home-Gadgets-Regulations on the information system. Regulations on the use of information resources

Regulations on the information system. Regulations on the use of information resources

Department Order information technologies Khanty-Mansiysk Autonomous Okrug - Ugra
No. 148 of 08/15/2014
Attachments: 
Download document (.doc format) (0.41 MB)
Download document (pdf format) (1.19 MB)

Guided by Article 4 of the Law of the Khanty-Mansiysk Autonomous Okrug - Ugra dated July 1, 2013 No. 61-oz “On State information systems ah Khanty-Mansiysk Autonomous Okrug - Ugra", Regulations on the Department of Information Technology of the Khanty-Mansiysk Autonomous Okrug - Ugra, approved by the Decree of the Governor of the Khanty-Mansiysk Autonomous Okrug - Ugra dated July 22, 2010 No. 138, in order to regulate relations arising during the formation and use information resources state information systems, order:
1. Approve recommendations for the development of a standard regulation on the state information system created by the government body of the Khanty-Mansiysk Autonomous Okrug - Ugra (attached).
2. Development Department information society place this order on the official website of the Department of Information Technologies of the Khanty-Mansiysk Autonomous Okrug - Ugra on the information and communication network Internet.

Director of the Department A.A. Borodin

Application
to the order of the Department
information technologies
Khanty-Mansiysk Autonomous
districts - Ugra
dated August 15, 2014 No. 148

1. These Recommendations have been developed to regulate relations that arise during the formation and use of information resources of information systems.
2. The Regulations on the State Information System (hereinafter also referred to as the IS) is the main document defining the rules for the activities of the government body of the Khanty-Mansiysk Autonomous Okrug - Ugra (hereinafter referred to as the Autonomous Okrug) to create, ensure the functioning and development of the IS (hereinafter referred to as the Regulations) .
3. IS users are IS Participants, IS Authorized Body, IS Operator, IS Methodologist.
4. The IP Regulations must contain the following sections: general provisions; authorized IP body; IS operator; IS methodologist; IP participants; IS structure; access to IP; procedure for using IP; information exchange procedure limited access; information interaction of IS with other IS; control over the use of IP.
5. Depending on the type and operating conditions of the IP, it is allowed to introduce additional, exclude or combine sections of the Regulations.
6. In the section " General provisions» it is necessary to indicate the terms used in the Regulations, the purpose of creating the IS, the purpose and scope of the IS, the functions of the IS, the categories of IS users, the procedure for creating, ensuring the functioning and development of the IS, the procedure for the interaction of the IS operator, IS users, the authorized IS body and the IS methodologist.
7. In the section “Authorized IP body” it is necessary to indicate: the name of the government body authorized to create, methodological and regulatory support for the functioning and development of the IP, approval of regulations for the provision of information in the IS by all categories of users, coordination of regulations and formats for the provision of information; functions, rights and responsibilities of the Authorized IP Body.
8. In the “IS Operator” section you must indicate: the name of the organization performing the functions of technological support for information interaction; rights, duties and functions of the TIS Ugra Operator.
It is necessary to take into account the implementation of the following functions: providing access to IP resources; ensuring protection against unauthorized access to information contained in the IP; security Reserve copy data; ensuring stable and reliable operation software and hardware complex of the IS, including through equipment redundancy; consultation of IP users on issues of working with IP.
9. In the section “IS Methodologist” it is necessary to indicate the name of the government body responsible for determining and maintaining the content structure of IS information resources.
It is necessary to take into account the performance of the following functions by the IS Methodologist: maintaining normative and reference information (rules for the formation of information in IS resources according to spatial, temporal, industry and other content characteristics, including rules and levels of decomposition of information stored in IS resources); determination of methods for verifying and ensuring the reliability of information, the procedure for generating, transmitting and presenting cross-industry information, the responsibility for the provision of which is assigned to several IP Participants.
10. In the section “IP Participants” it is necessary to indicate: the procedure for joining the IP Participants; composition, rights and responsibilities of categories of users; responsibility of IP Participants for the use of IP information resources.
Participants in the IP can be territorial bodies of federal executive authorities, executive authorities of the autonomous district, local government bodies of the autonomous district, as well as commercial and non-profit organizations, separate divisions of organizations using information resources of the IP.
11. In the section “IP Structure” it is necessary to indicate the classification category of the IP (according to methodological recommendations for executive bodies of state power of the constituent entities of the Russian Federation on the implementation of accounting of information systems and components of information and telecommunications infrastructure created and acquired at the expense of budget funds of the constituent entities of the Russian Federation, as well as on the composition of information posted in the information systems accounting system, approved by order of the Ministry of Communications and Mass Media communications dated August 22, 2013 No. 220), a description of the levels of IS application, a description of the composition of IS information resources.
12. In the “Access to IP” section, it is necessary to indicate the grounds for providing access to IP, the purpose of providing access, the period for providing access, the procedure for providing access to information resources to IP participants, cases of restriction or termination of access to IP.
13. In the section “Procedure for using IP” it is necessary to indicate methods of exchange (transfer/receipt/use) of information, accounting for information exchange, prohibitions on the use of IP information resources.
14. In the section “Procedure for the exchange of information of limited access” it is necessary to indicate information about the level of security in accordance with the requirements of the Federal Security Service of the Russian Federation and the Federal Service for Technical and Export Control, information about the level of security of personal data in accordance with the Decree of the Government of the Russian Federation dated 1 November 2012 No. 1119 “On approval of requirements for the protection of personal data during their processing in the personal data information system.”
15. In the section “Information interaction of the IS with other information systems”, it is necessary to take into account that the information and technological interaction of the IS with other information systems should be carried out by integrating them through software and technological infrastructure that ensures the exchange of information between systems on the basis of agreements concluded by the IS operator with operators of other information systems.
The agreement on information interaction of information systems must determine the information that will be exchanged, technical conditions for integration, and rules for interaction between information system operators.
16. In the section “Control over the use of IP”, it is necessary to indicate the name of the government body exercising control over the use of IP, and the procedure for exercising control.

