FDA 21 CFR part 11 Compliance Datasheet

Similar documents
The Impact of 21 CFR Part 11 on Product Development

21 CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES CFR Part 11 Compliance PLA 2.1

Electronic records and electronic signatures in the regulated environment of the pharmaceutical and medical device industries

InfinityQS SPC Quality System & FDA s 21 CFR Part 11 Requirements

Full Compliance Contents

Compliance Matrix for 21 CFR Part 11: Electronic Records

Implementation of 21CFR11 Features in Micromeritics Software Software ID

Self-Assessment of eresearch Compliance with 21 CFR Part 11, Electronic Record; Electronic Signatures

POLICY ISSUES IN E-COMMERCE APPLICATIONS: ELECTRONIC RECORD AND SIGNATURE COMPLIANCE FDA 21 CFR 11 ALPHATRUST PRONTO ENTERPRISE PLATFORM

21 CFR Part 11 Implementation Spectrum ES

Oracle WebCenter Content

Implement best practices by using FileMaker Pro 7 as the backbone of your 21 CFR 11 compliant system.

FILEHOLD DOCUMENT MANAGEMENT SYSTEM 21 CFR PART 11 COMPLIANCE WHITE PAPER

FDA 21 CFR Part 11 Electronic records and signatures solutions for the Life Sciences Industry

Agilent MicroLab Software with Spectroscopy Configuration Manager and Spectroscopy Database Administrator (SCM/SDA)

FDA Title 21 CFR Part 11:Electronic Records; Electronic Signatures; Final Rule (1997)

DeltaV Capabilities for Electronic Records Management

rsdm and 21 CFR Part 11

Tools to Aid in 21 CFR Part 11 Compliance with EZChrom Elite Chromatography Data System. White Paper. By Frank Tontala

21 CFR Part 11 White Paper

Assessment of Vaisala Veriteq vlog Validation System Compliance to 21 CFR Part 11 Requirements

21 CFR Part 11 Compliance Using STATISTICA

Implementing Title 21 CFR Part 11 (Electronic Records ; Electronic Signatures) in Manufacturing Presented by: Steve Malyszko, P.E.

DeltaV Capabilities for Electronic Records Management

A ChemoMetec A/S White Paper September 2013

AutoSave. Achieving Part 11 Compliance. A White Paper

Enabling SharePoint for 21 CFR Part 11 Compliance - Electronic Signature Use Case

21 CFR Part 11 Checklist

SolidWorks Enterprise PDM and FDA 21CFR Part 11

InfoCenter Suite and the FDA s 21 CFR part 11 Electronic Records; Electronic Signatures

Compliance Response Edition 07/2009. SIMATIC WinCC V7.0 Compliance Response Electronic Records / Electronic Signatures. simatic wincc DOKUMENTATION

21 CFR Part 11 Electronic Records & Signatures

Intland s Medical Template

How To Control A Record System

Declaration of Conformity 21 CFR Part 11 SIMATIC WinCC flexible 2007

Empower TM 2 Software

Implementing CitectSCADA to meet the requirements of FDA 21 CFR Part 11

Compliance Response SIMATIC SIMATIC PCS 7 V8.1. Electronic Records / Electronic Signatures (ERES) Edition 03/2015. Answers for industry.

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

For technical assistance, please contact: Thermo Nicolet Corporation 5225 Verona Road Madison WI

Software Manual Part IV: FDA 21 CFR part 11. Version 2.20

Using the Thermo Scientific Dionex Chromeleon 7 Chromatography Data System (CDS) to Comply with 21 CFR Part 11. Compliance Guide

21 CFR Part 11 Deployment Guide for Wonderware System Platform 3.1, InTouch 10.1 and Historian 9.0

Using Chromeleon Chromatography Management Software to Comply with 21 CFR Part 11

Compliance in the BioPharma Industry. White Paper v1.0

Data Management PACT Workshop: Design & Operation of GMP Cell Therapy Facilities April 10 th -11 th, 2007

