Software Requirements

Specification

for

Pharma Ease: A Medicine

Delivery Application

Prepared by Rabia Sarfraz (2330-0070)

Areeba Anjum (2330-0098)

Saima Younas (2330-0151)

Quick Med Logistics

January 12th ,2024

Copyright © 1999 by Karl E. Wiegers. Permission is granted to use, modify, and distribute this document.
Software Requirements Specification for <Project> Page ii

Table of Contents
Table of Contents....................................................................................................................... ii
Revision History......................................................................................................................... ii
1. Introduction.......................................................................................................................... 1
1.1 Purpose...................................................................................................................................... 1
1.2 Document Conventions..............................................................................................................1
1.3 Intended Audience and Reading Suggestions..............................................................................1
1.4 Product Scope............................................................................................................................2
1.5 References..................................................................................................................................2
2. Overall Description.............................................................................................................. 3
2.1 Product Perspective....................................................................................................................3
2.2 Product Functions.......................................................................................................................4
2.3 User Classes and Characteristics.................................................................................................4
2.4 Operating Environment...............................................................................................................6
2.5 Design and Implementation Constraints......................................................................................7
2.6 User Documentation...................................................................................................................7
2.7 Assumptions and Dependencies..................................................................................................7
3. External Interface Requirements........................................................................................ 7
3.1 User Interfaces............................................................................................................................7
3.2 Hardware Interfaces....................................................................................................................9
3.3 Software Interfaces.....................................................................................................................9
3.4 Communications Interfaces.........................................................................................................9
4. System Features.................................................................................................................. 10
4.1 User Account Management.......................................................................................................10
4.2 Prescription Upload and Verification........................................................................................11
4.3 Medicine Order and Stock Management....................................................................................12
4.4 Real Time Order Tracking........................................................................................................12
4.5 Secure Payment Processing.......................................................................................................13
4.6 Feedback and Support System..................................................................................................14
5. Other Nonfunctional Requirements.................................................................................. 15
5.1 Performance Requirements.......................................................................................................15
5.2 Safety Requirements.................................................................................................................17
5.3 Security Requirements..............................................................................................................19
5.4 Software Quality Attributes......................................................................................................21
5.5 Business Rules.........................................................................................................................21
6. Other Requirements........................................................................................................... 22
Appendix A: Glossary.............................................................................................................. 22
Appendix B: Analysis Models.................................................................................................. 22
Appendix C: To Be Determined List....................................................................................... 23

Revision History
Name Date Reason For Changes Version
Software Requirements Specification for PharmaEase
Page 1

1. Introduction

1.1 Purpose

This document outlines the functional and non-functional requirements for Pharma Ease,
a medication delivery app created by Quick Med Logistics. The goal of the system is to
improve healthcare access by offering a convenient and secure platform for ordering and
delivering medications.

1.2 Document Conventions

 All priority levels are marked as High, Medium, or Low.

 Requirements are labeled with unique identifiers (e.g., REQ-1).

1.3 Intended Audience and Reading Suggestions

This document is intended for:

 Developers: To design and implement the system.
 Testers: To validate functionality.
 Project Managers: To ensure alignment with business goals.
 Stakeholders: To confirm requirements, meet their needs.
Read Section 1: Introduction
This section gives an overview of the document's purpose, conventions, scope, and
intended audience, along with reading suggestions. It sets the foundation for
understanding the rest of the document.
Section 2: Overall Description
This section explains the high-level product perspective, product functions, and
target users, which is useful for developers, project managers, marketing staff, and
users.
Section 4: System Features
This section is essential for developers, testers, and project managers to
understand detailed features of the system.
Software Requirements Specification for PharmaEase
Page 2

Section 5: Other Nonfunctional Requirements

This section provides detailed requirements on performance, security, and quality
that are relevant to developers and testers.
Section 3: External Interface Requirements
Developers and testers will need this section for understanding system interfaces,
as will users in some cases, particularly for user interface details.
Appendices A, B, and C
 Appendix A: Glossary is especially helpful for non-technical readers (e.g.,
marketing staff, users) to understand terminology.
 Appendix B: Analysis Models is typically for developers to understand design
models or diagrams.
 Appendix C: To Be Determined List may be useful for project managers or
developers to be aware of any unresolved issues or pending decisions.

