You are on page 1of 13

21 CFR Part 11 Regulations

Rashida.Yunus.R Sanjeevani Clinical Services

States. Part 11. 11. reliable and equivalent to paper records . defines the criteria under which electronic records and electronic signatures are considered to be trustworthy.21 CFR Part 11 Regulations Introduction: Title 21 CFR Part 11 of the Code of Federal Regulations deals with the Food and Drug Administration (FDA) guidelines on electronic records and electronic signatures in the United States. as it is commonly called.

21 CFR Part 11 Regulations It is divided in Three Subparts : 1) 2) 3) Subpart A : General Provision Subpart B : Electronic Records Subpart C : Electronic Signature .

and relevant documentation must be available for review during FDA inspections .Subpart A : General Provision ‡ Regulations establish the criteria the FDA considers for electronic records and electronic signature to be trustworthy. controls. ‡ Computer system (hardware and software). and generally equivalent to paper. ‡ Applies to all records in electronic form under any records requirement within any FDA regulation. ‡ Electronic records may be used in accordance with Part 11 unless paper records are specifically required. reliable. and other general signings. initials. ‡ Electronic records are considered equivalent to full handwritten signatures.

archived. computer-generated. modification and deletion of records and do not obscure previous information . maintained.Subpart B : Electronic Record Electronic Record ‡ ´Any combination of text. and that signer cannot repudiate the signed record. pictorial. retrieved. modified. or other information representation in digital form that is created. cover the creation .µ Must develop procedures and controls to ensure authenticity. data. operator independent. graphics. or distributed by a computer system. The controls must:      ‡ Be validated Maintain accurate and complete records Limit the system to authorized persons Protect records through retention period Contain audit trails that are secure. timestamped. integrity and confidentiality. audio.

‡ ‡ ‡ ‡ ‡ ‡ Allow for the performance of operational system checks. and device checks to ensure system.Cont«. authority checks. use. record. integrity. integrity.10 Must use additional measures (e. Control over system documentation including distribution. and confidentiality of electronic records and comply with all other parts of Section 11. revision and change control. access. digital signature standards) to ensure authenticity. and confidentiality . document encryption. Must develop procedures and controls that ensure authenticity.g. and data integrity Ensure appropriate personnel qualifications Policies written and followed to hold personnel accountable for actions and to deter records falsification.

transferred or falsified.Cont. and the purpose of the signature (e. Electronic signature and handwritten signatures must be linked to ensure signatures cannot be excised.. copied. . approval etc.) Each of these must be readable by display or printout. date and time of signature. review. ‡ ‡ Signed electronic records must include the printed name of the signer.g.

or authorized by an individual to be the legally binding equivalent of the individual·s handwritten signature.µ ‡ ‡ ‡ Must be unique to an individual and not reassigned Identity of individual must be verified by organization Must certify electronic signature system to the agency prior to or at the time of use of the system ‡ Certification must be submitted in paper form and. adopted. upon agency request.Subpart C : Electronic Signature  Electronic Signature ´A computer data compilation of any symbol or series of symbols executed. provide certification that signature is legally binding .

with partial identification for each task thereafter Multiple sign-on without continuous access requires all identification components to be used each time   Be used only by the owner Ensure use by other individuals is precluded and does not occur without collaboration by at least two other individuals ‡ Biometric signatures must ensure use by the owner .Cont« ‡ Non-Biometric signatures must:  Contain at least two different identification components (e. User ID and Password)   Single sign-on with multiple tasks: Use all identification components at first.g.

tokens or cards) that produce or maintain identification codes or passwords to ensure proper function and unaltered state. ‡ ‡ Unauthorized use safeguards Report attempts in urgent & immediate manner to:   Security unit Management. ‡ Persons using electronic signatures must use controls to ensure security and integrity and should include:     Assuring that no two individuals have the same combination of identification code and password Periodic check. or revision of identification code and password Loss management and replacement procedures Testing of devices (i. as appropriate ..Cont«.e. recall.

Good Information System Practices .APPLICABILITY OF PART 11 ] GLP GCP GMP GISP * -Data Acquisition -Laboratory Information Management (LIMS) -Laboratory Robotics -Toxicology Systems -Stability Systems -Environmental Impact -Centralized Laboratory -Data Acquisition & Reporting -Remote Data Entry -Case Report Form Systems -Clinical Data management -Adverse Event Reporting -Clinical Supply Systems -Statistical Analysis Systems -Manufacturing Execution (MES) -Maintenance Management (MMS) -Calibration Management (MCS) -Facility Management Systems -Enterprise Resource Plan ( ERP) -SCADA Systems -Supply Chain Planning (SCP) -Internet Applications -EDI -PLC Systems -Document Management -Quality Management -Computer Assisted NDA (CANDA) *GISP.

this is to certify that _(Name of organization )__ intends that all electronic signatures executed by our employees. .Certification Statement . located anywhere in the world.100 of Title 21 of the code of Federal Regulations.. agents. or representatives. are the legally binding equivalent of traditional handwritten signatures.Template Pursuant to section 11.

Manufacturing process streamlining.Electronic records and Electronic Signatures Advantages  Challenges  Electronic Batch records can eliminate mountains of paper work. speed processing and allow for statistical and trend analyses. Design of systems must be well thought out and tested thoroughly. Increases the speed of information exchange. Critical control points must be identified which can be monitored through electronic audit trails. Cost savings from reduced need for storage space. Fraud Detection          . Firms planning on using electronic signatures in FDA regulated environments will be required to validate the computer related systems. Adequate testing of security. NDA·s and other submissions can be submitted electronically in place of paper submission. Job creation in industries involved in electronic record and electronic signature technologies.