Electronic Records and Signatures: Compliance with Title 21 CFR Part 11 Requirements



Similar documents
Thermal Analysis. Subpart A General Provisions 11.1 Scope Implementation Definitions.

Implementation of 21CFR11 Features in Micromeritics Software Software ID

The Impact of 21 CFR Part 11 on Product Development

InfinityQS SPC Quality System & FDA s 21 CFR Part 11 Requirements

Self-Assessment of eresearch Compliance with 21 CFR Part 11, Electronic Record; Electronic Signatures

21 CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES CFR Part 11 Compliance PLA 2.1

21 CFR Part 11 Implementation Spectrum ES

Electronic records and electronic signatures in the regulated environment of the pharmaceutical and medical device industries

Implement best practices by using FileMaker Pro 7 as the backbone of your 21 CFR 11 compliant system.

Declaration of Conformity 21 CFR Part 11 SIMATIC WinCC flexible 2007

Compliance Matrix for 21 CFR Part 11: Electronic Records

DeltaV Capabilities for Electronic Records Management

rsdm and 21 CFR Part 11

POLICY ISSUES IN E-COMMERCE APPLICATIONS: ELECTRONIC RECORD AND SIGNATURE COMPLIANCE FDA 21 CFR 11 ALPHATRUST PRONTO ENTERPRISE PLATFORM

DeltaV Capabilities for Electronic Records Management

SolidWorks Enterprise PDM and FDA 21CFR Part 11

InfoCenter Suite and the FDA s 21 CFR part 11 Electronic Records; Electronic Signatures

21 CFR Part 11 White Paper

21 CFR Part 11 Compliance Using STATISTICA

FILEHOLD DOCUMENT MANAGEMENT SYSTEM 21 CFR PART 11 COMPLIANCE WHITE PAPER

Assessment of Vaisala Veriteq vlog Validation System Compliance to 21 CFR Part 11 Requirements

Compliance Response Edition 07/2009. SIMATIC WinCC V7.0 Compliance Response Electronic Records / Electronic Signatures. simatic wincc DOKUMENTATION

Full Compliance Contents

FDA Title 21 CFR Part 11:Electronic Records; Electronic Signatures; Final Rule (1997)

Guidance for Industry. 21 CFR Part 11; Electronic Records; Electronic Signatures. Electronic Copies of Electronic Records

FDA 21 CFR Part 11 Electronic records and signatures solutions for the Life Sciences Industry

Guidance for Industry COMPUTERIZED SYSTEMS USED IN CLINICAL TRIALS

Spectroscopy Configuration Manager (SCM) Software. 21 CFR Part 11 Compliance Booklet

Enabling SharePoint for 21 CFR Part 11 Compliance - Electronic Signature Use Case

AutoSave. Achieving Part 11 Compliance. A White Paper

Guidance for Industry

Guidance for Industry

Guidance for Industry. 21 CFR Part 11; Electronic. Records; Electronic Signatures. Time Stamps

Agilent MicroLab Software with Spectroscopy Configuration Manager and Spectroscopy Database Administrator (SCM/SDA)

21 CFR Part 11 Checklist

Guidance for Industry. 21 CFR Part 11; Electronic Records; Electronic Signatures. Maintenance of Electronic Records

Guidance for Industry Computerized Systems Used in Clinical Investigations

Manual 074 Electronic Records and Electronic Signatures 1. Purpose

Eclipsys Sunrise Clinical Manager Enterprise Electronic Medical Record (SCM) and Title 21 Code of Federal Regulations Part 11 (21CFR11)

For technical assistance, please contact: Thermo Nicolet Corporation 5225 Verona Road Madison WI

A ChemoMetec A/S White Paper September 2013

epblue GxP oftware manual Software version

Software Manual Part IV: FDA 21 CFR part 11. Version 2.20

Guidance for Industry Part 11, Electronic Records; Electronic Signatures Scope and Application

21 CFR Part 11 Electronic Records & Signatures

Intland s Medical Template

Student Registration Instructions

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Empower TM 2 Software

TERMS & CONDITIONS of SERVICE for MSKnote. Refers to MSKnote Limited. Refers to you or your organisation

Implementing CitectSCADA to meet the requirements of FDA 21 CFR Part 11

STATUTORY INSTRUMENTS 2012 No. _

Information Circular

ScreenMaster RVG200 Paperless recorder FDA-approved record keeping. Measurement made easy

Tools to Aid in 21 CFR Part 11 Compliance with EZChrom Elite Chromatography Data System. White Paper. By Frank Tontala

Using the Thermo Scientific Dionex Chromeleon 7 Chromatography Data System (CDS) to Comply with 21 CFR Part 11. Compliance Guide

Compliance Response SIMATIC SIMATIC PCS 7 V8.1. Electronic Records / Electronic Signatures (ERES) Edition 03/2015. Answers for industry.

