customer support, or affect the app logic.</p>\n</div>\n                \n            </td>\n        </tr>\n        \n    </table>\n</div>"
  },
  "extension" : [{
    "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
    "valueCode" : "mobile"
  }],
  "url" : "http://hl7.org/fhir/uv/cmhaffr2/Requirements/CMHAFFR2-PIM.2",
  "version" : "2.0.1",
  "name" : "PIM_2_Launch_App_and_Establish_User_Account",
  "title" : "PIM.2 Launch App and Establish User Account (Header)",
  "status" : "active",
  "date" : "2026-03-20T11:58:09+00:00",
  "publisher" : "HL7 International / Mobile Health",
  "contact" : [{
    "telecom" : [{
      "system" : "url",
      "value" : "http://www.hl7.org/Special/committees/mobile"
    }]
  }],
  "jurisdiction" : [{
    "coding" : [{
      "system" : "http://unstats.un.org/unsd/methods/m49/m49.htm",
      "code" : "001",
      "display" : "World"
    }]
  }],
  "statement" : [{
    "extension" : [{
      "url" : "http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent",
      "valueBoolean" : false
    }],
    "key" : "CMHAFFR2-PIM.2-54",
    "label" : "PIM.2#54",
    "conformance" : ["SHALL"],
    "conditionality" : false,
    "requirement" : "A user can review the app’s Terms of Use before personal data about the user is collected and used."
  },
  {
    "extension" : [{
      "url" : "http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent",
      "valueBoolean" : false
    }],
    "key" : "CMHAFFR2-PIM.2-55",
    "label" : "PIM.2#55",
    "conformance" : ["SHALL"],
    "conditionality" : false,
    "requirement" : "[The app creates user accounts] User acceptance of the app’s Terms of Use is logged before a user account is authorized (See section 3.4.10 for information about audit log record creation)."
  },
  {
    "extension" : [{
      "url" : "http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent",
      "valueBoolean" : false
    }],
    "key" : "CMHAFFR2-PIM.2-56",
    "label" : "PIM.2#56",
    "conformance" : ["SHALL"],
    "conditionality" : false,
    "requirement" : "[User is allowed to use pre-existing account credentials from an Identity Provider (IDP) to access the app] Before a user chooses to use pre-existing account credentials to access the app: (a) The user is informed about what attribute information will be used by the app associated with the pre-existing credentials; (b) The user is informed about what data is communicated back to the IDP at the time of account creation and at each subsequent user authentication."
  },
  {
    "extension" : [{
      "url" : "http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent",
      "valueBoolean" : false
    }],
    "key" : "CMHAFFR2-PIM.2-57",
    "label" : "PIM.2#57",
    "conformance" : ["SHOULD"],
    "conditionality" : false,
    "requirement" : "For purposes of establishing an account, the minimum necessary amount of a user’s personally identifiable information (PII) is collected, e.g., the information is necessary to authenticate the user, provide customer support, or affect the app logic."
  }]
}