Privacy & Security Regulations and More! Compliance Help Now! Get The Right Help! It's The Law! click here for our Main RegulatoryPro.us page and to select specific regulations click for information about Tim McGuinness, Ph.D. and Associates click here for the RegulatoryPro.us master index and site map Professional compliance services helping you cope in a world of complex privacy and security regulatory compliance click here for information about Tim McGuinness, Ph.D. & Associates, based in the Tampa Bay Area, Florida - serving the world RegulatoryCompliance.us - Helping You Cope In A World Of Regulatory Compliance

21CFR11 Subject Home

The FDA's Part 11 Electronic Records and Electronics Signatures Regulation

In 1997, in an effort to modernize the processes associated with clinical research and regulatory submissions, the FDA enacted a rule to regulate electronic records and their authentication.  Since that time, a substantial body of knowledge has developed regarding both industry best practices and the implementation of the Part 11 Rule.

What is 21 CFR 11 - What Does It Address?

Part 11 has five central components.  These are:

  • Validation
  • Glossary of Terms
  • Time Stamps
  • Maintenance of Electronic Records
  • Electronic Copies of Electronic Records

In summary, the Rule requires certain functional requirements associated with processes that:  collect, maintain, transmit, authenticate, and secure, regulatory data.  These elements form a framework of system and application requirements, that may be challenging for system and software designers.

The FDA's New cGMP Initiative

Pharmaceutical cGMPs for the 21st Century: A Risk-Based Approach - A part of the FDA's Pharmaceutical cGMP initiative, which was launched on August 21, 2002, applied to human drug and biological drug products and veterinary drugs and had several objectives, including to encourage the early adoption of new technological advances by the pharmaceutical industry.

Part 11 plays a pivotal role in this initiative, and in the overall strategy of the FDA in moving towards exclusive electronic records and submissions.  However, part 11 is also a complex set of requirements that have proven challenging in their implementation.  While Part 11 includes, and refers to numerous industry Best Practices in both application and system design, as well as Information Assurance, the specific language offers unique problems.

Current Status Of Part 11:

As an outgrowth of its current good manufacturing practice (CGMP) initiative for human and animal drugs and biologics,4 FDA is re-examining part 11 as it applies to all FDA regulated products. The FDA anticipates new changes to Part 11 as a result.

The FDA's recent guidance explains how the FDA  will now change its interpretation of Part 11. While the FDA's  re-examination is under way, they intend to exercise enforcement discretion with respect to certain part 11 requirements. That is, not intend to enforce compliance with the validation, audit trail, record retention, and record copying requirements of part 11 as explained in this guidance. However, records must still be maintained or submitted in accordance with the underlying predicate rules, and the Agency can take regulatory action for noncompliance with such predicate rules.  In addition, they intend to exercise their discretion and do not intend to take action to enforce any part 11 requirements for systems that were operational before August 20, 1997 (the effective date of part 11 - commonly known as legacy systems).

Analysis

The Part 11 Rule was originally intended to improve the reliability and integrity of the processes involved in data gathering, analysis, and submission.  However, much has changed since 1997, and in our view, this re-evaluation is a natural modernization of the requirements to reflect current best practices.

Unfortunately, this can also result in a trap of significant scope.  Application and System vendors who are reluctant to implement compliance with the Rule may face significant challenges down stream when the final changes are implemented.  It is therefore advisable to fully implement Part 11 now, and the current Best Practices coming from sources such as NIST (www.NITS.gov )  so as to be fully prepared.

Title 21 Code of Federal Regulations
21 CFR Part 11
Electronic Records / Electronic Signatures
Regulation and Guidance

Issued:  March, 2000

UPDATE:

BACKGROUND:

 


Legal Notice:  
 We recognize that SOX (Sarbanes Oxley), GCP (Good Clinical Practice), HIPAA, CLIA, GLBA (Gramm Leach Bliley), DITSCAP, COPPA and other regulations and statutes are law, and that all interpretation of law should involve licensed attorneys in good standing with their local Bar Association.  No matter which services firm you select, be sure that their work is performed under the requirements of your state, in conformance with the law, and reviewed by your own attorney for your protection.  It is the covered entity subject to the jurisdiction of the regulation(s) that bears ALL liability for compliance with these laws.  We do strongly recommend the services of an independent validator/certifier to review your compliance prior to the appropriate deadline if appropriate or completion of the regulated project.

The above believed to be accurate and factual; please notify us immediately of any errors or omissions.  The above is intended for introductory and educational purposes only, and is not intended to be complete or comprehensive.  Neither can we be responsible for the accuracy of the information since it is (in whole or in part) derived from multiple sources.  Please refer to source governmental sources as appropriate.  The reader assumes all risk in the use of any information displayed or presented through this website,

This website, webpage, or linked documents do not constitute legal advice and is for educational purposes only.  The provider (Regulatory Compliance Associates and their staff) accepts no responsibility for its accuracy, review, distribution, or use in any way.  This website, webpage, and or linked documents are based on currently understood HIPAA, ASCA, and/or Federal, State, and Local Statutes, rules, regulations, standards, and/or implementation guides and is subject to change without notice, as changes in HIPAA/ASCA rules and regulations or subsequent interpretative guidance by courts or other bodies.  You assume responsibility for understanding this material and its applicability and/or use. This website, webpage, and/or linked document is designed to conform with GLBA, GCP, CLIA, HIPAA/ASCA, or other rules and regulations, as understood, and may need to be interpreted by your attorney as needed to conform with state law where that state law is more stringent than the federal rules or other state - you’re use of this information must always be reviewed and approved by your own attorney prior to use. Please refer to our Terms and Conditions page for additional limitations and restrictions.  Click here for additional Terms & Conditions for Use of this Website

Privacy Policy:  This website collects minimal personal information at this time.  We do not engage in mass mails or disclosure your information to third-parties unless requested.  Email links are provided as a convenience for professional communications only, and are beyond the responsibility of the website operator.  The user accepts all responsibility when using any and all links provided on this site, and it is acknowledged that different website may have different privacy policies.  The user should review the privacy policies of each website visited.  This website is not intended for children, and children should not use it.  This website does not use cookies.  Blocking cookies will not affect your use of this website.  Click here for our full Privacy Policy

Site Meter

Vendors and 3rd parties listed are not affiliated  in any way unless indicated, and are listed, displayed or linked for the convenience of the visitor for informational purposes only.   3rd party trademarks &  registered trademarks acknowledged

The term "Help Now!" when used in context with regulatory compliance, as example "HIPAA Help Now", is and are trademark(s), all rights reserved.  Click Here for our trademark and copyright information

Please note:  RegulatoryPro.us & RegulatoryCompliance.us and all variations are Trademarks regardless of domain registration.


Verified Website Operator