Final Requirements

rungabbyInternet και Εφαρμογές Web

10 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

82 εμφανίσεις

Objective

The company P.M.D.S. (Patient Medical Data Software) has been hired by the Rush Hospital Group to
design a web
-
based interface that will allow patients, physicians, and administrative staff access to
pertinent data from the hospital’s medical rec
ords through a standard Internet connection.


System Functions

After registering with the new Rush system, a patient is able to retrieve contact information for his/her
own physician and various hospital staff, manage his her own contact and insurance in
formation, review
his/her own medical and appointment history, and post questions to a forum with input from other
patients, nurses, and physicians.


Physicians and hospital staff will be afforded similar functionalities. Physicians and staff are able to
review specific patient accounts, manage appointments, post notes regarding the patient’s medical
conditions, and answer patient questions in the online forum.


Requirements

1
-

Functional Requirements

1.1
-

The system will initially have three types of ac
counts: patient, physician, and
administrator. Additional account types may be added for an agreed upon charge.


1.1.1
-

Patient

1.1.1.1
-

Patient will launch browser and must enter the valid URL for the
P.M.D.S. page for Rush Hospital Group. This page
will have a note at the very
bottom of the screen informing the user that this site is best viewed using IE 4.0
or above.

1.1.1.2
-

Patient will click on a clearly labeled, centrally located, and valid link
indicating "Patient Login Page".

1.1.1.3
-

Patien
t login page will have a textbox in the center of the page labeled
“Username”, and another textbox below labeled “Password”. There will be a
Login

button located beneath these textboxes as well as a "Forgot Your Password"
link which directs users to Rush
administrators.

1.1.1.3.1
-

If the patient has never registered before, there will be a link to
another page for entry of registration information via textboxes. Patient
will enter information, hit a
Submit

button and will wait 1
-
2 business days
for per
sonal information to be verified by a member of the Hospital
administration and / or board.

1.1.1.3.2
-

If the patient enters incorrect login information, he/she will be
taken back to the initial login page. The login page will have an error
message which

states, “This login doesn’t exist”. The patient will get
three login attempts before the account is disabled and will have to contact
the system administrator to reactivate the account.

1.1.1.3.3
-

If the patient Id and password are successfully authenti
cated in
the PMDS user database, the user will be taken to their main account page.

1.1.1.4
-

The patient data to be captured initially by the system includes: first
name, last name, middle initial, date of birth, gender, address, home phone, work
phone,
email, SSN, employer, occupation, physician, insurance provider, policy
number, and emergency contact, and last visit. Additional data may be added
down the line at a cost agreed upon by Rush and PMDS.

1.1.1.5
-

The patient main account page will grant th
e patient access to view
personal information, as well as request information or web consultations and
check on status of prescriptions and upcoming appointments via the message
posting function. All tasks shown on this page will be fully functional for t
he
user. Rush help desk and/or administrators will support these functionalities.

1.1.1.5.1
-

The main patient page will have a link titled "Edit" underneath
the displayed patient info. When patients click on this link, they are
directed to a page where
they have the ability to update their name,
address, phone, email, SSN, insurance provider, policy number, and
emergency contact via textboxes and an
Update

change link. A
Cancel
link will take users back to the prior page. PMDS has no liability for the
information input by the user.




1.1.2
-

Physician

1.1.2.1
-

Physicians will launch browser and must enter the valid URL for the
P.M.D.S. page for Rush Hospital Group. This page will have a note at the very
bottom of the screen informing the user that th
is site is best viewed using IE 4.0
or above.

1.1.2.2
-

Physician will click on a clearly labeled, centrally located, and valid (as
coded by PMDS) link indicating "Physician Login Page".

1.1.2.3
-

Physician login page will have a textbox in the center of t
he page labeled
“Username”, and another textbox below labeled “Password”. There will be a
Log
In
button located beneath these textboxes as well as a "Forgot Your Password"
Link which directs users to Rush Administrators.

1.1.2.3.1
-

If the physician has

never registered before, there will be a link
to another page for entry of registration information via textboxes.
Physician will enter information and will wait 1
-
2 business days for
personal information to be verified by a member of the hospital
admini
stration board and / or staff.

1.1.2.3.2
-

If the physician enters incorrect login information, he/she will
be taken back to the initial login page. The login page will have an error
message which states, “This login does not exist”. The physician will g
et
three login attempts before the account is disabled and will have to contact
the system administrator to reactivate the account.

1.1.2.3.3
-

If the physician Id and password are successfully authenticated
in the PMDS user database, the user will be take
n to their main account
page.

1.1.2.4
-

With the physician's main account page, the physician can access patient
accounts, post messages and replies in the patient’s discussion forum, and add or
remove patient cases. All tasks shown on this page will be f
ully functional.
Support for these functionalities will be provided by Rush help desk and/or
administrators.

1.1.2.4.1
-

Upon logging in, the main physician page will display all of a
physician’s accounts. The physician will be able to click on any of th
ese
accounts to access that specific patient’s data.

1.1.2.4.2


Once the physician selects a patient record, all of that specific
patient’s information will be displayed. The physician will be able to
modify that patient record as needed.



