SmarTeam FDA Compliance Technical Paper

Similar documents
Implementation of 21CFR11 Features in Micromeritics Software Software ID

21 CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES CFR Part 11 Compliance PLA 2.1

POLICY ISSUES IN E-COMMERCE APPLICATIONS: ELECTRONIC RECORD AND SIGNATURE COMPLIANCE FDA 21 CFR 11 ALPHATRUST PRONTO ENTERPRISE PLATFORM

FILEHOLD DOCUMENT MANAGEMENT SYSTEM 21 CFR PART 11 COMPLIANCE WHITE PAPER

Self-Assessment of eresearch Compliance with 21 CFR Part 11, Electronic Record; Electronic Signatures

Compliance Matrix for 21 CFR Part 11: Electronic Records

Electronic records and electronic signatures in the regulated environment of the pharmaceutical and medical device industries

SolidWorks Enterprise PDM and FDA 21CFR Part 11

The Impact of 21 CFR Part 11 on Product Development

Implement best practices by using FileMaker Pro 7 as the backbone of your 21 CFR 11 compliant system.

Tools to Aid in 21 CFR Part 11 Compliance with EZChrom Elite Chromatography Data System. White Paper. By Frank Tontala

InfoCenter Suite and the FDA s 21 CFR part 11 Electronic Records; Electronic Signatures

A ChemoMetec A/S White Paper September 2013

InfinityQS SPC Quality System & FDA s 21 CFR Part 11 Requirements

Oracle WebCenter Content

Agilent MicroLab Software with Spectroscopy Configuration Manager and Spectroscopy Database Administrator (SCM/SDA)

DeltaV Capabilities for Electronic Records Management

FDA Title 21 CFR Part 11:Electronic Records; Electronic Signatures; Final Rule (1997)

21 CFR Part 11 Implementation Spectrum ES

21 CFR Part 11 Compliance Using STATISTICA

DeltaV Capabilities for Electronic Records Management

Intland s Medical Template

Implementing CitectSCADA to meet the requirements of FDA 21 CFR Part 11

Full Compliance Contents

21 CFR Part 11 White Paper

How To Control A Record System

AutoSave. Achieving Part 11 Compliance. A White Paper

FDA 21 CFR Part 11 Electronic records and signatures solutions for the Life Sciences Industry

Enabling SharePoint for 21 CFR Part 11 Compliance - Electronic Signature Use Case

rsdm and 21 CFR Part 11

21 CFR Part 11 Checklist

21 CFR Part 11 Deployment Guide for Wonderware System Platform 3.1, InTouch 10.1 and Historian 9.0

Empower TM 2 Software

Implementing Title 21 CFR Part 11 (Electronic Records ; Electronic Signatures) in Manufacturing Presented by: Steve Malyszko, P.E.

Compliance in the BioPharma Industry. White Paper v1.0

21 CFR Part 11 Electronic Records & Signatures

Compliance Response Edition 07/2009. SIMATIC WinCC V7.0 Compliance Response Electronic Records / Electronic Signatures. simatic wincc DOKUMENTATION

Declaration of Conformity 21 CFR Part 11 SIMATIC WinCC flexible 2007

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Nova Southeastern University Standard Operating Procedure for GCP. Title: Electronic Source Documents for Clinical Research Study Version # 1

For technical assistance, please contact: Thermo Nicolet Corporation 5225 Verona Road Madison WI

Assessment of Vaisala Veriteq vlog Validation System Compliance to 21 CFR Part 11 Requirements

Data Management PACT Workshop: Design & Operation of GMP Cell Therapy Facilities April 10 th -11 th, 2007

Software Manual Part IV: FDA 21 CFR part 11. Version 2.20

ScreenMaster RVG200 Paperless recorder FDA-approved record keeping. Measurement made easy

Using the Thermo Scientific Dionex Chromeleon 7 Chromatography Data System (CDS) to Comply with 21 CFR Part 11. Compliance Guide

Electronic Document and Record Compliance for the Life Sciences

Using Chromeleon Chromatography Management Software to Comply with 21 CFR Part 11

Achieving 21 CFR Part 11 Compliance with Appian

Life sciences solutions compliant with FDA 21 CFR Part 11

REGULATIONS COMPLIANCE ASSESSMENT

Guidance for Industry. 21 CFR Part 11; Electronic. Records; Electronic Signatures. Time Stamps

Compliance Response SIMATIC SIMATIC PCS 7 V8.1. Electronic Records / Electronic Signatures (ERES) Edition 03/2015. Answers for industry.

Spectroscopy Configuration Manager (SCM) Software. 21 CFR Part 11 Compliance Booklet

Thermal Analysis. Subpart A General Provisions 11.1 Scope Implementation Definitions.

