TC ID | FEATURE | PRIORITY | TEST CASES/STEPS | EXP RESULT |
TC_HIPAA_1 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app has the login screen authentication process Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Observe the availability of Login screen | The login screen has to be available & displayed to the user for authentication to the app usage |
TC_HIPAA_2 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app allows multiple logins across devices Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. App supports multiple sessions at once/concurrently Test steps:
1. Tap to launch the HIPAA compliant app
2. Attempt to the app with valid UN/PWD on multiple devices (say, iPhone & Android Phone)
3. Observe if the user can login to multiple devices simultaneously | The user should be able to login to multiple devices (iPhone, Android Phone) at the same time |
TC_HIPAA_3 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app allows multiple logins across devices Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. App doesn’t support multiple sessions at once/concurrently Test steps:
1. Tap to launch the HIPAA compliant app
2. Attempt to the app with valid UN/PWD on multiple devices (say, iPhone & Android Phone)
3. Observe if the user can login to multiple devices simultaneously | 1. The user should be able to login to only 1 device at a time 2. If the user is already logged into iPhone app, and if the user attempts to login to Android Phone then iPhone user has to be logged out with a relevant message & let the Android user login to the app |
TC_HIPAA_4 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app has the logout screen for data security Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD
3. Observe the availability of Logout option | The logout option has to be available/displayed/tappable to the user |
TC_HIPAA_5 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app logout behavior when multiple logins across devices is allowed Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. App supports multiple sessions at once/concurrently Test steps:
1. Tap to launch the HIPAA compliant app
2. Attempt to the app with valid UN/PWD on multiple devices (say, iPhone & Android Phone)
3. Logout from Android Phone app
4. Observe if the user is logged out from iPhone app | 1. The user has to be logged out only on Android Phone app 2. The user has to be logged in on iPhone app |
TC_HIPAA_6 | HIPAA COMPLIANCE | P1 | Objective: To validate the data security of the HIPAA Compliant app when data is transferred to other users using the app Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. Valid user account is created with <Email Address> and <Password> Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD
3. Using the app functionality, transfer/send as attachment an existing image/picture to another user
4. After the image is sent, observe the deletion of the image/picture on the device phone/memory card | The image/picture has to be deleted on the device phone/memory card |
TC_HIPAA_7 | HIPAA COMPLIANCE | P1 | Objective: To validate the data security of the HIPAA Compliant app when data is transferred to other users using the app Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. Valid user account is created with <Email Address> and <Password> Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD
3. Launch the camera within the application
4. Using the app functionality, transfer/send as attachment the image/picture taken from the Camera to another user
4. After the image is sent, observe the deletion of the image/picture on the device phone/memory card | The image/picture has to be deleted on the device phone/memory card |
TC_HIPAA_8 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app has the automatic timeout functionality implemented Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD
3. Leave the app idle for few minutes (15min/30min)
4. Observe if the app timesout and logsout the user | The app session has to timeout and successfully logout the user from the app OR The app session has to timeout and navigate the user to pass code screen (app lock screen) |
TC_HIPAA_9 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app notifies the user about the timeout occurance Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD
3. Leave the app idle for few minutes (5min/10min/15min/30min/1hr)
4. Observe if the app notifies the user about the timeout occurance | The app has to notify the user about timeout through a toast/alert message and then successfully logout the user from the app OR The app has to notify the user about timeout through a toast/alert message about the app session timeout and navigate the user to pass code screen (app lock screen) |
TC_HIPAA_10 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app has the timeout functionality implemented across multiple devices/sessions Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. App supports multiple sessions at once/concurrently Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD on multiple devices (say, iPhone & Android Phone)
3. Leave the app idle for few minutes (5min/10min/15min/30min/1hr)
4. Observe if the app timesout and logsout the user on all devices i..e, iPhone & Android Phone | The app has to timeout and successfully logout the user from the app on iPhone & Android Phone OR The app session has to timeout and navigate the user to pass code screen (app lock screen) on iPhone & Android Phone |
TC_HIPAA_11 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app notifies the user about the timeout occurance across multiple devices/sessions Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. App supports multiple sessions at once/concurrently Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD on multiple devices (say, iPhone & Android Phone)
