What is it:

March 1997 United States Food and Drug Administration (FDA) regulation, followed by an August 2003 guidance document on the scope and application of Electronic Records and Electronic Signatures.

Who’s it for:

All lifesciences companies (end-clients, suppliers, and service providers).

What’s it about:

Industry standard definitions of Electronic Records requirements (regulatory GxP data management, audit trails, security access controls, validation) to be considered equivalent of paper records, and Electronic Signatures to be considered legally binding equivalent of handwritten signatures.

How can I use it:

If you’re an end-client writing a User Requirement Specification for a new system or equipment, specify that the system must be compliant with 21 CFR part 11 (easiest way), or alternatively list evey aspect of minimum requirements for security access controls, audit trail functionality, data management, electronic signatures, validation, etc, using 21 CFR part 11 as a checklist.

If you’re a supplier to lifescience end-clients, use 21 CFR part 11 as a checklist to verify that the applicable features of your system(s) relating to data management, security access controls, audit trails, and electronic signatures are compliant. Note that a number of the requirements of 21 CFR part 11 relate to end-client only responsibilities (eg documentation of system use using standard operating procedures, training, etc) which you can support but are not your responsibility. Many suppliers produce a 21 CFR part 11 compliance whitepaper detailing how each section of 21 CFR part 11 can be met by the features and functions of their product, or is out of scope as it is either not yet implemented or is the responsibility of the end-client.

For more information or to discuss any support you need in validating your equipment or software systems, contact us using the information in the footer of this page.


Comments are closed.