No Slide Title - 21 CFR Part 11

advertisement
FDA UPDATE: STATUS OF THE ELECTRONIC
SIGNATURE/RECORD REGULATION AND WHAT
IT MEANS TO THE INDUSRY
London, England
March 30, 1998
Presentation by Daniel Worden at the
Barnett International Workshop
FDA UPDATE: STATUS OF THE ELECTRONIC
SIGNATURE/RECORD REGULATION AND WHAT
IT MEANS TO THE INDUSRY
Arlington, Virginia
February 26, 1998
Presentation by Daniel Worden at the
Barnett International Workshop
21 CFR Part 11 Electronic Records; Electronic Signature
Milestones
11/91
Project Launched
7/92
Advanced Notice
8/94
Proposed Rule
3/97
Final Rule
8/97
In Effect
Paul Motise
E - Record / E - Signature Acceptance
Part 11
Authentic & Legal
21 CFR Part 11 Electronic Records: Electronic Signature
Overview 11
• Summary of 21 CFR, Part 11
Subpart A: General Provisions
Subpart B: Electronic Records
Subpart C: Electronic Signatures
• Potential Issues
•
•
•
•
Certification Statement
Advantages and Challenges
Critical Success Factors
Security and Control
21 CFR Part 11 Electronic Records: Electronic Signature
Subpart A - General Provisions
Section 11.1 Scope
•
•
•
•
•
Regulations establish the criteria the FDA considers for electronic
records and and electronic signature to be trustworthy, reliable, and
generally equivalent to paper.
Applies to all records in electronic form under any records
requirement within any FDA regulation.
Electronic records are considered equivalent to full handwritten
signatures, initials, and other general signings.
Electronic records may be used in accordance with Part 11 unless
paper records are specifically required.
Computer system (hardware and software), controls, and relevant
documentation must be available for review during FDA
inspections.
21 CFR Part 11 Electronic Records: Electronic Signature
Electronic Record
• “Any combination of text, graphics, data, audio,
pictorial, or other information representation in digital
form that is created, modified, maintained, archived,
retrieved, or distributed by a computer system.”
21 CFR Part 11 Electronic Records: Electronic Signature
Electronic Signature
• “A computer data compilation of any symbol or series
of symbols executed, adopted, or authorized by an
individual to be the legally binding equivalent of the
individual’s handwritten signature.”
21 CFR Part 11 Electronic Records: Electronic Signature
Handwritten Signature
•
“The scripted name or legal mark of an individual handwritten by
that individual and executed or adopted with the present intention
to authenticate a writing in a permanent form.”
•
“The act of signing with a writing or marking instrument such as
a pen or stylus is preserved. The scripted name or legal mark,
while conventionally applied to paper, may also be applied to
other devices that capture the name or mark.”
21 CFR Part 11 Electronic Records: Electronic Signature
Digital Signature
•
“An electronic signature based upon cryptographic methods of
originator authentication, computed by using a set of rules and a
set of parameters such that the identity of the signer and the
integrity of the data can be verified.”
Biometrics
•
“A method of varifying an individual’s identity based on
measurement of the individual’s physical feature(s) or repeatable
action(s) where those features and/or actions are both unique to
that individual and measurable.”
21 CFR Part 11 Electronic Records: Electronic Signature
Closed System
•
“An environment in which system access is controlled by persons
who are persons who are responsible for the content of electronic
records that are on the system.”
Open System
•
“An environment in which system access is not controlled by
persons who are responsible for the content of electronic records
that are on the system.”
21 CFR Part 11 Electronic Records: Electronic Signature
Subpart B - Electronic Records
Section 11.10-Controls for Closed Systems
• Must develop procedures and controls to ensure authenticity,
integrity and confidentiality, and that signer cannot repudiate the
signed record. The controls must:
•
•
•
•
•
Be validated
Maintain accurate and complete records
Limit the system to authorized persons
Protect records through retention period
Contain audit trails that are secure, operator independent,
computer-generated, time-stamped, cover the creation ,
modification and deletion of records and do not obscure
previous information
21 CFR Part 11 Electronic Records: Electronic Signature
Section 11.10-Controls for Closed Systems (cont.)
• Allow for the performance of operational system checks,
authority checks, and device checks to ensure system, record,
and data integrity
• Ensure appropriate personnel qualifications
• Policies written and followed to hold personnel accountable
for actions and to deter records falsification
• Control over system documentation including distribution,
access, use, revision and change control
21 CFR Part 11 Electronic Records: Electronic Signature
Section 11.30-Controls for Open Systems
• Must develop procedures and controls that ensure authenticity,
integrity, and confidentiality of electronic records and comply with
all other parts of Section 11.10
• Must use additional measures (e.g. document encryption, digital
signature standards) to ensure authenticity, integrity, and
confidentiality
21 CFR Part 11 Electronic Records: Electronic Signature
Section 11.50-Signature Manifestation
• Signed electronic records must include the printed name of the
signer, date and time of signature, and the purpose of the
signature (e.g. review, approval etc.) Each of these must be
readable by display or printout.
