Implement best practices by using FileMaker Pro 7 as the backbone of your 21 CFR 11 compliant system.



Similar documents
Implementation of 21CFR11 Features in Micromeritics Software Software ID

Self-Assessment of eresearch Compliance with 21 CFR Part 11, Electronic Record; Electronic Signatures

21 CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES CFR Part 11 Compliance PLA 2.1

InfinityQS SPC Quality System & FDA s 21 CFR Part 11 Requirements

Electronic records and electronic signatures in the regulated environment of the pharmaceutical and medical device industries

The Impact of 21 CFR Part 11 on Product Development

FILEHOLD DOCUMENT MANAGEMENT SYSTEM 21 CFR PART 11 COMPLIANCE WHITE PAPER

21 CFR Part 11 Implementation Spectrum ES

rsdm and 21 CFR Part 11

POLICY ISSUES IN E-COMMERCE APPLICATIONS: ELECTRONIC RECORD AND SIGNATURE COMPLIANCE FDA 21 CFR 11 ALPHATRUST PRONTO ENTERPRISE PLATFORM

DeltaV Capabilities for Electronic Records Management

Compliance Matrix for 21 CFR Part 11: Electronic Records

A ChemoMetec A/S White Paper September 2013

DeltaV Capabilities for Electronic Records Management

SolidWorks Enterprise PDM and FDA 21CFR Part 11

Oracle WebCenter Content

InfoCenter Suite and the FDA s 21 CFR part 11 Electronic Records; Electronic Signatures

Tools to Aid in 21 CFR Part 11 Compliance with EZChrom Elite Chromatography Data System. White Paper. By Frank Tontala

Full Compliance Contents

FDA Title 21 CFR Part 11:Electronic Records; Electronic Signatures; Final Rule (1997)

How To Control A Record System

Assessment of Vaisala Veriteq vlog Validation System Compliance to 21 CFR Part 11 Requirements

FDA 21 CFR Part 11 Electronic records and signatures solutions for the Life Sciences Industry

Enabling SharePoint for 21 CFR Part 11 Compliance - Electronic Signature Use Case

Agilent MicroLab Software with Spectroscopy Configuration Manager and Spectroscopy Database Administrator (SCM/SDA)

AutoSave. Achieving Part 11 Compliance. A White Paper

21 CFR Part 11 Compliance Using STATISTICA

ScreenMaster RVG200 Paperless recorder FDA-approved record keeping. Measurement made easy

21 CFR Part 11 White Paper

Intland s Medical Template

Implementing CitectSCADA to meet the requirements of FDA 21 CFR Part 11

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Compliance Response Edition 07/2009. SIMATIC WinCC V7.0 Compliance Response Electronic Records / Electronic Signatures. simatic wincc DOKUMENTATION

For technical assistance, please contact: Thermo Nicolet Corporation 5225 Verona Road Madison WI

Compliance in the BioPharma Industry. White Paper v1.0

21 CFR Part 11 Deployment Guide for Wonderware System Platform 3.1, InTouch 10.1 and Historian 9.0

21 CFR Part 11 Checklist

Software Manual Part IV: FDA 21 CFR part 11. Version 2.20

Declaration of Conformity 21 CFR Part 11 SIMATIC WinCC flexible 2007

Empower TM 2 Software

Using the Thermo Scientific Dionex Chromeleon 7 Chromatography Data System (CDS) to Comply with 21 CFR Part 11. Compliance Guide

Electronic Document and Record Compliance for the Life Sciences

Implementing Title 21 CFR Part 11 (Electronic Records ; Electronic Signatures) in Manufacturing Presented by: Steve Malyszko, P.E.

Using Chromeleon Chromatography Management Software to Comply with 21 CFR Part 11

21 CFR Part 11 Electronic Records & Signatures

TIBCO Spotfire and S+ Product Family

Nova Southeastern University Standard Operating Procedure for GCP. Title: Electronic Source Documents for Clinical Research Study Version # 1

Guidance for Industry. 21 CFR Part 11; Electronic. Records; Electronic Signatures. Time Stamps

Data Management PACT Workshop: Design & Operation of GMP Cell Therapy Facilities April 10 th -11 th, 2007

Spectroscopy Configuration Manager (SCM) Software. 21 CFR Part 11 Compliance Booklet

Thermal Analysis. Subpart A General Provisions 11.1 Scope Implementation Definitions.

Compliance Response SIMATIC SIMATIC PCS 7 V8.1. Electronic Records / Electronic Signatures (ERES) Edition 03/2015. Answers for industry.