CENTRAL BANK OF THE RUSSIAN FEDERATION

POSITION

ABOUT THE ELECTRONIC INFORMATION SYSTEM OF THE BANK OF RUSSIA

This Regulation has been developed in accordance with Federal law"On the Central Bank of the Russian Federation (Bank of Russia)" (Collected Legislation of the Russian Federation, 2002, N 28, Art. 2790; 2003, N 2, Art. 157, N 52, Art. 5032), Federal Law "On Information, Informatization and protection of information" (Collected Legislation of the Russian Federation, 1995, No. 8, Art. 60; 2003, No. 2, Art. 167) and establishes the conditions and general rules for using the Electronic Information System of the Bank of Russia.

The subject of these Regulations are the principles of creating the Electronic Information System of the Bank of Russia and the interaction between users of the Electronic Information System of the Bank of Russia.

1. General Provisions

1.1. The Electronic Information System (EIS) of the Bank of Russia was created at the expense of the Bank of Russia to ensure the exchange of electronic messages between the Bank of Russia and users of the EIS of the Bank of Russia in order to implement banking operations and other types of activities provided for by law.

1.2. The functioning of the EIS of the Bank of Russia is ensured by the computing and technical centers of the Bank of Russia, equipped with hardware and software, for the purpose of collecting, processing, storing and transmitting administrative, economic, accounting, reporting, operational information, information on settlement transactions (including payment information) and other information in accordance with the rules and conditions established in regulations and organizational and administrative documents of the Bank of Russia, information exchange agreements (hereinafter referred to as the agreement). The electronic information system of the Bank of Russia interacts with the telecommunication system of the Bank of Russia.

1.3. Participants in electronic information exchange using the Bank of Russia EIS are divided into internal and external users of the Bank of Russia EIS.

1.4. Internal users of the Bank of Russia EIS include: the central office of the Bank of Russia, territorial branches of the Bank of Russia, OPERU-1, the Central repository of the Bank of Russia, field institutions, computer centers, other divisions of the Bank of Russia in accordance with the structure of the Bank of Russia, defined by the organizational and administrative documents of the Bank Russia.

Internal users of the Bank of Russia EIS, when interacting with each other using the Bank of Russia EIS resources, act on the basis of Bank of Russia regulations, organizational and administrative documents of the Bank of Russia, which determine the procedure for accessing EIS resources and the rules for their use.

1.5. The EIS of the Bank of Russia can be used by external users, which include credit institutions (branches of credit institutions), state authorities and local governments, their organizations, and other clients of the Bank of Russia.

External users of the Bank of Russia EIS to interact with the Bank of Russia using EIS resources enter into an agreement with the Bank of Russia.

The procedure for external users of the Bank of Russia EIS to the computing and information resources of the Bank of Russia EIS, the rules for their use and support information security determined by the Bank of Russia.

1.6. For the purposes of these Regulations, the following terms and definitions are used:

Authentication of an electronic message is a procedure for monitoring the integrity and confirming the authenticity of an electronic message (EM).

Computing resources of the Bank of Russia EIS - hardware and software Bank of Russia, providing information processing.

The key (identifier) ​​of the ES authentication code is unique data used by the exchange participant when creating and verifying the authentication code.

Authentication code (AC) - data used to control the integrity and confirm the authenticity of the ES.

An emergency situation is the state of the computing and information resources of the Bank of Russia EIS, which is not provided for in the documentation for the Bank of Russia EIS and leads to failures and failures of the system, the lack of service provided to users of the Bank of Russia EIS and requires intervention to restore the normal functioning of the system.

Authentication - checking the message transmitted electronically, allowing the recipient to determine that the message comes from the specified source.

Rules of the electronic information system (EIS rules of the Bank of Russia) - a set of norms, regulations and organizational and administrative documents of the Bank of Russia, establishing the conditions for access to the EIS of the Bank of Russia, registration of exchange participants and their KA keys, documents provided, procedure for using the EIS of the Bank of Russia, formats ES, the procedure for monitoring ES, resolving conflict situations, actions in emergency situations, managing spacecraft keys, ensuring information security.

Authentication tools (SA) are hardware and (or) software that ensure the creation and verification of CA.

Telecommunication system of the Bank of Russia - hardware and software that ensures data transmission via communication channels.

Electronic message formats (EMF) - an ordered sequence of characters included in the ES according to uniform rules, presented in a formalized form, in an established sequence and dimension, used for transmission through communication channels and processing.

Participant in electronic exchange - internal and external users of the Bank of Russia EIS, defined in clauses 1.4 and 1.5 of these Regulations.

An electronic message (ES) is a set of data corresponding to the electronic format established by the Bank of Russia, suitable for unambiguous perception of its content, equipped with an authentication code.

2. Terms of use of the Bank of Russia EIS

2.1. Participants in the electronic exchange of information using the EIS of the Bank of Russia use electronic message formats established by the rules of the EIS of the Bank of Russia, defined in clause 1.6 of these Regulations. The list of data included in the message is established by the Bank of Russia EIS rules.

2.2. External users of the Bank of Russia EIS, in order to participate in the electronic exchange of information using the Bank of Russia EIS, are guided by agreements concluded with the Bank of Russia, which provide for the procedure for the exchange of electronic messages, establish the rights and obligations of the Bank of Russia and users of the Bank of Russia EIS, the responsibilities of the parties, and the procedure for resolving conflict situations , the procedure for the parties to act in emergency situations arising in the EIS of the Bank of Russia, the procedure for ensuring information security, including the procedure for using the authentication code, as well as other provisions that comply with the legislation and rules of the EIS of the Bank of Russia.

2.3. Internal users of the Bank of Russia EIS, when interacting with each other using the Bank of Russia EIS, are guided by regulations and organizational and administrative documents defining the rules of the Bank of Russia EIS.

2.4. The conditions for inclusion in the list of users of the EIS of the Bank of Russia, as well as the form of the act of readiness to begin electronic exchange of information using the EIS of the Bank of Russia are established by the rules of the EIS of the Bank of Russia, defined in clause 1.6 of these Regulations.

2.5. The decision to include credit institutions (branches of credit institutions) and other clients of the Bank of Russia into the EIS users, as well as to set the start date for electronic exchange of information using the Bank of Russia EIS, is made by the Bank of Russia subject to the user’s readiness, confirmed in the manner established by the Bank of Russia EIS rules .

3. General rules exchange of information

3.1. The exchange of information is carried out in the EIS of the Bank of Russia in the form of ES sent by users of the EIS of the Bank of Russia to each other.

