Recommendations for Using the Palltronic® Flowstar IV ... · Instruments in a 21 CFR Part 11...

USTR2573Application Note

Recommendations for Using the Palltronic®Flowstar IV Integrity Test Instruments ina 21 CFR Part 11 Compliant Environment

2

Contents

Introduction.............................................................................................................................4

Part 1:

Recommendations for using the Palltronic Flowstar IV Integrity Test Instruments in a 21 CFR Part 11 Compliant Environment

1. Operation ............................................................................................................................5

1.1 Configuration of the Access Management......................................................................5

1.1.1 Login Procedure....................................................................................................5

1.1.2 Signatures ............................................................................................................5

1.2 Password Management ................................................................................................6

1.2.1 Password Aging....................................................................................................6

1.2.2 Minimum Password Length ..................................................................................6

1.2.3 Password History..................................................................................................6

1.2.4 Password Lockout ................................................................................................6

1.2.5 Lockout Duration ..................................................................................................6

1.2.6 Automatic Logout Period ......................................................................................6

1.3 User Identities ................................................................................................................6

1.3.1 Creating User Identities ........................................................................................6

1.3.2 First Use of a New Identity ....................................................................................6

1.3.3 Deactivating/Deleting User Identities ....................................................................6

1.4 Backup ..........................................................................................................................7

2. Audit Trail ............................................................................................................................7

2.1 Self Test ........................................................................................................................7

2.2 Test Record....................................................................................................................7

2.3 Test Program..................................................................................................................7

2.4 System Configuration ....................................................................................................7

2.5 Date/Time Setting ..........................................................................................................7

2.6 Access Management ....................................................................................................7

2.7 User Identities ................................................................................................................8

2.8 Upload of User Lists/Test Programs/Configurations and Access Management settings 8

3. Procedural Controls ...........................................................................................................8

Part 2: Application of 21 CFR Part 11 to Palltronic Flowstar IV Integrity Test Instruments

1. Subpart A – General Provisions ........................................................................................9

11.1 Scope ..........................................................................................................................9

11.2 Implementation ..........................................................................................................10

11.3 Definitions ..................................................................................................................11

2. Subpart B – Electronic Records ......................................................................................12

11.10 Controls for Closed Systems....................................................................................12

11.30 Controls for Open Systems ......................................................................................15

11.50 Signature Manifestations ..........................................................................................16

11.70 Signature / Record Linking ......................................................................................16

3. Subpart C – Electronic Signatures ..................................................................................17

11.100 General Requirements............................................................................................17

11.200 Electronic signature components and controls ......................................................18

11.300 Controls for identification codes / passwords ........................................................19

www.pall.com/biopharm 3

4

Introduction

This document has been written in two parts.

The first part of the document provides recommendations for end-users wishing to use the Palltronic Flowstar IVinstruments in a 21 CFR Part 11 compliant environment. The document describes procedures to configure andoperate the instrument for best use of the technological features of the instrument and provides recommendationson the standard operating procedures that end-users will need to reproduce in order to achieve full compliance.

The second part “Application of 21 CFR Part 11 to the Palltronic Flowstar IV integrity test instruments” defines howPall Corporation has applied 21 CFR Part 11 to integrity test instruments when electronic records and signaturesare used according to the relevant sections of the regulation.

This guideline is designed to be used in conjunction with the ‘Instructions for use’ supplied with the instrument.

Part 1: Recommendations for using the Palltronic Flowstar IV Integrity TestInstruments in a 21 CFR Part 11 Compliant Environment

Upon arrival of the Palltronic Flowstar IV integrity test instrument, at least one person should be appointed as system administrator for the instrument. System administrators are responsible for the configuration ofthe instrument and the administration of user access rights. It is recommended that these individuals do notparticipate in the normal use of the instrument for integrity testing.

1. Operation

1.1 Configuration of the Access ManagementThe Palltronic Flowstar IV instruments offer the technological features used in a 21 CFR Part 11compliant environment only after the appropriate configuration of the access management.

In the Main Menu:

• Click the ‘Tools’ button on the left side of the screen.

• Click the ‘Access Management’ button.

The instrument is supplied with default login details (see section 1.1.1), with the password ‘pall’.

