21 CFR Part 11 (Electronic Records/Signatures) Course Description
This seminar will help you understand in detail the application of FDA’s 21 CFR Part 11 guidance on electronic records/electronic signatures (ER/ES) for computer systems subject to FDA regulations. This is critical in order to develop the appropriate validation strategy and achieve the thoroughness required to prove that a system does what it purports to do. It also ensures that a system is maintained in a validated state throughout its entire life cycle, from conception through retirement.
ER/ES capability can vary, and the approach should be based on the specific case and the risk of failing to meet the guidance associated with it.
There are very specific limitations that arise when using ER/ES capability, such as the elimination of print capability to prevent users from making decisions based on a paper record as opposed to the electronic record. It also requires very specific identification of users that ensures the person signing the record is the same person whose credentials are being entered and verified by the system. The rule for changing passwords must be rigorously adhered to and the passwords must be kept secure.
It is critical that the system specify the exact meaning of the signature. It may be that the person conducted the work, recorded the result, reviewed the result, or approved the result. A person may simply be attesting to the fact that they reviewed the work and the signatures, and there was appropriate segregation of duties (i.e., the person recording the result is not the same as either the person reviewing or the person giving final approval).
A company must have specific policies and procedures in place that explicitly state responsibilities and provide guidance for implementing and using ER/ES capability. These must clarify the 21 CFR Part 11 regulation and provide insight as to the way the company interprets its responsibility for meeting it. As FDA continues to evolve and change due to the many factors that influence the regulatory environment, companies must be able to adapt. New technologies will continue to emerge that will change the way companies do business. While many of these are intended to streamline operations, reducing time and resources, some unintentionally result in added layers of oversight that encumber a computer system validation program and require more time and resources, making the technology unattractive from a cost-benefit perspective.
This seminar will cover the key aspects of complying with 21 CFR Part 11 in both validating systems and maintaining them in a validated state throughout their entire life cycle.
(RAPS - This course has been pre-approved by RAPS as eligible for up to 3 credits towards a participant's RAC recertification upon full completion.)
Agenda
SESSION 1: 21 CFR Part 11 Compliance for Electronic Records and Electronic Signatures
- Part 11 Requirements
- Data Integrity Requirements (ALCOA+ Principles)
- Technical Features & Controls
- Procedural Controls
- Recent FDA Guidance for ER/ES in Clinical Trials
- Recent FDA Compliance & Enforcement Trends
- Data Privacy (HIPAA, GDPR, CPRA)
BREAK 10-Minute Break
SESSION 2: Comparison of Traditional CSV & CSA
- FDA Requirements vs. Myths
- Validation Planning
- Validation Testing
- Validation Reporting
- Validation Support
- Waterfall and agile as optional approaches to SDLC management
- GAMP®5, 2nd Edition Alignment with CSA
Technology
- Commercial Off-the-Shelf (COTS) Software
- Cloud Services
- Software-as-a-Service (SaaS) Solutions
- Automated Testing
- Leveraging a Vendor’s Work Products
- Vendor Audit
Q&A: Bring your most critical challenges & questions for discussion.
Who Will Benefit
- Information Technology (IT) Analysts
- IT Developers
- IT Support Staff
- QC/QA Managers and Analysts
- Clinical Data Managers and Scientists
- Compliance Managers and Auditors
- Lab Managers and Analysts
- Computer System Validation Specialists
- GMP Training Specialists
- Business Stakeholders using Computer Systems regulated by FDA
- Regulatory Affairs Personnel
- Consultants in the Life Sciences and Tobacco Industries
- Interns working at the companies listed above
- College students attending schools and studying computer system validation, regulatory affairs/matters (related to FDA), or any other discipline that involves adherence to FDA regulatory requirements
This live training Seminar includes the following for each registered attendee:
- A copy of the presentation slides
- A certificate of participation for attendee training records
How to Attend:
All WCS Seminar live training programs audio and visuals are delivered via Go to Webinar with a basic system requirement of a computer with internet access. You do not require a Go to Webinar account to join WCS Seminars’ live training courses, participants receive an email invitation that provides the access you need to join the meeting.
Faculty Carolyn Troiano
Consulting/Training in FDA Compliance for Validation, 21 CFR Part 11 (Electronic Records/Signatures) and Data Integrity
Carolyn Troiano has more than 40 years of experience in Computer System Validation (CSV) and compliance in the pharmaceutical, medical device, tobacco, and other FDA-regulated industries. She is currently an independent consultant advising companies on computer system validation and large-scale IT system implementation projects. She also delivers webinars and seminars on topics related to CSV, 21 CFR Part 11 (Electronic Records/Signatures), and data integrity compliance.
Carolyn has worked in industry supporting CSV for most of her career and has adapted the ISPE GAMP5 “V” Model for use with an agile methodology for system development, testing, implementation, and support. Her approach is in line with the Computer Software Assurance (CSA) methodology that focuses on critical thinking rather than documentation, requiring us to shed our compliance blinders. Instead of asking what deliverables are needed, we should start by asking why we’re doing things in the first place and tempering our testing and validation accordingly, along with following a risk-based approach.
