Medical device companies that implement electronic records or electronic signatures as part of their FDA mandated quality system processes must look to 21 CFR Part 11 for the specific guidelines that permit the use of technology in quality systems.
Quality system software has changed the way that the FDA thinks about record keeping and electronic signatures as they pertain to quality systems. Your quality manager is frequently required to sign, date, and approve certain documents generated as part of your quality system, but if your entire system is electronic, what controls are in place to ensure that the electronic signatures provided have the exact same weight and meaning as a physical signature? The controls which permit the use of electronic signatures and records as part of quality management systems are outlined in 21 CFR Part 11.
Greenlight Guru's QMS Software Was Built For 21 CFR Part 11 Compliance
21 CFR Part 11 is a legal mandate for the implementation of electronic records - it requires any quality management system to exhibit certain features which support the integrity of the system as a whole. Greenlight Guru’s quality management system software has been designed specifically for the medical device industry to address the requirements of 21 CFR Part 11 and enforce best practices throughout your organization. Here's how:
21 CFR Part 11.50 (Subpart B) Signature Manifestations - This section enforces the requirement that every signed electronic record must have certain information associated with the signature: the printed name of the signer, the date when the signature was produced, and the intended meaning of the signature (review, approval, responsibility, or authorship). Greenlight Guru's QMS Software for medical device companies does this automatically, keeping you compliant with 21 CFR Part 11 throughout your product's lifecycle.
21 CFR Part 11.100 (Subpart C) Electronic Signatures - It is very important to the FDA and to the integrity of your electronic QMS that electronic signatures are assigned on a one-to-one basis, and that only the person who is assigned a specific signature can reproduce it within the system. Electronic signatures must be unique when they are assigned, and they can never be reassigned to anyone else. The owner of the signature must also certify in writing that the signature belongs to them and is the legal equivalent of a binding signature. Greenlight Guru’s user controls make it easy to designate users in the system, assign signatures to them, and properly certify them so they can start saving time (and paper) by maintaining electronic records for your organization.
21 CFR Part 11.300 (Subpart C) Controls for identification codes/passwords - When you assign a username and password to a user that they can use to electronically sign something, you need an electronic QMS that controls that process and the associated data in compliance with 21 CFR Part 11.300. Greenlight Guru's built-in features have you covered when it comes to controlling sensitive log-in information for your QMS, including:
- Unique username/password combinations for all users
- Forced periodical password resets to mitigate password aging
- Loss management capabilities to deactivate compromised accounts and issue temporary access
- Transaction and security safeguards to detect and prevent unauthorized system access