1.1.1 Login ProcedureSelect the login procedure. The ‘Individual user login’ can be set to OFF and ON.If set to OFF, the access level can be assigned to user groups.

Level 1: Operator (no password)Can perform filter tests

Level 2: Supervisor (System password 1)Can create/modify test programs and perform a backup

Level 3: Administrator (System password 2)Can modify the configuration, the date/time and the access management

The initial system passwords 1 and 2 are ‘pall’.

If set to OFF, the operator name must be entered manually before beginning a test,and any creation/modification in the audit trail is not assigned to an individual user.

If set to ON, the access level can be assigned to any individual user in the user list,and each user has to login with his UserID and password.

Level 1: OperatorCan perform filter tests

Level 2: SupervisorCan create/modify test programs and perform a backup

Level 3: AdministratorCan modify the configuration, the date/time and the access management

Level 4: Super Administrator (User 1 only)As level 3 but exempt from password aging

The initial UserID/password is ‘ADMIN’ / ‘pall’ for User 1 (Level 4).

Although 21 CFR Part 11 only require a type of access control as achieved by bothoptions, it is recommended that the ‘Individual user login’ option is used in 21 CFRPart 11 compliant environments.

1.1.2 SignaturesThe number of signatures on a test result record (Options: 1/2 signatures) can be selected.

The type of signature can be selected (Options: Manual/Electronic).

If set to ‘Electronic’, the user and password management must have been defined asto whether the instruments have ‘Individual user login’ set to OFF or ON.


6

1.2 Password ManagementFor compliance with 21 CFR Part 11 Subpart C Electronic signatures Sec. 11.200 Electronicsignature components and controls, a password management system is required whichenhances the security of passwords. The Palltronic Flowstar IV instruments offers the followingoptions for a password management system which can be configured in the ‘Access Management’.

1.2.1 Password AgingPassword expiry intervals can be defined. After a password has expired, the systemwill require a password change by that particular user before he can access the system.

The password can be changed at any time on the Palltronic Flowstar IV instrumentby pressing the ‘Change’ button in the ‘Log in’ screen where a UserID/password isrequested. The ‘Log in’ button is accessible on the left side of the screen; it issymbolized by a key.

1.2.2 Minimum Password LengthThe number of characters required for a password can be defined.

1.2.3 Password HistoryThe number of new passwords which must be set before a password may be reusedcan be defined.

1.2.4 Password LockoutThe number of consecutive failed attempts before a user is locked out can be defined.

1.2.5 Lockout DurationThe time period that a user remains locked out after the last failed attempt to log inunder a particular UserID can be defined.

1.2.6 Automatic Logout PeriodThe time of inactivity before the current user is automatically logged out can be defined.

1.3 User Identities

1.3.1 Creating User IdentitiesThe system administrator has to select ‘Access management’, followed by ‘Edit userlist’. To enter new users into the system, select ‘Create new user’. The administratorhas to enter a user name, a UserID and password as well as an access level into theblank boxes on the screen and then press the ‘OK’ button. Each user must have aunique UserID and user name. Note the initial password for the user. Up to 250 activeuser identities can be set up on the Palltronic Flowstar IV instrument.

The name ‘Administrator’ of User 1 cannot be changed but it is recommended tochange the UserID and password.

1.3.2 First Use of a New Identity New users should use the initial password given to them by the system administratorto access the Palltronic Flowstar IV instrument. They are forced by the instrument tochange their password before getting full access.

Users who have forgotten their password must contact the administrator who canset a new initial password.

1.3.3 Deactivating/Deleting User IdentitiesThe system administrator has to select ‘Access management’, followed by ‘Edit userlist’ and choose the user to be deactivated/deleted. Deactivating a user means thatthe user remains stored on the instrument and can be reactivated later. Deletionmeans that the record is no longer stored on the instrument and must be reenteredto regain access. The first user ‘Administrator’ cannot be deactivated or deleted. Thisis to prevent access to the System menu from being lost.

1.4 BackupIt is recommended to regularly perform a backup, especially before deleting records.

The data can be backed up either to a USB flash drive or a network location. The security ofthe data exported is the responsibility of the user.

