21 CFR Part 11 Flashcards
What is a closed system?
An environment in which system access is controlled by persons who are responsible for the content of electronic records that are on the system.
What is an open system?
An environment in which system access is not controlled by persons who are responsible for the content of electronic records that are on the system.
What does “Act” refer to?
Federal Food, Drug, and Cosmetic Act
What does “Agency” refer to?
Food and Drug Administation
Define biometrics
Method of verifying an individual’s identity based on measurements of the individual’s physical feature(s) or repeatable action(s) where those features and/or actions are both unique to that individual and measureable.
Electronic records
Controls for closed systems ensure what 4 things?
1-authenticity
2-integrity
3-confidentiality
4-signer cannot readily repudiate signed records as not genuine
Electronic records
Controls for closed systems shall include 11 things:
1-validation of systems…
2-ability to generate readable records
3-protection for retrieval
4-limiting access
5-audit trails…
6-system checks…sequencing
7-authority checks
8-device checks…source of data
9-determination that persons…have education, training, experience
10-establishment and adherence to written policies
11-use of appropriate controls over system documentation…
Electronic records
Controls for open system ensure what 3 things?
1-authenticity
2-integrity
3-confidentiality
Electronic records
Signature manifestations indicate 3 things:
1-printed name of signer
2-date and time signature executed
3-meaning associated with signature (review, responsibility, authorship)
Electronic signatures General requirements (n=3)
Unique; not reused/reassigned
Verify identity prior to generating electronic signature
Intended to be legally binding equivalent of handwritten signatures
Electronic signatures not based on biometrics shall: (n=3)
1-employ at least two distinct identification components (id, password)
2-used only by genuine owners
3-use by other requires collaboration of two or more individuals
Electronic signatures
Based upon biometrics shall:
Be designed to ensure that they cannot be used by anyone other than their genuine owners.
Electronic signatures
Controls for identification codes/passwords
To ensure: (n=2)
Security
Integrity
Electronic signatures
Controls for identification codes/passwords
Shall include: (n=5)
1-uniqueness
2-periodically checked, recalled, revised
3-follow loss management procedures
4-use of transaction safeguards
5- periodic testing of devices (tokens, cards) to ensure function and have not been altered
Does part 11 apply to paper records that are, or have been, transmitted by electronic means?
No
21 CFR Part 11 states that if changes need to be made to an electronic record, the original can be destroyed and the new version should be saved in its place.
true
false
false
Signed electronic records should contain the following information:
a) address of the signer, date and time when signature was executed
b) date and time of signature, phone number of signer, meaning associated with the signature
c) printed name of the signer, date and time of signature, meaning associated with the signature
d) only the cursive name of the signer and the date and time of signature
c) printed name of the signer, date and time of signature, meaning associated with the signature
21 CFR Part 11 applies to all of the below, except:
a) records in electronic form
b) electronic records that are submitted to the FDA
c) paper records transmitted by electronic means
d) electronic signatures
c) paper records transmitted by electronic means
In a closed system, 21 CFR Part 11 states that the system must have the ability to create secure, computer-generated, time-stamped audit trails to record the date and time of operator entries and actions that create, modify, or delete electronic records. Which of the following apply to these audit trails?
(mark all that apply)
a) record changes shall not obscure previously recorded information
b) permission has to be granted to permanently delete a change from the audit trail
c) audit trail documentation has to be saved for the length of the electronic record
d) audit trail reports have to be available for FDA review and copying
a) record changes shall not obscure previously recorded information
c) audit trail documentation has to be saved for the length of the electronic record
d) audit trail reports have to be available for FDA review and copying
According to 21 CFR Part 11, computer systems maintained under Part 11 should be readily available at all times for, and subject to, FDA inspection.
true
false
true
Where electronic signatures and their associated electronic records meet the requirements of 21 CFR Part 11, the agency will consider the electronic signatures to be equivalent to full handwritten signatures, initials, and other general signings as required by agency regulations, unless specifically excepted by regulation(s).
true
false
true
21 CFR Part 11 applies to paper records that are, or have been, transmitted by electronic means.
true
false
false
Open system means:
a) an environment in which system access is controlled by persons who are responsible for the content of electronic records that are on the system
b) an environment in which system access is not controlled by persons who are responsible for the content of electronic records that are on the system
c) both of the above
d) neither of the above
b) an environment in which system access is not controlled by persons who are responsible for the content of electronic records that are on the system
Signed electronic records shall contain information associated with the signing that clearly indicates:
a) the meaning (such as review, approval, responsibility, or authorship) associated with the signature
b) the date and time when the signature was executed
c) the printed name of the signer
d) all of the above
d) all of the above