TIBCO Spotfire and S+ Product Family

Software. For the 21 CFR Part 11 Environment. The Science and Technology of Small Particles

Electronic Records and Signatures: Compliance with Title 21 CFR Part 11 Requirements

21 CFR Part 11 LIMS Requirements Electronic signatures and records

Sympatec GmbH System-Partikel-Technik WINDOX 4. Electronic Records/ Electronic Signatures Compliance Assessment Worksheet for 21 CFR Part 11

Guidance for Industry COMPUTERIZED SYSTEMS USED IN CLINICAL TRIALS

Guidance for Industry. 21 CFR Part 11; Electronic Records; Electronic Signatures. Electronic Copies of Electronic Records

Considerations for validating SDS Software v2.x Enterprise Edition for the 7900HT Fast Real-Time PCR System per the GAMP 5 guide

LabChip GX/GXII with LabChip GxP Software

SIMATIC SIMATIC PCS 7 V8.0. Electronic Records / Electronic Signatures. Compliance Response. Answers for industry.

U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP Records Management

CoSign for 21CFR Part 11 Compliance

OpenText Regulated Documents for the Life Sciences Industry:

Guidance for Industry. 21 CFR Part 11; Electronic Records; Electronic Signatures. Maintenance of Electronic Records

Waters Empower 2 Software Seamlessly Manages Regulated Data to Aid in 21 CFR Part 11 Compliance

Eclipsys Sunrise Clinical Manager Enterprise Electronic Medical Record (SCM) and Title 21 Code of Federal Regulations Part 11 (21CFR11)

Supplement to the Guidance for Electronic Data Capture in Clinical Trials

Waters Empower Software Seamlessly Manages Regulated Data to Aid in 21 CFR Part 11 Compliance

epblue GxP oftware manual Software version

Standard: Event Monitoring

The Infrastructure Audit Trail and Part 11

Guidance for Industry Computerized Systems Used in Clinical Investigations

Using Electronic Signatures

SOLAARsecurity. Administrator Software Manual Issue 2

Copyright. Disclaimer. Introduction 1. System Requirements Installing the software 4

Guidance for electronic trial data capturing of clinical trials

Computerized Systems Used in Medical Device Clinical Investigations

Good Electronic Records Management (GERM) Using IBM Rational ClearCase and IBM Rational ClearQuest

HIPAA: The Role of PatientTrak in Supporting Compliance

Manual 074 Electronic Records and Electronic Signatures 1. Purpose

Sponsor Site Questionnaire FAQs Regarding Maestro Care

Xcalibur. Foundation. Administrator Guide. Software Version 3.0

Guidance for Industry Part 11, Electronic Records; Electronic Signatures Scope and Application

THE ROLE OF WATERS NUGENESIS SDMS IN 21 CFR PART 11 COMPLIANCE

Quality Manual # QS MD Logistics, Inc. (Signed copy available upon request) Prepared by Robert Grange, Director Quality

AuthentiMax Software for GloMax -Multi+

Shiny Server Pro: Regulatory Compliance and Validation Issues

Introduction. Connection security

Neutralus Certification Practices Statement

Introduction. Editions

User Guide. Version R91. English

Electronic Signature Assurance & the Digital Chain-of-Evidence

ILLINOIS GAMING BOARD MINIMUM INTERNAL CONTROL STANDARDS SECTION A - GENERAL AND ADMINISTRATIVE TABLE OF CONTENTS

Support for the HIPAA Security Rule

FDA CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES

Transcription:

SmarTeam FDA Compliance Functional Compliance With Rule 21 CFR Part 11 July 2002

1 Introduction This document details how SmarTeam FDA Compliance complies with FDA regulations and specifically the 21CFR11 (commonly referred to as part 11), concerning electronic records and electronic signatures as well as software validation requirements. All requirements for electronic signatures and records listed in 21 CFR Part11 are handled by SmarTeam FDA Compliance. SmarTeam captures all notes and comments as they apply to each release revision and approval. An audit trail containing records with notes, electronic signatures, and change justifications is fully compliant with Part 11 requirements. This document is designed demonstrate that SmarTeam helps you achieve the goals set forth in subpart B section 11.10: in having a system that will be designed to ensure the authenticity, integrity and when appropriate the confidentiality of electronic records. Many medical device manufacturers are looking for a user-friendly, part 11-compliant system that is tightly integrated into the CAD design package to ensure control of the documents throughout the design life cycle. This document is not intended to be a comprehensive listing of all the 21CFR Part 11 regulations, but rather focuses only on those that are related to document management, electronic records and signatures. Please refer to the FDA regulations available at www.fda.gov for more information.