ScreenMaster RVG200 Paperless recorder FDA-approved record keeping. Measurement made easy

Waters Empower 2 Software Seamlessly Manages Regulated Data to Aid in 21 CFR Part 11 Compliance

Electronic Document and Record Compliance for the Life Sciences

Nova Southeastern University Standard Operating Procedure for GCP. Title: Electronic Source Documents for Clinical Research Study Version # 1

INTRODUCTION. This book offers a systematic, ten-step approach, from the decision to validate to

Waters Empower Software Seamlessly Manages Regulated Data to Aid in 21 CFR Part 11 Compliance

Thermal Analysis. Subpart A General Provisions 11.1 Scope Implementation Definitions.

Spectroscopy Configuration Manager (SCM) Software. 21 CFR Part 11 Compliance Booklet

LabChip GX/GXII with LabChip GxP Software

Achieving 21 CFR Part 11 Compliance with Appian

TIBCO Spotfire and S+ Product Family

Considerations for validating SDS Software v2.x Enterprise Edition for the 7900HT Fast Real-Time PCR System per the GAMP 5 guide

Supplement to the Guidance for Electronic Data Capture in Clinical Trials

Manual 074 Electronic Records and Electronic Signatures 1. Purpose

THE ROLE OF WATERS NUGENESIS SDMS IN 21 CFR PART 11 COMPLIANCE

Eclipsys Sunrise Clinical Manager Enterprise Electronic Medical Record (SCM) and Title 21 Code of Federal Regulations Part 11 (21CFR11)

Sympatec GmbH System-Partikel-Technik WINDOX 4. Electronic Records/ Electronic Signatures Compliance Assessment Worksheet for 21 CFR Part 11

REGULATIONS COMPLIANCE ASSESSMENT

Guidance for Industry. 21 CFR Part 11; Electronic. Records; Electronic Signatures. Time Stamps

Guidance for Industry Computerized Systems Used in Clinical Investigations

Clinical database/ecrf validation: effective processes and procedures

Guidance for Industry. 21 CFR Part 11; Electronic Records; Electronic Signatures. Maintenance of Electronic Records

CoSign for 21CFR Part 11 Compliance

PKI Adoption Case Study (for the OASIS PKIA TC) ClinPhone Complies with FDA Regulations Using PKIbased Digital Signatures

Guidance for Industry Part 11, Electronic Records; Electronic Signatures Scope and Application

U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP Records Management

Life sciences solutions compliant with FDA 21 CFR Part 11

Guidance for Industry. 21 CFR Part 11; Electronic Records; Electronic Signatures. Electronic Copies of Electronic Records

Guidance for Industry COMPUTERIZED SYSTEMS USED IN CLINICAL TRIALS

SIMATIC SIMATIC PCS 7 V8.0. Electronic Records / Electronic Signatures. Compliance Response. Answers for industry.

Guidance for electronic trial data capturing of clinical trials

Software. For the 21 CFR Part 11 Environment. The Science and Technology of Small Particles

Alfresco CoSign. A White Paper from Zaizi Limited. March 2013

e-signatures: Making Paperless Validation a Reality

The biggest challenges of Life Sciences companies today. Comply or Perish: Maintaining 21 CFR Part 11 Compliance

21 CFR Part 11 LIMS Requirements Electronic signatures and records

This interpretation of the revised Annex

epblue GxP oftware manual Software version

Risk-Based Approach to 21 CFR Part 11

Qualification Guideline

Validated SaaS LMS SuccessFactors Viability

OpenText Regulated Documents for the Life Sciences Industry:

MHRA GMP Data Integrity Definitions and Guidance for Industry January 2015

Good Electronic Records Management (GERM) Using IBM Rational ClearCase and IBM Rational ClearQuest

Welcome Computer System Validation Training Delivered to FDA. ISPE Boston Area Chapter February 20, 2014