Guidance for Industry. 21 CFR Part 11; Electronic Records; Electronic Signatures. Electronic Copies of Electronic Records

Achieving 21 CFR Part 11 Compliance with Appian

Electronic Records and Signatures: Compliance with Title 21 CFR Part 11 Requirements

Guidance for Industry. 21 CFR Part 11; Electronic Records; Electronic Signatures. Maintenance of Electronic Records

Considerations for validating SDS Software v2.x Enterprise Edition for the 7900HT Fast Real-Time PCR System per the GAMP 5 guide

LabChip GX/GXII with LabChip GxP Software

Waters Empower Software Seamlessly Manages Regulated Data to Aid in 21 CFR Part 11 Compliance

Waters Empower 2 Software Seamlessly Manages Regulated Data to Aid in 21 CFR Part 11 Compliance

Manual 074 Electronic Records and Electronic Signatures 1. Purpose

Guidance for Industry COMPUTERIZED SYSTEMS USED IN CLINICAL TRIALS

Complying with 45 CFR 164 HIPAA Security Standards; Final Rule

Life sciences solutions compliant with FDA 21 CFR Part 11

U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP Records Management

Guidance for Industry

Good Electronic Records Management (GERM) Using IBM Rational ClearCase and IBM Rational ClearQuest

Sympatec GmbH System-Partikel-Technik WINDOX 4. Electronic Records/ Electronic Signatures Compliance Assessment Worksheet for 21 CFR Part 11

Alfresco CoSign. A White Paper from Zaizi Limited. March 2013

Supplement to the Guidance for Electronic Data Capture in Clinical Trials

Guidance for Industry

CoSign for 21CFR Part 11 Compliance

WHITE PAPER. Support for the HIPAA Security Rule RadWhere 3.0

SIMATIC SIMATIC PCS 7 V8.0. Electronic Records / Electronic Signatures. Compliance Response. Answers for industry.

White Paper. Support for the HIPAA Security Rule PowerScribe 360

Eclipsys Sunrise Clinical Manager Enterprise Electronic Medical Record (SCM) and Title 21 Code of Federal Regulations Part 11 (21CFR11)

REGULATIONS COMPLIANCE ASSESSMENT

Guidance for Industry Computerized Systems Used in Clinical Investigations

21 CFR Part 11 LIMS Requirements Electronic signatures and records

THE ROLE OF WATERS NUGENESIS SDMS IN 21 CFR PART 11 COMPLIANCE

Support for the HIPAA Security Rule

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES

Computerized Systems Used in Medical Device Clinical Investigations

Shiny Server Pro: Regulatory Compliance and Validation Issues

Guidance for electronic trial data capturing of clinical trials

Xcalibur. Foundation. Administrator Guide. Software Version 3.0

ILLINOIS GAMING BOARD MINIMUM INTERNAL CONTROL STANDARDS SECTION A - GENERAL AND ADMINISTRATIVE TABLE OF CONTENTS

Guidance for Industry Part 11, Electronic Records; Electronic Signatures Scope and Application

Issues in Information Security and Verifiability for Biomedical Technology Companies

Minnesota State Colleges and Universities System Procedures Chapter 5 Administration Procedures associated with Board Policy 5.22

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

The biggest challenges of Life Sciences companies today. Comply or Perish: Maintaining 21 CFR Part 11 Compliance

Electronic Signature Assurance & the Digital Chain-of-Evidence

Software. For the 21 CFR Part 11 Environment. The Science and Technology of Small Particles

Hospital Certified Electronic Health Record (EHR) Technology Questionnaire

Neutralus Certification Practices Statement

Adobe PDF for electronic records

Excel Spreadsheets and FDA Device Regulations

OpenText Regulated Documents for the Life Sciences Industry:

Electronic Signature, Attestation, and Authorship

Transcription:

21 CRF 11 Electronic Records and Signatures Implement best practices by using FileMaker Pro 7 as the backbone of your 21 CFR 11 compliant system. By Todd Duell What does Title 21 of the Code of Federal Regulations Part 11 (21 CFR11) mean for your company s Laboratory Information Management System (LIMS)? Part 11 is broken down into two main sections: electronic records and electronic signatures. The requirements of these sections clearly dictate the criteria under which the execution of electronic records and signatures are considered equivalent to paper records and handwritten signatures. This white paper explains in detail how Formulations Pro creates software with FileMaker Pro 7 to comply with these standards. 11.2 Subpart A Implementation As long as the records are maintained, but not submitted to the FDA, your company may use electronic records and signatures in lieu of paper records and handwritten signatures. All Formulations Pro systems are specifically designed to comply with this standard. The system maintains the current and historical records and signatures in electronic form. The system may also be used in a paper driven environment in the event that the FDA needs to conduct an audit or review of the documents and system. 11.3 Subpart A Definitions BIOMETRICS A method of verifying an individual s identity based on measurement of the individual s feature(s) or repeatable action(s) where those features and/or actions are both unique to that individual and measurable. The two key issues to note are feature(s) and repeatable action(s). Features of an individual could be identified by the use of devices such as retinal scans, voice recognition, or finger print identification. Repeatable actions are the entry of items such as an account name and password combination. FileMaker Pro 7 has the ability to authenticate users either internally or with the use of Active or Open Directory (Figure 1). Third-party resources are available if your system requires biometric identification. Todd Duell is the Vice President & CIO of Formulations Pro, Inc and has been creating powerful commercial and custom solutions using FileMaker Pro since 1989. He holds an MBA in Technology Management, is a Certified FileMaker Pro 7 Developer, and has been an Associate member of the FileMaker Solutions Alliance since 1998. Todd may be reached at tduell@formulationspro.com 2004 Formulations Pro, Inc. All rights reserved. www.formulationspro.com