1.1.3
-

Syste
m Administrator / Board Member

1.1.3.1
-

Administrator login page will have a textbox in the center of the page
labeled “Username”, and another textbox below labeled “Password”. There will
be a
Log In

button located beneath these textboxes as well as a "F
orgot Your
Password" Link which directs users to Rush administrators.

1.1.3.1.1
-

If the administrator has never registered before, there will be a
link to another page for entry of registration information via textboxes.
Administrator will enter inform
ation and will wait 1
-
2 business days for
personal information to be verified by a member of the Hospital
administration board and / or staff.

1.1.3.1.2
-

If the administrator enters incorrect login information, he/she
will be taken back to the initial log
in page. The login page will have an
error message in which states, “Login does not exist”. The administrator
will get three login attempts before the account is disabled. Once
disabled, the administrator will have to contact the 2nd system
administrat
or or contact P.M.D.S. for an unlock code.

1.1.3.1.3
-

If the administrator Id and password are successfully
authenticated in the PMDS user database, the user will be taken to their
main account page.

1.1.3.2


The administrator will be able to change, del
ete, and insert information
into physician and patient records. PMDS is not responsible for any of these
changes.

2
-

Non
-
Functional Requirements

2.1
-

The Patient Medical System must be viewable and fully functional 99.999% of the time.

2.1.1
-

In the ev
ent of an unscheduled system interruption, the system must be rerouted to
a redundant server at another location within an hour of detecting the problem. PMDS
will assist Rush in this endeavor via phone or email support at no charge.

2.1.2
-

Rush must be
notified at least 1 week prior to any scheduled maintenance that
would result in downtime. All users must be notified by the system administrator at least
48hrs prior to any scheduled downtime.

2.2
-

All interfaces, web pages, reports, forum discussions
, emails, and other correspondences
developed by PMDS must be in formal English and in at least 12
-
point font. Only Times New
Roman, Arial, and Courier are acceptable fonts.


2.3
-

Hardware Requirements



2.3.1
-

Web server

2.3.1.1
-

Server must have ASP
and SQL support. Server fees are to be charged
to Rush by PMDS.

2.3.1.2
-

Server must have 60GB bandwidth capabilities. Rush may purchase
additional bandwidth as needed.

2.3.1.3
-

Server must have 1 Terabyte storage capability. Additional storage may
be

added at an additional cost. PMDS will handle installation of additional
storage at an agreed upon fee.



2.3.2
-

Backup web server

2.3.2.1
-

Backup server must have ASP and SQL support. Server fees are to be
charged to Rush by PMDS.

2.3.2.2
-

Backup Se
rver must have 60GB bandwidth capabilities. Rush may
purchase additional bandwidth as needed.

2.3.2.3


Backup server must have 1 Terabyte storage capability. Additional
storage may be added at an additional cost. PMDS will handle installation of
additi
onal storage at an agreed upon fee.

2.3.2.4
-

Backup server must be setup at another data center chosen by both Rush
and PMDS. The data center must have a constant connection to the Internet, must
be fully updated/patched, and must have a Service Level Ag
reement which details
performance and availability.



2.3.3
-

Desktop or laptop computers

2.3.3.1


PC’s must be able to support Microsoft Internet Explorer 4.0 or above.
The system will specify this requirement on the web page. End Users without this
so
ftware must contact the Rush help desk.

2.3.3.2


PC’s have stable Internet connection. Users will have to contact their
service provider if connectivity is interrupted.


2.4
-

Software Requirements

2.4.1
-

Microsoft Internet Explorer 4.0 or higher versio
ns will be used to view the HTML
version of the application. The system will have text at the center
-
bottom of the screen
noting that the site is best viewed in Internet Explorer 4.0 or above.

2.4.2
-

PC's must have an HTML/ASP editor installed. Both Rus
h and PMDS may
determine the editor of their choice. PMDS will not support Rush software.

2.4.3
-

PC's must have documentation software installed. Both Rush and PMDS may
determine the software of their choice. PMDS will not support Rush software.


2.5
-

Coding Requirements

2.5.1
-

HTML (Hyper Text Markup Language) will be used for the layout of the website
and the graphics.

2.5.2
-

ASP.NET (Active Server Pages .NET) will be used for the dynamic functions of
the site and for connectivity to the database.

2.5.3
-

SQL (Structured Query Language) will be the language used to query the
database.


2.6
-

Database Requirements

2.6.1
-

SQL Server will be used to create and maintain the database for the application.
PMDS is responsible for creation, and Rush is re
sponsible for maintenance.



2.7
-

Network Security

2.7.1
-

The web server should be behind a firewall configured by Rush. PMDS will
procure the firewall and bill Rush accordingly.

2.7.2
-

The Rush configured firewall must be updated and functioning on
the system that
the software runs on.

2.7.3
-

A backup / redundant website will be running. In the event that both primary and
backup sites go down, P.M.D.S. will not be held accountable or liable for anything unless
the downtime can be definitively shown

as being a result of PMDS code. Rush must
equally share any liability with PMDS for PMDS code issues.


2.8
-

Backup

2.8.1
-

There must be a backup of the interface files and database and dependent files
every day on a separate physical storage device. T
he initial installation and setup of the
backup system is the responsibility of P.M.D.S. The ongoing maintenance and
administration of the backup system is the responsibility of the Rush Hospital Group.