3. Leave the app idle for few minutes (5min/10min/15min/30min/1hr)
4. Observe if the app notifies the user about the timeout occurance on all devices i..e, iPhone & Android Phone | The app has to notify the user about timeout through a toast/alert message and then successfully logout the user from the app on iPhone & Android Phone OR The app has to notify the user about timeout through a toast/alert message about the app session timeout and navigate the user to pass code screen (app lock screen) on iPhone & Android Phone |
TC_HIPAA_12 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app has the timeout functionality implemented across multiple devices/sessions Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. App supports multiple sessions at once/concurrently Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD on multiple devices (say, iPhone & Android Phone)
3. Leave the app idle for few minutes (5min/10min/15min/30min/1hr) on iPhone
4. Let the user work with the app on Android Phone (without keeping it idle for 5min/10min/15min/30min/1hr
5. Observe if the app timesout and logsout the user on all devices or just iPhone | 1. The app has to timeout and successfully logout the user on iPhone OR and navigate the user to pass code screen (app lock screen) 2. The user should not be logged out on Android Phone |
TC_HIPAA_13 | HIPAA COMPLIANCE | P1 | Objective: To validate the options displayed by the HIPAA compliant app when the user taps on logout button Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. App supports multiple sessions at once/concurrently Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD on multiple devices (say, iPhone & Android Phone)
3. Tap on logout option
4. Observe the options displayed to the user | The below options has to be displayed to the user: (i) No
(ii) Yes
(iii) Yes [on all shared devices] |
TC_HIPAA_14 | HIPAA COMPLIANCE | P1 | Objective: To validate the options displayed by the HIPAA compliant app when the user taps on logout button Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. App doesn’t support multiple sessions at once/concurrently Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD on multiple devices (say, iPhone & Android Phone)
3. Tap on logout option
4. Observe the options displayed to the user | The below options has to be displayed to the user: (i) No
(ii) Yes |
TC_HIPAA_15 | HIPAA COMPLIANCE | P1 | Objective: To validate the HIPAA compliant app allows the users to take screenshots within the app Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD on multiple devices (say, iPhone & Android Phone)
3. Let the user be inside the app on any of the screens
4. Let the user attempt to take a screenshot of the app screen
5. Validate if the user can take a screenshot within the app | The app should not allow the user to take a screenshot within the app screens |
TC_HIPAA_16 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app notifies the user to change the password after 180 days Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. User has not changed the password for last 180 days Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with valid UN/PWD as ‘User A’ on multiple devices (say, iPhone & Android Phone)
3. Let the ‘User A’ be in the inbox screen/Home screen
4. Observe if the HIPAA compliant app notifies the user to change the password | 1. The app has to notify the user to change the password 2. The app has to route the user to ‘Change Password’ screen, when the user taps on OK button on the password change alert message |
TC_HIPAA_17 | HIPAA COMPLIANCE | P1 | Objective: To validate the types of users allowed to access/login to the HIPAA compliant app Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Validate the types of users who can login to the app | The below type of users has to be created/allowed to access the HIPAA compliant app (i) User-based access, which requires identity certification for entry (ii) Role-based access, which relies on a user’s role to determine access rights. For example, a user with multiple job functions will have multiple roles and thus multiple rights information access. (iii) Context-based access, which restricts access to certain dates/times or devices within a specified information system or network |
TC_HIPAA_18 | HIPAA COMPLIANCE | P1 | Objective: To validate how the HIPAA compliant app data is stored on the database/cloud Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Access the HIPAA compliant app database
2. Validate how the data is stored on the datatbase/cloud | 1. The data should not be stored as plain text 2. The data has to be stored as hashed/encrypted |
TC_HIPAA_19 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app allows the user to access the required information/data in the form of emergency access Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Validate if the app allows emergency access levels to the app data | The app has to allow access to necessary electronic protected health information during an emergency |
TC_HIPAA_20 | HIPAA COMPLIANCE | P1 | Objective: To validate the HIPAA compliant app behavior when the app crashes Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app
3. Perform any actions to crash the app
4. Once the app crashes, tap to launch the app
5. Observe where the user is navigated to | 1. The user session has to be logged out automatically 2. The user has to be navigated to Login screen |
TC_HIPAA_21 | HIPAA COMPLIANCE | P1 | Objective: To validate the HIPAA compliant app behavior when the user changes the password Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app
3. Navigate to Settings
