Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · CFR · Title 21 — Food and Drugs · Part 1311 — Requirements for Electronic Orders and Prescriptions · § 1311.115

§ 1311.115. Additional requirements for two-factor authentication.

147 words·~1 min read·/us/cfr/t21/s§ 1311.115·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

(a)To sign a controlled substance prescription, the electronic prescription application must require the practitioner to authenticate to the application using an authentication protocol that uses two of the following three factors:
(1)Something only the practitioner knows, such as a password or response to a challenge question.
(2)Something the practitioner is, biometric data such as a fingerprint or iris scan.
(3)Something the practitioner has, a device (hard token) separate from the computer to which the practitioner is gaining access.
(b)If one factor is a hard token, it must be separate from the computer to which it is gaining access and must meet at least the criteria of FIPS 140-2 Security Level 1, as incorporated by reference in § 1311.08, for cryptographic modules or one-time-password devices.
(c)If one factor is a biometric, the biometric subsystem must comply with the requirements of § 1311.116.
Connections3 cite this
Citation graph
cites case law
§ 1311.115
Additional requirements for two-factor authentication.
Fed. Reg.×3
Cites 0Cited by 3 across 1 source
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.