Section 11.70-Signature/Record Linking
• Electronic signature and handwritten signatures must be linked to
ensure signatures cannot be excised, copied, transferred or
falsified.
21 CFR Part 11 Electronic Records: Electronic Signature
Subpart C-Electronic Signature
Section 11.100-General Requirements
• Must be unique to an individual and not reassigned
• Identity of individual must be verified by organization
• Must certify electronic signature system to the agency prior to or at
the time of use of the system
• Certification must be submitted in paper form and, upon
agency request, provide certification that signature is legally
binding
21 CFR Part 11 Electronic Records: Electronic Signature
Section 11.200-Electronic Signature Components and Controls
• Non-Biometric signatures must:
• Contain at least two different identification components (e.g.
User ID and Password)
• Single sign-on with multiple tasks: Use all identification
components at first, with partial identification for each
task thereafter
• Multiple sign-on without continuous access requires all
identification componenents to be used each time
• Be used only by the owner
• Ensure use by other individuals is precluded and does not occur
without collaboration by at least two other individuals
• Biometric signatures must ensure use by the owner
21 CFR Part 11 Electronic Records: Electronic Signature
Section 11.300-Controls for Identification Codes/Passwords
• Persons using electronic signatures must use controls to ensure
security and integrity and should include:
• Assuring that no two individuals have the same combination of
identification code and password
• Periodic check, recall, or revision of identification code and
password
• Loss management and replacement procedures
• Testing of devices (i.e. tokens or cards) that produce or maintain
identification codes or passwords to ensure proper function and
unaltered state.
21 CFR Part 11 Electronic Records: Electronic Signature
Section 11.300 Controls for ID codes/passwords
• Unauthorized use safeguards
• Report attempts in urgent & immediate manner to:
• Security unit
• Management, as appropriate
21 CFR Part 11 Electronic Records: Electronic Signature
FDA’s View of What Industry Needs to Do
• Learn Part 11
• File 11.100 (c) Certification
• E-records maintained
• ID formats FDA can audit/copy
• Check with FDA auditors
• Watch for guidance docs
21 CFR Part 11 Electronic Records: Electronic Signature
FDA’s View of What Industry Needs to Do
• E-records submitted to FDA
• Check docket 92S-0251
• http://www.fda.gov
• Attn: logistics and guidance
• file format/media
• Transmission methods/archiving
21 CFR Part 11 Electronic Records: Electronic Signature
Records
Submit
Maintain
Signatures
Biometric
Nonbiometric
21 CFR Part 11 Electronic Records: Electronic Signature
Part 11 Internet Web Site:
http://www.fda.gov/cder/esig/part11.htm
21 CFR Part 11 Electronic Records: Electronic Signature
7520 Standish Place
Rockville, MD 20855
Paul J. Motise
Consumer Safety Officer
Division of Manufacturing and Product Quality, HFD-320
Center for Drug Evaluation and Research
Phone: 301-594-1089
Fax: 301-594-2202
E-mail: Motise@cder.fda.gov
Potential Issues
• The final rule does not establish numerical standards for levels of security or
validation (persons have the option of determining the frequency).
• Wide spread implementation of time date stamped audit trails executed objectively
and automatically and controls for limiting access to the database search software
may change a company’s current practices.
• The word “ensure” is used in the regulations. It is defined as “to make certain”.
How will this be interpreted by a field inspector?
• “Unique nature of passwords”. How is uniqueness determined and what are “good
password practices”?
• Part 11 does not apply to paper records that are or have been transmitted by
electronic means but it does apply to records in electronic form that are created,
modified, maintained, archived, retrieved under any record requirement regulated
by FDA.
• Record retention requirements for software and hardware used to create records
that are retained in electronic form are subject to part 11.
Potential Issues (Cont’d)
•
“As the agency’s experience with part 11 increases certain records may need to be limited
to paper if there are problems with the electronic versions of such records.”
•
“It may be necessary to inspect hardware and software used to generate and maintain
electronic records to determine if the provisions of part 11 are being met.”
•
The assessment of adequacy of systems validation will include inspection of hardware to
“determine if it matches the system documentation description of the hardware.”
•
For geographically dispersed systems, inspections would extend to operations, procedures
and controls at one location and the agency would inspect other locations of the network
in a separate but coordinated manner.
