21 CRF 11 Electronic Records and Signatures Implement best practices by using FileMaker Pro 7 as the backbone of your 21 CFR 11 compliant system. By Todd Duell What does Title 21 of the Code of Federal Regulations Part 11 (21 CFR11) mean for your company’s Laboratory Information Management System (LIMS)? Part 11 is broken down into two main sections: electronic records and electronic signatures. The requirements of these sections clearly dictate the criteria under which the execution of electronic records and signatures are considered equivalent to paper records and handwritten signatures. This white paper explains in detail how Formulations Pro creates software with FileMaker Pro 7 to comply with these standards. § 11.2 Subpart A — Implementation “As long as the records are maintained, but not submitted to the FDA, your company may use electronic records and signatures in lieu of paper records and handwritten signatures.” the current and historical records and signatures in electronic form. The system may also be used in a paper driven environment in the event that the FDA needs to conduct an audit or review of the documents and system. § 11.3 Subpart A — Definitions BIOMETRICS “A method of verifying an individual’s identity based on measurement of the individual’s feature(s) or repeatable action(s) where those features and/or actions are both unique to that individual and measurable.” The two key issues to note are “feature(s)” and “repeatable action(s)”. Features of an individual could be identified by the use of devices such as retinal scans, voice recognition, or finger print identification. Repeatable actions are the entry of items such as an account name and password combination. FileMaker Pro 7 has the ability to authenticate users either internally or with the use of Active or Open Directory (Figure 1). Third-party resources are available if your system requires biometric identification. All Formulations Pro systems are specifically designed to comply with this standard. The system maintains Todd Duell is the Vice President & CIO of Formulations Pro, Inc and has been creating powerful commercial and custom solutions using FileMaker Pro since 1989. He holds an MBA in Technology Management, is a Certified FileMaker Pro 7 Developer, and has been an Associate member of the FileMaker Solutions Alliance since 1998. Todd may be reached at tduell@formulationspro.com © 2004 Formulations Pro, Inc. All rights reserved. www.formulationspro.com the identity of the signer and the integrity of the data can be verified.” FileMaker Pro 7’s internal account authentication uses a stateof-the-art Triple-DES cipher and HMAC-SHA1 algorithm to encrypt the user password not only when logging into the system, but also when storing the user’s password in the Accounts. By using the Get(AccountName) function in scripts or using the built-in Creation Account Name or Modification Account Name to log the user activity FileMaker Pro 7 is more than capable of identifying and tracking the user’s identity (Figure 2). Figure 1 Authentication — Users are authenticated by FileMaker Pro or Active or Open Directory. CLOSED SYSTEM “An environment in which system access is controlled by persons who are responsible for the content of electronic records that are on the system.” All Formulations Pro systems utilize a system administration group that is responsible for adding, deleting, enabling, and deactivating user accounts. The privilege sets that are assigned to each user control which records the users can view, edit, create, and delete. DIGITAL SIGNATURE “An electronic signature based upon cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that Figure 2 User Identity — Users can be identified through logs and scripts with their account name Page 2 ELECTRONIC RECORD “Any combination of text, graphics, data, audio, pictorial, or other information representation in digital form that is created, modified, maintained, archived, retrieved, or distributed by a computer system.” All Formulations Pro systems utilize the superior power and capabilities of FileMaker Pro 7 software to drive its electronic LIMS capabilities. This enables the system to create and maintain up to 64 quadrillion (8 TB) current and historical electronic records per file as well as deliver access for up to 250 concurrent users per server using standard network protocols such as TCP/IP. The power of a Formulations Pro system lies in its ability to harness mission critical data through its full electronic search, reporting, and communication capabilities. § 11.10 Subpart B — Electronic Records, Controls for Closed Systems “Closed systems used to create, modify, maintain, or transmit electronic records shall employ procedures and controls designed to ensure the authenticity, integrity, and when appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily repudiate the signed record as not genuine.” To meet this criteria, all Formulations Pro systems address 10 criteria to control the access and integrity of your records: VALIDATION “The system must ensure accuracy, reliability, consistency with its intended performance, and ability to discern invalid or altered records.” All Formulations Pro systems undergo an extensive 100-step validation, market readiness review, and Beta test process to ensure that the system works as intended. Customers that request customization of their system will go through this process again before it is installed for use. This is our commitment to the highest levels of quality. All records are stamped with the time, date, and user name information to track modifications. COPY GENERATION “The ability to generate accurate and complete copies of records in both human readable and electronic form suitable for inspection by the FDA.” All Formulations Pro systems are specifically designed to comply with this requirement. The system maintains the current and historical records and signatures in electronic form. The system may also be used in a paper driven environment. PROTECTION OF RECORDS “Protection of records to enable their accurate and ready retrieval throughout the record’s retention period.” Formulations Pro systems do not allow for modification or deletion of locked historical records. This ensures that the authenticity and integrity of the data. Page 3 LIMITING SYSTEM ACCESS “Limiting system access to authorized individuals.” FileMaker Pro 7 has built-in account authentication and privileges that control access to the files based on a user name and encrypted password (Figure 1). All Formulations Pro systems implement best practices with account administration scripts that allow controlled access to add, delete, reset, change passwords, enable and disable accounts, reset, and re-login to the system. AUDIT TRAIL “Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information.” All Formulations Pro systems utilize a robust audit trail log file to log changes made to the data. Logged changes include a timestamp, the account name, the original data and what was changed, record identification number, and field or layout identification. SYSTEM CHECKS “Use of operational system checks to enforce permitted sequencing of steps and events, as appropriate.” All Formulations Pro systems are programmed to maximize user workflow and productivity