3.2. The composition of the details contained in the ES is determined by the regulations of the Bank of Russia.

3.3. The information contained in the ES must be accessible for its subsequent use, including the possibility of its visual presentation and reproduction on paper.

3.4. Electronic messages used in the Bank of Russia EIS must be equipped with a CA, with the help of which message recipients have the opportunity to confirm the integrity and authenticity of the ES (authenticate the ES). Types of message authentication codes and rules for their use for various types banking information are established by the Bank of Russia EIS rules. Specific means of implementing CA messages, checking the integrity and authenticity of the ES are determined by the Bank of Russia.

3.5. Responsibility for the information contained in the electronic system is borne by the sender of the electronic system, the key (identifier) ​​of the spacecraft of which is registered in the prescribed manner and the spacecraft of which is equipped with this electronic system, unless otherwise provided by the rules of the EIS of the Bank of Russia and the agreement.

3.6. Participants in the electronic exchange of information and keys (identifiers) of the spacecraft are registered by the Bank of Russia in accordance with the rules of the EIS of the Bank of Russia, defined by clause 1.6 of these Regulations.

4. The procedure for receiving and monitoring received ES

4.1. All received ES are authenticated using authentication tools in the manner established by the Bank of Russia.

4.2. Based on the results of ES authentication, the electronic exchange participant who received the ES sends the sender an electronic message confirming the positive or negative result of authentication of the received ES, containing a group of details determined by the Bank of Russia.

4.3. If the authentication result is negative, the received ES is not allowed for further processing.

4.4. ES is considered delivered only after the sender receives confirmation of its delivery in accordance with the procedure established by the Bank of Russia.

5. Procedure for storing and destroying electronic devices

5.1. All sent and received ES, as well as CA and data necessary to verify the authentication code, are stored for periods established by the Bank of Russia.

5.2. When storing ES, the following requirements must be met:

All ES are stored in the format in which they were sent or received, which makes it possible to establish that the sent or received data contained in the ES is not distorted. When storing ES, it must be possible to authenticate them throughout the entire storage period;

All sent and received electronic messages are stored indicating the date and time of their sending and receipt;

The procedure for storing electronic systems must ensure prompt access to the information contained in them and the ability to reproduce it on paper.

5.3. Electronic messages and KA keys (identifiers) necessary for authentication of these messages are stored and destroyed in the manner established by the Bank of Russia.

Chairman

Central Bank

Russian Federation

Decree of the Government of the Russian Federation of November 14, 2015 N 1235
"On the federal state information system for the coordination of informatization"

The Government of the Russian Federation decides:

1. Approve the attached:

Regulations on the federal state information system for the coordination of informatization;

changes that are made to acts of the Government of the Russian Federation;

list of invalid acts of the Government of the Russian Federation.

2. Establish that financing for the creation, development, commissioning, operation, decommissioning of the federal state information system for coordinating informatization and further storage of information contained in its databases is carried out at the expense of the federal budget allocated to the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation for the implementation of state program activities by Decree of the Government of the Russian Federation of April 15, 2014 N 313 “On approval of the state program of the Russian Federation “Information Society (2011 - 2020)”.

The storage of the register of federal state information systems (hereinafter referred to as the register) is financed from the federal budget funds provided for by the Federal Service for Supervision of Communications, Information Technology and Mass Communications.

3. The Ministry of Communications and Mass Communications of the Russian Federation, within 3 months, approve the rules for posting information in the federal state information system for the coordination of informatization.

4. Federal Service for Supervision of Communications, Information Technology and Mass Communications:

a) ensure the decommissioning of the register containing information about federal state information systems intended for use in the implementation of government functions and (or) provision of public services before December 1, 2015;

c) transfer to the Ministry of Telecom and Mass Communications of the Russian Federation a copy of the register database before December 1, 2015.

Position
on the federal state information system for informatization coordination
(approved by resolution

With changes and additions from:

I. General provisions

1. These Regulations define the purpose, purpose, objectives and principles of the creation and development of the federal state information system for the coordination of informatization (hereinafter referred to as the coordination system), its structure, main functions and participants, the procedure for providing access to the coordination system, the legal regime of information and software technical means coordination system, requirements for its technological, software and linguistic means, rules for information interaction with other information systems, as well as the procedure for protecting information contained in the coordination system.

2. The coordination system ensures the formation of a single information space to support management decision-making in the field of public management of information and communication technologies created or used by federal executive authorities, executive authorities of constituent entities of the Russian Federation, other government bodies, management bodies of state extra-budgetary funds, local governments, state and municipal unitary enterprises, state and municipal institutions (hereinafter referred to as the subjects of the coordination system).

3. The purpose of creating a coordination system is to increase the efficiency and effectiveness of the use of information and communication technologies in the activities of the subjects of the coordination system.

4. The coordination system is designed to solve the following tasks:

a) taking into account measures for the creation, development, modernization, operation of information systems and components of information and communication infrastructure carried out by federal executive authorities and management bodies of state extra-budgetary funds (hereinafter referred to as informatization measures), and monitoring the progress of implementation of informatization measures;

b) planning and ensuring project management of the implementation of informatization measures by federal executive authorities and management bodies of state extra-budgetary funds;

c) information, analytical and methodological support for the subjects of the coordination system, including in terms of monitoring compliance with the requirements for the procedure for creation, development, commissioning, operation and decommissioning of state information systems and further storage of information contained in their databases, approved by the resolution Government of the Russian Federation dated July 6, 2015 N 676 “On the requirements for the procedure for creation, development, commissioning, operation and decommissioning of state information systems and further storage of information contained in their databases”;

d) ensuring that the Ministry of Digital Development, Communications and Mass Media of the Russian Federation conducts an assessment of informatization measures and informatization plans in accordance with Decree of the Government of the Russian Federation of May 24, 2010 N 365 “On the coordination of measures for the use of information and communication technologies in the activities of government bodies ";

e) monitoring compliance with the requirements provided for in Part 2.1 of Article 13 of the Federal Law “On Information, Information Technologies and Information Protection” for the placement of technical means of information systems used by the subjects of the coordination system, and the requirements specified in subparagraph “c” of this paragraph;

