Electronic Sig

COMPUTER SYSTEM VALIDATION (CSV) 21 CFR PART 11
1

Hi
I wanted to know if my application support electronic signature according to part 11 ‎requirements. When the application is loaded the user authentication is required. The ‎user sees a dialog box asking him/here to supply user name and password. After the ‎user had successfully logged in, if he is required to electronically sign a record, the ‎system requires him to only enter a password without a username. Is it enough? This ‎is assuming that only the user that has logged in can sign the record. Other user’s ‎passwords will not be valid.

I am aware that for electronic signature both user name and password are required ‎however it is also stated that during a single, continuous period of controlled system ‎access, the first signing needs to verify signatory’s identity with password, while ‎subsequent signings need verify only the password. Is it right to consider the login ‎authentication as the first signature and hence all subsequent signatures of the users ‎requires only password verification?‎

Any help would be much appreciated :slight_smile:

2

Technically you are correct and comply fully with 21 cfr part 11

The 21 cfr part11 states that the first sign in must be using both parameters(login and pwd) and then subsequent signings should be only one parameter (pwd), which indicates more than 2 subsequent signings.

But if the user is signing only twice then I would rather make him login again with both parameters, if the data is very high profile. just a personal opinion.