the identity of the signer and the integrity of the data can be verified. FileMaker Pro 7 s internal account authentication uses a stateof-the-art Triple-DES cipher and HMAC-SHA1 algorithm to encrypt the user password not only when logging into the system, but also when storing the user s password in the Accounts. By using the Get(AccountName) function in scripts or using the built-in Creation Account Name or Modification Account Name to log the user activity FileMaker Pro 7 is more than capable of identifying and tracking the user s identity (Figure 2). Figure 1 Authentication Users are authenticated by FileMaker Pro or Active or Open Directory. CLOSED SYSTEM An environment in which system access is controlled by persons who are responsible for the content of electronic records that are on the system. All Formulations Pro systems utilize a system administration group that is responsible for adding, deleting, enabling, and deactivating user accounts. The privilege sets that are assigned to each user control which records the users can view, edit, create, and delete. DIGITAL SIGNATURE An electronic signature based upon cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that Figure 2 User Identity Users can be identified through logs and scripts with their account name Page 2

ELECTRONIC RECORD Any combination of text, graphics, data, audio, pictorial, or other information representation in digital form that is created, modified, maintained, archived, retrieved, or distributed by a computer system. All Formulations Pro systems utilize the superior power and capabilities of FileMaker Pro 7 software to drive its electronic LIMS capabilities. This enables the system to create and maintain up to 64 quadrillion (8 TB) current and historical electronic records per file as well as deliver access for up to 250 concurrent users per server using standard network protocols such as TCP/IP. The power of a Formulations Pro system lies in its ability to harness mission critical data through its full electronic search, reporting, and communication capabilities. 11.10 Subpart B Electronic Records, Controls for Closed Systems Closed systems used to create, modify, maintain, or transmit electronic records shall employ procedures and controls designed to ensure the authenticity, integrity, and when appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily repudiate the signed record as not genuine. To meet this criteria, all Formulations Pro systems address 10 criteria to control the access and integrity of your records: VALIDATION The system must ensure accuracy, reliability, consistency with its intended performance, and ability to discern invalid or altered records. All Formulations Pro systems undergo an extensive 100-step validation, market readiness review, and Beta test process to ensure that the system works as intended. Customers that request customization of their system will go through this process again before it is installed for use. This is our commitment to the highest levels of quality. All records are stamped with the time, date, and user name information to track modifications. COPY GENERATION The ability to generate accurate and complete copies of records in both human readable and electronic form suitable for inspection by the FDA. All Formulations Pro systems are specifically designed to comply with this requirement. The system maintains the current and historical records and signatures in electronic form. The system may also be used in a paper driven environment. PROTECTION OF RECORDS Protection of records to enable their accurate and ready retrieval throughout the record s retention period. Formulations Pro systems do not allow for modification or deletion of locked historical records. This ensures that the authenticity and integrity of the data. Page 3

LIMITING SYSTEM ACCESS Limiting system access to authorized individuals. FileMaker Pro 7 has built-in account authentication and privileges that control access to the files based on a user name and encrypted password (Figure 1). All Formulations Pro systems implement best practices with account administration scripts that allow controlled access to add, delete, reset, change passwords, enable and disable accounts, reset, and re-login to the system. AUDIT TRAIL Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information. All Formulations Pro systems utilize a robust audit trail log file to log changes made to the data. Logged changes include a timestamp, the account name, the original data and what was changed, record identification number, and field or layout identification. SYSTEM CHECKS Use of operational system checks to enforce permitted sequencing of steps and events, as appropriate. All Formulations Pro systems are programmed to maximize user workflow and productivity with an industry leading design that minimizes data entry mistakes. Software built by Formulations Pro also performs many checks that authorize individuals to perform specific tasks (Figure 3). This is the Figure 3 Scripts Are used to automate workflow and authorize users to perform specific tasks. true power behind the software that is virtually invisible to the user. AUTHORITY CHECKS Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or I/O device, alter a record, or perform the operation by hand. All Formulations Pro systems use the code in conjunction with the user account built into FileMaker Pro 7 to control access to records and password controlled functions. Privilege Sets are designed as functional work groups that have specific access to their designated modules (Figure 4). Page 4

