21 CFR Part 11: FDA's Guidance for Electronic Records/Signatures for Computers Regulated by the Agency
Duration: 180 Minutes
Faculty: Carolyn Troiano Level: Advance Course Id: 1036
Effective and compliant computer system validation is critical to any pharmaceutical or FDA-regulated organization. During the past 30 years, best practices that have been developed will ensure that validation activities are cost-effective while meeting all aspects of FDA compliance.
In 1997, the FDA provided industry with a guidance document on the subject of electronic records and electronic signatures. Since that time, they have provided a number of clarifications and white papers, but most of industry still remains reluctant to adopt this technology. As more companies begin using cloud services and Software as a Service (SaaS) applications, there is an increased interest in how to implement these systems and meet FDA compliance. While there is no guidance from FDA that specifically addresses cloud services or SaaS, we will provide industry best practices that will enable you to implement these in your FDA-regulated computer system environment.
There is an enormous body of documentation and information available that can be overwhelming. This course will provide a condensed overview of the key practices that deliver the best results by directing the attendees to the most critical and cost-effective methods, techniques and tools available.
Why should you attend?
This seminar will help you understand in detail the application of FDA’s 21 CFR Part 11 guidance on electronic records/electronic signatures (ER/ES) for computer systems subject to FDA regulations. This is critical in order to develop the appropriate validation strategy and achieve the thoroughness required to prove that a system does what it purports to do. It also ensures that a system is maintained in a validated state throughout its entire life cycle, from conception through retirement.
ER/ES capability can vary, and the approach should be based on the specific case and the risk of failing to meet the guidance associated with it. We will address the use of cloud services and SaaS, as part of this presentation.
Description of the topic:
The Webinar will focus on the importance of ensuring that electronic record/electronic signature (ER/ES) capability built into FDA-regulated computer systems meets compliance with 21 CFR Part 11. This includes development of a company philosophy and approach, and incorporating it into the overall computer system validation program and plans for individual systems that have this capability.
FDA’s 21 CFR Part 11 was enacted in the late 1990s and implementation success across the pharmaceutical and other regulated industries has been mixed. There are very specific limitations that arise when using ER/ES capability, such as the elimination of print capability to prevent users from making decisions based on a paper record as opposed to the electronic record. It also requires very specific identification of users that ensures the person signing the record is the same person whose credentials are being entered and verified by the system. Rule for changing passwords must be rigorously adhered to and the passwords must be kept secure.
It is also critical that the system specify the exact meaning of the signature. It may be that the person conducted the work, recorded the result, reviewed the result, or approved the result. A person may simply be attesting to the fact that they reviewed the work and the signatures, and there was appropriate segregation of duties (i.e., the person recording the result is not the same as either the person reviewing or the person giving final approval).
A company must have specific policies and procedures in place that explicitly state responsibilities and provide guidance for implementing and using ER/ES capability. These must clarify the 21 CFR Part 11 regulation and provide insight as to the way the company interprets their responsibility for meeting it. As FDA continues to evolve and change due to the many factors that influence the regulatory environment, companies must be able to adapt. New technologies will continue to emerge that will change the way companies do business. While many of these are intended to streamline operations, reducing time and resources, some unintentionally result in added layers of oversight that encumber a computer system validation program and require more time and resources, making the technology unattractive from a cost-benefit perspective.
We will address Data Integrity (DI), which has been of strong interest by FDA during inspection over the past ten years. Examples and best practices will be covered.
We will also cover cloud services and SaaS, as many companies are interested in implementing these software products in their FDA-regulated environments. We will provide specific industry best practice solutions and examples to the attendees.
Areas Covered in the Session:
This 180 minute presentation includes more in-depth coverage of:
- Computer System Validation (CSV)
- System Development Life Cycle (SDLC) Methodology
- Good “Variable” Practice (GxP) (Good Manufacturing Practice (GMP), Good Laboratory Practice (GLP), Good Clinical Practice (GCP))
- Data Integrity (DI)
- Cloud Services
- Software as a Service (SaaS)
- Validation Strategy, Planning, Execution and Documentation
- System Risk Assessment
- GAMP 5 “V” Model
- 21 CFR Part 11
- Electronic Records/Electronic Signatures (ER/ES)
- Security, Access, Change Control and Audit Trail
- Policies and Procedures
- Training and Organizational Change Management
- Industry Best Practices and Common Pitfalls
Who will benefit:
- Information Technology (IT) Analysts
- IT Developers
- IT Support Staff
- QC/QA Managers and Analysts
- Clinical Data Managers and Scientists
- Compliance Managers and Auditors
- Lab Managers and Analysts
- Computer System Validation Specialists
- GMP Training Specialists
- Business Stakeholders using Computer Systems regulated by FDA
- Regulatory Affairs Personnel
- Consultants in the Life Sciences and Tobacco Industries
- Interns working at the companies listed above
Carolyn Troiano has more than 35 years of experience in the tobacco, pharmaceutical, medical device, and other FDA-regulated industries. She has worked directly, or on a consulting basis, for many of the larger pharmaceutical and tobacco companies in the US and Europe, developing and executing compliance strategies and programs.