1.4 Product Scope

Pharma Ease is a web and mobile application enabling residents of Islamabad and nearby
areas to order medications online. It supports prescription uploads, inventory
management, secure payments, and real-time tracking.

1.5 References
The following documents are referenced throughout this Software Requirements
Specification (SRS) for Pharma Ease:

1. Vision and Scope Document

o Title: Pharma Ease - Vision and Scope Document
o Author: Quick Med Logistics
o Version Number: 1.0
o Date: January 2025
o Location: Internal document repository (available to stakeholders)

2. User Interface Style Guide

o Title: Pharma Ease - User Interface Style Guide
o Author: Quick Med Logistics Design Team
o Version Number: 1.2
o Date: January 2025
o Location: Internal design repository (available to design and development
teams)

3. System Requirements Specification (SRS) - Pharmacy Management System

o Title: Pharmacy Management System - SRS
Software Requirements Specification for PharmaEase
Page 3

o Author: Quick Med Logistics Development Team

o Version Number: 1.0
o Date: January 2025
o Location: Internal development repository

4. Use Case Documents

o Title: Use Cases for Pharma Ease
o Author: Quick Med Logistics Development Team
o Version Number: 1.0
o Date: January 2025
o Location: Internal use case repository (available to development and QA
teams)

5. Healthcare Data Security Standards

o Title: Healthcare Data Security and Compliance Standards
o Author: Quick Med Logistics Security Team
o Version Number: 3.0
o Date: January 2025
o Location: Internal security standards repository

6. Contractual Agreement for Payment Gateway Integration

o Title: Payment Gateway Integration Contract
o Author: Quick Med Logistics Legal Department
o Version Number: 1.0
o Date: January 2025
o Location: Quick Med Logistics Contract Repository

7. Drug Regulatory Authority of Pakistan (DRAP) Compliance Standards

o Title: DRAP Compliance Guidelines
o Author: Pakistan Department of Health Services
o Version Number: 2025
o Date: January 2025
o Location: www.dra.gov.pk

8. Payment Gateway Documentation

o Title: Payment Gateway API Integration Documentation
o Author: Payment Gateway Provider (e.g. Easypaisa, JazzCash)
o Version Number: Latest
o Date: 2025
o Location: Online at the respective payment gateway provider's
documentation page (e.g. Easypaisa, JazzCash)

2. Overall Description

2.1 Product Perspective

Pharma Ease integrates with local pharmacies and third-party logistics providers to
streamline medicine delivery. The system ensures compliance with regulatory
Software Requirements Specification for PharmaEase
Page 4

requirements and prioritizes user convenience and data security. Pharma Ease is a self-
contained system; however, it is part of Quick Med Logistics' broader digital
healthcare ecosystem. The product interfaces with several external systems and
components, including payment gateways, stock management systems (used by
pharmacies), and delivery systems.

2.2 Product Functions

 User Account Management

 Prescription Upload and Verification
 Medication Search and Order Placement
 Secure Payment Integration
 Order Tracking and Notifications
 User Feedback Mechanism

2.3 User Classes and Characteristics

2.3.1. Customer
 Frequency of Use: Customers primarily interact with the app for browsing and
purchasing medicines, uploading prescriptions, making payments, tracking orders,
and providing feedback.
 Technical Expertise: Typically, customers will have basic to moderate technical
expertise. They should be able to use mobile apps without difficulty but may not
have advanced knowledge of app functionality.
 Security or Privilege Levels: Customers have restricted access to their personal
profiles, order history, and limited interaction with the pharmacists. They cannot
access sensitive system data (e.g., payment information for other users,
pharmacist details, or admin settings).
 Educational Level: Customers may have varying educational backgrounds, but
generally, they will need a basic understanding of how to navigate the app and
follow prompts for prescription submission and payment.

2.3.2. Pharmacists:
 Frequency of Use: Frequent, as pharmacists need to review prescriptions,
approve or reject orders, and provide assistance to customers. Pharmacists are
Software Requirements Specification for PharmaEase
Page 5

responsible for verifying uploaded prescriptions, updating stock levels, providing

medical support to customers, and approving or rejecting orders.

 Technical Expertise: Pharmacists should have moderate to high technical

expertise, especially in using the app's prescription verification and inventory
management features. They may need training on how to interact with the system
efficiently.