Testing Automated Manufacturing Processes

Computerised Systems. Seeing the Wood from the Trees

Guidance for Industry

MHRA GMP Data Integrity Definitions and Guidance for Industry March 2015

Auditing Chromatographic Electronic Data. Jennifer Bravo, M.S. QA Manager Agilux Laboratories

Using SharePoint 2013 for Managing Regulated Content in the Life Sciences. Presented by Paul Fenton President and CEO, Montrium

Computer System Validation - It s More Than Just Testing

Review and Approve Results in Empower Data, Meta Data and Audit Trails

Transcription:

FDA 21 CFR part 11 Compliance Datasheet Software for Business Excellence

About FDA 21 CFR part 11 The Food and Drug Administration (FDA) in the United States designed Part 11 of Title 21 of the Code of Federal Regulations (21 CFR Part 11) to help ensure that life sciences companies can use electronic records and signatures that are equivalent to those based on paper and ink. An electronic record is any combination of text, graphics, data, audio, pictorial, or other information represented in digital form that is created, modified, maintained, archived, retrieved, or distributed by a computer system. Part 11 applies to all areas governed by the FDA and includes the pharmaceutical, medical devices, and biotechnology sectors, and extends to all records in electronic form. It is applicable to records identified in predicate rules-previously published regulations such as Good Clinical Practices (GCP), Good Laboratory Practices (GLP), and Good Manufacturing Practices (GMP). FDA considers part 11 to be applicable to the following records or signatures in electronic format (part 11 records or signatures): Records (and any associated signatures) that are required to be maintained under predicate rules and that are maintained in electronic format in place of paper format; Records that are required to be maintained under predicate rules, that are maintained in electronic format in addition to paper format, and that are relied on to perform regulated activities. For example, if a record is required to be maintained under a predicate rule and you use a computer to generate a paper printout of the electronic records, but you nonetheless rely on the electronic record to perform regulated activities, the Agency may consider you to be using the electronic record instead of the paper record. That is, the Agency may take your business practices into account in determining whether part 11 applies; Records submitted to FDA under predicate rules in electronic format; Electronic signatures that are intended to be the equivalent of handwritten signatures, initials, and other general signings required by predicate rules. Part 11 signatures include electronic signatures that are used, for example, to document the fact that certain events or actions occurred in accordance with the predicate rule (e.g. approved, reviewed, and verified). As illustrated, the rule was designed to ensure that information is accurate, trustworthy, and traceable across the multiple systems and entities that fall within the FDA program areas. Most importantly, the legislation was not intended to be just another exercise in regulatory compliance. Instead, it was designed to enable both the FDA and the Life Science industry to take advantage of new technologies to improve efficiency and speed in both operations and also regulatory process and to incorporate electronic document control and change management technology into their current business processes. By establishing tight user-authentication and security, enabling audit trails, and enforcing records retention, pharmaceutical companies could realize the full benefits of electronic record and signature while remaining fully complaint. As illustrated below, Part 11 affects the entire value chain and is more pervasive on some applications in key segments of the value chain than in other. For some applications such as Clinical Data Management, Quality Management or Manufacturing Execution Systems, Part 11 influences every element of the application. For other applications such as ERP, CRM, or Training Management Systems, Part 11 impact only selected workflows and data elements. In addition, the use of good data management techniques and well constructed standard operating procedures (SOPs) can ensure that many applications which should not contain a data of record for regulatory purposes do not inadvertently become subject to the requirements of 21 CFR Part 11. Non-compliance in some application is more likely to trigger an enforcement action than others. Which applications are more important, within a specific organization, depends on how the data is used, prior regulatory history, and recent enforcement trends.