f) planning and implementation of informatization activities in relation to information systems and components of information and communication infrastructure, information about which is posted in the coordination system, as well as ensuring coordinated interaction of planning participants;

g) monitoring and analysis of the effectiveness and efficiency of the creation, development and operation by federal executive authorities and management bodies of state extra-budgetary funds of information systems and components of information and communication infrastructure at all stages of their existence;

h) collection, processing and storage of algorithms and (or) programs for electronic computers to the national fund of algorithms and programs for electronic computers;

i) ensuring that subjects of the coordination system are provided with algorithms and (or) programs for electronic computers contained in the national fund for use in the implementation of information technologies in their activities;

j) processing and analysis of information on the level of informatization of federal executive authorities, executive authorities of constituent entities of the Russian Federation and local governments;

k) monitoring the fulfillment by the constituent entities of the Russian Federation of the obligations stipulated by the agreement on the provision of subsidies for the implementation of projects aimed at establishing the information society in the constituent entities of the Russian Federation, as well as compliance by the constituent entities of the Russian Federation with the conditions for the provision of these subsidies;

l) monitoring the implementation of projects in the field of informatization in the constituent entities of the Russian Federation;

m) distribution publicly available information contained in the coordination system, including in the form of open data.

5. The creation, development and operation of the coordination system are carried out on the basis of the following principles:

a) eliminating duplication of information by observing the rules of its single entry and repeated use;

b) use of the results obtained during the implementation of the state program of the Russian Federation "Information Society (2011 - 2020)", approved by Decree of the Government of the Russian Federation dated April 15, 2014 N 313 "On approval of the state program of the Russian Federation "Information Society (2011 - 2020)", including the creation and development of the state information system for managing departmental and regional informatization, the "Electronic Region" information system, the federal state information system of the national fund of algorithms and programs for electronic computers, the state information system for recording information systems created and purchased at the expense of the federal budget and the budgets of state extra-budgetary funds;

c) the use of infrastructure elements that ensure information technology interaction of information systems used to provide government and municipal services and execution of state and municipal functions in electronic form;

d) primary storage in the databases of the coordination system of only unique (reference) information;

e) ensuring the completeness, reliability, relevance and integrity of information posted in the coordination system, including through the use electronic signature;

f) placement of information in the coordination system only by authorized officials;

g) centralization of collection and free provision of information posted in the coordination system to all interested parties with access rights;

h) openness for integration with existing and created state and other information resources, departmental and interdepartmental information systems based on uniform formats of information interaction;

i) adaptability of the coordination system to changes in the legislation of the Russian Federation regulating relations in the field of coordination of informatization of subjects of the coordination system;

j) methodological support of the subjects of the coordination system at all stages of using the coordination system, including the provision of model acts, document templates, graphic and tabular diagrams describing the algorithm of actions.

II. Participants in the coordination system and their powers

6. Participants in the coordination system are:

a) Ministry of Digital Development, Communications and Mass Communications of the Russian Federation;

b) subjects of the coordination system;

c) individuals and organizations that are not subjects of the coordination system.

7. Ministry of Digital Development, Communications and Mass Communications of the Russian Federation:

a) is the customer of the coordination system and performs the functions of the operator of the coordination system;

b) forms a state task for the performance of work and provision of services for the creation, development and operation of a coordination system;

c) determines the composition and rules for placing information in the coordination system by participants in the coordination system;

d) develops and approves, within its powers, normative legal acts and other documents necessary for the functioning of the coordination system;

e) provides access to the coordination system for authorized officials of participants in the coordination system and their information support on technical issues;

f) ensures recording of information about facts of access to the coordination system;

g) ensures compliance with information security requirements, including protection of the coordination system from unauthorized access.

8. Work and services for the creation, development and operation of a coordination system, including individual functions of the coordination system operator, can be performed on the state assignment of the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation by government agencies in accordance with the budget legislation of the Russian Federation and the legislation of the Russian Federation on non-profit organizations, as well as other organizations in accordance with the legislation of the Russian Federation on the contract system in the field of procurement of goods, works, services to meet state and municipal needs.

9. The following should be placed in the coordination system:

a) information on informatization measures and informatization plans, conclusions on the feasibility of carrying out informatization measures, conclusions on informatization plans, documents (draft documents) on informatization and reports on the implementation of informatization plans;

b) information and documents on the organization of a project management system for informatization activities;

c) information about information systems created and acquired at the expense of the federal budget and the budgets of state extra-budgetary funds;

d) information about algorithms and programs for electronic computers, preparatory (design), technical, accompanying and (or) methodological documentation for programs for electronic computers created or acquired with funds from the federal budget and budget funds of state extra-budgetary funds;

e) information necessary for conducting a competitive selection for the right to receive subsidies for the implementation of informatization projects in the constituent entities of the Russian Federation on the basis of co-financing, as well as indicators of the effectiveness of regional informatization and other indicators and information necessary for assessing the effectiveness of regional informatization and the implementation of the Concept of regional informatization, approved by order of the Government of the Russian Federation of December 29, 2014 N 2769-r;

f) information provided for by the Rules for monitoring the placement of technical means of information systems used by state bodies, local governments, state and municipal unitary enterprises, state and municipal institutions on the territory of the Russian Federation, approved by resolution

g) information provided for by the Rules for monitoring compliance with the requirements for the procedure for the creation, development, commissioning, operation and decommissioning of state information systems and the further storage of information contained in their databases, approved by the Decree of the Government of the Russian Federation of July 6, 2015. N 675 “On the procedure for monitoring compliance with the requirements provided for in Part 2.1 of Article 13 and Part 6 of Article 14 of the Federal Law “On Information, Information Technologies and Information Protection”;

h) other information determined by the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation in methodological documents necessary to ensure the operation of the coordination system.

10. To ensure the functioning of the coordination system, the subjects of the coordination system in the manner and within the time limits established by regulatory legal acts, including those approved by the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation:

a) adopt the necessary departmental acts;

b) determine authorized officials responsible for preparing information for placement in the coordination system and posting the said information in the coordination system;

c) organize the receipt by authorized officials of qualified certificates of electronic signature verification keys and electronic signature means in accredited certification centers;

d) organize the placement of information in the coordination system.

