Академический Документы
Профессиональный Документы
Культура Документы
11
Nuisance or Opportunity?
ETTLER TOLEDO
Quality Management
Agenda
Definitions
Electronic Records
Electronic Signature
Quality Management
Where does the name come from?
Title 21
Covers GCP, GLP and GMP (GxP) for the
pharmaceutical and healthcare industries
CFR
„Code of Federal Regulations“
ETTLER TOLEDO
Part 11
FDA regulated issues relating to electronic
records and electronic signatures
Quality Management
Who does it apply to?
Quality Management
Part 11 - Change of Paradigm
t ve
Quality Management
Part 11 - Change of Paradigm
After Part 11
ELECTRONIC RECORDS are the ORIGINAL
May still be printed (and signed), but do not
become an original
Electronic records must be saved and may
not be modified, overwritten or deleted
without an audit trail
ELECTRONIC
pri RECORDS
sig must arch
be
ETTLER TOLEDO
ARCHIVED
nt n ive
Quality Management
”...people determined to falsify records
may find a means to do so despite
whatever technology or preventative
measures are in place. The controls in
part 11 are intended to deter such
actions, make it difficult to execute
falsification by mishap or casual misdeed,
and to help detect such alterations when
ETTLER TOLEDO
they occur“
Quality Management
History
Quality Management
What is covered by 21 CFR 11?
• Signatures
• Change control
Personnel
Quality Management
System Compliance
Audit trial
Password administration
Electronic signature
Quality Management
The regulation in detail: Subpart A -
General Provisions
11.1 Scope
Applies to records in electronic form that are
created, maintained, archived, retrieved or
transmitted as original records
Electronic Record
any combination of text, graphics, data,
audio, pictorial, or other information
representation in digital form that is
created, modified, maintained,
archived, retrieved or distributed by a
computer system
( 21 CFR, Part 11)
ETTLER TOLEDO
Quality Management
Electronic Records - Definition
Quality Management
Implementation
Quality Management
Definitions (continued)
Hybrid system
System using a combination of electronic
and paper records
Legacy system
System put into operation prior to August
1997
ETTLER TOLEDO
Quality Management
Definitions
Electronic signature
Computer data compilation of any symbol or
series of symbols executed, adopted, or
authorized by an individual to be the legally
binding equivalent of the individual’s
handwritten signature
Digital signature
ETTLER TOLEDO
Biometrics
Means of identifying an individual based on
measurement of physical attributes such as
finger print, retinal scan etc.
Note:
A scanned hand-written signature is not an
electronic signature
ETTLER TOLEDO
Quality Management
Execution of Electronic Signature
Biometric Devices
Fingerprint recognition
ETTLER TOLEDO
Quality Management
Definitions (continued)
Closed system
An environment in which access is
controlled by persons responsible for the
content of electronic records on the system
Example: Titration system, LIMS etc.
Open system
ETTLER TOLEDO
Quality Management
Closed systems
• Physically
• By SOP
• Electronically
Quality Management
ETTLER TOLEDO Electronic access control
Quality Management
Controls for closed systems
Quality Management
Controls for closed systems
Quality Management
Signature Manifestations
Quality Management
Electronic Signatures
General requirements
Electronic signatures shall be unique to one
individual
ETTLER TOLEDO
Quality Management
Electronic signature components
and controls
Signatures must employ at least 2
distinct components such as ID code
and password
ETTLER TOLEDO
Quality Management
Electronic signature components
and controls
When an individual executes a series of
signings in a continuous period of access,
the first signing shall use both components;
subsequent signings shall be executed
using at least one component that is only
executable by the individual
ETTLER TOLEDO
Quality Management
Electronic signature components and
controls
Signatures are only to be used by their
genuine owners (this must be taken
care of by the company’s SOPs)
Quality Management
Controls for IDs and Passwords
Uniqueness
Quality Management
Summary LabX compliance with
21CFR Part11
User Management
User accounts defined by
unique user name and
password
4 predefined User-Levels
Definition of individual
access privileges of each
level possible
ETTLER TOLEDO
Quality Management
LabX complies with 21CFR part11
System access
Login with matching and valid user name and
password
Deactivation after 3 unsuccessful attempts
Reactivation only possible by the administrator
ETTLER TOLEDO
Quality Management
LabX complies with 21CFR part11
Quality Management
LabX complies with 21CFR part11
Audit trail
Changes in user data and system
settings are logged
List of user, date, time, type of change,
old/new value, reason for change
Log file can be viewed, printed and
backed up
ETTLER TOLEDO
Quality Management
LabX complies with 21CFR part11
Electronic Signatures
Changes are recorded
together with digital
signature
User has to give a
reason why change
was made
ETTLER TOLEDO
Quality Management
LabX complies with 21CFR part11
Data security
Data is stored in a Microsoft SQL
database
Database cannot be directly accessed
by a user
Impossible to remove or alter data in an
uncontrolled manner
ETTLER TOLEDO
Quality Management
LabX professional exports easily to
LIMS
Automatic
export to
predefined
directory
Configurable
export content
ETTLER TOLEDO
Quality Management