Appendix to Resolution No. 646/2011 of the Warsaw Stock Exchange Management Board dated 20 May 2011 (as amended)

Oracle WebCenter Content

21 CFR Part 11 Deployment Guide for Wonderware System Platform 3.1, InTouch 10.1 and Historian 9.0

Signature Requirements for the etmf

Compliance in the BioPharma Industry. White Paper v1.0

Commercial Online Banking

Using Chromeleon Chromatography Management Software to Comply with 21 CFR Part 11

Application for registration Building contractor (company)

Implementing Title 21 CFR Part 11 (Electronic Records ; Electronic Signatures) in Manufacturing Presented by: Steve Malyszko, P.E.

Guidance for Industry

The biggest challenges of Life Sciences companies today. Comply or Perish: Maintaining 21 CFR Part 11 Compliance

Alfresco CoSign. A White Paper from Zaizi Limited. March 2013

Access Control Policy

USER AGREEMENT FOR: ELECTRONIC DEALINGS THROUGH THE CUSTOMS CONNECT FACILITY

OpenText Regulated Documents for the Life Sciences Industry:

Sponsor Site Questionnaire FAQs Regarding Maestro Care

CoSign for 21CFR Part 11 Compliance

Achieving PCI COMPLIANCE with the 2020 Audit & Control Suite.

How To Control A Record System

Using Electronic Signatures

Computerized Systems Used in Medical Device Clinical Investigations

LAW FOR THE ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE. Chapter two. ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE

Nova Southeastern University Standard Operating Procedure for GCP. Title: Electronic Source Documents for Clinical Research Study Version # 1

Electronic Document and Record Compliance for the Life Sciences

Signature Authentication

Royal Holloway, University of London Online Purchasing Card Manual

Renewal Project Application

Bahamas Tax Information Exchange Portal Documentation

21 CFR Part 11 LIMS Requirements Electronic signatures and records

Request for Proposals (RFP) Communications Services RFP #CS-PY 15-I September 17, 2015

Progress zenon projects to FDA 21 CFR Part 11 compliance

IT ACCESS CONTROL POLICY

Service Agreement. UltraBranch Business Edition. alaskausa.org AKUSA R 05/15

Land Registry Paying for Land Registry services by variable direct debit. Version 12, January Land Registry Variable Direct Debit Scheme

Electronic business conditions of use

Transcription:

Electronic Records and Signatures: Compliance with Title 21 CFR Part 11 Requirements Version 4.5. June 2015

Contents 1 Introduction... 3 2 Definitions (21 CFR Part 11: para 11.3)... 3 3 Administrative and Procedural Controls... 4 4 Access Control to the Web Database... 5 5 Electronic records... 5 5.1 File integrity... 5 5.2 Electronic copies... 6 6 Electronic signatures... 6 7 Audit Trail... 6

1 Introduction Title 21 CFR Part 11 of the US Code of Federal Regulations became effective on 20 August 1997 and defines criteria under which the FDA accept electronic records and electronic signatures as trustworthy, reliable and equivalent to paper records and handwritten signatures executed on paper. Electronic records and signatures that comply with this Regulation can replace paper records for FDA submission FDA inspection Archiving purposes To ensure that a supplier s electronic records stored on BOMcheck comply with Title 21 CFR Part 11 requirements, there need to be two types of controls in place: Administrative and procedural controls which must be implemented and maintained by the supplier. These administrative and procedural controls are contained in the BOMcheck Member Rules for Suppliers. Failure to comply with these Member Rules can result in termination of the Membership by BOMcheck. Technical controls which are provided by the BOMcheck database. This document explains these two types of control in detail, and how compliance with the Supplier Member Rules will ensure that a Supplier s electronic records comply with Title 21 CFR Part 11 requirements, and are equivalent to paper records and handwritten signatures executed on paper. 2 Definitions (21 CFR Part 11: para 11.3) Electronic records means any combination of text, graphics, data, audio, pictorial, or other information representation in digital form that is created, modified, maintained, archived, retrieved or distributed by a computer system. Electronic signature means a computer data compilation of any symbol or series of symbols executed, adopted, or authorized by an individual to be the legally binding equivalent of the individual s handwritten signature. Closed system means an environment in which system access is controlled by persons who are responsible for the content of electronic records that are on the system. The BOMcheck web database has been designed to work as a closed system. Its key technical controls and features are Access Control to the web database (login and password) Electronic Records (file integrity) Audit Trail (change and system history) Electronic Signatures (status of electronic records) Providing the Supplier complies with the BOMcheck Supplier Member Rules, these technical features ensure that the Supplier s electronic records will comply with Title 21 CFR Part 11 requirements, and are equivalent to paper records and handwritten signatures executed on paper. 3