11. The placement of information in the coordination system is organized by:

b) the highest executive bodies of the constituent entities of the Russian Federation and the executive bodies of state power of the constituent entities of the Russian Federation - in terms of the information specified in subparagraphs "e" - "g" of paragraph 9 of these Regulations;

c) other state bodies, local government bodies, state and municipal unitary enterprises, state and municipal institutions - in terms of the information specified in subparagraph "e" of paragraph 9 of these Regulations;

d) management bodies of state extra-budgetary funds - in terms of the information specified in subparagraphs “a” - “d” of paragraph 9 of these Regulations.

12. Managers and authorized officials of the subjects of the coordination system are responsible for the completeness, accuracy and relevance of information posted in the coordination system, as well as for compliance with the procedure and timing of its placement.

13. Individuals and organizations are users of the "Portal" subsystem of the coordination system.

III. Structure and main functions of the coordination system

14. The coordination system includes the following information systems as its subsystems:

a) integration subsystems - information systems that implement the functions of database management of the coordination system and the formation of a unified data repository, ensuring information security, information and technological interaction of the subsystems of the coordination system with each other and with other information systems, as well as the functions of system-wide technological services;

b) service subsystems - information systems that implement applied functions of information technology support for solving problems specified in paragraph 4 of these Regulations, including the information system for managing departmental and regional informatization, the “Electronic Region” information system, the federal state information system of the National Fund of Algorithms and Programs for electronic computers, the federal state information system for recording information systems created and acquired at the expense of the federal budget and the budgets of state extra-budgetary funds;

c) subsystem "Portal".

15. The main functions of integration subsystems are:

a) maintaining a unified database (data warehouse) of the coordination system;

b) ensuring information interaction between service subsystems of the coordination system;

c) formation, maintenance and updating of centralized directories and classifiers;

d) confirmation of the authenticity of electronic signature verification key certificates;

e) ensuring the protection of information in accordance with the requirements of regulatory legal acts and methodological documents in the field of information security and information protection;

f) ensuring regulated access of coordination system participants to the coordination system;

g) ensuring information interaction between the coordination system and other information systems.

16. The main functions of service subsystems are:

a) information and analytical support for informatization management at the stages of decision-making on the creation of information systems, planning activities for the creation, development and operation of information and communication technologies, information systems (including information technologies, technical means and information and telecommunication networks necessary for their functioning) carried out by the subjects of the coordination system, as well as taking into account the results of ongoing informatization activities, assessing their effectiveness and efficiency, and using the results of ongoing informatization activities;

b) ensuring the formation and maintenance of a register of the territorial location of technical means of information systems in accordance with the Rules specified in subparagraph "e" of paragraph 9 of these Regulations, as well as the interaction of the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation with bodies and organizations in the process of formation and maintaining the specified register;

c) ensuring the formation and maintenance of a register of objects of control in accordance with the Rules specified in subparagraph "g" of paragraph 9 of these Regulations, as well as interaction of the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation with federal executive authorities and executive authorities of the constituent entities of the Russian Federation in the process of forming and maintaining the said register;

d) monitoring compliance with the requirements provided for in Part 2.1 of Article 13 of the Federal Law “On Information, Information Technologies and Information Protection” for the placement of information systems, and the requirements specified in subparagraph “c” of paragraph 4 of these Regulations;

e) analysis and visualization of data contained in the coordination system;

f) methodological support for participants in the coordination system at all stages of using the coordination system, including the provision of model acts, document templates, graphic and tabular diagrams describing the algorithm of actions;

g) provision of information in the form of open data;

h) collection, processing and storage of programs for electronic computers, preparatory (design), technical, accompanying and (or) methodological documentation for such programs created or acquired with the assistance of the federal budget or the budget of state extra-budgetary funds, as well as ensuring access to government bodies , state extra-budgetary funds and local governments to these programs and (or) documents;

i) monitoring and analysis of data to calculate the values ​​of indicators used to determine the level of development of the constituent entities of the Russian Federation in the field of formation of the information society;

j) collection and processing of applications submitted by constituent entities of the Russian Federation for competitive selection for the right to receive subsidies from the federal budget to the budgets of constituent entities of the Russian Federation for the implementation of projects (events) aimed at establishing the information society in the constituent entities of the Russian Federation, and performance indicators for the provision of subsidies;

k) collection, examination and storage of reporting materials submitted by the constituent entities of the Russian Federation within the framework of reporting provided for by agreements between the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation and the highest executive bodies of state power of the constituent entities of the Russian Federation on the provision of subsidies from the federal budget to the budgets of the constituent entities of the Russian Federation Federation for the implementation of projects (events) aimed at establishing the information society in the constituent entities of the Russian Federation.

17. The main functions of the "Portal" subsystem are:

a) ensuring public access to information contained in the coordination system, including in open data format, including access to analytical reporting containing information on the progress of implementation of measures for informatization of the subjects of the coordination system in the form of reports, in tabular and graphical forms;

b) providing subjects of the coordination system with a single point of access to the service subsystems of the coordination system;

c) providing a communication platform (forums, electronic reception and other services and information channels that provide communication) for the exchange of opinions between interested participants in the coordination system.

IV. Procedure for providing access to the coordination system

18. Access to the coordination system is provided to:

a) authorized officials of the subjects of the coordination system, who have previously been registered in the coordination system, through identification and authentication procedures - in terms of service subsystems;

b) to all participants in the coordination system through free access using the information and telecommunications network "Internet" - in terms of the "Portal" subsystem.

19. Identification and authentication of participants in the coordination system are carried out using the federal state information system " one system identification and authentication in the infrastructure that ensures information and technological interaction of information systems used to provide state and municipal services in electronic form."

V. Legal regime of information contained in the coordination system and software and hardware of the coordination system

20. The information contained in the coordination system is publicly available, with the exception of information, access to which is limited in accordance with the legislation of the Russian Federation.

21. The powers of the owner of the information contained in the coordination system, on behalf of the Russian Federation, are exercised by the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation.

22. Subjects of the coordination system ensure the accuracy, completeness and relevance of the information posted in the coordination system, as well as its compliance with the requirements for the structure and formats of such information, approved by the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation.

23. Property included in the software and hardware of the coordination system, created or acquired at the expense of the federal budget, is federal property.