 Security or Privilege Levels: Pharmacists have higher privileges than customers

but are restricted from accessing sensitive data such as financial or personal
details of customers beyond what is needed to process prescriptions. They cannot
manage user accounts or modify the core system configurations.

 Educational Level: Pharmacists are highly educated healthcare professionals with

a strong background in pharmaceutical science, so they should understand the
importance of prescription verification, dosage accuracy, and medication safety.

2.3.3. Admins:
 Frequency of Use: Frequent, as admins are responsible for managing the overall
operation of the platform, including user accounts, system settings, and order
management. Admins have access to all features in the system, including user
management (customers, pharmacists, and delivery personnel), order monitoring,
payment and transaction management, generating reports, and system
configurations.

 Technical Expertise: Admins should have high technical expertise, particularly in

managing and configuring system settings, security features, and operational tasks.
They may also be responsible for ensuring the app’s compliance with relevant legal
and regulatory standards.

 Security or Privilege Levels: Admins have full privileges to manage user

accounts, view transaction details, access system logs, and configure security
measures. They are authorized to manage any aspect of the platform and have the
ability to intervene in any issues that may arise.

 Educational Level: Admins may have varying educational backgrounds, but

typically they would have at least a basic understanding of business operations,
data security, and customer service.

2.3.4. Delivery team:

 Frequency of Use: Occasional to frequent, depending on the volume of deliveries
in a given period. Delivery personnel use the app to track their assigned deliveries,
Software Requirements Specification for PharmaEase
Page 6

confirm deliveries, and report any issues with deliveries (e.g., wrong address,
unavailable customer).

 Technical Expertise: Delivery personnel should have basic technical expertise,

particularly in using the app for navigation, confirming deliveries, and reporting
issues. They may also require training in using the app’s real-time tracking and
communication features.

 Security or Privilege Levels: Delivery personnel have limited access to the app.
They cannot access customer personal or financial information. They only have
access to the order details related to their assigned deliveries and must confirm
receipt or delivery of goods.

 Educational Level: Delivery personnel typically have a basic education level and
do not require specialized knowledge beyond the ability to navigate the app and
deliver medicines.

2.4 Operating Environment

 Mobile Platforms:
 Android (8.0+)
 iOS (12.0+)
 a minimum of 2GB RAM
 a minimum of 10GB of free storage.
 Web Browsers:
 Chrome
 Firefox
 Safari
 Internet Connectivity:
 3G/4G/5G
 Wi-Fi
 GPS Navigation:
 Devices must support GPS navigation and real-time updates
for delivery status tracking.
Software Requirements Specification for PharmaEase
Page 7

2.5 Design and Implementation Constraints

 Compliance with DRAP standards

 Compatibility with existing pharmacy systems
 Secure handling of sensitive user data
 Hardware Limitations: Devices must have at least 2GB of RAM and the app must
be optimized to minimize battery consumption during use, especially during real-
time functions like order tracking, GPS navigation, and delivery updates.

2.6 User Documentation

 Online Help: Integrated within the app as help button

 User Manuals: Available in digital and printable pdf formats

2.7 Assumptions and Dependencies

 Reliable internet access for users

 Cooperation from partnered pharmacies
 Availability of licensed pharmacists for prescription validation
 Availability of Reliable Third-Party Services (payment gateway and delivery tracking
APIs)

3. External Interface Requirements

3.1 User Interfaces

 Mobile App: User-friendly interface for browsing and ordering.

 Web Dashboard: Admin and pharmacy management tools.

 Login/Sign-Up Screen:
Fields for entering email, password, and options for logging in via social accounts
(Google, Facebook).
Software Requirements Specification for PharmaEase
Page 8

A clear "Forgot Password" link for password recovery.

 Dashboard Screen:
Quick access to key actions: Upload Prescription, Track Orders, Order History,
and Profile Settings.
A prominent Logout button.

 Prescription Upload Screen:

Easy-to-use form for uploading prescriptions with required fields like Prescription
Name, Doctor's Details, Medication List, and Dosage Instructions.
Camera Integration: Option to take a photo of the prescription.
Error message display if the prescription upload fails (e.g., "Invalid file format" or
"Prescription image unclear").

