Phone
Accessibility Helper DemoAdvertisers
ToolTip PluginAdvertisers
Form StylesAdvertisers
Google Homepage»Modules»Glossary»Open System Controls — §11.30
  • Printer Friendly Version
  • Decrease Text Size Increase Text Size

Icons: Print, Email, Share, Text Size (Top right all pages)Zones  Icons: Print, Email, Share, Text Size serveBanners
*<b>Important This ad serves Breadcrumb Trail | Icons | Mobile Menu atop page</b>Advertisers

Open System Controls — §11.30

Controls for Open Systems. Where electronic records are created, modified, maintained, or transmitted using open systems (i.e., systems in which system access is not controlled by persons responsible for the content of the electronic records), the organization shall employ additional measures designed to ensure the authenticity, integrity, and confidentiality of such records from the point of their creation to the point of their receipt, in accordance with §11.30. In addition to all controls required for closed systems under §11.10, open system controls shall include: (a) encryption of electronic records during transmission using industry-standard cryptographic protocols (e.g., TLS 1.2 or higher, AES-256 or equivalent) to protect against unauthorized interception, modification, or disclosure; (b) use of digital signatures conforming to an established standard (e.g., FIPS 186-4 or equivalent) to verify the identity of the sender and the integrity of the transmitted record; (c) implementation of message authentication codes (MACs) or hash functions to detect any alteration of records during transmission; (d) use of secure network architectures, including firewalls, intrusion detection/prevention systems, and virtual private networks (VPNs), to protect open system boundaries; (e) certificate-based authentication of all parties involved in the transmission of electronic records; and (f) documented procedures for the secure exchange of electronic records, including the verification of receipt and completeness by the receiving party. The adequacy of open system controls shall be assessed as part of the system risk assessment and validated accordingly.
Back
 
GlossaryNavigation GlossaryModule Open System Controls — §11.30Generic Enhanced Y
Related Staging Data (DataStaging) - Topics RootData Sources
No related information found for this record.
*<b>Important: Accordian CROSSWALKS (CURRENTLY IN USE - ALL MODULES) shows Related Content in right rail</b> New attempt design onlyAdvertisers
Form JS: Remove max-width on form elements & Autocomplete Off Date PickersAdvertisers
*<b>Important: Yellow Highlighting (from search) show in Record View<b>Advertisers
<b>Google-Inspired Design</b>Styles Google InspiredAudience Advertisers Sponsored Keywords Splash Pages
visual editor / client console / x close editor
Module Designer
Children of this Page
Taxonomy
Dynamic Scripts
Advertising
Site Design & Layout