Differences

This shows you the differences between two versions of the page.

--- 21_cfr_part_11 [2022/01/17 13:45]
84.198.201.169 created
+++ 21_cfr_part_11 [2022/03/29 16:03] (current)
yves
@@ Line 1: / Line 1: @@
-PMA.core was developed with the [[FDA 21 CFR part 11 guidelines|https://www.fda.gov/regulatory-information/search-fda-guidance-documents/part-11-electronic-records-electronic-signatures-scope-and-application]] in mind.
+===== 21 CFR part 11 compliance =====
-Our software adhere to the following principles:
+PMA.core was developed with the [[https://www.fda.gov/regulatory-information/search-fda-guidance-documents/part-11-electronic-records-electronic-signatures-scope-and-application|FDA 21 CFR part 11 guidelines]] in mind.
+Our software adheres to the following principles:
+  * Data will be formatted to allow transfer to another system for long-term storage in a common portable format either during the life of the system or after the system is retired
+  * The system will contain detection mechanisms for invalid field entries, values out of range, and blank fields if entry is required
+  * It will be possible to provide regulatory agencies with both human-readable and [[submitted_data|electronic copies of the records, including metadata]]. It will be possible to transfer data in a human readable format onto transportable media such as PDF, XML, SGML. The system must allow that the copying process produces copies that preserve the content and meaning of the records
+  * If it is important to system functionally that steps be performed in a specified order, the system will contain a mechanism to ensure that actions are performed in the correct sequence (in case of sequenced steps)
+  * The system will contain an automatically generated [[audit_trailing|audit trail]] function for all process significant and GxP critical events and allow [[audit_trailing|audit trails]] on tables and individual records
+  * The [[audit_trailing|audit trail]] data will be read-only
+  * It will be impossible to disable the [[audit_trailing|audit trail]] function
+  * The system will prevent the accidental or intentional modifications or deletion of [[audit_trailing|audit trail]] files
+  * It will be possible to generate a report to view which data in the record has been modified
+  * A mechanism will be in place to detect and report any attempts of unauthorized use immediately to the customer
+  * The audit trail will record: user name, data and time (h/min/sec) of the event using local data and time of the host system, indication of the type of event: record creation/modification/deletion or approval, in case of modification/deletion: old value and new value, reason of change (if applicable)
+  * A specific link must be in place to trace the audit trail data to the associated electronic record(s) itself
+  * The system will not allow changes in date and time by the user
+  * The system date and time will be periodically checked and corrected. The system will support time synchronization
+  * The [[audit_trailing|electronic audit trails]] will be readily available for review
+  * The system will be [[user_management|protected against unauthorized use]]
+  * Security will consist of at least two elements (e.g. login ID and password) in case of non-biometric security
+  * The system must enforce and automatic log-out after a defined period of no activity
+  * The system will allow the specification of different levels of access (e.g. user, administrator)
+  * The system will detect security violations and produce an alarm or warning message
+  * Controls will be in place to ensure that no two (2) individuals can have the same combination of identification code and password
+  * If a password is not issued privately (i.e. the password issuer knows the password), the user will immediately reset their password
+[[https://www.wikipedia.org|Wikipedia]] has [[https://en.wikipedia.org/wiki/Title_21_CFR_Part_11|more background on this topic]].

PMA.core 3.0.1

User Tools

Site Tools

Differences

Page Tools