Iowa Admin. Code r. 657-21.3
To maintain the integrity and confidentiality of patient records and prescription drug orders, any system, computer, or electronic device utilized shall have adequate security including system safeguards designed to prevent and detect unauthorized access, modification, or manipulation of patient records and prescription drug orders. Authentication credentials shall be securely maintained by the individual to whom the credentials are issued and shall not be shared with or disclosed to any other individual. Once a drug or device has been dispensed, any alterations in either the prescription drug order data or the patient record shall be documented and shall include the identification of all pharmacy personnel who were involved in making the alteration as well as the responsible pharmacist. An automated data processing system used for the receipt and processing of electronic transmissions from a prescriber's electronic prescription application shall comply with DEA requirements relating to electronic prescriptions and shall be certified compliant with DEA regulations.
Iowa Admin. Code r. 657-21.3