2.9
-

Code Maintenance

2.9.1
-

Either Rush or PMDS
may make changes to the code. PMDS is not liable for
changes made by Rush. PMDS will offer consulting services for the code changes at
agreed upon fees. These fees will increase by 50% 6 months after system
implementation.

2.9.2
-

P.M.D.S. will not be r
esponsible for data loss or any random errors that happen to
the software due to changes in code by any non
-
PMDS employee.

2.9.3
-

Any charges for changes beyond 5 step queries, additions and deletions of menus,
buttons, etc. will be agreed upon by P.M.D.S
. and Rush Hospital Group before said
changes are made. Only Rush board members are authorized to make purchasing
decisions.


Risk Assessment

The project runs the risk of technical difficulties. There may be issues with the coding, hardware, or
software
that may impede implementation and/or negatively impact the system’s usability. These
difficulties may result in cost overrun or delays. Moreover, the project risks social difficulties. Patients
and physicians may choose not to utilize the system or may

not utilize all functionalities afforded by the
system to their fullest.







































Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

The system will have three types of
accounts: patient
, physician, and
administrator.

Are these the only types of
accounts necessary? What if
we need to add a different
account type?

Patient, physician, and
administrator accounts are
more than sufficient to build
and operate the site initially.
New account
types can always
be added in the future.

Yes, the notion that additional account types
may be necessary needs to be in the
requirement document. As these additional
account types are not wholly necessary initially,
there needs to be some form of agreement

in
regards to the cost of future additions.

The system will initially have three types of
accounts: patient, physician, and
administrator. Additional account types may
be added for an agreed upon charge.

Patient will launch Internet Explorer
4.0 or abo
ve and enter the URL for
the P.M.D.S. page for Rush
Hospital Group

Why only Internet Explorer?
What if the URL entered in
invalid?

PMDS will not code different
versions of the site for different
browsers. Regardless, the
site most likely will work with
o
ther browsers. PMDS is not
liable for users who cannot
input the correct URL.

As the code is written is ASP, the site will be
best viewed in Internet Explorer. PMDS can
add text to the site to stipulate as such. PMDS
is not responsible for users who do

not input the
correct URL. If an incorrect URL is input, it
should be evident to the user that he/she is not
at the proper site as the browser will either
show a different web page or and "page cannot
be found" error.

Patient will launch browser and must

enter
the valid URL for the P.M.D.S. page for
Rush Hospital Group. This page will have a
note at the very bottom of the screen
informing the user that this site is best
viewed using IE 4.0 or above.

Patient will click on a link indicating
patient login
page.

Is the link the only thing on this
page? What if this link is
broken?

PMDS will initially set up the
link on this page to direct
users to the main patient
page. PMDS is not
responsible should Rush
change the code resulting in a
broken link.

The lin
k will not be the only thing on this page.
PMDS should make sure that the link displayed
clearly. PMDS will set up the link initially and
ensure that it valid.

Patient will click on a clearly labeled,
centrally located, and valid link indicating
"Patient

Login Page".

Patient login page will have
textboxes for entry of login and
password. There will be a
Submit

button located beneath these
textboxes.

These textboxes need to be
easily seen by the user and
should be clearly labeled.
Passwords should app
ear as
asterisks and should not be
viewable by the user. What if
the user has forgotten their
password?

PMDS is not responsible
should the user forget his/her
password. These users
should not be contacting
PMDS at all and should be
directed to Rush.

PMDS

will revise the requirements to stipulate
the location of textboxes, to require that the
password appear as asterisks, and to add the
"Forgot Your Password" link. This link will direct
users to Rush.

Patient login page will have a textbox in the
center o
f the page labeled “Username”, and
another textbox below labeled “Password”.
There will be a
Login

button located
beneath these textboxes as well as a
"Forgot Your Password" link which directs
users to Rush administrators.

If the patient has never regi
stered
before, he/she will be taken to
another page for input of
registration information. Patient will
enter information and will wait 1
-
2
business days for personal
information to be verified.

What registration information is
required? Who will be
resp
onsible for verifying user
information?

PMDS will not verify any user
information for Rush.

The registration information should be entered
via textboxes. The types of required
registration information are detailed later in the
requirements doc. Rush need
s to be
responsible for verifying their patients.

If the patient has never registered before,
there will be a link to another page for entry
of registration information via textboxes.
Patient will enter information, hit a
Submit

button and will wait 1
-
2 b
usiness days for
personal information to be verified by a
member of the Hospital administration and /
or board.


Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

If the patient enters incorrect login
information, he
/she will be taken back to the
initial login page. The login page will have
an error message in red which states, “There
is an error with your login. Please try again”.
The patient will get three login attempts
before the account is disabled.

What happe
ns to
disabled accounts?
Why are users directed
to the login page
instead of a completely
different page?

PMDS will not assist in resetting
accounts without additional fees
being accrued. There is no
need to code a new page. A
simple error message will

suffice.

PMDS will only reset passwords
for Rush Administrators.
Directing users back to the
initial login page with an error
message on it is a standard
convention for user
authentication.

If the patient enters incorrect login information, he/she
will b
e taken back to the initial login page. The login
page will have an error message which states, “This
login doesn’t exist”. The patient will get three login
attempts before the account is disabled and will have to
contact the system administrator to reac
tivate the
account.

