**What is 21 CFR Part 11?**

Pharmaceutical companies have historically submitted product applications to the Food and Drug Administration (FDA) on paper. With the advent of technology this is now dominated with electronic data records and electronic submissions. This change in philosophy has meant that in the FDA's efforts to "Protect Human Health", they have had to put controls in place to ensure that this 'new' data is as reliable as the original. The 1997 Electronic Records; Electronic Signatures Rule (21 CFR 11) is the document which defines those controls. 21 CFR 11 stipulates the rules concerning the use of the electronic records and also defines the requirements for data capture, storage, retrieval, maintenance and security of those records when reviewed by FDA inspectors.

Pharmaceutical companies typically produce two things, Drugs and Data. Data is gathered at source and either automatically downloaded onto a database or manually input into a database. As multiple database formats exist with no common security format the requirements for an industry standard became apparent. Data which is not generated, stored or maintained as a permanent electronic record is, by the same provisions, not required to meet the regulations, therefore data stored locally in instrument volatile memory and printed direct to a printer does not need to comply.

(Download this paper for all figures.) (92.9 KB)

The 21 CFR 11 regulation is divided into three subparts, General Provisions, Electronic Records and Electronic

Signatures

Electronic Record. An electronic record is "any data or other information represented in digital form, which is created, modified, maintained, archived or distributed by a computer system".

Electronic Signatures. Under the regulation, signatures can either be:

Ø A handwritten signature "is the legal mark of an individual, handwritten by that individual and executed to present intention to authenticate a writing in permanent form".

Ø An electronic signature is " a computer data compilation of any symbol or series of symbols executed, adopted or authorized by an individual to be the legally binding equivalent of the individual's signature".

Ø A digital signature is an electronic signature based upon biometric measures of the originator's authenticity.

Computer systems are divided into two categories, closed systems and open systems. A Closed System is a system maintained on a dedicated connection between source and storage where open external access is not permitted. In an Open System data is gathered from multiple locations and stored to a common central location; access to this database must be rigidly maintained and requires encryption to ensure the source of data is valid.

Closed system security requirements specify controls for the authenticity, integrity, and confidentiality of electronic records. This requires that:

Ø Data can be retrieved for audit, or review in human readable format.

Ø Audit Trails must exist, be secure, date and time stamped and un-editable. They should record all the system changes applicable to the data collected, stored and retrieved.

Ø Security controls are in place to ensure:

• No two individuals have the same combination of user name and password.
• Periodic checks and recalls of identification code or passwords.
• Loss management and replacement procedures.
• Safeguards against unauthorized use.
• Reporting of unauthorized use in an urgent and immediate manner.

Open system security requirements also have to meet these standards, but with the addition of measures ensuring authenticity, integrity and confidentiality, i.e. document encryption and digital signal standards.

(Download this paper for all figures.) (92.9 KB)

The system above states the rules which apply to software systems. However, as all systems are inherently different they are open to interpretation. The FDA guidelines (Title: Enforcement Policy 21 CFR 11 Electronic Records; Electronic Signatures, CPG7153.17 13-May-1999) for inspectors states "the agency's current thinking on the rule" to that end Particle Measuring Systems has made best efforts to meet all interpretations.

**Pharmaceutical Net 2.9.3 and 21 CFR Part 11**

Pharmaceutical Net is the all encompassing facility monitoring software, offering Windows® NT based compatible software package providing collection, storage and analysis of data reported by Particle Measuring Systems instrumentation and other facility monitoring devices. Data from other devices such as third party particle counters, air flow velocity, DI resistivity, dissolved oxygen, temperature, absolute pressure, differential pressure and relative humidity sensors can be collected with Pharmaceutical Net while satisfying 21 CFR Part 11 requirements.

To meet compliance with the general provisions and ensure that the electronic records (data) can be verified as genuine, trustworthy and as reliable as the original, the database that is used in Pharmaceutical Net 2.9.3 is binary format, encrypted in a Borland Database. Three files per database per day are generated and three are required to retrieve the data. This prevents any alteration of the data outside of Pharmaceutical Net.

The software is installed on a local computer (RTS). This computer communicates to the field sensors using Ethernet 10BaseT, Serial RS485 or Serial RS232 direct commands. The data is returned from the field sensors into the RTS database. The only access into this database is through Pharmaceutical Net, this follows the rules applying to Closed Systems. If the system is to be networked across a site Network then a firewall between the Particle Measuring Systems segment of the network and the corporate network is recommended.

To ensure that access to the stored data meets all the controls required for closed systems the following systems have been put in place:

A full audit trail monitors all system generated events, including threshold alarms and warnings, hardware alarms, security changes, configuration changes, user log-ins/outs and all other user events.

In the security configuration window each user is assigned specific tasks which are defined by the security administrator, and every user is configured with a unique user name and password. On first log-in the user is prompted to change password. For ease of validation, the complete security configuration settings can be printed - excluding passwords! Passwords are retrieved every 90 days for review and change; this time period can be changed by the security administer.

Should any unauthorized log-in attempts be made a system alarm communicates this alarm via a configured pager or email alert. After 5 attempts, an entry is also made into the Audit log. For large integrated network systems the operators at the network terminals are assigned security from either the local network computer or controlled from the respective RTS. SamplerSight and 21 CFR Part 11

SamplerSight is the Small and Large Volume Parenteral Sampling System software, it is used in conjunction with a LiQuilaz® particle counter and a syringe sampler, LS200.

The USP 24 Chapter <USP 788> allows for the determination of the particle content of SVP and LVP samples to be performed by Light Obscuration Particle Count Testing using an optical particle counter. These regulations also set the limits for contamination in the liquid samples.

Particle Measuring Systems uses Sampler Sight to meet both USPXXIV and the FDA 21 CFR 11 rulings on Electronic Records: Electronic Signatures.

Sampler Sight software runs on Windows NT and Windows 98/2000 platforms; this offers the full Windows 32-bit platform advantages alongside the functions of the Sampler Sight 21CFR11 software.

The APSS-200 systems are used as laboratory stand alone instrumentation and as such are only connected to the Particle Measuring Systems instruments, they are therefore considered to be Closed Systems.

System users must first Log-in using a unique user name and Password assigned to that person. Each user must be attributed to one of three user groups, Operators, Supervisors or Administrators. Each user group has an increased level of functionality. On first log-in the users are prompted to renew the password, the password is then recalled every 90 days for review and replacement.

As the systems are typically not connected to site networks if unauthorized log-in attempts are made the screen activates a local alarm window and the internal buzzer in the computer set into alarm.

All data is stored to a binary data file, if a sample consists of multiple sub-samples these are stored within a common sample data file, specific to that batch or sample run. Each data file is attributed with a logged-in, authorized system user and a configuration setting file, the configuration settings file holds the details of the 'META' data for each sample. No sample is stored without either a configured user or associated meta-data forming the audit log for each sample. System reports can selectively print the sample data, the configuration 'meta' data or both.

(Download this paper for all figures.) (92.9 KB)

Contact us if you need more information or have questions.

Author

Mark Hallworth, Particle Measuring Systems

GAMP®is a registered trademark of ISPE. To learn more about GAMP to place an order, visit www.ispe.org

LiQuilaz®is a registered trademark of Particle Measuring Systems, Inc.

Windows® is a registered trademark of the Microsoft Corporation.