USDM's Guide to 21 CFR Part 11

What is 21 CFR Part 11? briefly , it issues acceptable standards for electronic records required by the predicate rules for all times sciences companies.

Specifically, 21 CFR Part 11 says that if you select to use a computing system to take care of , create, or modify records required by the predicate rules, then you want to do certain things to regulate those records. If you select to use eSignatures, you want to suits the wants during this regulation.

 

The intent of Part 11 is to take care of accountability and traceability of your electronic records, including eSignatures. In part, it asks:

 

Is system access restricted to authorized individuals?

Are authority checks wont to make sure that only authorized individuals can access the system, electronically sign a record, alter a record, and perform an operation?

Do signed electronic records contain the name of the signer, date and time of the signature, and meaning of the signature (i.e., review, approval, responsibility, authorship, etc.)?

Does the system provide transaction safeguards to stop unauthorized use of passwords and/or identification codes?

Can the system immediately and urgently detect and report attempts of unauthorized use to the system security unit and organizational management?

Are audit trails built into the system?

USDM Life Sciences has an in depth process and thorough checklist to make sure that you simply follow the guidance accurately. Contact us for your Part 11 needs.

 

Audit Trails

Every company will undergo audits, but there's more to them than simply meeting FDA regulations. Audits should drive best practices in your business processes and ensure that you simply are following applicable regulations designed to enhance product quality and ensure patient safety.

 

An audit trail consists of records that show who has accessed a computing system , when it had been accessed, and what operations were performed. Records or information entered into a top quality Management System (QMS) have specific requirements for tracking and traceability, and nobody should be able edit the knowledge without traceability or overwrite the knowledge . Altered records have requirements to understand who edited the records and for what reason. All created, modified, or deleted records must be retained and traceable to the user responsible with a timestamp and version history in order that previous versions are often viewed. Event logs aren't enough to satisfy the requirements of 21 CFR Part 11, unless they display the specified information.

 

21 CFR Part 11 Guidelines for eSignatures

eSignatures on controlled records are accepted a bit like handwritten signatures if they meet FDA requirements. eSignatures can't be copied from other parts of the document. the subsequent requirements pertain to system management and therefore the storage of eSignatures.

 

Ensure that your eSignature software is installed correctly, operates correctly, and performs needless to say .

Confirm data integrity and password security. System access must be secured by unique login credentials for every user. User interaction together with your data and modifications to your data must be recorded and traceable to stop unidentified interactions, fraud, security breaches, or non-compliant interactions.

Train employees to know their roles. Your system security is merely as strong as its weakest link. System users must be trained to suits the controls placed on the system, especially when it involves protecting data integrity and password storage. Train your employees on your systems and applications and cling to the training requirements and need them to certify that they understand that their electronic signature is that the legally binding equivalent of their handwritten signature.

Hiring an outdoor firm to assist you assess your QMS gaps and train employees can prevent time and money. Contact USDM to start out your regulatory assessment or to fast-track your compliant eSignature capabilities.