If the patient successfully logs in, he/she will
be taken to their main account page.

What do you mean by
"successfully logs in"?

The system will only search the
user database created by PMDS
for authentication. PMDS will
not query an
y other user
databases at Rush.

The requirements need to be
changed to reflect that
"successful log in" means the
user Id and password have
been authenticated in the
PMDS user database.

If the patient Id and password are successfully
authenticated in the P
MDS user database, the user will
be taken to their main account page.

The patient data to be captured by the
system includes: name, address, phone,
email, SSN, insurance provider, policy
number, and emergency contact.

This data is not enough.
We need mo
re data
stored now and may
require additional pieces
of data in the future.

For the initial system to function
as specified by Rush, these
pieces are data should be
sufficient. Additional patient data
may be added to the system
later upon request at an ag
reed
upon cost.

The requirements need to be
changed to add additional data
and reflect the possibility of
additional pieces of data being
used in the system.

The patient data to be captured initially by the system
includes: first name, last name, middle i
nitial, date of
birth, gender, address, home phone, work phone, email,
SSN, employer, occupation, physician, insurance
provider, policy number, and emergency contact, and
last visit. Additional data may be added down the line at
a cost agreed upon by Rush

and PMDS.

The patient main account page will grant the
Patient access to view personal information,
post questions and replies to the forum,
request information or web consultations,
and check on status of prescriptions and
upcoming appointments.

All of
these
functionalities need to
be enabled and work
without error.

PMDS is not responsible for
answering questions on how
these functionalities work.

PMDS will guarantee that all
functionalities are in working
order prior to release.
However, providing end
user
support for these functionalities
will not be the responsibility of
PMDS.

The patient main account page will grant the patient
access to view personal information, post questions and
replies to the forum, request information or web
consultations, and
check on status of prescriptions and
upcoming appointments. All tasks shown on this page
will be fully functional for the user. Support for these
functionalities will be provided by Rush help desk and/or
administrators.







Initial Requirement

Wolf
St
atement

Thief Statement

Editor's Comment

Revised Requirement

The main patient page will have a link titled
"Edit User Info" underneath the displayed
patient info. When patients click on this
link, they are directed to a page they have
the ability to upda
te their name, address,
phone, email, SSN, insurance provider,
policy number, and emergency contact via
textboxes and a
Submit
change button.

What if users hit
the edit link but
decide they do not
want to change
their information?

PMDS is not responsible
for
any incorrect information
input by the user.

There will need to be a
Cancel Changes
button on the edit page. The requirements
need to be changed to reflect that PMDS will
not be held liable for incorrect user
information.

The main patient page will ha
ve a link titled "Edit"
underneath the displayed patient info. When patients
click on this link, they are directed to a page where
they have the ability to update their name, address,
phone, email, SSN, insurance provider, policy
number, and emergency con
tact via textboxes and an
Update

change link. A
Cancel
link will take users
back to the prior page. PMDS has no liability for the
information input by the user.


Physician will launch Internet Explorer 4.0
or above and enter the URL for the
P.M.D.S. pag
e for Rush Hospital Group

Why only Internet
Explorer? What if
the URL entered in
invalid?

PMDS will not code different
versions of the site for
different browsers.
Regardless, the site most
likely will work with other
browsers. PMDS is not
liable for us
ers who cannot
input the correct URL.

As the code is written is ASP, the site will be
best viewed in Internet Explorer. PMDS can
add text to the site to stipulate as such.
PMDS is not responsible for users who do
not input the correct URL. If an incorr
ect
URL is input, it should be evident to the user
that he/she is not at the proper site as the
browser will either show a different web
page or and "page cannot be found" error.

Physicians will launch browser and must enter the
valid URL for the P.M.D.S.
page for Rush Hospital
Group. This page will have a note at the very bottom
of the screen informing the user that this site is best
viewed using IE 4.0 or above.

Physician will click on a link indicating
Physician Login page.

Is the link the only
thing o
n this page?
What if this link is
broken?

PMDS will initially set up the
link on this page to direct
users to the main physician
page. PMDS is not
responsible should Rush
change the code resulting in
a broken link.

The link will not be the only thing on
this
page. PMDS should make sure that the link
displayed clearly. PMDS will set up the link
initially and ensure that it valid.

Physician will click on a clearly labeled, centrally
located, and valid (as coded by PMDS) link indicating
"Physician Login Pa
ge".











Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

Physician login page will have textboxes for
entry of login and password. There will be
a
Submit

button located beneath these
textboxes.

These textb
oxes need to be
easily seen by the user and
should be clearly labeled.
Passwords should appear as
asterisks and should not be
viewable by the user. What if
the user has forgotten their
password?

PMDS is not responsible
should the user forget his/her
pass
word. These users
should not be contacting
PMDS at all and should be
directed to Rush.

PMDS will revise the
requirements to stipulate the
location of textboxes, to require
that the password appears as
asterisks, and to add the "Forgot
Your Password" link.

This link
will direct users to Rush.

Physician login page will have a textbox in the
center of the page labeled “Username”, and
another textbox below labeled “Password”. There
will be a
Log In
button located beneath these
textboxes as well as a "Forgot
Your Password"
Link which directs users to Rush Administrators.

