Dear Forum,
I wanted to create the batch release statement electronically in PDF (by converting Microsoft word in to PDF) followed by inserting the signature digitally in PDF document, where it appears e-mail id/ name of the person and date and time who had created or apperoved.
Can you tell how to validate this requirement as per GMP and what is the minimum requirements.
Regards
Gireesh
What it sounds like to me is a process that would not be compliant with 21 CFR Part 11 - on many fronts. Unless you can make the case that it is compliant, it couldn’t be validated.
Yodon is too modest here.
But in practicality what you refered is not compliant with any 21 CFR Part 11 or European equivalent Annex 11 guidance.
If it is soo easy to create a Electronic signature practically the above stated guidelines would be just 1 or 2 paragraphs.
Iam not offensive in making these statements.
We faced lot tough questions during our demo regarding the regulations.
Electronic signature is a legal binding in a BMR or in any critical document that is used in regulatory environments.
Dear all,
I am not a certified Part 11 guru. I think what Grieesh wants to do, namely to create a pdf document and sign it electronically is a common and widely spread procedure. It corresponds to the expectations of many and it is a practice you would expect to be allowed in 2012. After all, FDA speaks about the GMPs for the 21st century.
It is easy to say “it’s not compliant”. I would expect an explanation as to why it is not compliant. I once heard that the “certified signature” on a pdf was an acceptable e-signature.
The fact that it is easy to apply a digital signature does not mean it is not compliant. After all, signing by hand never was very complicated either and handwritten signatures have been forged for ages.
In short: e-Signatures are state of the art today. We need such simple solutions as Grieesh proposes. Help us find ways to implement them!
Regards,
MCre
[quote=gireesht01]Dear Forum,
I wanted to create the batch release statement electronically in PDF (by converting Microsoft word in to PDF) followed by inserting the signature digitally in PDF document, where it appears e-mail id/ name of the person and date and time who had created or apperoved.
Can you tell how to validate this requirement as per GMP and what is the minimum requirements.
Regards
Gireesh[/quote]
The electronic signature must be permanently linked to the record; therefore the method you describe must be compliant with 21CFR11 requirements for electronic records and electronic signatures.
I don’t know if compliance can be achieved with the method you describe, but I doubt it. I suggest you take a look at Part 11; it is pretty clear on what the requirements are:
http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=11&showFR=1
[quote=gireesht01]Dear Forum,
I wanted to create the batch release statement electronically in PDF (by converting Microsoft word in to PDF) followed by inserting the signature digitally in PDF document, where it appears e-mail id/ name of the person and date and time who had created or apperoved.
Can you tell how to validate this requirement as per GMP and what is the minimum requirements.
Regards
Gireesh[/quote]
It’s a common and widely spread procedure to do drugs, drink and drive, etc. but it is not legal. Just because something is done doesn’t make it legal or a wise thing to do.
Signing electronically CAN be in compliance with 21 CFR Part 11. What I understood to be described was taking an image of a signature, applying it to a document, and calling it signed. That is, as I indicated not in compliance with Part 11 on many levels.
As has been pointed out later in this thread, you have to start with a baseline understanding of the regulation. Even a brief reading of the regulation (it’s really pretty short) would reveal how off base the original question was. A forum like this is not well suited to a thorough dissertation on Part 11. There are entire books written on the subject (I believe you can even buy one through the sponsors of this forum).
After gaining a basic understanding, specific questions about specific aspects of the regulation would be very well received and would likely get good, detailed replies.
Again, I believe it is possible to e-sign a PDF image. I would have to see the specific implementation to say whether it was compliant or not.
If you thought it was easy to forge a handwritten signature, imagine how easy it would be to forge an electronic signature in the way described in the original post using computers!
I’m all for using e-sigs but I’m not going to advocate a solution because it’s simple. There are VERY good reasons for the regulations. They are intended to minimize the potential for forgery and maximize the veracity of a signature applied.
I didn’t intend this to be a flame - apologies if it was taken that way. I had a big tussle today with a contract manufacturer that chooses not to care about regulations. This leaves my client in a very precarious predicament. Advocating “fast and loose” practices in a regulated environment is just a bad idea.
Will the proposed procedure meet the following :
If yes, I think compliant.
[quote=USFDA]Will the proposed procedure meet the following :
If yes, I think compliant.[/quote]
Mmm… not quite. Is your response based on your feelings or on the regulation? Has this approach you indicate been audited by the FDA and found acceptable? Are you basing this reply on an open system or a closed system? Do you know what the original poster’s system is?
Part 11 is challenging enough without potentially misleading information being spread. If you can relate the above to how it meets the specific clauses in the regulation, I’d be more convinced.
Yodon,
Seems you did not get the message.
What I am saying is : The system must be having a capacity system generated Audit Trail. I am sure the original poster’s arrangement or system does not have that.
USFDA
[quote=USFDA]
What I am saying is : The system must be having a capacity system generated Audit Trail. I am sure the original poster’s arrangement or system does not have that.
USFDA[/quote]
Yes, I can completely agree with you on that point. I also didn’t see where, for example, the method was unique to a particular user, had any kind of security controls, etc. There’s far more to Part 11 than just an audit trail.
I assume gireesht01 wants to sign pdf documents using the fature which os offered by adobe. If this woulfd not be legal, o lot of companies would not be compliant. But I do not want to use this as an argument since as stated before what is done in a common sense does not have to be legal automatically.
If I got it right, gireesht01 wants to sign the electronic document with his user name and date and time. To do that he has to use a password which is combined with his user name uniquely.
If this process is implemented this electronic signature has the same quality as a handwritten signature. Ususally the originally sigend document gets a green hook beside the signature which turns to a red cross if the documents was altered and in this case the document is no longer valid.
If this is the process gireesht01 talkes about and has been validated, I do not see any reason why this process should not be compliant with 21 CFR part 11.
Go ahead gireesht01 signing your e-papers electronically.