Preview the Next Big Thing with MSB Docs AI

eSignature-hook
AI Summarize Elaborate
eSignature
October 12th, 2023

21 CFR Part 11 eSignature Compliance Checklist: Here’s What You Need to Know About FDA Regulations (Updated)

 

Keeping sensitive data and private information secure is extremely important as well as complex for pharmaceuticals and medical device suppliers. Life Sciences manufacturers need to adhere to strict guidelines laid out by governing bodies, including the Food and Drug Administration (FDA), since pharmaceutical products and medical devices directly influence the health and safety of the customer. 

The FDA had set up 21 CFR Part 11 compliance as a more comprehensive code of regulations to govern the Pharmaceuticals and Life Sciences industry. This governance applies for the primary purpose of regulating the handling of electronic records and electronic signatures.

If you’re trying to find some clarity on 21 CFR Part 11 compliant eSignatures, we’re here to help you understand it. While we can’t provide you with legal advice, we can offer you an MSB Docs point of view on how this governance works and what it implies for your company. 

What is 21 CFR Part 11 compliance?

21 CFR Part 11 describes Part 11 of Title 21 of the Code of Federal Regulations on electronic records and electronic signatures as stated by the United States FDA. The term “Part 11” applies to documents in digital form that are created, customized, maintained, archived, recovered, transferred, or submitted under any record requirements stated by the FDA regulations/predicate policies. 

Besides digital records, this code also incorporates images, audio files, source code, and videos. Eventually, 21 CFR Part 11 allows suppliers in the life sciences industry to avoid a lot of complex paperwork management.

Does 21 CFR Part 11 compliance apply to your organization?

If you work in the Pharmaceuticals or Life Sciences industry, you are aware of the regulative frameworks within which your company should run. Amongst them is the FDA’s Title 21, CFR Part 11, electronic records, electronic signatures typically referred to as “Part 11”, and one of the most acknowledged guidelines.

In practice, “Part 11” applies to drug and clinical device manufacturers and suppliers, pharma companies, CROs, and other industries controlled and managed by the FDA, with a few exceptions.

What are the 21 CFR Part 11 eSignature requirements?

FDA allows the use of electronic signatures in place of wet ink signatures on paper records to ensure that a business can be carried out electronically. eSignatures must consist of the following in order to be compliant:

  • Every eSignature must be unique for an individual and shall not be reused or reassigned to another individual.
  • The signer’s identity must be validated before establishing, assigning, certifying, or approving their electronic signature or any element of such eSignature. 
  • Individuals using eSignatures must, upon company demand, provide additional certification or testimony that a particular electronic signature is the lawfully binding equivalent of the signer’s wet or handwritten signature.
  • Electronic signatures must use a minimum of two unique IDs, such as an identification code and a password, if not based upon biometrics.
  • Uniqueness must be maintained for each combined identification code and password, and not two signers must have the same identification code and password combination.
  • The system needs protection for every transaction to avoid unauthorized usage of passwords or ID codes and to promptly detect and report any attempts at their unauthorized use.

Also Read: 21 CFR Part 11 and Good Documentation Practices in Pharmaceutical Industries

Every life sciences company that sells or proposes to sell any medical device must follow the Food and Drug Administration (FDA) requirements. This ensures that the company has a solid quality system and that all the medical devices manufactured are safe and effective for their intended uses.

Which processes need to be compliant with FDA regulations?

Each manufacturing process affecting the quality of the product needs to follow a specific set of regulations. Whether it is the product design, raw material inspection, maintenance, or quality control checks, each process should have an established quality system.

21 CFR Part 11 Compliance Checklist to Follow

1. Validation – For Security

  • Is the entire system validated?
  • Is there limited system access for authorized individuals?
  • Is there a process defined in which only authorized individuals can use the system, electronically sign the documents, alter them or perform other operations?
  • Is there any documented training available for the system that includes on-the-job training for system users, developers, IT support staff?
  • Is there a written set of policies that make individuals fully accountable and responsible for each and every action initiated by them under their electronic signatures?
  • Is data encrypted within the system?
  • Are digital signatures used?

2. Audit Trails – For Traceability

  • Does the system provide a secure, computer-generated, time-stamped audit trail (including date and time and actions such as create, modify, or delete electronic records)?
  • After every change to an electronic record, is previously recorded information still available?
  • Is the audit trail available for the purpose of reviewing and copying by the FDA?
  • Does the audit trail include the User ID, set of events, a change log, and revision and change controls?
  • Do the signed electronic records contain: the name of the signer, the date and time stamp, the purpose of the signing (such as approval, review, etc.)

3. Electronic Signatures – For Valid Use

  • Are electronic signatures unique for every user?
  • Is it possible to reuse or reassign the electronic signature to anyone else?
  • Does each electronic signature link to its respective electronic record?
  • Is the identity of an individual checked and thoroughly verified at the time of signing using an electronic signature?

4. Copies of Records – For Reference

  • Is there a procedure defined to produce accurate and complete copies of electronic records on paper?
  • Is the system capable of providing copies of records in the electronic form to serve the purpose of inspection, review, and copying by the FDA?
  • Is the system well equipped to automate the conversion or export methods (PDF, XML, or SGML)?

Is MSB Docs 21 CFR Part 11 Compliant?

Yes, MSB Docs is fully compliant with 21 CFR Part 11 regulations. We understand that FDA 21 CFR Part 11 is of enormous significance to life sciences companies that operate in the US. This regulation provides the criteria for acceptance by the FDA that electronic signatures are equivalent to handwritten signatures executed on paper.

MSB Docs not only guarantees compliance but also provides the complete identification of the signer and the sender, along with its full-time-stamping details. To each client, we offer detailed and defensible audit trails that ensure accountability at every step. The tamper-proof seal is embedded with each record, adding a further layer of protection for your critical documents. We keep the privacy and security of our customers at the highest priority, for which our system complies with industry-leading security standards. This made MSB Docs one of the most secure e-signing solutions available in the market. If that seems satisfying, get in touch with us to collaborate.