If the physician has never registered
before, he/she will be taken to another
page for input of registration information.
Physician will enter information and will
wait 1
-
2 business days f
or personal
information to be verified.

What registration information is
required? Who will be
responsible for verifying user
information?

PMDS will not verify any user
information for Rush.

The registration information
should be entered via textboxes.
R
ush needs to be responsible
for verifying their physicians.

If the physician has never registered before, there
will be a link to another page for entry of
registration information via textboxes. Physician
will enter information and will wait 1
-
2 business

days for personal information to be verified by a
member of the hospital administration board and /
or staff.

If the physician enters incorrect login
information, he/she will be taken back to
the initial login page. The login page will
have an error mes
sage in red which states,
“There is an error with your login. Please
try again”. The physician will get three
login attempts before the account is
disabled.

What happens to disabled
accounts? Why are users
directed to the login page
instead of a complet
ely different
page?

PMDS will not assist in
resetting accounts without
additional fees being accrued.
There is no need to code a
new error page. A simple
error message on the existing
page will suffice.

PMDS will only reset passwords
for Rush Administra
tors.
Directing users back to the initial
login page with an error
message on it is a standard
convention for user
authentication.

If the physician enters incorrect login information,
he/she will be taken back to the initial login page.
The login page wi
ll have an error message in red
which states, “There is an error with your login.
Please try again”. The physician will get three
login attempts before the account is disabled and
will have to contact the system administrator to
reactivate the account.

If the physician successfully logs in, he/she
will be taken to their main account page.

What do you mean by
"successfully logs in"?

The system will only search
the user database created by
PMDS for authentication.
PMDS will not query any other
user databa
ses at Rush.

The requirements need to be
changed to reflect that
"successful log in" means the
user Id and password have been
authenticated in the PMDS user
database.

If the physician Id and password are successfully
authenticated in the PMDS user database
, the
user will be taken to their main account page.








Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

The physician main account page will
allow the physician to access patient
accounts, post messages and rep
lies in
the discussion forum, post notes for
other physicians to see, and add or
remove patient cases.

All of these
functionalities need to
be enabled and work
without error.

PMDS is not responsible for
answering questions on how these
functionalities work
.

PMDS will guarantee that all
functionalities are in working order
prior to release. However,
providing end user support for
these functionalities will not be the
responsibility of PMDS.

With the physician's main account page, the physician
can access to

patient accounts, post messages and
replies in the patient’s discussion forum, and add or
remove patient cases. All tasks shown on this page will
be fully functional. Support for these functionalities will
be provided by Rush help desk and/or administra
tors.

Upon logging in, the main physician page
will display all of a physician’s accounts.

Are all the physician’s
accounts displayed?
Can the physician
select a patient out of
that list?

PMDS will guarantee that all the
physician’s patients will be
di
splayed. All of the patient records
will be linked such that the
physician can choose specific
patients.

The requirements need to be
changed to reflect that the
physician will be able to select
and modify patient accounts.

Upon logging in, the main physic
ian page will display all
of a physician’s accounts. The physician will be able to
click on any of these accounts to access that specific
patient’s data.

Once the physician selects a patient
record, all of that specific patient’s
information will be disp
layed.

The physician will need
to be able to
manipulate the patient
data as needed.

All patient data will be editable by
the physician. This is not hard to
accomplish programmatically.

PMDS will specify that the
physician can modify the patient
records.

Once the physician selects a patient record, all of that
specific patient’s information will be displayed. The
physician will be able to modify that patient record as
needed.











Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

Administrator login page will have
textboxes for entry of login and password.
There will be a
Submit

button located
beneath these textboxes.

These textboxes need to be
easily seen by the user and
should be clearly labeled.
Password
s should appear as
asterisks and should not be
viewable by the user. What if
the user has forgotten their
password?

PMDS is not responsible
should the user forget his/her
password. These users
should not be contacting
PMDS at all and should be
directed t
o Rush.

PMDS will revise the requirements
to stipulate the location of
textboxes, to require that the
password appears as asterisks,
and to add the "Forgot Your
Password" link. This link will direct
users to Rush.

Administrator login page will have a text
box in the
center of the page labeled “Username”, and
another textbox below labeled “Password”. There
will be a
Log In

button located beneath these
textboxes as well as a "Forgot Your Password" Link
which directs users to Rush administrators
.

If the ad
ministrator has never registered
before , he/she will be taken to another
page with the registration information.
Administrator will enter information and will
wait 1
-
2 business days for personal
information to be verified.

What registration information i
s
required? Who will be
responsible for verifying user
information?

PMDS will not verify any user
information for Rush.

The registration information should
be entered via textboxes. Rush
needs to be responsible for
verifying their physicians.

If the admi
nistrator has never registered before,
there will be a link to another page for entry of
registration information via textboxes.
Administrator will enter information and will wait 1
-
2
business days for personal information to be
verified by a member of th
e Hospital administration
board and / or staff.

If the administrator enters the wrong login
information, he/she will be taken back to
the initial login page. The login page will
have an error message in red which states,
“There is an error with your logi
n please try
again”. The administrator will get three
login attempts before the account is
disabled.

What happens to disabled
accounts? Why are users
directed to the login page
instead of a completely different
page?