 Prescription Verification Screen:

Display prescription image(s) with an option to Accept or Reject.
Comment Section to add notes or communicate with the patient.
Buttons for Requesting More Information from the patient or Approve/Deny the
prescription.

 Order Placement Screen:

Summary of uploaded prescriptions with an option to choose medications.
A button to Add to Cart and proceed to payment.

 Payment Gateway Screen:

Credit/Debit Card and Mobile Wallet options for payment.
Security notifications explaining the encryption and privacy measures for payment
transactions.
Software Requirements Specification for PharmaEase
Page 9

Payment Confirmation message and Order ID displayed after successful

payment.
 Order Tracking Screen:
Real-time status update with a progress bar (e.g., "Prescription Verified", "Order
Dispatched", "On the Way").
A map view displaying delivery location in real-time (using Google Maps API).

 Feedback and Rating Screen:

Simple rating system (1 to 5 stars) and text box for written feedback.
Submit Feedback button to finalize feedback submission.

3.2 Hardware Interfaces

 Smartphones:
 Android devices: Versions 8.0 and above.
 iOS devices: Versions 11 and above.
 Tablets:
 Android devices: Versions 8.0 and above
 iOS devices: Versions 11 and above.

3.3 Software Interfaces

 Payment Gateways: EasyPaisa, JazzCash, Bank Accounts

 Mapping Services: Google Maps API
 Pharmacy Inventory Systems
 Prescription Verification API

3.4 Communications Interfaces

 HTTPS Protocol for secure data transmission

 Push notifications for order updates
Software Requirements Specification for PharmaEase
Page 10

 TLS/SSL encryption will secure all communications with third-party APIs.

4. System Features

4.1 User Account Management

4.1.1 Description and priority:

This feature allows users (customers and pharmacists) to create, view, update, and
manage their profiles. The system will support account creation, data validation, and
modification of personal information, including name, address, contact information, and
other relevant details. The feature also supports password recovery and profile verification
via email.
Priority: High

4.1.2 Stimulus/Response Sequences

 Stimulus 1: User opens the app and selects "Create Account" or "Sign In".
 Response 1: The system displays the login screen or registration form.
 Stimulus 2: User enters personal details (e.g., name, address, contact information)
and submits the form.
 Response 2: The system validates the entered data and displays a success
message or errors if validation fails.
 Stimulus 3: User clicks "Forgot Password" to recover their account.
 Response 3: The system prompts the user to enter the registered email and sends
a password reset link.

4.1.3. Functional Requirements:

 REQ-1: The system must allow users to create and manage a personal profile,
including essential fields such as name, address, contact number, and email.
 REQ-2: The system must validate the user’s email address and password for
account creation and login.
 REQ-3: The system must provide the option to recover a forgotten password via
email.
Software Requirements Specification for PharmaEase
Page 11

 REQ-4: The system must store user profile data securely with proper encryption
and access control.
 REQ-5: The system must allow users to update their contact details and address
information as needed.

4.2 Prescription Upload and Verification

4.2.1. Description and priority:

This feature enables customers to upload a prescription for medication orders.

Pharmacists will verify the uploaded prescription to ensure that the medicines
requested are correct and safe for the customer. The system will alert both the
customer and pharmacist about the verification status.
Priority: High

4.2.2. Stimulus/Response Sequences

 Stimulus 1: The customer uploads the prescription file via the app interface.
 Response 1: The system displays a confirmation message, indicating that the
prescription is under review.
 Stimulus 2: The pharmacist reviews the prescription and verifies its accuracy.
 Response 2: The system updates the status to "Verified" or "Rejected" and notifies
both the customer and pharmacist.

4.2.3. Functional Requirements:

 REQ-1: The system must allow customers to upload prescription files in common
formats (e.g., PDF, JPG).
 REQ-2: The system must alert pharmacists when a new prescription is uploaded
for verification.
 REQ-3: The system must notify the customer once the prescription has been
verified or rejected by the pharmacist.
 REQ-4: The system must store the prescription securely and ensure that access is
restricted to authorized personnel (pharmacists).
 REQ-5: If the prescription is rejected, the system should provide a reason for the
rejection.
Software Requirements Specification for PharmaEase
Page 12

4.3 Medicine Order and Stock Management

4.3.1. Description and Priority:

After prescription verification, customers can place orders for the medicines. The
system checks the stock availability in real-time and informs the customer if the
medicines are in stock or not. If the medicine is unavailable, the system offers
alternatives, if any.

