US Food & Drug Administration Regulations (21 CFR 11)

 

FDA Electronic Records; Electronic Signatures
 
Implementation
 
Requirement
UpTym Networks
·       Records maintained in electronic form and electronic signatures may be used in lieu of traditional signatures.
·       Need to assure high availability of the server hosting the electronic records and monitor and alert on key performance metrics
 
 
Electronic Records
 
Requirement
UpTym Networks
·       Measures designed to ensure the integrity of system operations and info. Stored on the system:
 
(3) archival protection of records
(4) use of computer generated, time stamped audit trails
·       Proactive Systems Monitoring, Alerting and Alarm Notification
·       Windows Intrusion Monitoring
·       Address the security of closed systems requiring:
 
(3) authority checks be used to ensure
that only authorized individuals can use
the system, electronically sign a record, access the operation or computer system input or output device, alter a record or perform operations
·       Firewall monitoring
·       Vulnerability Scans
·       Windows Intrusion Monitoring
·       Patch Assessment
 
 
Electronic Signatures
 
Requirement
UpTym Networks
·       Electronic signatures based upon use of identification codes in combination with passwords must employ controls to ensure security and integrity:
 
(4) Transaction safeguards must be used to prevent unauthorized use of passwords and/or identification codes, and to detect and report an attempt to misuse such codes
·       Real-time intrusion alerts; monthly intrusion summaries: login/logout activity by user/device; failed login details report; account modification activity by user/account report