PMDS will not assist in
resetting ac
counts without
additional fees being
accrued. There is no need
to code a new error page. A
simple error message on the
existing page will suffice.

PMDS will only reset passwords
for Rush Administrators. Each
password reset will incur an
additional fee.

Directing users
back to the initial login page with
an error message on it is a
standard convention for user
authentication.

If the administrator enters incorrect login
information, he/she will be taken back to the initial
login page. The login page wil
l have an error
message in which states, “Login does not exist”.
The administrator will get three login attempts
before the account is disabled. Once disabled, the
administrator will have to contact the 2nd system
administrator or contact P.M.D.S. for a
n unlock
code.











Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

If the administrator logs in successfully,
he/she will be taken to their main account
page.

What do you mean by
"successfully logs in"?

The s
ystem will only search the user
database created by PMDS for
authentication. PMDS will not query
any other user databases at Rush.

The requirements need to be
changed to reflect that "successful log
in" means the user Id and password
have been authenticat
ed in the PMDS
user database.

If the administrator Id and password are
successfully authenticated in the PMDS
user database, the user will be taken to
their main account page.

The administrator will be able to change,
delete, insert etc., everything.

What

does “everything”
mean?

PMDS will code the admin accounts
such that they can modify patient and
physician records.

The administrator should be able to
post notes to the physician accounts.
The administrator should also be able
to access and modify patien
t
accounts. However, PMDS should
not be held liable for any of these
changes.

The administrator will be able to change,
delete, and insert information into
physician and patient records. PMDS is
not responsible for any of these changes.

The Patient Medi
cal System must be
viewable and fully functional 99.999% of
the time.

Why isn't system
availability 100%?

PMDS will need to schedule system
downtime at some point for
maintenance. Additionally, PMDS is
not responsible for
telecommunications problems, natu
ral
disasters, and/or terrorism.

No system is available 100% of the
time. Additionally, there are other
factors out of PMDS' control.

The Patient Medical System must be
viewable and fully functional 99.999% of
the time.

In the event of an unscheduled sys
tem
interruption, the system must be rerouted
to a redundant server at another location.

Rush requires that the
system be rerouted in a
timely fashion.

Detecting a system interruption is not
the sole responsibility of PMDS.
PMDS will assist Rush reroutin
g the
site via phone or email only. An onsite
visit will be billable.

PMDS will agree to a 1 hour time
frame to reroute the system. Fixing
this issue should not be the sole
responsibility of PMDS. Rush and
PMDS will coordinate their efforts in
order to
resolve this problem.

In the event of an unscheduled system
interruption, the system must be rerouted
to a redundant server at another location
within an hour of detecting the problem.
PMDS will assist Rush in this endeavor via
phone or email support at n
o charge.

Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

All users must be notified at least 48hrs
prior to any scheduled downtime.

Scheduled downtime must
be kept at a minimum.
PMDS must inform the
system admini
strator one
week prior to the service
going down.

PMDS will need to perform
maintenance on the system at
regularly scheduled intervals
throughout the year.

The Rush administrator will be
responsible for emailing all users as
the administrator is the indivi
dual with
access to user email accounts.

Rush must be notified at least 1 week prior
to any scheduled maintenance that would
result in downtime. All users must be
notified by the system administrator at
least 48hrs prior to any scheduled
downtime.

Al
l interfaces, web pages, reports, forum
discussions, emails and other
correspondences with patients, nurses or
physicians must be in formal English and in
at least 12
-
point font. Only Times New
Roman, Arial, and Courier are acceptable
fonts.

Any changes t
o the site
must adhere to these
formatting guidelines as
well.

PMDS is only responsible for the
formatting PMDS written code.
Formatting code written by Rush is
Rush's responsibility.

Initially, the site will adhere to these
guidelines. However, PMDS doe
s not
guarantee that code written by Rush
will adhere to these specifications.

All interfaces, web pages, reports, forum
discussions, emails, and other
correspondences developed by PMDS
must be in formal English and in at least
12
-
point font. Only Times N
ew Roman,
Arial, and Courier are acceptable fonts.

Server must have ASP and SQL support.

Why ASP and SQL? What
other alternatives are
there? Who is responsible
for purchasing the server.

PMDS has SQL and ASP certified
programmers on hand. The site can
be written in other languages but
additional fees may be incurred.

Coldfusion, MySQL, and other
languages are available but may
prove to be costly. PMDS can only
guarantee development fees for ASP
and SQL. The cost of the server will
be built into the
fees charged by
PMDS to Rush.

Server must have ASP and SQL support.
Server fees are to be charged to Rush by
PMDS.

Server must have 60GB bandwidth
capabilities

We may require additional
bandwidth.

Additional bandwidth will be billed
directly to Rush.

The

requirements must reflect the
process of adding and then billing
additional bandwidth.

Server must have 60GB bandwidth
capabilities. Additional bandwidth may be
purchased by Rush as needed.

Server must have 1 Terabyte storage
capability

We may require a
dditional
storage.

Additional storage will be billed directly
to Rush. Installation of additional
storage will be done by PMDS at an
agreed upon cost.

The requirements must reflect the
process of adding and then billing
additional storage.

Server must hav
e 1 Terabyte storage
capability. Additional storage may be
added at an additional cost. PMDS will
handle installation of additional storage at
an agreed upon fee.