4. Tap on ‘Change Password’
5. Input the current password
6. Input the new password
7. Input the confirm – new password
8. Tap on OK/Submit button to change the password
9. Observe where the user is navigated to (after change password is successful) | 1. The user has to be logged out automatically 2. The user has to be navigated to Login screen |
TC_HIPAA_22 | HIPAA COMPLIANCE | P1 | Objective: To validate the HIPAA compliant app behavior when the new user completes sign up process Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Tap on New User/Sign Up button
3. Input all the mandatory fields
4. Tap on Submit button to complete the registration process
5. Observe where the user is navigated to (after registration process is successful) | 1. The user should not be logged in directly 2. The user has to be navigated to Login screen |
TC_HIPAA_23 | HIPAA COMPLIANCE | P3 | Objective: To validate if the HIPAA compliant app has an option to set passcode Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Let the user navigate to Settings screen inside the app
4. Observe the availability of ‘Set Passcode’ option | The logged in user should have an option to set a passcode for the app |
TC_HIPAA_24 | HIPAA COMPLIANCE | P4 | Objective: To validate the default state of ‘Set Passcode’ option for a fresh/new user created for a HIPAA compliant app Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Let the user navigate to Settings screen inside the app
4. Observe the default state of ‘Set Passcode’ option | The ‘Set Passcode’ option has to be in OFF state by default |
TC_HIPAA_25 | HIPAA COMPLIANCE | P2 | Objective: To validate if the HIPAA compliant app allows the logged in user to change the app passcode from the app Settings screen Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Let the user navigate to Settings screen inside the app
4. Observe if the user is allowed to change/set the ‘App Passcode’ | The user has to be allowed to change the app passcode from app settings screen |
TC_HIPAA_26 | HIPAA COMPLIANCE | P2 | Objective: To validate if the HIPAA compliant app features an option ‘Forgot Passcode’ in app pass code screen Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Leave the app/device idle for 15min/40min
4. When the app pass code screen appears, observe for the availability of ‘Forgot Passcode’ option | The ‘Forgot Passcode’ option has to be available/displayed/tappable by the user |
TC_HIPAA_27 | HIPAA COMPLIANCE | P2 | Objective: To validate if the HIPAA compliant app allows the logged in user to set a new passcode after tapping on ‘Forgot Passcode’ option in Passcode screen Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Leave the app/device idle for 15min/40min
4. When the app pass code screen appears, tap on ‘Forgot Passcode’ option
5. Observe the app behavior | The user should be allowed to set a new passcode |
TC_HIPAA_28 | HIPAA COMPLIANCE | P2 | Objective: To validate if the HIPAA compliant app features an option ‘Forgot Passcode’ in app settings screen Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Let the user navigate to Settings screen inside the app
4. Observe for the availability of ‘Forgot Passcode’ option | The ‘Forgot Passcode’ option has to be available/displayed/tappable by the user |
TC_HIPAA_29 | HIPAA COMPLIANCE | P2 | Objective: To validate if the HIPAA compliant app allows the logged in user to set a new passcode after tapping on ‘Forgot Passcode’ option in Settings screen Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Let the user navigate to Settings screen inside the app
4. Let the user tap on ‘Forgot Passcode’ option
5. Observe the app behavior | The user should be allowed to set a new passcode |
TC_HIPAA_30 | HIPAA COMPLIANCE | P1 | Objective: To validate if the HIPAA compliant app logsout the user from the app when the user enters an invalid passcode for 10 consecutive times Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. Passcode is enabled Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Let the logged in user enter invalid passcode for 10 consecutive times on the app pass code screen
4. Observe the app behavior | The user should be logged out from the app and navigated to the login screen |
TC_HIPAA_31 | HIPAA COMPLIANCE | P2 | Objective: To validate the HIPAA compliant app behavior when the user attempts to login to the app after 10 invalid passcode attempts Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. Passcode is enabled Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Let the logged in user enter invalid passcode for 10 consecutive times on the app pass code screen
4. When the user is logged out and navigated to login screen (after above step 3), let the same user attempt to login to the app again
5. Observe the app behavior | 1. The user has to be navigated to home/inbox/dashboard screen 2. The app has to display the below message to the user, with an OK button displayed: “The app passcode was entered incorrectly 10 times. If you suspect some one else atempted to enter your passcode .. Please change it immediately” |
TC_HIPAA_32 | HIPAA COMPLIANCE | P3 | Objective: To validate the HIPAA compliant app behavior when the user tries to upload an image from gallery Pre-req:
1. Latest version of the app is downloaded & installed on the device
2. WiFi/4G/3G/2G is turned ON on the test device
3. App follows HIPAA compliance
4. Passcode is enabled Test steps:
1. Tap to launch the HIPAA compliant app
2. Login to the app with a valid UN/PWD
3. Let the user upload image from gallery to an existing/new message thread
4. Observe the app behavior | The app has to display the below message to the user: “HIPAA Alert : Don’t forget to delete your photo from photo library” |
USA