Benefits The FDA's requirements under 21 CFR Part 11 are stringent, but they are based on common-sense needs to authenticate and review research efforts. Complying with them is in most cases just good practice. Using proper design techniques and SoftExpert SE Suite can make compliance much easier. Following the Part 11 guidelines in discovery-stage automation projects will certify your records for patent filings, will smooth the transition to development, and will very likely make it easier to comply with any future FDA regulations on discovery. Benefits of this regulation: The approval process may be shorter than before in long run; Access to documentation will be faster and more productive; Archival space is reduced; The source documents may be recreated in an event of Disaster; Modern day laboratory equipments/analyzers generate electronic data in thus makes it anyway mandatory to follow the regulation. The Challenge 21 CFR Part 11 establishes the criteria by which the U.S. Food and Drug Administration (FDA) considers electronic records, electronic signatures, and handwritten signatures executed to electronic records to be trustworthy, reliable, and generally equivalent to paper records and handwritten signatures executed on paper. This also applies to records in electronic form that are created, modified, maintained, archived, retrieved, or transmitted under any records requirements set forth in agency regulations as well as electronic records submitted to the FDA under the requirements of the Federal Food, Drug, and Cosmetic Act and the Public Health Service Act, even if such records are not specifically identified in agency regulations. The Canadian Health Products & Food Protection inspectorate is considering similar regulations for Canadian LSO manufacturers. Since its enactment in August 1997, 21 CFR Part 11 has had a substantial impact on the Life Sciences Industry. In contrast to other government regulations, 21 CFR Part 11 was developed initially as a response by the FDA to allow Life Science enterprises' use of electronic signatures in electronic batch records. 21 CFR Part 11 affects every bio-pharmaceutical or medical device organization governed by the FDA. There are potential risks and penalties if the systems are found to be non-compliant. While 21 CFR Part 11 does not mandate electronic record keeping, it provides the criteria that must be met if a Life Sciences Organization (LSO) utilizes electronic record keeping and electronic signatures. According to Gartner Group, by 2007 the FDA will actively encourage that all New Drug Applications (NDA's) and equivalent license applications for medical devices and biologics be submitted to the agency in electronic form. Given this mandate, the need for compliance to 21 CFR Part 11 will only intensify.

The Solution SoftExpert's best-of-breed Enterprise Excellence and FDA Compliance solutions help life sciences companies implement document management, quality management, GxP and change control throughout the enterprise. SoftExpert has long been a trusted solution chosen by leading manufacturers throughout the world. Renowned for its ease of use for administrators and end users, SoftExpert includes a granular security system and traceability capabilities that meet the most stringent regulatory standards. SoftExpert Excellence Suite provides organizational efficiency, process control, and flexibility to help simplify the tasks involved in managing data and information. It will also help your organization make better decisions in managing the content and process that drive your business. SE Suite SoftExpert Suite allows regulated organizations to become compliant with multiple standards, regulations and initiatives into only one easy-to-use and accessible system. SoftExpert offers to regulated organizations an integrated regulatory compliance solution for successfully meeting compliance requirements while lowering the associated costs that can otherwise be substantial. Here are highlights of SoftExpert components that address FDA 21 CFR part 820 requirements: Subpart B- Electronic Records - 11.10 Controls for Closed Systems 11.10 (a) Persons who use closed systems to create, modify, maintain, or transmit electronic records shall employ procedures and controls designed to ensure the authenticity, integrity, and, when appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily repudiate the signed record as not genuine. Such procedures and controls shall include the following: Validation of systems to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records. SoftExpert software enables certified users to digitally sign and verify electronic documents in their own computer. Digital Certificates provide a means of proving the signer's identity in electronic transactions. Digital Signatures enable "authentication" of digital contents, assuring the recipient of a digital content of both the identity of the signer and the integrity of the content. A Digital Certificate is issued by a Certification Authority (CA) and signed with the CA's private key. The signer of a document cannot later disown it by claiming the signature was forged. Complies with the latest GAMP validation guidelines and meet 21CFR Part11 requirements for electronic records and signatures to ensure it functions as intended. SoftExpert Services provide comprehensive validation services, including onsite IQ (installation qualification), OQ (operational qualification), and PQ (performance qualification) tests to ensure that the system is fully compliant. For companies wanting to perform their own validation, SoftExpert Services offer a Validation Toolkit, which provides a detailed, pre-written validation test protocols and scripts. 11.10 (b) The ability to generate accurate and complete copies of record in both human readable and electronic form suitable for inspection, review, and copying by the agency. SoftExpert software supplies copies of electronic records by automated conversion and export methods in common formats (like PDF and XML), preserving the content and meaning of the record. Each record created in SoftExpert software has the ability to be printed in a human readable format. 11.10 ( c) Protection of records to enable their accurate and ready retrieval throughout the records retention period. SoftExpert software ensures that relevant records are preserved and protected from tampering during the required retention period with a flexible approach that combines hybrid electronic and/or paper storage for long term archiving. 11.10 (d) Limiting system access to authorized individuals. SoftExpert software requires a unique UserID and password for system access. System administrators can optionally enforce automatic login authentication and/or authorization policies inside SoftExpert software through integrated single sign-on Active Directory Authentication Services. Single sign-on is a method of enterprise access control that enables a user to log in once and gain access to the resources of multiple software systems ensuring security and access policy across the enterprise.