VI. Requirements for hardware and software of the coordination system

24. Hardware and software of the coordination system must meet the following requirements:

a) are located on the territory of the Russian Federation;

b) ensure that information is posted in the state language of the Russian Federation;

c) have valid certificates issued Federal service security of the Russian Federation and (or) the Federal Service for Technical and Export Control in relation to their information protection tools, including software and hardware, anti-virus and cryptographic information protection tools and information protection tools from unauthorized access, destruction, modification and blocking of access to it, as well as from other unlawful actions in relation to such information;

d) provide automated maintenance electronic magazines accounting for operations carried out in the coordination system, recording the placement, changes and deletion of information, the exact time of such operations, the content of changes and information about the participants in the coordination system who carried out these actions;

e) ensure access of coordination system participants to the coordination system, uninterrupted maintenance of databases and protection of information contained in the coordination system from unauthorized access;

f) provide the possibility of information interaction of the coordination system with other information systems, including through the use of infrastructure elements that ensure information and technological interaction of information systems used to provide state and municipal services and perform state and municipal functions in electronic form;

g) ensure that participants undergo the identification and authentication coordination system using the federal state information system “Unified system of identification and authentication in the infrastructure that ensures information and technological interaction of information systems used to provide state and municipal services in electronic form”;

h) provide the opportunity to receive information from the coordination system in the form of files, electronic messages or on paper;

i) ensure the safety of all versions of created documents and the history of their changes.

25. The coordination system ensures the unity of normative and reference information, including dictionaries, reference books, registers and classifiers.

The list of dictionaries, reference books, registers and classifiers used in the coordination system is established by the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation.

VII. Information interaction of the coordination system with other information systems

26. In these Regulations, the information interaction of the coordination system with other information systems means the receipt, placement and use in the coordination system of information contained in other information systems, as well as the provision of information contained in the coordination system to other information systems.

27. The coordination system interacts with the following information systems:

a) federal state information system “Unified system of identification and authentication in the infrastructure that ensures information and technological interaction of information systems used to provide state and municipal services in electronic form” - in order to ensure identification and authentication of participants in the coordination system;

b) state automated information system "Management" - for the purpose of exchanging information necessary for strategic planning of regional informatization, coordinating costs for regional informatization, managing projects in the field of regional informatization;

c) a unified information system in the field of procurement - for the purpose of transferring from this system to the coordination system information about announced tenders (requests for quotations) and about concluded government contracts for the supply of goods, performance of work, provision of services necessary for the creation and (or) development and (or) operation of information systems and (or) components of information and communication infrastructure, as well as on acceptance certificates of goods supplied, work performed and services rendered under these contracts;

d) state integrated information system for public finance management "Electronic Budget" - for the purpose of information exchange of information on the volume of budget allocations to federal executive authorities and management bodies of state extra-budgetary funds and on the indicators of their cash execution, as well as on planned and actual indicators of the implementation of informatization plans federal executive authorities and management bodies of state extra-budgetary funds and regulatory reference information necessary for these purposes;

e) federal state information system " Federal Register state and municipal services (functions)" and an analytical information system for ensuring openness of the activities of federal executive authorities, located on the Internet information and telecommunications network (www.programs.gov.ru), in order to obtain information about state and municipal services and functions , as well as about state programs of the Russian Federation;

f) infrastructure that ensures information and technological interaction of information systems used to provide state and municipal services and perform state and municipal functions in electronic form - in order to organize the interaction of the coordination system;

g) other information systems containing information necessary for the implementation of the powers of participants in the coordination system and the requirements of these Regulations (hereinafter referred to as other information systems).

28. Operators of other information systems provide access to information contained in other information systems used to implement the functions and powers of the subjects of the coordination system, implemented through the coordination system.

29. The organization of information interaction of the coordination system with other information systems is carried out by the operator of the coordination system and operators of other information systems independently or with the involvement of organizations under their jurisdiction or other organizations in accordance with the legislation of the Russian Federation in the field contract system in the field of procurement of goods, works, services to meet state and municipal needs.

30. The organization of information interaction of the coordination system with other information systems is implemented through the priority use of:

a) infrastructure that ensures information and technological interaction of information systems used to provide state and municipal services and perform state and municipal functions in electronic form;

b) regional systems interdepartmental electronic interaction created in the constituent entities of the Russian Federation in order to ensure the provision of public services in electronic form and the execution of state functions by executive bodies of state power of the constituent entities of the Russian Federation, as well as the provision of municipal services and the execution of municipal functions by local government bodies.

31. The rules for information interaction of the coordination system with the information systems specified in paragraph 27 of these Regulations are established by agreements concluded between the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation and customers (operators) of these information systems.

32. Information interaction of the coordination system with other information systems is carried out in compliance with the following requirements:

a) ensuring the completeness and reliability of the information provided, compliance with the established deadlines for its provision, as well as ensuring the confidentiality of information, access to which is limited by the legislation of the Russian Federation;

b) signing information transmitted from other information systems to the coordination system and from the coordination system to other information systems, enhanced by a qualified electronic signature;

c) ensuring that operators of other information systems protect the information they transmit from unauthorized access, destruction, modification, blocking, copying, distribution, and other unlawful actions from the moment this information is transferred from another information system until it enters the coordination system;

d) recording the date, time, content and participants of all actions and operations carried out within the framework of information interaction, as well as the possibility of providing information that allows one to restore the history of information interaction;

e) immediate notification by participants in information interaction of each other about failures and violations in the functioning of the coordination system and other information systems, which may lead to violation of the timing and quality of provision and (or) receipt of information, as well as violations of the information security requirements defined by these Regulations ;

f) immediate implementation of measures to eliminate identified failures and disruptions in the functioning of the coordination system and other information systems, as well as cases of violation of information security requirements defined by these Regulations;

g) confirmation of the reliability and relevance of information transmitted and received from other information systems to the coordination system, and if the information is found to be unreliable - ensuring its updating, as well as informing interested participants in information interaction about cases where information is unreliable and about changes made in the process actualization.

VIII. Protection of information contained in the coordination system

33. Information contained in the coordination system is subject to protection in accordance with the legislation of the Russian Federation on information, information technology and information protection and legislation on personal data.

34. The protection of information contained in the coordination system is ensured through the application of organizational and technical measures to protect information, as well as monitoring the operation of the coordination system.