Backup server must have ASP and SQL
support

Why ASP and SQL? What
other alternatives are
there? Who is responsible
for purchasing the server.

PMDS has SQL and ASP certified
programmers on hand. The site can
be written in other languages but
additional fees may be incurred.

Coldfusion, MySQL, and other
languages are available but may
prove
to be costly. PMDS can only
guarantee development fees for ASP
and SQL. The cost of the server will
be built into the fees charged by
PMDS to Rush.

Server must have ASP and SQL support.
Server fees to be charged to Rush by
PMDS.

Backup server must have

60GB bandwidth
capabilities

We may require additional
bandwidth.

Additional bandwidth will be billed
directly to Rush.

The requirements must reflect the
process of adding and then billing
additional bandwidth.

Server must have 60GB bandwidth
capabilities.

Additional bandwidth may be
purchased by Rush as needed.



Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

Backup server must have 1
Terabyte Storage capability

We may require
additional storage.

Additional stora
ge will be billed
directly to Rush. Installation of
additional storage will be done by
PMDS at an agreed upon cost.

The requirements must reflect the
process of adding and then billing
additional storage.

Server must have 1 Terabyte storage capability.
A
dditional storage may be added at an additional cost.
PMDS will handle installation of additional storage at an
agreed upon fee.

Backup server must be setup at
another data center that also has a
constant connection to the internet,
and has been fully up
dated/patched.

Who decides on hosting
provider? Who will
guarantee the web host's
level of service?

PMDS is not solely responsible for
choosing the back up data center.
The web host's level of service will
be dictated by the host's Service
Level Agreemen
t.

PMDS and Rush will come to a
mutual decision of the back up
data center provider after
reviewing a list of selected
alternatives.

Backup server must be setup at another data center
chosen by both Rush and PMDS. The data center must
have a constant conn
ection to the internet, must be fully
updated/patched, and must have a Service Level
Agreement which details performance and availability.

PC’s must be able to support
Microsoft Internet Explorer 4.0 or
above

What happens to users
who do not meet this
req
uirement?

PMDS is not responsible for end
user software.

End users who do not meet this
requirement will have to contact
the Rush Help Desk.

PC’s must be able to support Microsoft Internet Explorer
4.0 or above. The system will specify this requirement
on

the web page. End Users without this software must
contact the Rush help desk.

PC’s have stable Internet
connection

What happens if the
internet connection goes
down.

PMDS is not responsible for the end
user's internet connection.

PMDS has no control ov
er user's
internet connections.

PC’s have stable Internet connection. Users will have to
contact their service provider if connectivity is
interrupted.

Microsoft Internet Explorer 4.0 or
higher versions will be used to view
the HTML version of the appli
cation

Why only Internet
Explorer 4.0 or above?

PMDS will not code different
versions of the site for different
browsers. Regardless, the site
most likely will work with other
browsers.

As the code is written is ASP, the
site will be best viewed in Intern
et
Explorer. PMDS can add text to
the site to stipulate as such.

Microsoft Internet Explorer 4.0 or higher versions will be
used to view the HTML version of the application. The
system will have text at the center
-
bottom of the screen
noting that the
site is best viewed in Internet Explorer 4.0
or above.

Editor such as Macromedia
Dreamweaver or Visual Studio

Rush reserves the right to
use other editing software
that it may purchase.

PMDS already has licenses for
Dreamweaver and Visual Studio
and will
not purchase new editors
solely for this project.

Rush may use any editor it wishes.
However, PMDS reserves the right
to use Dreamweaver and Visual
Studio exclusively.

PC's must have an ASP editor installed. Both Rush and
PMDS may determine the editor of

their choice. PMDS
will not support Rush software.

Microsoft Visio, Word, Project or
PowerPoint will be used to design,
document and present the project.

Rush reserves the right to
use other documentation
software that it may
purchase.

PMDS already has
licenses for
Visio, Word, Project, and
PowerPoint and will not purchase
new software solely for this project.

Rush may use any documentation
software it wishes. However,
PMDS reserves the right to use
Visio, Word, Project, and
PowerPoint exclusively.

PC's

must have an documentation software installed.
Both Rush and PMDS may determine the software of
their choice. PMDS will not support Rush software.



Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

HTML (Hyper Te
xt Markup
Language) will be used for the
layout of the website and the
graphics.

Why HTML?

PMDS sees no reason why
the site should be coded in
any other language.

HTML is the standard markup
language for writing web pages.
There are no real attractive
alt
ernatives.

HTML (Hyper Text Markup Language) will be used for the
layout of the website and the graphics.

ASP.NET (Active Server Pages
.NET) will be used for the
dynamic functions of the site
and for connectivity to the
database.

Why ASP?

PMDS has ASP cer
tified
programmers on hand. The
site can be written in other
languages but additional fees
may be incurred.

Coldfusion, PHP, and other
languages are available but may
prove to be costly. PMDS can only
guarantee development fees for ASP.

ASP.NET (Active

Server Pages .NET) will be used for the
dynamic functions of the site and for connectivity to the
database.

SQL (Structured Query
Language) will be the language
used to query the database.

Why SQL?

PMDS has SQL certified
programmers on hand.
Queries can

be written in
other languages but
additional fees may be
incurred.