Priority: High

4.3.2. Stimulus/Response Sequence:

 Stimulus 1: Customer selects the medicines from the verified prescription list and
places an order.
 Response 1: The system checks the stock and displays either availability or out-of-
stock status.
 Stimulus 2: If out of stock, the system suggests alternatives based on customer
preference.
 Response 2: The customer either accepts the alternative or cancels the order.

4.3.3. Functional Requirements:

 REQ-1: The system must check the stock availability for each medicine requested
in the order.
 REQ-2: The system must notify the customer if the medicine is out of stock.
 REQ-3: If the requested medicine is out of stock, the system must suggest
alternative medicines.
 REQ-4: The system must allow customers to confirm the order and proceed to
payment after selecting the correct medicines.

4.4 Real-Time Order Tracking

4.4.1. Description and Priority:

This feature manages the delivery of medicines to customers. Once the payment
information is confirmed, the system assigns the delivery to the logistics team, provides
tracking information, and ensures timely delivery. Customers will receive notifications
about the status of their delivery, including expected arrival time.
Priority: High

4.4.2. Stimulus/ Response Sequence:

Software Requirements Specification for PharmaEase
Page 13

 Stimulus 1: After payment details, the system triggers the delivery process.
 Response 1: The system assigns the order to the delivery team and provides
tracking details to the customer.
 Stimulus 2: The delivery team picks up the order from the pharmacy.
 Response 2: The system updates the status of the delivery and sends notifications
to the customer.
 Stimulus 3: The delivery team successfully completes the delivery.
 Response 3: The system updates the status to "Delivered" and sends a notification
to the customer with delivery confirmation.

4.4.3. Functional Requirements:

 REQ-1: The system must provide real-time tracking information to the customer
during the delivery process.
 REQ-2: The system must allow the delivery team to mark the delivery as completed
and update the system accordingly.
 REQ-3: The system must provide notifications and status updates to the customer
at key delivery milestones (e.g., dispatched, in transit, delivered).

4.5 Secure Payment Processing

4.5.1. Description and priority:

This feature allows customers to make payments for their medicine orders securely. The
system supports various payment methods, such as credit/debit cards, digital wallets, and
online banking. Payment transactions are processed securely, and the system provides
confirmation once the payment is successful.
Priority: High

4.5.2. Stimulus/Response Sequence:

 Stimulus 1: The customer selects the "Proceed to Payment" option after reviewing
the order.
 Response 1: The system displays available payment options (credit card, digital
wallet, etc.).
Software Requirements Specification for PharmaEase
Page 14

 Stimulus 2: The customer selects a payment method and enters payment details.
 Response 2: The system processes the payment and verifies the transaction.
 Stimulus 3: The payment is confirmed as successful.
 Response 3: The system updates the order status and provides the customer with
a receipt or confirmation.

4.5.3. Functional Requirements

 REQ-1: The system must support multiple payment methods (credit/debit cards,
digital wallets, online banking).
 REQ-2: The system must securely process payment transactions, ensuring
encryption and compliance with security standards.
 REQ-3: The system must validate the payment details entered by the customer.
 REQ-4: The system must notify the customer of successful or failed payment
transactions.
 REQ-5: Upon successful payment, the system must update the order status to
"Payment Confirmed" and trigger the delivery process.

4.6 Feedback and Support System

4.6.1. Description and priority

This feature allows customers to provide feedback and rate the service, including their
experience with the app, the prescription verification process, the quality of the delivered
medicines, and the overall service. Feedback helps improve the quality of the service, and
it is stored for review by the app administrators and pharmacists.

Priority: Medium

4.6.2. Stimulus /Response Sequences

 Stimulus 1: After the delivery is confirmed, the system prompts the customer to
leave feedback or rate the service.

 Response 1: The system displays a feedback form with options for rating and
providing comments.
Software Requirements Specification for PharmaEase
Page 15

 Stimulus 2: The customer submits their feedback and rating.

 Response 2: The system stores the feedback and confirms submission with a
thank-you message.

 Stimulus 3: Admin or pharmacists review the feedback.