•
Is the implementation of an electronic system significant enough in manufacturing to
require an NDA supplement prior to going live?
•
Dial-in access over public phone lines can be a closed system if access to the system is
under the control of the persons responsible for the content of the record.
Potential Issues (Cont’d)
• When an organization’s electronic records are stored on systems operated by
third parties the agency would consider this to be an open system.
• Electronic record is defined as “any combination of text, graphics, data, audio,
pictorial or other information representation in digital form that is created,
modified, maintained, archived, retrieved or distributed by a computer
system.”
• “The Agency believes that if it is important enough that a record be signed,
human readable displays of such records must include the printed name of the
signer, the date and time of signing, and the meaning of the signature”.
Example: a message from a firm’s management to employees instructing
them on a particular course of action may be critical in litigation.
• “A single certification may be stated in broad terms that encompass electronic
signatures of all current and future employees”.
Certification Statement
Pursuant to section 11.100 of Title 21 of the code of Federal Regulations, this
is to certify that __________________ intends that all electronic signatures
Name of organization
executed by our employees, agents, or representatives, located anywhere in the
world, are the legally binding equivalent of traditional handwritten signatures.
Stringent Controls
“The agency believes that…it is vital to have stringent controls in place to
prevent impersonation. Such controls include: (1) requiring an individual to
remain in close proximity to the workstation throughout the signing session; (2)
use of automatic inactivity disconnect measures that would “de-log” the first
individual if no entries or actions were taken within a fixed short timeframe;
and (3) requiring that the single component needed for subsequent signings be
known to, and usable only by, the authorized individual
Electronic Signatures and Electronic Records
Advantages
•
Electronic Batch records can eliminate
mountains of paper work, speed
processing and allow for statistical and
trend analyses.
•
NDA’s and other submissions can be
submitted electronically in place of
paper submission.
•
Increases the speed of information
exchange.
•
Cost savings from reduced need for
storage space.
•
Manufacturing process streamlining.
•
Job creation in industries involved in
electronic record and electronic
signature technologies.
Challenges
• Firms planning on using
electronic signatures in FDA
regulated environments will be
required to validate the computer
related systems.
• Design of systems must be well
thought out and tested thoroughly.
• Critical control points must be
identified which can be monitored
through electronic audit trails.
• Adequate testing of security.
Electronic Signatures and Electronic Documents
Critical Success Factors
• Validation activities in manufacturing, toxicology, clinical, regulatory and perhaps
marketing (label approval) will need to be better process focussed, requiring
definition of inputs and outputs with, procedural controls governing the process
activities and standards dictating the format and content of inputs and outputs and
well documented.
• Configuration management, security management and periodic review and quality
management must be a continual process.
• Record retention and record disposal practices need to be revised to reflect
company requirements to comply with new regulatory requirements.
• Documentation standards and practices should be created that systematize the
processes for creating and maintaining documents.
• Planning will have to take into consideration re-engineering, replacement, or
retirement of a computer system when operating costs increase or business process
changes.
• Requires effective change control.
Security and Control
• Procedural
• Physical
• Logical
Procedural - Verification
Obtain and Review Corporate Security
policy, security standards and procedures
Evaluate the effectiveness of the security
organization
Evaluate the effectiveness of the process for
requesting, granting and removing access.
An Enterprise-Wide Security
Strategy Should ….
• Identify risk, threats and potential vulnerabilities
• Classify information based on sensitivity (sensitive,
public, cGMP vs. non-cGMP, etc.)
• Determine and implement appropriate controls based
on risk assessment/classification
• Ensure a consistent process to maintain an effective
level of security and control
• Document this approach in the form of an SOP
Physical Security
Review Physical Access Policy
Identify sensitive areas (computer room,
data rooms, wiring closets).
Determine process for granting, reviewing,
monitoring and removing access.
Verify that process is operating effectively.
Logical Security
• Obtain and review data access policy
• Identify access “Paths” to cGMP data
–
–
–
–
–
–
Dial-in
Internet
Local Area Network
Operating System
Database Security
Application Security
Logical Security
 For each access path, evaluate the following:
– user security parameters
• unique user ID/password combinations
• password change intervals (90 days)
• password composition (e.g., combination of
numbers and letters required)
• password length (minimum length of 6 characters)
– access controls that enforce segregation of duties (read,
write, delete)
– monitoring functionality and audit trail
Logical Security - approach
• Use automated tools to gather security-related
information for dial-in, Internet, operating system,
database, and Local Area Network.
• Attempt to gain unauthorized access to sensitive
cGMP data by exploiting “weak links” in the
security chain.
• Evaluate audit trail to ensure that activity was
reported and followed up.
Download