35. To ensure the protection of information during the creation, operation and development of the coordination system, the following are carried out:

a) developing requirements for the protection of information contained in the coordination system;

b) development and implementation of the information security subsystem of the coordination system;

c) the use of certified information security tools, as well as certification of the coordination system for compliance with information security requirements;

d) protection of information during its transmission over information and telecommunication networks;

e) ensuring the protection of information during operation of the coordination system.

36. In order to protect the information contained in the coordination system, the operator of the coordination system ensures:

a) preventing unauthorized access to information contained in the coordination system and (or) transfer of such information to persons who do not have the right to access this information;

b) immediate detection of facts of unauthorized access to information contained in the coordination system;

c) preventing unauthorized influence on the technical means of information processing included in the coordination system, as a result of which their functioning is disrupted;

d) the possibility of immediately identifying facts of modification, destruction or blocking of information contained in the coordination system due to unauthorized access and restoration of such information;

e) ensuring continuous monitoring of the level of security of information contained in the coordination system.

Changes,
which are included in acts of the Government of the Russian Federation
(approved by Decree of the Government of the Russian Federation of November 14, 2015 N 1235)

1. Clause 2 of the Decree of the Government of the Russian Federation dated July 6, 2015 N 675 “On the procedure for monitoring compliance with the requirements provided for in Part 2.1 of Article 13 and Part 6 of Article 14 of the Federal Law “On Information, Information Technologies and Information Protection” (Meeting Legislation of the Russian Federation, 2015, No. 28, Art. 4240) shall be stated as follows:

"2. State bodies, local government bodies, state and municipal unitary enterprises, state and municipal institutions no later than March 1, 2016, enter into the register of territorial location of technical means of information systems, provided for by the Rules for monitoring the placement of technical means of information systems used by state bodies, local government bodies, state and municipal unitary enterprises, state and municipal institutions, on the territory of the Russian Federation, approved by this resolution, information about the technical means of information systems used by them and ensure the further entry and updating of this information in accordance with the procedure established by the Ministry communications and mass communications of the Russian Federation."

2. Clause 15 of the requirements for the procedure for the creation, development, commissioning, operation and decommissioning of state information systems and further storage of information contained in their databases, approved by Decree of the Government of the Russian Federation dated July 6, 2015 N 676 “On requirements for the procedure for the creation, development, commissioning, operation and decommissioning of state information systems and further storage of information contained in their databases" (Collected Legislation of the Russian Federation, 2015, No. 28, Art. 4241), stated as follows:

"15. Commissioning of the system is not permitted in the following cases:

a) absence in the register of territorial location of objects of control, provided for by the Rules for monitoring the placement of technical means of information systems used by state bodies, local governments, state and municipal unitary enterprises, state and municipal institutions, on the territory of the Russian Federation, approved by a resolution of the Government of the Russian Federation dated July 6, 2015 N 675 “On the procedure for monitoring compliance with the requirements provided for in Part 2.1 of Article 13 and Part 6 of Article 14 of the Federal Law “On Information, Information Technologies and Information Protection”, information on the placement of technical means of the information system on the territory Russian Federation;

b) failure to comply with the requirements of this section, identified during the implementation of control in accordance with the Rules for monitoring compliance with the requirements for the procedure for the creation, development, commissioning, operation and decommissioning of state information systems and the further storage of information contained in their databases, approved by the resolution of the Government of the Russian Federation specified in subparagraph “a” of this paragraph."

Scroll
acts of the Government of the Russian Federation that have lost force
(approved by Decree of the Government of the Russian Federation of November 14, 2015 N 1235)

1. Decree of the Government of the Russian Federation of September 10, 2009 N 723 “On the procedure for commissioning certain state information systems” (Collected Legislation of the Russian Federation, 2009, N 37, Art. 4416).

2. Paragraph three of paragraph 1 of Decree of the Government of the Russian Federation of June 26, 2012 N 644 “On the federal state information system for recording information systems created and acquired at the expense of the federal budget and the budgets of state extra-budgetary funds” (Collection of Legislation of the Russian Federation, 2012, N 27, art. 3753).

3. Clause 4 of the changes that are being made to the acts of the Government of the Russian Federation in connection with the adoption of the Federal Law "On Electronic Signatures", approved by Decree of the Government of the Russian Federation dated December 27, 2012 N 1404 "On amendments to certain acts of the Government of the Russian Federation in connection with the adoption of the Federal Law “On Electronic Signatures” (Collected Legislation of the Russian Federation, 2012, No. 53, Art. 7958).

4. Clause 4 of the Decree of the Government of the Russian Federation of July 10, 2013 N 584 “On the use of the federal state information system “Unified system of identification and authentication in the infrastructure that ensures information and technological interaction of information systems used to provide state and municipal services in electronic form "(Collected Legislation of the Russian Federation, 2013, No. 30, Art. 4108).

MINISTRY OF HEALTH OF THE RUSSIAN FEDERATION

On approval of the Regulations on the information system,
providing subjects with medicines circulation
funds with the necessary information


In accordance with the Federal Law of June 22, 1998 N 86-FZ “On Medicines” (as amended and supplemented, (Collection of Legislation of the Russian Federation, 1998, N 26, Art. 3006; 2000, N 2, Art. 126; 2002 , N 1, art. 2; 2003, N 2, art. 167), as well as for the purpose of formation and effective use government resources information about medicines

I order:

1. Approve the Regulations on the information system providing subjects of medicines circulation with the necessary information (Appendix).

2. Entrust the Department of State Quality Control of Medicines, Medical Products and Medical Equipment with coordinating the activities of the information system that provides subjects of medicines circulation with the necessary information.

3. Entrust control over the implementation of this order to Deputy Minister A.V. Katlinsky.

Minister
Yu. Shevchenko


Registered
at the Ministry of Justice
Russian Federation
June 3, 2003
registration N 4628

Application. Regulations on the information system providing subjects of medicines circulation with the necessary information

Application

APPROVED
by order of the Ministry
health
Russian Federation
dated May 28, 2003 N 224

1. An information system that provides subjects of medicines circulation with the necessary information (hereinafter referred to as the information system) consists of an organizationally ordered set of documents (document arrays) containing medical, scientific, legal and other information in the field of medicines circulation and information technologies created or used by the owners of such information resources.