 Response 3: The system allows authorized personnel to view customer feedback

and take necessary actions, if needed.

4.6.3. Functional Requirements

 REQ-1: The system must allow customers to rate their experience on a scale (e.g.,
1 to 5 stars).

 REQ-2: The system must allow customers to submit text feedback in addition to
rating.

 REQ-3: The system must store feedback securely and ensure that only authorized
users can access it.

 REQ-4: The system must send a thank-you message upon successful feedback
submission.

 REQ-5: The system must allow administrators to review customer feedback and
take appropriate actions, such as addressing complaints or rewarding positive
feedback.

5. Other Nonfunctional Requirements

5.1 Performance Requirements

5.1.1 User Profile Management

 REQ-1: The system must be able to load and display the user profile page within 3
seconds under normal network conditions (e.g., 3G or Wi-Fi).

 REQ-2: The system must be capable of handling up to 300 concurrent users

logging in or updating their profiles without performance degradation.

 RATIONALE: Fast access to the profile management page is critical for user
experience, especially when users are attempting to update their personal
Software Requirements Specification for PharmaEase
Page 16

information or reset their passwords. The system must be scalable to handle a

large number of concurrent users, ensuring smooth operations even during peak
times.

5.1.2 Prescription Upload and Verification

 REQ-1: Prescription upload and verification should be completed in under 10
seconds for typical image/PDF file sizes (up to 5 MB).

 REQ-2: The system should be able to handle the simultaneous upload of up to 300
prescriptions during peak usage times without experiencing significant delays or
failures.

 RATIONALE: Prescription upload and verification is a crucial step in the ordering

process, and any significant delays could frustrate users. Therefore, the system
should be optimized for speed while ensuring accuracy in the verification process.
Handling a high volume of prescriptions at peak times is important for maintaining
reliable service.

5.1.3 Medicine Order and Stock Management

 REQ-1: The system should check the availability of stock in less than 2 seconds
when a user places an order.

 REQ-2: The system must be capable of handling up to 300 stock queries

concurrently without performance degradation.

 RATIONALE: Fast and accurate stock verification is essential to ensure that

customers are aware of any issues with their order in real time. The system must
be highly responsive to ensure seamless transactions and user satisfaction.

5.1.4 Payment Processing

 REQ-1: The system should process a payment transaction and display a
confirmation within 5 seconds under normal conditions.

 REQ-2: The system should support up to 300 concurrent payment transactions

during peak hours without delays or failure.

 REQ-3: In case of a failed payment, the system should provide feedback to the
user within 10 seconds of the failed transaction.

 RATIONALE: Quick payment processing is critical for maintaining the flow of the
app and preventing cart abandonment. The system must handle a large number of
concurrent transactions, especially during sales or peak traffic, ensuring users can
complete their purchases smoothly.

5.1.5 Delivery Management

Software Requirements Specification for PharmaEase
Page 17

 REQ-1: The system must update delivery status and provide tracking information to
the user within 2 seconds after the delivery status changes (e.g., dispatched, in
transit, delivered).

 REQ-2: The system must handle up to 300 concurrent delivery updates without
delays or failures.

 REQ-3: The system should provide an estimated delivery time to the customer
within 5 seconds after the order is placed, based on real-time data.

 RATIONALE: Delivery status updates must be timely and accurate to keep

customers informed about their orders. Real-time tracking and updates ensure that
users are not left waiting for information and can plan accordingly.

5.1.6 Feedback and Review System

 REQ-1: The system must submit and store user feedback within 5 seconds of
submission.

 REQ-2: The system should be able to process and display up to 300 feedback
submissions concurrently without affecting response time.

 REQ-3: The system must aggregate feedback data and generate reports for
administrators in under 30 seconds for up to 300 feedback entries.

 RATIONALE: Fast submission and processing of feedback are essential for

maintaining an efficient review cycle. Administrators should be able to access
feedback data quickly to address any user concerns or to improve service quality.

5.2 Safety Requirements

5.2.1 Data Privacy and Security

 REQ-1: The system must ensure that all user personal data, including names,
addresses, and medical information, are stored securely and encrypted both in
transit and at rest, following the latest industry standards for data encryption

 REQ-2: The app must comply with privacy regulations such as the Regulation
Standards of Drug Regulatory Authority of Pakistan, ensuring that users'
health-related data is protected and only accessible by authorized personnel.

