Your data is the lifeblood and most valuable asset in your organization. How you access it, store it, move it, and back up and archive it, is all part of your data management and data integrity strategy. At USDM Life Sciences, we know that data management is a critical element of your quality system.
Compliant Data Management Solutions for Your Life Sciences Organization
Every company needs a data governance strategy to manage their many repositories and silos, but it is especially important for highly-regulated life sciences companies that face challenging regulatory requirements. From R&D and clinical trials to all the many IT systems
deployed across an organization, Quality, Clinical, and IT teams must securely manage and control their data.
Specifically, 21 CFR Part 11
says that if you choose to use a computer system to maintain, create, or modify records required by the predicate rules, then you must do certain things to control those records. If you choose to use eSignatures, you must comply with the requirements in this regulation.
Digital Signature Collection and Storage
The intent of Part 11 is to maintain accountability and traceability of your electronic records, including eSignatures. In part, it asks:
- Is system access restricted to authorized individuals?
- Are authority checks used to ensure that only authorized individuals can access the system, electronically sign a record, alter a record, and perform an operation?
- Do signed electronic records contain the name of the signer, date and time of the signature, and meaning of the signature (i.e., review, approval, responsibility, authorship, etc.)?
- Does the system provide transaction safeguards to prevent unauthorized use of passwords and/or identification codes?
- Can the system immediately and urgently detect and report attempts of unauthorized use to the system security unit and organizational management?
- Are audit trails built into the system?
USDM Life Sciences has an extensive process and thorough checklist to ensure that you follow the guidance accurately.
We can also help you build a data integrity program that fits with your company’s risk tolerance and priorities. We can you with:
Contact us to establish a data integrity program appropriate for your organization.
Audit Trails and FDA Compliance
An audit trail consists of records that show who has accessed a computer system, when it was accessed, and what operations were performed. Records or data entered into a Quality Management System (QMS) have specific requirements for tracking and traceability, and no one should be able edit the information without traceability or overwrite the information. Altered records have requirements to know who edited the records and for what reason. All created, modified, or deleted records must be retained and traceable to the user responsible with a timestamp and version history so that previous versions can be viewed. Event logs are not enough to satisfy the needs of 21 CFR Part 11, unless they display the required information.
Read our Complete Guide to Part 11 for more information.
GxP Compliant Cloud Data Software and Training
When choosing a software solution that will contain regulated GxP data and records, it must meet 21 CFR Part 11 requirements. Many software development vendors in the life sciences space have functionality specifically for compliance with Part 11 requirements. USDM has worked with many of these vendors
(e.g., DocuSign, Adobe Sign, and others), so you can be sure your eSignature capabilities are based on business process best practices. USDM also offers GxP many training courses
to help your teams learn the regulations
and we can provide organizational change management training
to help your teams learn to use your cloud technologies correctly and minimize risk.
Read on for additional data management resources:
Case Study: Master Data Management and Validation to Meet Global Requirements
Case Study: Improved UDI Data Integrity with Single-Source-of-Truth
Blog: Data Migration Guidance