11.10 (e) Use of secure, computer-generated, t i m e - s t a m p e d a u d i t t r a i l s t o independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not o b s c u r e p r e v i o u s l y r e c o r d e d i n f o r m a t i o n. S u c h a u d i t t r a i l documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying. The audit trail provides a history of record changes and operations, including an automatic capture of signature, date, time, sequencing of events, indicating which operator made the entries, and when the actions were executed. Each addition, modification and deletion of a record or document is maintained with a computer-generated, time-stamped record. A new record is recorded for each change so as not to obscure previously recorded information. Audit records can be easily accessed and filtered for specific events (for example, changes to a certain field.). Audit records themselves can't be modified or deleted. 11.10 (f) Use of operational system checks to enforce permitted sequencing of steps and events, as appropriate. Through use of SoftExpert configuration windows, sequencing of processing steps, events and checks can be enforced. 11.10 (g) Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand. System administrators can determine appropriate levels of access to operations, records and documents for each user in the system, allowing data to be accessed in read/write, read only, or no access modes. Password verification can be set as required any time a user applies their name (i.e. signature) to a record or document. The system can also require different passwords for system access and record signatures. All user passwords are encrypted for security. 11.10 (h) Determination that persons who develop, maintain, or use electronic record / electronic signature systems have the education, training, and experience to perform their assigned tasks. SoftExpert Services provide comprehensive product training program. Training courses are given for each level of user to ensure that every user can perform assigned tasks within the system. 11.10 (i) The establishment of, and adherence to, written policies that hold individuals accountable and responsible for actions initiated under their electronic signatures, in order to deter record and signature falsification. SoftExpert audit log ensures the person who performed a record modification is recorded. In addition, to eliminate the potential for signature falsification when a user may momentarily leave their work station (from another user using their login session to change a record). SoftExpert software can be quickly and easily be disabled by the user, and then re-enabled by entering their password to continue their session. 11.10 (j) Use of appropriate controls over systems documentation including: (1) Adequate controls over the distribution of, access to, and use of documentation for system operation and maintenance. (2) Revision and change control procedures to maintain an audit trail that d o c u m e n t s t i m e - s e q u e n c e d development and modification of systems documentation. SoftExpert software requires appropriate levels of access to documents for each user in the system. It also comes with built in revision and change control capabilities. All releases of SoftExpert system documentation include installation, administration and user guides. These documents are uniquely identifiable and associated with a specific release of the software. Subpart B- Electronic Records - 11.50 Signature Manifestations 11.50 (a) Signed electronic records shall contain information associated with the signing that clearly indicates all of the following: (1) The printed name of the signer; (2) The date and time when the signature was executed; and (3) The meaning (such as review, approval, responsibility, or authorship) associated with the signature. User name, date, time, and a description of the operation performed (i.e., review, approval, etc.) are automatically captured with every signature. 11.50 (b) The items identified in paragraphs (a)(1), (a)(2), and (a)(3) of this section shall be subject to the same controls as for electronic records and shall be included as part of any human readable form of the electronic record (such as electronic display or printout). Signature information and configurable watermark are stamped on the document in either electronic or printed format. Guarantee authenticity by sequentially numbering and date/time-marking documents as they are printed.

