
Article 1 
The system to record and store data on operations referred to in point (d) of Article 32(2) of Regulation (EU) No 223/2014 shall comply with the technical specifications set out in Articles 2 to 5.
Article 2 

1. Access to the system shall be based on predefined rights for different types of users and shall be suppressed where it is no longer needed.
2. The system shall keep the logs of any recording, modification and deletion of documents and data.
3. The system shall not allow modification of the content of documents bearing an electronic signature. A time stamp certifying the deposit of the document bearing an electronic signature, shall be generated and associated with the document and shall not be alterable. Deletion of such documents shall be logged in accordance with paragraph 2.
4. The data shall be subject to regular back-ups. The back-up with replica of the entire content of the electronic file repository shall be ready for use in case of emergency.
5. The electronic storage facility shall be protected against any danger of loss or alteration of its integrity. Such protection shall include physical protection against inappropriate temperature and levels of humidity, fire and theft detection systems, adequate protection systems against virus attacks, hackers and any other non-authorised access.
6. The system shall provide for the migration of data, format and computer environment at intervals sufficient to guarantee legibility and accessibility of documents and data until the end of the relevant period referred to in Article 51(1) of Regulation (EU) No 223/2014.
Article 3 
The system shall include:

((a)) appropriate search tools enabling easy retrieval of documents, data and their metadata;
((b)) a reporting function enabling the generation of reports on the basis of predefined criteria, in particular for the data set out in Commission Delegated Regulation (EU) No 532/2014;
((c)) a possibility of saving, exporting or printing reports referred to in point (b), or a link to an external application providing for such possibility.
Article 4 
The managing authority shall provide detailed and updated functional and technical documentation on the operation and characteristics of the system, accessible on request by relevant entities responsible for the management of the programme, by the Commission and the European Court of Auditors.
The documentation referred to in the first paragraph shall provide evidence of the implementation of Regulation (EU) No 223/2014 in the Member State concerned.
Article 5 
The system used shall be protected by adequate security measures concerning document classification, protection of information systems and personal data protection. These measures shall comply with international standards and national legal requirements.
The security measures referred to in the first paragraph shall protect networks and transmission facilities where the system used interacts with other modules and systems.
Article 6 
This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.
This Regulation shall be binding in its entirety and directly applicable in all Member States.Done at Brussels, 11 February 2015.
For the Commission
The President
Jean-Claude JUNCKER