2. Audit Trail

The audit trail for all electronic records is stored within the record and is dependent on the type of record.

2.1 Self Test The Self test is automatically started once a day, at the first time the instrument is switched on.The sequence cannot be modified by the user. After saving the result, the record is completedand cannot be modified further. The Audit Trail for the record is therefore complete.

2.2 Test Record To start a test, a minimum user level 1 is needed to get access. After defining the testparameters, the test can be started. When the test is finished or aborted, the record is stored.No modification can be made to the stored record. Only the addition of a comment andelectronic signatures are allowed, so the audit trail is complete.

2.3 Test ProgramWhen creating/modifying/deactivating a test program, a minimum user level 2 access isrequired. Each creation/modification or deactivation is stored including the name of the personresponsible for the action. The audit trail for a test program can be viewed by printing it on theinstrument including the audit trail.

The printout includes the initial version, a list of changed parameters including the name of theperson who made the changes and the current version. Only the current version can be usedfor testing.

Deactivated test programs are still stored on the instrument but cannot be used.

To delete a test program, user level 3 is required. This should only be done after having backedup the test programs.

2.4 System ConfigurationTo access the configuration of the instrument, a minimum user level 3 access is required.Each modification of the parameters is stored including the name of the person responsiblefor the action. The audit trail for configuration can be viewed by printing it on the instrument.

The printout includes the initial version, a list of changed parameters including the name of theperson who made the changes and the current version. Only the current version can be usedfor testing.

2.5 Date/Time Setting To access the date/time setting of the instrument, a minimum user level 3 access is required.Each modification of the parameters is stored, including the name of the person responsible forthe action. The audit trail for the date/time setting can be viewed by directing the instrument toprint it out.

The printout includes the initial setting version, a list of changed parameters including theentered name of the person who made the changes and the current setting.

2.6 Access ManagementTo access the ‘Access Management’ of the instrument, a minimum user level 3 access isrequired. Each modification of the parameters is stored including the name of the personresponsible for the action. The audit trail for the ‘Access Management’ can be viewed bydirecting the instrument to print it out.

The printout includes the initial setting version, a list of changed parameters including the nameof the person who made the change and the current setting.


8

2.7 User IdentitiesThe user identities can be accessed via the ‘Access Management’ and ‘Edit user list’ (level 3 or 4 access required).

User names can only be created or deleted but not modified. The UserID and the passwordcan be modified. Any creation/modification or deactivation of a user is stored including thename of the person responsible for the action. The audit trail for a user identity can be viewedby directing the instrument to print it out.

The printout includes the initial version, a list of changed parameters including the name of theperson who made the change and the current setting.

2.8 Upload of User Lists/Test Programs/Configurations and Access Management settingsThe Load function can be accessed via ‘Backup’. The audit trails are not transferred with theexport and import of test programs, configurations and access management settings.

3. Procedural Controls

This section provides a listing of the procedural controls recommended for the operation of thePalltronic Flowstar IV instruments in a 21 CFR Part 11 compliant environment.

These procedures may have been identified or discussed in the preceding text, and some maybe general procedures required under the 21 CFR Part 11 rule, but this section provides alisting of procedures for ease of implementation.

The user will require a suite of procedures:

(1) to ensure that the electronic signatures have been certified as the legally binding equivalentof a handwritten signature, and to describe the consequences of falsification of anelectronic signature, both for the company and for the individual. Operators must notdivulge their UserID and passwords to anyone, not even to the system administrator.

(2) to validate the integrity of the electronic records and electronic signatures. Electronicrecords stored on the Palltronic Flowstar IV cannot be accessed and altered by the user.

(3) to ensure that the Palltronic Flowstar IV instrument is fully validated before use, includingdocumented verification, and that the system provides the required controls forcompliance. Validation tests to verify the technological controls in the instrument areincluded in the standard Operational Qualification protocols available from Pall.

(4) to define how access is limited to authorized individuals. Managing the systemadministrator account should be given special consideration. The procedure should definehow individuals are qualified for access, including verification of their identity before theyare granted access.

(5) to ensure that each user name (used as the electronic signature) is unique, i.e. it can beonly attributed to a single individual. The procedure should verify that the user name is notre-used or re-allocated to a different individual. The Palltronic Flowstar IV instrument doesnot allow duplicate user names on the instrument.

(6) to cover the distribution of, access to, and use of operational and maintenancedocumentation once the system is in operational use.

(7) to ensure that the staff who maintain and use the electronic record and electronicsignature functions in the Palltronic Flowstar IV instrument have the education, training and experience to perform their assigned tasks.

(8) to specify the retention period for electronic records and their audit trails, and to ensurethat the data is retained securely for that period. The customer must have a defined andsecure backup and recovery process for electronic data.

(9) to cover removal of obsolete users; changing of profiles as user roles change; periodicchecking of user identities and the management of passwords whose integrity may havebeen compromised.

Part 2: Application of 21 CFR Part 11 to Palltronic Flowstar IV Integrity TestInstruments

Introduction

As follows, the clauses of 21 CFR Part 11, the type of control, the responsibility and the application to thePalltronic Flowstar IV integrity test instruments are listed.

The clauses of 21 CFR Part 11 are based on the version updated on April 1, 2009 which can be found at:

http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfCFR/CFRSearch.cfm?CFRPart=11

The applications to the Palltronic Flowstar IV instruments are described based on the following ‘Access management’ settings:

• Individual user login activated

• Electronic signatures activated

1. Subpart A – General Provisions

11.1 ScopeType of Respon-

Clause Text of 21 CFR Part 11 Clause Control sibility Application to Palltronic Flowstar IV instruments

11.1 The regulations in this part set forth the Procedural User The user has responsibility for procedural controls (a) criteria under which the agency considers which are required for compliance to 21 CFR Part 11.

electronic records, electronic signatures, and handwritten signatures executed to Techno- Pall (1) The Palltronic Flowstar IV instruments have been electronic records to be trustworthy, reliable, logical designed to supply the technological controls required and generally equivalent to paper records and for the instruments to be used in a 21 CFR Part 11handwritten signatures executed on paper. compliant environment.

11.1 This part applies to records in electronic form Procedural User It is the user’s responsibility to identify the records (b) that are created, modified, maintained, archived to be sent to the agency as an electronic record.

retrieved, or transmitted, under any records requirements set forth in agency regulations.This part also applies to electronic records submitted to the agency under requirements of the Federal Food, Drug and Cosmetic Act and the Public Health Service Act, even if such records are not specifically identified in agencyregulations. However, this part does not applyto paper records that are, or have been,transmitted by electronic means.

11.1 Where electronic signatures and their N/A N/A None – this is an explanatory text only.(c) associated electronic records meet the

requirements of this part, the agency will consider the electronic signatures to be equivalent to full handwritten signatures, initials and other general signings as requiredby agency regulations, unless specifically expected by regulation(s) effective on or afterAugust 20, 1997.

11.1 Electronic records that meet the requirements Procedural User The user must determine whether to use electronic (d) of this part may be used in lieu of paper records or paper records. Users should be aware that

records, in accordance with § 11.2, unless even if they decide to use the paper printouts as the paper records are specifically required. record, an electronic record is still created by the

Palltronic Flowstar IV instruments.


10

11.1 Scope (continued)

Type of Respon-Clause Text of 21 CFR Part 11 Clause Control sibility Application to Palltronic Flowstar IV instruments

11.1 Computer systems (including hardware Procedural User The user has a responsibility to maintain adequate (e) and software), controls, and attendant records of the software version and any hardware or

documentation maintained under this part software changes implemented on their Palltronic shall be readily available for, and subject Flowstar IV.to, FDA inspection. Procedural Pall (2) Pall undertakes to maintain full hardware and

software change control on the Palltronic Flowstar IVprojects and to operate those projects within a documented quality system.

11.1 This part does not apply to records required Procedural User (3) It is up to the user to make the decision if the(f) to be established or maintained by 1.326 records satisfy the requirements of part 1, subpart J

through 1.368 of this chapter. Records that of this chapter or if the records are required under satisfy the requirements of part 1, subpart other applicable statutory provisions or regulations.J of this chapter, but that also are required under other applicable statutory provisions or regulations, remain subject to this part.

11.2 ImplementationType of Respon-


11.2 For records required to be maintained but not Procedural User The Palltronic Flowstar IV instruments have been (a) submitted to the agency, persons may use designed to facilitate the use of electronic records

electronic records in lieu of paper records and electronic signatures under this rule. The user or electronic signatures in lieu of traditional also has the option to maintain paper records and signatures, in whole or in part, provided that hand written signatures using the printout produced the requirements of this part are met. at the time of the test.

11.2 For records submitted to the agency, persons Procedural User For users wishing to use electronic records or (b) may use electronic records in lieu of paper electronic signatures, the Palltronic Flowstar IV

records or electronic signatures in lieu of instruments have been designed to facilitate thetraditional signatures, in whole or in part, use of electronic records and electronic signaturesprovided that: (1) The requirements of this under this rule. The user has the option to maintainpart are met; and (2) The document or parts paper records using the printout produced by theof a document to be submitted have been internal or external printer and using handwrittenidentified in public docket No. 92S-0251 as signatures.being the type of submission the agency accepts in electronic form. This docket will identify specifically what types of documents or parts of documents are acceptable for submission in electronic form without paperrecords and the agency receiving unit(s)(e.g., specific center, office, division, branch)to which such submissions may be made. Documents to agency receiving unit(s) not specified in the public docket will not be considered as official if they are submitted in electronic form; paper forms of such documents will be considered as official andmust accompany any electronic records. Persons are expected to consult with theintended agency receiving unit for details onhow (e.g., method of transmission, media, file formats, and technical protocols) and whether to proceed with the electronic submission.

11.3 DefinitionsType of Respon-


11.3 The definitions and interpretations of terms N/A N/A None – this is an explanatory text only.(a) contained in section 201 of the act apply to

those terms when used in this part.

11.3 The following definitions of terms also apply N/A N/A None – this is an explanatory text only.(b) to this part: (1) Act means the Federal Food,

Drug, and Cosmetic Act (secs. 201-903 (21 U.S.C. 321-393)).

(2) Agency means the Food and Drug N/A N/A None – this is an explanatory Administration text only.

(3) Biometrics means a method of verifying an N/A N/A None – Biometrics are not used on the Palltronicindividual’s identity based on measurement of Flowstar IV integrity test instruments.the individual’s physical feature(s) or repeatable action(s) where those features and/or actions are both unique to that individual and measurable.

(4) Closed system means an environment in Techno- Pall/User (4) When used as a stand alone instrument, the which system access is controlled by persons logical Palltronic Flowstar IV integrity test instruments who are responsible for the content of can be classified as a closed system.electronic records that are on the system.

(5) Digital signature means an electronic N/A N/A None – the Palltronic Flowstar IV integrity testsignature based on cryptographic methods of instruments do not use digital signatures.originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrityof the data can be verified.

(6) Electronic record means any combination Techno- Pall (5) The Palltronic Flowstar IV instruments create of text, graphics, data, audio, pictorial, or other logical and maintain the following electronic records:information representation in digital form that Test Result Records, Test Programsis created, modified, maintained, archived, System Configuration, Date/Time Settingretrieved, or distributed by a computer system. Access Management Settings, User Access Rights

(7) Electronic signature means a computer data Techno- Pall (6) The Palltronic Flowstar IV instruments use a compilation of any symbol or series of symbols logical unique combination of UserID and password, which executed adopted, or authorized by an are linked to a user name, to generate electronic individual to be the legally binding equivalent signatures on test result records. of the individual’s handwritten signature.

Procedural User The user must have appropriate procedures in place to ensure that the electronic signatures have been certified as the legally binding equivalent of a handwritten signature.

(8) Handwritten signature means the N/A N/A None – this is an explanatory text only.scripted name or legal mark of an individual handwritten by that individual and executed or adopted with the present intention to authenticate a writing in a permanent form. The act of signing with a writing or marking instrument such as a pen or stylus is preserved. The scripted name or legal mark, while conventionally applied to paper, may also be applied to other instruments that capture the name or mark.

(9) Open system means an environment in N/A N/A This has already been addressed which system access is not controlled by (see point (4)).persons who are responsible for the content of electronic records that are on the system.


12

2. Subpart B – Electronic Records

11.10 Controls for Closed SystemsType of Respon-


11.10 Persons who use closed systems to create, Procedural User This clause places the onus on the user to generatemodify, maintain, or transmit electronic records procedures to validate the integrity etc. of the shall employ procedures and controls designed electronic records and signatures.to ensure the authenticity, integrity, and, when appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily repudiate the signed record as not genuine. Such procedures and controls shallinclude the following:

11.10 Validation of system to ensure accuracy, Procedural User The system needs to be validated. This should (a) reliability, consistent intended performance, include documented verification that the system

and the ability to discern invalid or altered provides the required controls for compliance.records. Tests to verify that the system provides controls for

compliance are included in the standard Operational Qualification documents available from Pall.

Techno- Pall (7) Pall performs a qualification on the instrument logical prior to each software version release.

(8) There is no facility within the instrument to modify a test result record, only approval signatures can be added.(9) Creation or modification of a test program results in the storage of the new settings including the name of the logged in user responsible for the change.(10) Creation or modification of User Access Rights results in the storage of the new settings including the name logged in user responsible of the change.

11.10 The ability to generate accurate and complete Techno- Pall (11) The electronic records are stored in the (b) records in both human readable and electronic logical Palltronic Flowstar IV instruments, and may be

form suitable for inspection, review, and recalled for viewing/printing using the operator copying by the agency. Persons should contact interface which is an integral part of the instrument.the agency if there are any questions regarding including the audit trail, can be transferred to the ability of the agency to perform such an external storage facility in pdf or XML format.reviews and copying of the electronic records.

11.10 Protection of records to enable their accurate Procedural User The Palltronic Flowstar IV instrument allows a (c) and ready retrieval throughout the records backup of all electronic records including audit

retention period. trail to an external storage facility. The user must specify the retention period and ensure the data is retained securely for that period. The user must have a defined, proven and secure backup and recovery process for electronic data.

Techno- Pall (13) It is not possible to delete a selected test result logical record stored on the Palltronic Flowstar IV instrument.

(14) Every test result record contains a complete listing of the parameters used during the test, whether they have been manually input or imported from a test program.(15) Deactivated test programs are still stored on the instrument but not accessible for the user.(16) Deactivated user identities are still stored on the instrument but not accessible for the user.


11.10 Controls for Closed Systems (continued)


11.10 Limiting system access to Procedural User A user procedure is required to define how access(d) authorized individuals. is limited to authorized individuals. Managing the

system administrator account should be givenspecial consideration.

Techno- Pall (17) The Palltronic Flowstar IV instruments logical provide four user levels of access:

Level 1 access is at operator level and allows access to all test functions.Level 2 access is at supervisor level and provides access to all Level 1 functions plus test programs creation/modification/deactivation.Level 3 access is at system administrator level and provides access to all Level 2 functions plus the system configuration, Date/Time setting and the access management including access rights. Level 4 access is at the system administrator level but the password is excluded from password aging and user lock out. There is no restriction on viewing test results or on starting a Self test, a network test, a printer test, cleaning and screen adjustment.(18) No filter test can be accessed/started without entry of a valid UserID and password for login. (19) No test program can be created, modified ordeactivated without entry of a valid UserID and password at Level 2 or higher.(20) No electronic record (test program or user access) can be deleted without entry of a valid UserID and password at level 3 or higher.(21) No selected test result can be deleted at any access level.

11.10 Use of secure, computer-generated, time- Procedural User A user procedure is required for secure storage (e) stamped audit trails to independently record of the test result record audit trail after it is

the date and time of operator entries and downloaded to a PC.actions that create, modify or delete electronic Techno- Pall (22) Each test result is automatically time and daterecords. Record changes shall not obscure logical stamped by the Palltronic Flowstar IV instrument previously recorded information. Such audit and includes the logged in user as ‘operator’.trail documentation shall be retained for a (23) Each test program is automatically time andperiod at least as long as that required for date stamped by the PalltronicFlowstar IV instrumentthe subject electronic records and shall be and includes the logged in userwhen created/available for agency review and copying. activated,modified or deactivated either at the time

of creation of the program on the instrument or at the time of modification/ deactivation.(24) Each system configuration is automatically time and date stamped by the Palltronic Flowstar IV instru-ment and includes the logged in user when modified.