with an industry leading design that minimizes data entry mistakes. Software built by Formulations Pro also performs many checks that authorize individuals to perform specific tasks (Figure 3). This is the Figure 3 Scripts — Are used to automate workflow and authorize users to perform specific tasks. true power behind the software that is virtually invisible to the user. AUTHORITY CHECKS “Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or I/O device, alter a record, or perform the operation by hand.” All Formulations Pro systems use the code in conjunction with the user account built into FileMaker Pro 7 to control access to records and password controlled functions. Privilege Sets are designed as functional work groups that have specific access to their designated modules (Figure 4). Page 4 initiated under their electronic signatures, in order to deter record and signature falsification.” All Formulations Pro systems are created with this issue in mind. Strict adherence to system rules drives the system’s capabilities. The code and privilege sets installed in the system control access to every record and module. Recommended workflow procedures are outlined in the training materials supplied with the system. Figure 4 Privilege Sets — Used to control access to specific records, layouts, value lists, scripts and connectivity methods. EDUCATION AND TRAINING “Determination that persons who develop, maintain, or use electronic records and signature systems have the education and training and experience to perform their assigned task.” All systems built by Formulations Pro contain comprehensive training materials. Materials include server best practices, getting started users manuals, and a unique “sand box” runtime environment that allows the users to train on a practice system before working with live data. WRITTEN POLICIES “The establishment of written policies that hold individuals accountable and responsible for actions APPROPRIATE CONTROLS “Use of appropriate controls over system documentation including: distribution, access, use, and revision and change control procedures that maintain an audit trail that documents time-sequenced development and modification of system documentation.” All Formulations Pro systems have built in version control documentation. Formulations Pro follows the software development guidelines set forth by the PDA, the recognized leader in standards development for ISO 9000 and cGMPbased software development. Formulations Pro has also developed a set of supplementary software development best practices and the Database Design Report (DDR) that are specific to building software with FileMaker Pro 7. § 11.50 Subpart B — Electronic Records, Signature Manifestations “Signature manifestations are signed electronic records that contain information associated with the signing that clearly indicates the printed name of the signer, the date Page 5 and time when the signature was executed, and the meaning of the signature.” All Formulations Pro electronic signatures use the built in FileMaker Pro 7 account name and timestamp function to document the signature. In some cases the user can choose the meaning of their signature from a pop up menu (i.e. current, proposed, retired, pass, fail, etc.). In other cases the user can choose the meaning from a dialog box. § 11.70 Subpart B Signature/Record Linking — Electronic Records, “Electronic signatures executed to electronic records shall be linked to their respective electronic records to ensure that the signatures cannot be excised, copied, or otherwise transferred to falsify an electronic record by ordinary means.” All Formulations Pro systems are specifically designed to limit access to the electronic signatures and timestamp by scripting means or in Find mode (Figure 5). This prevents users from falsifying, modifying, copying, or removing signatures from any record. The creation of electronic signatures can only be performed with a script, which stores permanent signature and timestamp data for each record. § 11.100 Subpart C — Electronic Records, General Requirements “Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, Figure 5 Protected Signatures — Signatures cannot be copied or removed. They can only be accessed in Find mode. anyone else. Systems that use electronic signatures after August 20, 1997 are required to be certified to the FDA as legally binding equivalents of traditional handwritten signatures. Certification shall be sent to the Office of Regional Operations (HFC-100), 5600 Fishers Lane, Rockville, MD 20857.” FileMaker Pro 7’s internal account authentication will only allow the creation of unique account names. If your company does in fact use electronic signatures as legally binding equivalents of a traditional signature, the appropriate certification letter should be sent to the Office of Regional Operations. § 11.200 Subpart C — Electronic Records, Electronic Signature Components and Controls “Electronic signatures that are not based upon biometrics must meet three criteria. (1) Employ at least two distinct identification components, such as an identification code and password. (2) Be used only by their genuine users. (3) Page 6 Be administered and executed to ensure that attempted use of an individual’s electronic signature by anyone other than its genuine owner requires collaboration of two or more individuals.” All Formulations Pro systems utilize both a user name and password to uniquely identify an individual’s use of electronic signatures. Since there is no way to absolutely prevent unauthorized use of passwords, the user’s account name is used to stamp the creation and modification of records. In this way, the administrators can monitor individuals that are falsifying electronic signatures. Formulations Pro highly recommends that companies create policies that strictly prohibit the electronic signing of documents by anyone other that the genuine signer (this includes management). § 11.300 Subpart C — Electronic Records, Controls for Identification Codes/passwords Figure 6 Password Controls — Accounts are required to change the password when first logging in as well as on a routine schedule. “Persons who use electronic signatures based upon the use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. The controls include: (1) unique codes and passwords, (2) periodic checking or revision of passwords, (3) loss management procedures, and (4) transaction safeguards to prevent unauthorized use.” upon first logging in (Figure 6) as well as on a routine time schedule such as every 30 days. All Formulations Pro systems utilizes a best practices implementation of system administration. Only the system administrator has access to add, delete, reset, activate, and deactivate accounts. All users can change their own passwords and re-login to the system. FileMaker Pro is also configured to require the users to change their password © 2004 Formulations Pro, Inc. Formulations Pro is a trademark of Formulations Pro, Inc., registered in the U.S.A. The Formulations Pro logo is trademarks of Formulations Pro, Inc. FileMaker Pro is a trademark of FileMaker Pro Inc., registered in the U.S.A and other countries. Product specifications and availability are subject to change without notice. Page 7
© Copyright 2024