This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
21_cfr_part_11 [2022/01/17 13:45] 84.198.201.169 |
21_cfr_part_11 [2022/03/29 16:03] (current) yves |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ===== 21 CFR part 11 compliance ===== | ||
+ | |||
PMA.core was developed with the [[https://www.fda.gov/regulatory-information/search-fda-guidance-documents/part-11-electronic-records-electronic-signatures-scope-and-application|FDA 21 CFR part 11 guidelines]] in mind. | PMA.core was developed with the [[https://www.fda.gov/regulatory-information/search-fda-guidance-documents/part-11-electronic-records-electronic-signatures-scope-and-application|FDA 21 CFR part 11 guidelines]] in mind. | ||
- | Our software adhere to the following principles: | + | Our software adheres to the following principles: |
+ | * Data will be formatted to allow transfer to another system for long-term storage in a common portable format either during the life of the system or after the system is retired | ||
+ | * The system will contain detection mechanisms for invalid field entries, values out of range, and blank fields if entry is required | ||
+ | * It will be possible to provide regulatory agencies with both human-readable and [[submitted_data|electronic copies of the records, including metadata]]. It will be possible to transfer data in a human readable format onto transportable media such as PDF, XML, SGML. The system must allow that the copying process produces copies that preserve the content and meaning of the records | ||
+ | * If it is important to system functionally that steps be performed in a specified order, the system will contain a mechanism to ensure that actions are performed in the correct sequence (in case of sequenced steps) | ||
+ | * The system will contain an automatically generated [[audit_trailing|audit trail]] function for all process significant and GxP critical events and allow [[audit_trailing|audit trails]] on tables and individual records | ||
+ | * The [[audit_trailing|audit trail]] data will be read-only | ||
+ | * It will be impossible to disable the [[audit_trailing|audit trail]] function | ||
+ | * The system will prevent the accidental or intentional modifications or deletion of [[audit_trailing|audit trail]] files | ||
+ | * It will be possible to generate a report to view which data in the record has been modified | ||
+ | * A mechanism will be in place to detect and report any attempts of unauthorized use immediately to the customer | ||
+ | * The audit trail will record: user name, data and time (h/min/sec) of the event using local data and time of the host system, indication of the type of event: record creation/modification/deletion or approval, in case of modification/deletion: old value and new value, reason of change (if applicable) | ||
+ | * A specific link must be in place to trace the audit trail data to the associated electronic record(s) itself | ||
+ | * The system will not allow changes in date and time by the user | ||
+ | * The system date and time will be periodically checked and corrected. The system will support time synchronization | ||
+ | * The [[audit_trailing|electronic audit trails]] will be readily available for review | ||
+ | * The system will be [[user_management|protected against unauthorized use]] | ||
+ | * Security will consist of at least two elements (e.g. login ID and password) in case of non-biometric security | ||
+ | * The system must enforce and automatic log-out after a defined period of no activity | ||
+ | * The system will allow the specification of different levels of access (e.g. user, administrator) | ||
+ | * The system will detect security violations and produce an alarm or warning message | ||
+ | * Controls will be in place to ensure that no two (2) individuals can have the same combination of identification code and password | ||
+ | * If a password is not issued privately (i.e. the password issuer knows the password), the user will immediately reset their password | ||
+ | [[https://www.wikipedia.org|Wikipedia]] has [[https://en.wikipedia.org/wiki/Title_21_CFR_Part_11|more background on this topic]]. |