2 21CFR11 meeting the Part 11 requirements SmarTeam can be implemented both as a closed and an open system (as defined by the FDA). Most of SmarTeam s implementations are as a closed system. The core SmarTeam product already meets many of the requirements set forth in Part 11. In addition, SmarTeam announces SmarTeam FDA Compliance. This is a Part 11 addon, which enables companies to fully comply with the Part 11 requirements. This document details specific FDA requirements and the mechanisms by SmarTeam for the FDA allows for FDA compliancy. 2.1 Sub Part B 11.10 Electronic Records FDA Requirement The ability to generate accurate and complete copies of records in both human readable and electronic form suitable for inspection, review, and copying by the agency. Validation of systems to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records. SmarTeam FDA Compliance Description SmarTeam provides a built-in query module, from which the authorized user can query for records, electronically view their information and related documentation on the screen, and printed them to paper. In addition the records can be exported to industry standard electronic forms such as Text, Microsoft Excel and XML. SmarTeam Corporation performs tight validation and QA testing of SmarTeam new releases. These procedures will be published to FDA customers as needed. In addition, during SmarTeam on site implementation, customer specific configuration, setup, personalization, customization and other enhancements that are done to comply with specific customer needs, will be documented thoroughly to cover all the functionality and test cases, to enable an ongoing validation process. SmarTeam for the FDA includes a complete audit trail: one central place to track all modifications to the database. This includes the following operations in SmarTeam: Add, Update, Delete, Change in state (life cycle change), Login information (user login,

success and failure). Protection of records to enable their accurate and ready retrieval throughout the records retention period. Limiting system access to authorized Individuals. Use of secure, computergenerated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying. SmarTeam s data is managed in a secure industry standard database, such as Oracle or SQL Server. The database controls access to the records. In addition, SmarTeam manages files and product related documentation in a secure vault system. SmarTeam handles users with users permissions (authorization rules) based on either user level or/and group level. More detailed security rules, based on objects, are obtained using existing scripts, which can be customized on site for specific company need. SmarTeam handles users with users permissions (authorization rules) based on either user level or/and group level. Authorization permissions can be set on different class level and operation level to ensure users can access only information they are allowed to, and perform allowed operations SmarTeam allows for management of users, with unique names and password. SmarTeam for the FDA includes a full audit trail with viewer utility for an administrator. This audit trail is the one central place to track all modifications to the database. These includes the following operations in SmarTeam: Add object Update object Delete object Change in state of object (life cycle change) Object approvals (Electronic Signatures) Login information (user login, success and failure) User management The administrator will be able to save and print the audit trail. The users, including system manager, can not delete or manipulate the audit trail information. New entries in the audit trail will not change previous entries in any way.

Use of operational system checks to enforce permitted sequencing of steps and events, as appropriate. Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand. Use of device (e.g., terminal) checks to determine, as appropriate, the validity of the source of data input or operational instruction. Determination that persons who develop, maintain, or use electronic record/electronic signature systems have the education, training, and experience to perform their assigned tasks. The establishment of, and adherence to, written policies that hold individuals accountable and responsible for actions initiated under their electronic signatures, SmartFlow is the SmarTeam module that enforces a workflow with predefined sequenced steps and tasks. A SmarTeam implementation will include the definition of the appropriate steps. The SmarTeam administrator sets-up permissions per user or groups and their assigned users, and can control access to all SmarTeam operations, including entry into the system. SmarTeam for the FDA includes specific authorization checks as follows: Double verification: General users must login with a user name that matches their operating system username. After this is verified, they will be asked to login a second time. Only administrators can login with a different user name. Verification upon signature: additional login sign-in is required from all approval authorized users in order to perform life cycle operationsrecord signature Password expiration: the user is forced to change passwords after expiration (expiration by number of logins or predetermined time) Audit Trail support: the user logins are tracked in the audit trail SmarTeam will restrict the work to registered users only, with license to utilize the software SmarTeam offers several levels of training on a regular basis. Some of these courses will be required to train the administrator. End user training will be required during implementation. Policies can be written by the implementation team, which apply to the way the company will use SmarTeam.

in order to deter record and signature falsification. Use of appropriate controls over systems documentation including: (1) Adequate controls over the distribution of, access to, and use of documentation for system operation and maintenance. (2) Revision and change control procedures to maintain an audit trail that documents timesequenced development and modification of systems documentation System documentation regarding the FDA Part 11 requirements and the implementation of the system to complywill be managed as a class of information in SmarTeam. This will allow proper security and authorizations to manipulate and revise. 2.2 11.50, 11.70 Signature Manif estation and record linking FDA Requirement Signed electronic records shall contain information associated with the signing that clearly indicates all of the following: (1) The printed name of the signer (2) The date and time when the signature was executed (3) The meaning (such as review, approval, responsibility, or authorship) associated with the signature SmarTeam FDA Compliance Description SmarTeam tracks modification and life cycle operations, and records for each object version: (1) The user performing the operation. (2) Timestamp of the new record (3) The type of operation being performed In addition, an Approval function allows approving users through a workflow process (or if required also without utilizing the flow) to electronically sign records. This keep on the record: (1) The full name of the signing user (2) Timestamp of the signature (3) Meaning approval A server side mechanism allow to silently integrate the signature into the managed files. SmarTeam for the FDA has an audit trail, which includes the following information per operation:

