21 cfr part 11 ,Compliance Checklist – Title CFR 21 Part 11 and EU Annex 11
EU Annex 11 and CFR 21 Part 11 Compliance Checklist, The US Food and Drug Administration (FDA) and the European Commission have set regulations for the conditions under which regulated companies may submit electronic records in lieu of paper documents.
These regulations define the measures that must be implemented to ensure the integrity, reliability and reliability of electronic records.
The regulations define and require three types of controls:
Administrative controls, for example, policy setting, such as identifying individuals and non-repudiation of electronic records.
Procedural controls, eg Standard Operating Procedures for using and maintaining the system.
Technical controls, for example, functions built into the software, such as security and system access, as well as the audit trail
For regulatory compliance, all three of the above controls must be implemented.
The configuration of this package is state-of-the-art for the pharmaceutical industry, with a focus on optimal connectivity, data integrity and data manipulation by design 21 cfr part 11 pdf:
Comprehensive user management
Centralized “Single Sign-on” user management across the organization
Full traceability with advanced audit trail and a reporting function for efficient reviews
Less effort required to work paperless with new printing process and electronic signatures
Automatic backup / archiving functionality to ensure data security
The data generated by follows the fundamental principles that define the data integrity standards for accurate and reliable paper and electronic records as defined by ALCOA (+). Modern data manipulation allows for secure storage in a number of ways.
with the Pharma package contains all technical controls that comply with FDA 21 CFR Part 11 and EU Annex 11. Full compliance can be achieved with additional procedural controls and systems for long-term data storage ( Figure 2).
In the following chapters, you will find details for these technical solutions.
user management
scale offers two options for complete user management with access control.
Local user management can be configured according to your password policy. User management includes predefined and non-editable roles (eg Administrator, Operator) but allows the addition of individual roles and configuration of role rights.
Passwords can be configured according to your company’s password policy, for example by setting the length, complexity and validity period of the password. In addition, user management allows configuration to delete passwords already used. In addition, an automatic logout after a specified period of inactivity and rules after maximum failed login attempts can be configured.
The rules for compliance with 21 CFR Part 11 are easily implemented.
Increase operational efficiency through the use of password rules available in Active Directory. The system can be integrated into the company domain to allow the use of SSO (Single Signal ON). In this case, defined global password rules are automatically implemented. Groups can be defined and maintained centrally so that the entire user management process can be integrated into the business environment. User review can be easily performed by the IT department, without direct access to the scale, and adding or removing a user will follow the processes already implemented.
electronic signatures
Electronic signatures are expected to have the same impact as handwritten signatures so that, based on a secure password, the username and password combination is accepted in all regulatory instances. In the Cubis® II environment, an Electronic Signature (AE), based on a protected username and password, can be used to sign the final report of a weighing process. If company policy equates AE and a handwritten signature, a paperless weighing protocol can be produced and integrated, for example, into the entire batch protocol review process.
An audit trail is a tamper-protected, tamper-protected, time-stamped, computer-generated electronic data file that allows for the reconstruction of events related to the creation, modification, and/or deletion of records. In general, this data must be recorded in an inviolable manner. A system configured for the regulatory environment must provide this data in a readable and easy-to-understand manner. In the Pharma software package, audit trail data can be filtered by event categories and exported for display, thus adjusting all requirements for a regulated system (Figure 3).
In addition, the Cubis® II balance contains an alibi memory; the system automatically stores weighing data in a circular buffer that can hold up to 150,000 data sets. These records cannot be deleted or manipulated; however, the list is accessible via the web browser and can be used for further analysis.
reporting functionality
To create a compatible weighing protocol, additional metadata must be added. Data such as sample date and time, software version, scale ID, user ID, batch number and so on can be configured to include all the metadata needed for reliable records. Finally, the entire dataset can be included in a GxP compatible weighing report. In the printing process, these values are included in the report and can be printed or exported as a signed and electronic PDF.
In the event of an error, a user can mark an incorrect dataset as invalid, with a necessary explanatory comment before proceeding (Figure 4). This dataset will not be deleted or hidden, but will be displayed, along with the correct dataset, and visibly marked as invalid by superscript text.