21 CFR Part 11 Compliance. A guide for solution selection.
Subpart B – Electronic Records –Section 11.10 Controls for closed systems.
An Electronic record is any combination of text, graphics, data, audio, pictorial, or other information representation in digital form that is created, modified, maintained, archived, retrieved, or distributed by a computer system. – FDA 21 CFR Part 11
|Sec. 11.10 Controls for closed systems.|
(a) Validation of systems to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records.
Features: Validation Rules, Picklists, and Record History
(b) The ability to generate accurate and complete copies of records in both human-readable and electronic form suitable for inspection, review, and copying by the agency. Persons should contact the agency if there are any questions regarding the ability of the agency to perform such review and copying of the electronic records.
Features: Record History
(c) Protection of records to enable their accurate and ready retrieval throughout the records retention period.
Features: Permission Sets, Profiles
(d) Limiting system access to authorized individuals.
Features: Activations, CORS, CSP Trusted Sites, Certificate and Key Management, Delegated Administration, Event Monitoring, Expire All Passwords, Field Accessibility, File Upload and Download Security, Health Check, Login Access Policies, Named Credentials, Network Access, Password Policies, Platform Encryption, Remote Site Settings, Security Updates, Session Management, Session Settings, Sharing Settings, View Setup Audit Trail
(e) Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying.
Features: Record History
(f) Use of operational system checks to enforce permitted sequencing of steps and events, as appropriate.
Features: Route Actions, Action Log, Quick Assign, Quick Assignment
(g) Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand.
Features: Public Groups, Permission Sets, Profiles
(h) Use of device (e.g., terminal) checks to determine, as appropriate, the validity of the source of data input or operational instruction.
Features: Validation Rules, Picklists, Record History.
(i) The determination that persons who develop, maintain, or use electronic record/electronic signature systems have the education, training, and experience to perform their assigned tasks.
Features: Integration with training systems.
(j) The establishment of, and adherence to, written policies that hold individuals accountable and responsible for actions initiated under their electronic signatures, in order to deter record and signature falsification.
Features: E-signature Authentication, E-signature Acknowledgement Message, Action Log.
(k) Use of appropriate controls over systems documentation including:(1) Adequate controls over the distribution of, access to, and use of documentation for system operation and maintenance.(2) Revision and change control procedures to maintain an audit trail that documents time-sequenced development and modification of systems documentation.
Features: Setup Audit Trail
701 E Santa Clara Street Suite 42, Ventura CA 93003
(877) – 221-0767