 REQ-3: All financial transactions must be processed through secure and compliant
payment gateways. Payment details must not be stored on the system but
transmitted securely to third-party payment processors.

 REQ-4: The app must implement strong user authentication methods, including
two-factor authentication (2FA) for both users and pharmacists, to prevent
unauthorized access to sensitive data.
Software Requirements Specification for PharmaEase
Page 18

 RATIONALE: Protecting personal health information and financial data is

important. The app must meet legal and regulatory standards to safeguard user
privacy and security and prevent unauthorized access or data breaches.

5.2.2 Medication Safety

 REQ-1: The app must ensure that the prescription uploaded by the customer is
verified by a licensed pharmacist before the order is processed to avoid incorrect or
harmful medication being dispensed.

 REQ-2: The app must include a feature for customers to contact a pharmacist or
healthcare professional for consultation before placing an order, especially for
sensitive medications.

 RATIONALE: Ensuring the safety of medications dispensed through the app is

crucial to avoid harm to users. Verifying prescriptions and alerting users to possible
medication issues can help prevent unsafe situations.

5.2.3 Emergency Response and Safety Notifications

 REQ-1: The app must provide emergency contact information or a helpline for
users in case of urgent issues related to their order (e.g., incorrect medication
delivered, allergic reaction).

 REQ-2: The app must include safety warnings or disclaimers for medications that
may cause severe side effects or allergic reactions, prompting the user to consult a
healthcare provider before purchase.

 REQ-3: The app must ensure that users receive a notification or alert in the event
that a recalled medicine is being delivered to them.

 RATIONALE: Prompt communication of safety issues and emergency contacts can

help mitigate harm in critical situations. Users need to have immediate access to
the proper channels if something goes wrong.

5.2.4 Regulatory Compliance and Certifications

 REQ-1: The app must meet the FDA (Food and Drug Administration) guidelines
for any software that may interact with prescription medications, especially for
prescription validation and medication ordering systems.

 REQ-2: The app must provide clear and accurate labeling and instructions for each
medication available for purchase, including dosage information, side effects, and
any necessary warnings.
Software Requirements Specification for PharmaEase
Page 19

 RATIONALE: Regulatory compliance ensures that the app adheres to legal and
safety standards required for pharmaceutical operations. Certification and
adherence to standards help protect both users and the organization from legal and
safety risks.

5.2.5 Actionable Safeguards

 REQ-1: The system must include a "cancel order" feature for the customer if an
issue with the medication or prescription is detected. This will allow users to stop
the order before it is processed and delivered.

 REQ-2: The system must automatically block any attempt to place an order for
medicines not supported by the app or in violation of legal or safety guidelines.

 RATIONALE: These safeguards prevent errors and unauthorized actions that could
cause harm, such as dispensing the wrong medication or allowing an unsafe
transaction.

5.3 Security Requirements

5.3.1 User Authentication and Identity Management

 REQ-1: The app must require two-factor authentication (2FA) for all users
(customers, pharmacists, and administrators) during the login process: a password
and either a one-time passcode (OTP) sent via SMS/email or a time-based one-
time password (TOTP) via an authenticator app.

 REQ-2: Users must be able to set and update their strong passwords, which must
include at least 8 characters and include a mix of uppercase letters, lowercase
letters, numbers, and special characters.

 REQ-3: The system must lock a user's account after 3 consecutive failed login
attempts and require a password reset to regain access.

 REQ-4: The app must provide an option for secure password recovery, including
email verification, security questions to reset the password.

 RATIONALE: Strong authentication mechanisms are essential to prevent

unauthorized access to user accounts and protect sensitive data. MFA and secure
password management ensure that only authorized individuals can access
personal or medical information.

5.3.2 Data Encryption and Storage

Software Requirements Specification for PharmaEase
Page 20

 REQ-1: All user data, including personal details, medical information, and payment
information, must be encrypted both during transmission and when stored in the
database.

 REQ-2: All communication between the app and the backend servers must be
encrypted using TLS 1.2 or higher to ensure data confidentiality during
transmission.

 REQ-3: The system must securely delete any user data that is no longer needed or
when the user requests the deletion of their account.