Subpart B- Electronic Records - 11.70 Signature Record/Linking 11.70 (a) Electronic signatures and handwritten signatures executed to electronic records shall be linked to their respective electronic records to ensure that the signatures cannot be excised, copied, or otherwise transferred to falsify an electronic record by ordinary means. A signature is attached to the record in an unchangeable way in order to prevent falsification by copying an electronic signature to a different record. The signature information cannot be tampered with after approval. Subpart C- Electronic Signatures - 11.100 General Requirements 11.100 (a) Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, anyone else. No two combinations of identification code and password may be the same, nor may be re-used. Subpart C- Electronic Signatures - 11.200 Electronic signature components and controls 11.200 (a) Electronic signatures that are not based upon biometrics shall: (1) Employ at least two distinct identification components such as an identification code and password. (i) When an individual executes a series of signings during a single, continuous period of controlled system access, the first signing shall be executed using all electronic signature components; subsequent signings shall be executed using at least one electronic signature component that is only executable by, and designed to be use only by, the individual. (ii) When an individual executes one or more signings not performed during a single, continuous period of controlled system access, each signing shall be executed using all of the electronic signature components. (2) Be used only by their genuine owners. SoftExpert software uses a combination of UserID and password for user identification. During periods of continuous controlled system access, the system can be configured to require password verifications during record signings at a time or interval determined by the System Administrator. The system can be configured to automatically require all signature components after a period of inactivity determined by the System Administrator. Subpart C- Electronic Signatures - 11.300 Controls for identification codes/passwords 11.300 (a) Persons who use electronic signatures based upon use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. Such controls shall include: (a) Maintaining the uniqueness of each combined identification code and password, such that no two individuals have the same combination of identification code and password. All UsedID/password combinations are unique.

11.300 (b) b) Ensuring that identification code and passwordissuances are periodically checked, recalled, or revised (e.g., to cover such events as password aging). UserID's and passwords may be set to expire at predetermined intervals, requiring user to create a new password. Users are not allowed to reuse recent passwords. Passwords must contain at least a configured minimum number of characters. SofExpert software provides a Strong Password Validator that checks for uppercase, lowercase, numerical, length and special character. Strong passwords lower overall risk of a security breach by passwords that are hard to detect both by humans and by the computer. 11.300 (d) Use of transaction safeguards to prevent unauthorized use of passwords and/or identification codes, and to detect and report in an immediate and urgent manner any attempts at their unauthorized use to the system security unit, and, as appropriate, to organizational management. SoftExpert software may be set to not permit users to log onto more than one session at a time on different computers. The system will disable user account if incorrectly entering password more than a preset number of time upon session startup, or any other time a password is required. In this case, the system notifies System Administrator via e-mail and generates an event in the audit log. In addition, UserID's accounts may be disabled by the System Administrator at any time.

SOFTEXPERT EXCELLENCE SUITE COMPANY SoftExpert is the global leader in the field of excellence and compliance management software. More than 1,500 companies worldwide trust SoftExpert's solutions to streamline their work processes, simplify tasks and manage information. Developed for any type of business in a wide range of industries, SoftExpert solutions help companies reduce costs, minimize risks, improve performance and gain the flexibility to respond to changing business needs. By focusing on people and building lasting relationships with its customers and partners, the company excels at guiding customers through all aspects of implementation. SoftExpert's mission is to continually develop innovative solutions that simplify operational effectiveness and keep customers in control of their business. Customer focus is a core component of the corporate culture and continues to be one of the key reasons why SoftExpert maintains a strong market presence. www.softexpert.com sales@softexpert.com SoftExpert is registered trademarks of SoftExpert Software for Business Excellence. All information contained in this brochure is subject to change without prior notice.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information