Hi
Part 11 requires verification of identity. How is this being done in
distributed applications (for example at a clinical site when the
application is ‘owned’ by the sponsor, not the clinical site)?
Hi
Part 11 requires verification of identity. How is this being done in
distributed applications (for example at a clinical site when the
application is ‘owned’ by the sponsor, not the clinical site)?
The impression I have always had of this is that it has to be a
procedure. You have to verify the identity of a user before you give
them a userid and password. How you do this is probably going to vary
from place to place, maybe a picture id of some sort that is recognized
by the general public?
Isn’t it adding more unnecessary work? I mean, if there is an employee on the
company with company provided ID, and the supervisor, or manager signs a formal
access request (hand delivered by the requestor), doesn’t that qualify as ID
verification? Also, if the system validates against active directory, that
means the person requesting the access is a user in the LAN which makes him/her
already verified. Adding more verification to something alredy verified seems
to me that is duplicating efforts. My 2 cents.