 RATIONALE: Encrypting sensitive data ensures that the data remains unreadable
to unauthorized parties, proper deletion practices ensure that no unnecessary data
is retained.

5.3.3 Data Backup and Recovery

 REQ-1: The system must be able to restore data from backups within 4 hours of
any system failure or data loss incident, ensuring minimal downtime.

 REQ-3: The system must maintain logs of all backup and recovery actions,
including timestamps and user access, to track the integrity and security of data
backups.

 RATIONALE: Regular backups are crucial to ensure that data can be recovered in
case of accidental loss or system failure. Secure storage and efficient recovery
procedures are important for maintaining service continuity and preventing data
loss.

5.3.4 Security and Privacy Certifications

 REQ-1: The system must undergo annual third-party security audits to verify its
compliance with security and privacy requirements.

 REQ-2: The app must comply with Secure Payment certification for secure
payment processing and handling of financial information.

 RATIONALE: Certification from recognized standards and security bodies provides

assurance to users and regulatory authorities that the app is taking necessary
steps to secure user data and comply with relevant privacy and security standards.
Software Requirements Specification for PharmaEase
Page 21

5.4 Software Quality Attributes

5.4.1 Usability
 Usability is essential for ensuring that both customers and pharmacists can
efficiently and confidently use the app. Ease of use should take precedence over
ease of learning, as quick, clear interactions will improve user satisfaction and
reduce friction.

5.4.2 Reliability
 Reliability is critical for ensuring that the app is available when needed, transactions
are completed correctly, and system failures are minimized. High availability and
rapid recovery times are essential to maintaining user trust and satisfaction.

5.4.3 Flexibility
.
 Flexibility is important for adapting to changes in the market, such as adding new
suppliers, payment methods, or expanding services, without disrupting the core
functionality of the app.

5.4.4. Portability
 Portability is essential for reaching the widest possible user base across multiple
platforms and devices, ensuring that the app can be easily deployed and used by
customers with different preferences.

5.4.5 Maintainability
 Maintainability is vital for ensuring that the app can be easily updated, expanded,
and debugged over time. A modular, well-documented codebase reduces the
complexity and cost of maintenance.

5.5 Business Rules

 Customers cannot access or modify pharmacist or admin-related data.

 Only licensed pharmacists can validate prescriptions.
 Admins cannot verify prescriptions or make decisions related to medical
recommendations or advice.
 Orders without a valid prescription cannot proceed.
Software Requirements Specification for PharmaEase
Page 22

 Delivery personnel cannot modify orders, cancel them, or access customer

payment information.
 Financial data, such as payment history and credit card details, is only accessible
to the customer and the payment gateway provider.
 Customers may be granted the ability to cancel or modify their orders within a
limited time frame (e.g., within 30 minutes of placing the order). After this period,
only the admin or pharmacist can make modifications.
 Customers must give explicit consent for the app to collect and store personal and
medical information.
 Any unauthorized access attempts must be flagged and investigated by the admin.
 All roles must adhere to local regulations regarding the handling of pharmaceutical
products, data privacy, and customer transactions. This includes compliance with
the DRAP.
 Any changes to the app’s privacy policy or terms of service must be communicated
to customers, and explicit consent must be obtained when necessary.

6. Other Requirements
To be determined.
Appendix A: Glossary

 DRAP: Drug Regulatory Authority of Pakistan

 HIPAA: Health Insurance Portability and Accountability Act
 SSL: Secure Sockets Layer
 API (Application Programming Interface)
 TLS (Transport Layer Security)
 SRS: Software Requirements Specification
 FDA: Food and Drug Administration
 GPS: Global Positioning System

Appendix B: Analysis Models

Diagrams and models will be added post-discussion.

Software Requirements Specification for PharmaEase
Page 23

Appendix C: To Be Determined List

1. Delivery Logistics:
Details regarding delivery logistics, such as partnerships with courier services,
delivery areas, real-time tracking features, and estimated delivery times need to be
finalized.
2. Notification System
The specific method of notifications (e.g., SMS, push notifications, email) for
updates such as order status, delivery tracking, or promotions.
3. Pricing Strategy
The exact pricing model for the service (e.g., subscription-based, per-order fee, or
free with delivery charges) and how it will vary based on regions, services, or
delivery speeds.