3 Administrative and Procedural Controls The following Administrative and Procedural controls are contained in the BOMcheck Supplier Member Rules. The Member will appoint an Authorised Individual who will have the authority to access the Database and upload Data on behalf of the Member. This appointment will be confirmed on the Member s application form. The Authorised Individual will complete an on-line application form on www.bomcheck.net for Membership of the Database. The application form requires the Authorised Individual to confirm that the Member has read, understood and agrees to abide by all of these Member Rules. A copy of these Member Rules is posted on www.bomcheck.net. The application form requires the Authorised Individual to confirm that pursuant to Section 11.100 of Title 21 of the Code of Federal Regulations the Member intends that all electronic signatures provided by the Authorised Individual are the legally binding equivalent of traditional handwritten signatures. When the Authorised Individual completes an application to join the Database a document containing the Member s application details is generated in pdf format. The Authorised Individual will sign a paper copy of this pdf document and return it by fax or e-mail to BOMcheck within 14 days. BOMcheck reserves the right to suspend or terminate a Membership if the Member s signed application document is not received at BOMcheck s offices within 14 days of the first occasion when the Member pays the annual subscription fee by credit card on www.bomcheck.net Pursuant to Section 11.100 of Title 21 of the Code of Federal Regulations, the Member will authorize BOMcheck to certify the Member s electronic signature arrangements with the US FDA by submitting a paper copy of application form document, signed by the Authorised Individual, to the US FDA, Office of Regional Operations (HFC-100), 5600 Fishers Lane, Rockville, MD 20857. All applicants for Membership will include a valid D-U-N-S number on their application form. A D-U-N-S number is a unique nine-digit identification number which provides unique identifiers of single business entities, while linking corporate family structures together. The D- U-N-S number system is administered by Dun & Bradstreet and is available at www.dnb.com. BOMcheck will check the identity of the Member by verifying the Member s D-U-N-S number against the company name and address details. BOMcheck reserves the right to suspend or terminate a Membership if BOMcheck finds, or has reasonable cause to suspect, that any details on the Members application document are inaccurate or incomplete. The Authorised Individual will have a unique company e-mail address. BOMcheck will validate the e-mail address of the Authorised Individual and will establish an electronic signature for the Authorised Individual. This electronic signature will be attached to all Data that the Authorised Individual will upload to the Database on behalf of the Member. BOMcheck will provide the Authorised Individual with a login (which will be the Authorised Individual s business e-mail address) and password to enable the Authorised Individual to access the Database and upload the Member s Data to the Database. The Authorised Individual will change their password at the end of each quarter. The Member undertakes to take all necessary steps to ensure that the Authorised Individual does not divulge their password to any other person or allow any other person access to the Database. If the Member becomes aware or suspects that the Authorised Individual s password has been disclosed to any other person, or unauthorised access has taken place, the Member will report this immediately to BOMcheck so that the password can be changed and/or another Member employee appointed as the Authorised Individual. 4

The Member accepts and acknowledges that any failure by the Member to comply with the above Member Rule will result in suspension of the Members access to the Database by BOMcheck and the Member will not regain access to the Database, unless it has been authorised to do so by BOMcheck. The Member undertakes to ensure that the Authorised Individual will change their password at the end of each quarter. The Member will maintain the appointment of an individual Member employee as the Authorised Individual at all times. The Member will inform BOMcheck immediately if there is a need to appoint another employee as the Authorised Individual for any reason. 4 Access Control to the Web Database The primary role of access control is to limit system access only to the Authorized Individual at the supplier company. Supplier data can only uploaded to the BOMcheck web database if the Authorised Individual s login is successful. Identification restrictions for Authorized Individuals include: Every Authorized Individual s has a unique login (the person s e-mail address) and specific password. No two Authorized Individuals can have the same login. Generic e-mail addresses such as info@supplier.com are not accepted. Old accounts can be disabled but not deleted An Authorized Individuals login can not be deleted or renamed, even if no other records refer to this login. In this way, the BOMcheck web database ensures that the entries in the audit trail can be uniquely assigned to an Authorized Individual. The BOMcheck web database defines: The minimum password length of 8 characters in length Password must include at least one special character (such as! # $) for enhanced security Maximum number of login attempts. Accounts will be locked after 5 failed login attempts. Inactivity lock. Login sessions will expire after 30 minutes inactivity. Supplier users must reenter their login and password to regain access. 5 Electronic records 5.1 File integrity Title 21 CFR Part 11 requires that electronic records must be protected against intentional or accidental modification or deletion. The BOMcheck database meets this requirement by storing all electronic records in a relational database which sits behind the password-protected login. This means that only the supplier s Authorized Individual can upload data to the BOMcheck web database. 5

5.2 Electronic copies Copies in non-editable pdf file format and in XML and CSV file format can be generated of all electronic records that can be signed. Electronic copies for inspection by internal or external auditors (e.g. RoHS regulators, FDA) are generated in non-editable.pdf file format. 6 Electronic signatures When a supplier s Authorized Individual decides to approve (or cancel or withdraw) a substance declaration, the Authorized Individual is required to enter their password to attach their electronic signature to the electronic record. The electronic signature is linked to the electronic record that the Authorized Individual signs and cannot be removed, copied or transferred. The process of signing generates: Printed name of the signer Date and time of the execution The electronic signature is visible in the electronic display as well as in all CSV file format and.pdf file formats of the electronic record. 7 Audit Trail The BOMcheck database generates a secure, time-stamped audit trail which independently records the date and time of the Authorized Individual s entries and their actions that create, modify, or delete electronic records. Record changes do not obscure previously recorded information. The audit trail is stored indefinitely on BOMcheck and will not be deleted under any circumstances. 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information