1311.115—Additional requirements for two-factor authentication.
(a) Description.
Concentrated milk is the liquid food obtained by partial removal of water from milk. The milkfat and total milk solids contents of the food are not less than 7.5 and 25.5 percent, respectively. It is pasteurized, but is not processed by heat so as to prevent spoilage. It may be homogenized.
(b)
Vitamin addition (Optional). If added, vitamin D shall be present in such quantity that each fluid ounce of the food contains 25 International Units thereof, within limits of good manufacturing practice.
(d) Methods of analysis.
Referenced methods are from “Official Methods of Analysis of the Association of Official Analytical Chemists,” 13th Ed. (1980), which is incorporated by reference. Copies may be obtained from the AOAC INTERNATIONAL, 481 North Frederick Ave., suite 500, Gaithersburg, MD 20877, or may be examined at the National Archives and Records Administration (NARA). For information on the availability of this material at NARA, call 202-741-6030, or go to: http://www.archives.gov/federal_register/code_of_federal_regulations/ibr_locations.html.
(e) Nomenclature.
The name of the food is “Concentrated milk” or alternatively “Condensed milk”. If the food contains added vitamin D, the phrase “vitamin D” or “vitamin D added” shall accompany the name of the food wherever it appears on the principal display panel or panels of the label in letters not less than one-half the height of the letters used in such name. The word “homogenized” may appear on the label if the food has been homogenized. The name of the food shall include a declaration of the presence of any characterizing flavoring, as specified in § 101.22 of this chapter.
(f) Label declaration.
Each of the ingredients used in the food shall be declared on the label as required by the applicable sections of parts 101 and 130 of this chapter.
Code of Federal Regulations
(a)
To sign a controlled substance prescription, the electronic prescription application must require the practitioner to authenticate to the application using an authentication protocol that uses two of the following three factors:
(3)
Something the practitioner has, a device (hard token) separate from the computer to which the practitioner is gaining access.
(b)
If one factor is a hard token, it must be separate from the computer to which it is gaining access and must meet at least the criteria of FIPS 140-2 Security Level 1, as incorporated by reference in § 1311.08, for cryptographic modules or one-time-password devices.
(c)
If one factor is a biometric, the biometric subsystem must comply with the requirements of § 1311.116.