initiated under their electronic signatures, in order to deter record and signature falsification. All Formulations Pro systems are created with this issue in mind. Strict adherence to system rules drives the system s capabilities. The code and privilege sets installed in the system control access to every record and module. Recommended workflow procedures are outlined in the training materials supplied with the system. Figure 4 Privilege Sets Used to control access to specific records, layouts, value lists, scripts and connectivity methods. EDUCATION AND TRAINING Determination that persons who develop, maintain, or use electronic records and signature systems have the education and training and experience to perform their assigned task. All systems built by Formulations Pro contain comprehensive training materials. Materials include server best practices, getting started users manuals, and a unique sand box runtime environment that allows the users to train on a practice system before working with live data. WRITTEN POLICIES The establishment of written policies that hold individuals accountable and responsible for actions APPROPRIATE CONTROLS Use of appropriate controls over system documentation including: distribution, access, use, and revision and change control procedures that maintain an audit trail that documents time-sequenced development and modification of system documentation. All Formulations Pro systems have built in version control documentation. Formulations Pro follows the software development guidelines set forth by the PDA, the recognized leader in standards development for ISO 9000 and cgmpbased software development. Formulations Pro has also developed a set of supplementary software development best practices and the Database Design Report (DDR) that are specific to building software with FileMaker Pro 7. 11.50 Subpart B Electronic Records, Signature Manifestations Signature manifestations are signed electronic records that contain information associated with the signing that clearly indicates the printed name of the signer, the date Page 5

and time when the signature was executed, and the meaning of the signature. All Formulations Pro electronic signatures use the built in FileMaker Pro 7 account name and timestamp function to document the signature. In some cases the user can choose the meaning of their signature from a pop up menu (i.e. current, proposed, retired, pass, fail, etc.). In other cases the user can choose the meaning from a dialog box. 11.70 Subpart B Electronic Records, Signature/Record Linking Electronic signatures executed to electronic records shall be linked to their respective electronic records to ensure that the signatures cannot be excised, copied, or otherwise transferred to falsify an electronic record by ordinary means. All Formulations Pro systems are specifically designed to limit access to the electronic signatures and timestamp by scripting means or in Find mode (Figure 5). This prevents users from falsifying, modifying, copying, or removing signatures from any record. The creation of electronic signatures can only be performed with a script, which stores permanent signature and timestamp data for each record. 11.100 Subpart C Electronic Records, General Requirements Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, Figure 5 Protected Signatures Signatures cannot be copied or removed. They can only be accessed in Find mode. anyone else. Systems that use electronic signatures after August 20, 1997 are required to be certified to the FDA as legally binding equivalents of traditional handwritten signatures. Certification shall be sent to the Office of Regional Operations (HFC-100), 5600 Fishers Lane, Rockville, MD 20857. FileMaker Pro 7 s internal account authentication will only allow the creation of unique account names. If your company does in fact use electronic signatures as legally binding equivalents of a traditional signature, the appropriate certification letter should be sent to the Office of Regional Operations. 11.200 Subpart C Electronic Records, Electronic Signature Components and Controls Electronic signatures that are not based upon biometrics must meet three criteria. (1) Employ at least two distinct identification components, such as an identification code and password. (2) Be used only by their genuine users. (3) Page 6

Be administered and executed to ensure that attempted use of an individual s electronic signature by anyone other than its genuine owner requires collaboration of two or more individuals. All Formulations Pro systems utilize both a user name and password to uniquely identify an individual s use of electronic signatures. Since there is no way to absolutely prevent unauthorized use of passwords, the user s account name is used to stamp the creation and modification of records. In this way, the administrators can monitor individuals that are falsifying electronic signatures. Formulations Pro highly recommends that companies create policies that strictly prohibit the electronic signing of documents by anyone other that the genuine signer (this includes management). 11.300 Subpart C Electronic Records, Controls for Identification Codes/passwords Persons who use electronic signatures based upon the use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. The controls include: (1) unique codes and passwords, (2) periodic checking or revision of passwords, (3) loss management procedures, and (4) transaction safeguards to prevent unauthorized use. All Formulations Pro systems utilizes a best practices implementation of system administration. Only the system administrator has access to add, delete, reset, activate, and deactivate accounts. All users can change their own passwords and re-login to the system. FileMaker Pro is also configured to require the users to change their password Figure 6 Password Controls Accounts are required to change the password when first logging in as well as on a routine schedule. upon first logging in (Figure 6) as well as on a routine time schedule such as every 30 days. 2004 Formulations Pro, Inc. Formulations Pro is a trademark of Formulations Pro, Inc., registered in the U.S.A. The Formulations Pro logo is trademarks of Formulations Pro, Inc. FileMaker Pro is a trademark of FileMaker Pro Inc., registered in the U.S.A and other countries. Product specifications and availability are subject to change without notice. Page 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information