Full name of signer Date and time Meaning of the operation (Add object XYZ, Delete Check In etc.) The administrator can view the Audit Trail information in a tool similar to the NT Event Viewer. He/she can browse the sequenced Audit Trail records, organized by recording time stamp, and sort, save, and print the trail. Users will not be able to delete or manipulate the audit trail information. New entries in the audit trail will not change previous entries in any way. The audit trail will be managed in a secure database. Electronic signatures and handwritten signatures executed to electronic records shall be linked to their respective electronic records to ensure that the signatures cannot be excised, copied, or otherwise transferred to falsify an electronic record by ordinary means. SmarTeam saves the user information on the records, to document when a user created/updated or signed the records. This information is readily available at all times, and users will not be able to delete or manipulate it. Sub Part C Electronic Signatures 2.3 11.100 General Requirements FDA Requirement Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, anyone else. Persons using electronic signatures shall, prior to or at the time of such use, certify to the agency that the electronic signatures in their system, used on or after August 20, 1997, are intended to be the legally binding equivalent of traditional SmarTeam FDA Compliance Description In SmarTeam s user table, the unique index on the table is the user login, thus there cannot be two users with the same user login. Policy and procedure will be processed and executed by the implementation team.

handwritten signatures. (1) The certification shall be submitted in paper form and signed with a traditional handwritten signature, to the Office of Regional Operations (HFC 100), 5600 Fishers Lane, Rockville, MD 20857. (2) Persons using electronic signatures shall, upon agency request, provide additional certification or testimony that a specific electronic signature is the legally binding equivalent of the signer s handwritten signature

2.4 11.200 Electronic Signatures components and controls FDA Requirement Employ at least two distinct identification components such as an identification code and password. When an individual executes a series of signings during a single, continuous period of controlled system access, the first signing shall be executed using all electronic signature components. Subsequent signings shall be executed using at least one electronic signature component that is only executable by, and designed to be used only by, the individual. (ii) When an individual executes one or more signings not performed during a single, continuous period of controlled system access, each signing shall be executed using all of the electronic signature components. Be administered and executed to ensure that attempted use of an individual s electronic signature by anyone other than its genuine owner requires collaboration of two or more individuals SmarTeam FDA Compliance Description SmarTeam requires the user to fill in a login name and password in order to gain access to the data and subsequently to electronically sign a document.. SmarTeam FDA Compliance allows running the same login procedure (like the one used on SmarTeam startup) from different places in the system (based on object classes and actions). SmarTeam FDA Compliance includes specific authorization checks as follows: Double verification: General users must login with a user name that matches their operating system username. After this is verified, they will be asked to login a second time. Only administrators can login with a different user name. Verification upon signature requires: additional login sign-in is required from all authorized users in order to perform life cycle operations electronic signatures. Password expiration: the user is forced to change passwords after expiration (expiration by number of logins or predetermined time) Audit Trail support: the user logins are tracked in the audit trail SmarTeam FDA Compliance records a failed login in the Audit Trail and sends an e- mail message to the designated administrator to tell him about the failure. The message includes the information of the failed logon, time stamp, and the machine (name or IP address).

2.5 11.300 controls for identification codes/passwords FDA Requirement Maintaining the uniqueness of each combined identification code and password, such that no two individuals have the same combination of identification code and password. Ensuring that identification code and password issuances are periodically checked, recalled, or revised (e.g., to cover such events as password aging). Use of transaction safeguards to prevent unauthorized use of passwords and/or identification codes, and to detect and report in an immediate and urgent manner any attempts at their unauthorized use to the system security unit, and, as appropriate, to organizational management. SmarTeam FDA Compliance Description In SmarTeam s user table, the unique index on the table is the user login, thus there cannot be two users with the same user login. SmarTeam FDA Compliance includes a login expiration mechanism. The expiration method can be either by Counter (number of times a user logged into SmarTeam) or Time (how long each password can live). Upon expiration, the user must enter a new password. SmarTeam FDA Compliance records a failed login in the Audit trail and sends an e- mail message to the administrator to tell him about the failure. The message includes the information of the failed logon, time stamp, and the machine (name or IP address). In addition, user is locked out after 3 failed logins.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information