2. The purpose of creating an information system is to ensure the effective use of state information resources in the field of quality control of medicines, formation and forecasting of demand and supply for medicines, export and import of medicines, as well as information support of the medicines market.

3. The organization of effective receipt, processing, monitoring and use of information resources in the field of circulation of medicines is entrusted to the Federal government agency"Scientific Center for Expertise of Medicinal Products" of the Ministry of Health of the Russian Federation (Scientific Center).

4. The scientific center carries out:

- ensuring the collection and analysis of information in the field of circulation of medicines;

- organization and support of work on the formation of databases and use of information;

- interaction with sources of certain types of information in the field of production and circulation of medicines included in the information system, development of programs for the improvement and development of this information system;

- assisting in the introduction into practice of information support on the territory of the Russian Federation of new information technologies in the field of circulation of medicines;

- ensuring cooperation with foreign organizations on issues of transfer, exchange and purchase of information;

- organization of retraining and advanced training of personnel in information support circulation of medicines.

5. The information system includes the following information resources:

5.1. State register of medicines.

5.2. State register of prices for medicines.

5.3. Information fund of quality standards for medicines (pharmacopoeial monographs, regulatory documents of foreign manufacturers).

5.4. Register of licenses for pharmaceutical activities.

5.5. Information fund of information on the export and import of medicines.

5.6. Information fund of information on certification of medicines.

5.7. Information fund of information about side effects and peculiarities of drug interactions.

The formation of information resources of medicines is carried out in accordance with the legislation of the Russian Federation.

6. List information services provided to users from state information resources free of charge or for a fee that does not fully reimburse the costs of services, is established by the Government of the Russian Federation*.

________________

* (Collection of Legislation of the Russian Federation, 1995, No. 8, Art. 609; 2003, No. 2, Art. 167).


The text of the document is verified according to:
"Bulletin of normative acts
federal bodies
executive power",
N 37, 09/15/2003

3.1. IS is used for the exchange of official information within the Organization in the form of electronic messages and documents in electronic form.

3.2. The Organization's IP may use commercial software included in the Register of Approved Software and specified in the PC Passport.

3.3. To control the functioning of the Organization's IS and fulfill the requirements of these Regulations, the Head of the IT Department appoints responsible persons from among the IS administrators.

3.4. Only registered users who have familiarized themselves with the requirements of the Organization's internal organizational and administrative documents on information security have access to the Organization's IS resources.

3.5. The procedure for registering (creating an account) of an Organization employee in the IS can be initiated by the Manager structural unit in cases:

    the need to organize an automated workplace for a new employee;

    the need for employees to perform new (additional) duties that require access to information systems.

3.6. The process of registering an Organization employee in the IS consists of the following stages:

3.6.1. Submission of an application in the approved form to connect an employee of the Organization to the IS is carried out by the Head of a structural unit addressed to the Head of the Organization.

3.6.2. If the Head of the Organization approves the application, its original is transferred to the IT department to register a user account in the Organization's IS - the user is assigned a unique identifier, issued a temporary password, and is provided with the minimum rights and privileges (if necessary) to access IS resources for the performance of official duties.

3.6.3. Connecting the employee's workstation to the Organization's IS is carried out on site by specialists from the IT department.

3.7. Within the framework of the Organization's IP, access rights (once every 6 months) and privileges (once every 3 months) of users are regularly reviewed.

3.8. Upon receipt of information from the Head of a structural unit about the dismissal or change of position of an employee of the Organization, the rights and privileges to access IP resources are revoked, the account is deleted or blocked.

3.9. When using the Organization's IS, you must:

3.9.1. Know the requirements of the organization's internal organizational and administrative documents on information security.

3.9.2. Have initial skills in using automated workplaces and the Organization's IS.

3.9.3. Use the Organization's IP solely to perform your official duties.

3.9.4. Consider compliance with IS requirements established by IS administrators as a prerequisite for continuing their work in the Organization's IS.

3.9.5. Notify IS administrators of any facts of violation of IS requirements.

3.9.6. Notify IS administrators of any facts of software failures, incorrect completion of significant operations, as well as damage to technical equipment.

3.9.7. Immediately comply with the instructions of the Organization's IS administrators.

3.9.8. Immediately provide the workstation to the Organization's IS administrators for control.

3.9.9. If you need to stop working for a while, close everything correctly active tasks, block workstation.

3.9.10. If it is necessary to continue work after the end of the working day, inform the IS administrator about this.

3.10. When using the Organization's IP, it is prohibited:

3.10.1. Use the Organization's workstation and IP for personal purposes.

3.10.2. Send:

3.10.2.1. Confidential information, as well as information constituting a trade secret, except when this is part of official duties and the method of transmission is safe, agreed with the IP administrators in advance.

3.10.2.2. Information, in whole or in part, protected by copyright or other rights, without the permission of the owner.

3.10.2.3. Information, files or software that may disrupt or limit the functionality of any software or hardware, or unauthorized access, as well as links to the above information.

3.10.2.4. Threatening, slanderous, obscene information, as well as information that insults the honor and dignity of others, materials that incite ethnic hatred, incite violence, call for illegal activities, etc.

3.10.3. Unauthorizedly make changes to the design, configuration, placement of workstations and other components of the Organization's IS.

3.10.4. Provide employees of the Organization (except for IS administrators) and third parties with access to their workstation.

3.10.5. Run software on the workstation that is not included in the Register of Approved Software.

3.10.6. Protect information in ways not previously agreed upon with IS administrators.

3.10.7. Search for means and ways of damaging, destroying technical means and IP resources or attempting unauthorized access to them.

3.10.8. Use local ones to perform official duties Accounts ARM.

3.11. Information about visited IS resources is recorded and, if necessary, can be provided to the heads of structural divisions, as well as to the Management of the Organization.

3.12. If an employee of the Organization is suspected of misuse of IP, an internal audit is initiated, conducted by a commission whose composition is determined by the Management of the Organization.

3.13. Based on the clarified circumstances, an Incident Investigation Report is drawn up and submitted to the Head of the structural unit for taking measures in accordance with internal regulations and current legislation. The incident investigation report and information about the measures taken are subject to transfer to the IT department.

3.14. All emails and documents in electronic form transmitted through the Organization's IS are subject to mandatory verification for the absence of malware.

Related publications: