Depending on server, application and browser configuration, a users session might expire while they are entering content in a form. When this happens and the user submits the form, they are given an access denied message and their form entry is lost. To prevent this from happening, you can add the below control to your module's ascx or aspx.
<portal:SessionKeepAliveControl id="ka1" runat="server" />
This control will create a hidden iframe on the page which calls ~/Services/SessionKeepAlive.aspx, which refreshes regularly to keep the user's session alive.