Other query languages are available
but may prove to be costly. PMDS
can only guarantee development fees
for SQL.

SQL (Structured Query Language) will be the language used
to query the
database.

SQL Server will be used to
create and maintain the
database for the application.

Who will purchase the license
for SQL Server? Will PMDS
server as the database
administrator?

PMDS will install and setup
SQL Server. Rush will be
responsible f
or ongoing
support of the database.

The cost of SQL Server will be built
into PMDS' consulting fees. Rush will
have to provide its own DB
administrator.

SQL Server will be used to create and maintain the database
for the application. PMDS is responsible
for creation, and
Rush is responsible for maintenance.

The web server should be
behind a firewall

Rush IT requires that firewall
settings be configured by
Rush. Rush IT is more
familiar with their own
network security protocols.

PMDS is not responsible

for
configuring the firewall.
PMDS will purchase the
firewall and pass along the
cost in our fees.

Rush should rightly be the party
responsible for configuring the
firewall once it is purchased by
PMDS.

The web server should be behind a firewall configur
ed by
Rush. PMDS will procure the firewall and bill Rush
accordingly.

The firewall must be updated
and functioning on the system
that the software runs on.

Rush IT requires that firewall
settings be configured by
Rush. Rush IT is more
familiar with thei
r own
network security protocols.

PMDS is not responsible for
configuring the firewall.
PMDS will purchase the
firewall and pass along the
cost in our fees.

Rush should rightly be the party
responsible for configuring the
firewall once it is purchased by
PMDS.

The Rush configured firewall must be updated and
functioning on the system that the software runs on.

P.M.D.S. is not responsible for
stolen data or installation of
malicious code.

Stolen data or malicious code
may occur prior to Rush
assuming respo
nsibility for
the system.

PMDS will guarantee security
of data and code only during
our development period.

PMDS will handle security issues
during development. Post
implementation security is strictly the
responsibility of Rush. PMDS can
consult on thes
e issues for an
additional fee.

P.M.D.S. is not responsible for stolen data or installation of
malicious code once development has been completed.

There must be a backup of the
interface files and database and
dependent files every day on a
separate physi
cal storage
device.

Who's responsibility is this?

PMDS will handle backups
during development.

As with security issues, PMDS will
only handle backup issues during
development. Once the product has
been delivered, Rush is solely
responsible.

There must be

a backup of the interface files and database
and dependent files every day on a separate physical
storage device. The initial installation and setup of the
backup system is the responsibility of P.M.D.S. The ongoing
maintenance and administration of the

backup system is the
responsibility of the Rush Hospital Group.


Initial Requirement

Wolf Statement

Thief Statement

Editor's Comment

Revised Requirement

A backup / redundant website will be
running. In the event that both sites go
down, P.M.D.S. will n
ot be held
accountable or liable for anything.

If PMDS' actions directly
result in downtime, then
PMDS should be
responsible.

There are various factors as to
why the sites may go down.
PMDS' liability should be limited.

PMDS will concede that if the
downt
ime is a result of PMDS
code, then liability may be
attached. However, this liability
should be shared with Rush.

A backup / redundant website will be running. In the
event that both primary and backup sites go down,
P.M.D.S. will not be held accountable

or liable for
anything unless the downtime can be definitively shown
as being a result of PMDS code. Any liability on the
part of PMDS must be equally shared by Rush.

Either Rush or PMDS may make
changes to the code.

Rush reserves the right to
make chan
ges to the site at
any time. Rush may enlist
the assistance of PMDS.

Once the site has been
implemented, PMDS will assist
Rush in code changes for an
agreed upon consulting fee.
PMDS is not liable for any Rush
coding changes.

PMDS will provide code
assis
tance to Rush at reduced
rated within the first 6 months of
deployment. After 6 months,
maintenance fees will increase
by 50%.

Either Rush or PMDS may make changes to the code.
PMDS is not liable for changes made by Rush. PMDS
will offer consulting serv
ices for the code changes at
agreed upon fees. These fees will increase by 50% 6
months after system implementation.

P.M.D.S. will not be responsible for
data loss or any random errors that
happen to the software due to changes
in code from someone outsi
de of our
company.

Rush reserves the right to
make changes to the site at
any time.

PMDS is not liable for any Rush
coding changes.

PMDS understands that Rush
may have others adjust the
system's code. However,
PMDS' liability must be reduced
once others h
ave modified the
system's code.

P.M.D.S. will not be responsible for data loss or any
random errors that happen to the software due to
changes in code by any non
-
PMDS employee.

Any charges for changes beyond 5 step
queries, additions and deletions of
menu
s, buttons, etc. will be agreed
upon by P.M.D.S. and Rush Hospital
Group before said changes are made.

Charges must be approved
by a board member at
Rush. Physicians and
administrators do not have
purchasing authority.

PMDS will not attempt any
maintenanc
e work without
determining the fee structure
first.

PMDS will make sure to consult
with the appropriate Rush staff
prior to making changes.

Any charges for changes beyond 5 step queries,
additions and deletions of menus, buttons, etc. will be
agreed upon b
y P.M.D.S. and Rush Hospital Group
before said changes are made. Only Rush board
members are authorized to make purchasing decisions.