21 CFR Part 11 helps the pharma industry to be compliant with the predicate rules related to maintenance of electronic records and signature. It is the section of Code of Federal Regulations (CFR) which establishes guidelines for United States Food and Drug Administration (US FDA) related to electronic records and signatures.
What are electronic records and signatures?
Lot of paperwork is involved in the manufacturing and sales of pharma products. However, from the 21st century, electronic systems are slowly taking over a load of paperwork from the manufacturers. In the lieu with the same, manual records that are used for maintaining details of production are now being replaced with electronic records where the complete data is available in computers. This further led to the need for electronic signatures in place of manual signatures.
Electronic records are creation, modification, maintenance, archival, retrieval, transmission of data, text, pictorial, graphics, or any other information in digital form by a computer. On the other hand, electronic signatures are legally binding equivalent of a handwritten signature in the form of symbol or series of symbols.
Why 21 CFR Part 11?
Pharma industry can’t think of complete automation of the business process without being complaint to 21 CFR Part 11. Part 11 regulations mainly ensure to bring authenticity and avoid repudiation in the process. The regulations set by FDA has helped the life sciences organizations to streamline their business processes and reduce the turnaround time and costs by simply setting standard criteria for the use of electronic records and signatures.
If no such standard criteria were set, it would have been difficult for the pharma industries to manage records and other content electronically leading to increased risk of human errors, increase in costs and even increase in time taken to market the pharmaceutical products.
What are the required criteria for electronic records and signatures?
For the pharma industries to use electronic records and signatures in the business process, certain requirement criteria as per 21 CFR Part 11 guidelines need to be met.
Requirement Criteria for Electronic Records:
• Traceability: The user must be able to identify invalid and altered records.
• Accuracy: System should generate accurate and complete records.
• Retrievability: There must be access to and a process for retrieving old records that were originally intended to be preserved and presented.
• Restricted Access: Access should be limited to authorized users only.
• Auditability: A secured, computer-generated, time-stamped audit trail is a must.
• Authenticity: Data authenticity to be verified.
• Encrypted: Sensitive records must be encrypted while transferring through networks.
• Validated: System must be thoroughly validated.
Requirement Criteria for Electronic Signatures:
• Characteristics: Characteristics of signatures such as person’s name, date, time, authorship must be correct.
• Unique: Signature must remain unique over time. No other person can use the details that signify the signature like User ID, Password, First Name, Last name, etc. in future within the system.
• Copy & Removal: Signature must not be allowed to be copied or removed from an electronic record.
• Permanent: Signature must permanently be linked to the electronic record.
• Hierarchy: Signature hierarchy must be maintained if there is a necessity for on behalf signature.
• Two Components: Non – biometric signatures should have two components like User ID and Password and should be unique forever.
• Additional Identity: Additional Identity must be required after a period of non-continuous usage.
• Un- Authorized Usage access: Security procedures must be in place for monitoring and reporting unauthorized access.
• Identity Verification: Verification of Identity must be confirmed.
• Security Violations: Security Violations must have two or more collaborations.
21 CFR Part 11 Compliance with CaliberLIMS
CaliberLIMS has an in-built system that facilitates complete automation process without any hassles as it helps the customers to comply with 21 CFR Part 11.
A sample of some of the important functionalities including audit trail that are available in CaliberLIMS.
• Identifies users uniquely.
• Protects passwords with a non-reversible encryption protocol.
• Provides back-up and restores electronic records and associated signatures and audit trails.
• Generates an audit trail independent of the user who records operator entries and actions that create, modify or delete electronic records or signatures.
• Doesn’t allow the user to deactivate the audit trail.