Software Requirements Specification

UID:

DOC-SRS

Type	Level	MID	UID	REFS	Title	Statement	Rationale	Comment
REQUIREMENT	1		SRS-001	Parents: SYS-001 First-launch readiness for local enrolment Children: ARCH-001 Local persistence subsystem ST-001 Local clinic visible in Patients menu	SRS-001 reviewed First-launch database initialisation	On first launch, when no database file exists at the configured application data path, the software shall create the local database, apply the current schema version, and create a default local clinic record that serves as the container for locally-created patient records.	Refines SYS-001: the software-level mechanism that realises the device's first-launch readiness commitment. Establishes the minimum persistent state required for any subsequent clinical operation — without it, patient records cannot be stored and recording sessions cannot be attached to a patient.
REQUIREMENT	2		SRS-002	Parents: SYS-002 Confidentiality of patient data at rest Children: ARCH-002 Local database encryption	SRS-002 unreviewed Local database confidentiality at rest	The software shall keep the local database file unreadable to any process that opens it without supplying the database credential, and shall reject database read and write operations when the credential is missing or incorrect.	Refines SYS-002. A workstation that is lost, stolen, imaged, or backed up off-site shall not yield PHI from the local database file alone. Tying readability to a credential held outside the database file ensures offline copies of the file cannot be opened independently of the BioFlow application's credential pathway.

Type

Level

MID

UID

REFS

Title

Statement

Rationale

Comment

REQUIREMENT

SRS-001

reviewed

First-launch database initialisation

On first launch, when no database file exists at the configured application data path, the software shall create the local database, apply the current schema version, and create a default local clinic record that serves as the container for locally-created patient records.

Refines SYS-001: the software-level mechanism that realises the device's first-launch readiness commitment. Establishes the minimum persistent state required for any subsequent clinical operation — without it, patient records cannot be stored and recording sessions cannot be attached to a patient.

REQUIREMENT

SRS-002

unreviewed

Local database confidentiality at rest

The software shall keep the local database file unreadable to any process that opens it without supplying the database credential, and shall reject database read and write operations when the credential is missing or incorrect.

Refines SYS-002. A workstation that is lost, stolen, imaged, or backed up off-site shall not yield PHI from the local database file alone. Tying readability to a credential held outside the database file ensures offline copies of the file cannot be opened independently of the BioFlow application's credential pathway.