21 CRF Part 11 Flashcards
21 CFR Part 11 covers:
e-signatures and e-records
define a closed system
system where access is controlled by individuals who are responsible for the content of electronic records in that system
define an open system
system that’s not controlled by the people who are responsible for the records in the system
what’s a digital signature?
e-signature based on cryptographic methods of originator authentication, with rules and parameters to verify identity of the signer and integrity of the data
what’s an electronic signature?
computer data compilation of any symbol or series of symbols executed, adopted or a digital form that’s created, modified, maintained, archived, retrieved, or distributed by a computer system
what is a handwritten signature?
scripted name or legal mark for an individual, by that individual, intended to be a permanent authentication of a form, etc.
what does biometrics mean?
a method of verifying an individual’s identity based on measurement of the individual’s physical features or repeatable actions that are unique to that individual and measurable
requirements for electronic signatures (3):
1) unique and not reused
2) identity should be verified before certification
3) legally binding if certified after 8/20/97
e-signatures not based on biometrics should (3):
1) have ID code and password
2) be used by genuine owners
3) use of signature by anyone other than genuine owner requires collaboration of two+ individuals
e-signatures that are based on biometrics should (1):
be designed to ensure only the genuine owner can use it
controls for ID codes and passwords should include 5 components:
1) maintain uniqueness
2) periodically check, recall, and revise
3) electronically deauthorize lost, stolen, missing or otherwise compromised codes/passwords
4) use transaction safeguards to prevent unauthorized use
5) test devices that generate ID code or passwords