Techno- Pall (25) Each Date/Time setting is automatically time logical and date stamped by the Palltronic Flowstar IV instru-

ment and includes the logged in user when modified.(26) Each access management setting is automatically time and date stamped by the Palltronic Flowstar IV instrument and includes the logged in user when modified.

14



11.10 (continued) Techno- Pall (27) Each user access setting is automatically time (e) logical and date stamped by the Palltronic Flowstar IV

instrument and includes the logged in user when created/activated, modified or deactivated either at the time of creation of the program on the instrument, or at the time of modification/deactivation.

11.10 Use of operational system checks to enforce Techno- Pall (28) There is no facility for the operator to affect the(f) permitted sequencing of steps and events, logical sequence of operation within the Palltronic Flowstar IV

as appropriate. instrument.

11.10 Use of authority checks to ensure that only Procedural User A user procedure is required to define how the (g) authorized individuals can use the system, authorization processes are carried out and that

electronically sign a record, access the staff have been trained in their use.operation or computer system input or output Techno- Pall (29) The Palltronic Flowstar IV instruments check instrument, alter a record, or perform the logical the UserID a stored list of valid user identities. operation at hand. Only if the UserID and password are valid, and the

access level is appropriate to the task in question (see point (17)), will the user be allowed to proceed.

11.10 Use of instrument (e.g., terminal) checks to N/A N/A (30) The Palltronic Flowstar IV instruments are (h) determine, as appropriate, the validity of the stand-alone instruments with an integral operator

source of data input or operational instruction. interface terminal. Instrument checks are not relevant to the Palltronic Flowstar IV instrument.

11.10 Determination that persons who develop, Procedural User The personnel who develop, maintain or use electronic(i) maintain, oruse electronic record/electronic record/electronic signature systems must have the

signature systems have the education, training, education, training and experience to perform theirand experience to perform their assigned tasks. assigned tasks.

Procedural Pall (31) Pall’s quality procedures require the maintenanceof training records on all personnel, to ensure that those personnel are suitable for the tasks in which they are involved. The Palltronic Flowstar IV instruments were developed by a subcontractor to Pall specifications. Regular audits of the subcontractor are used to ensure that their personnel are appropriately trained.

11.10 The establishment of, and adherence to, written Procedural User A policy is needed to describe the significance of (j) policies that hold individuals accountable electronic signatures, in terms of individual

and responsible for actions initiated under responsibility, and the consequences of falsificationtheir electronic signatures, in order to deter for both the pharmaceutical organization and the record and signature falsification. individual.



11.10 Use of appropriate controls over systems Procedural Pall (32) The operational and maintenance manual is(k) documentation including: supplied in a secure pdf format, and Pall has proce-

dures in place to ensure adequate revision and changecontrol of this manual in the un-editable pdf format.

(1) Adequate controls over the distribution Procedural User A user procedure is required to cover distribution of, of, access to, and use of documentation for access to, and use of, operational and maintenance system operation and maintenance. documentation once the system is in operational use.

(2) Revision and change control procedures TechnologicalPall (33) The user identities including audit trail are to maintain an audit trail that documents maintained in the Palltronic Flowstar IV instruments time-sequenced development and electronically. (34) The test programs including audit modification of system documentation. trail are maintained in the Palltronic Flowstar IV

instruments electronically. (35) The system configurations including audit trail are maintained in the Palltronic Flowstar IV instruments electronically. (36) The date/time settings including audit trail are maintained in the Palltronic Flowstar IV instruments electronically. (37) The access management settings including audit trail are maintained in the Palltronic Flowstar IV instruments electronically.

11.30 Controls for Open SystemsType of Respon-


11.30 Controls for open systems N/A N/A (38) The Palltronic Flowstar IV instruments havealready been identified as closed systems (see point (4)) so this section is not applicable. If the instrument is to be used as part of an open system, the responsibility for implementing sufficient procedural controls to achieve 21 CFR Part 11 compliance rests solely with the user.


16

11.50 Signature ManifestationsType of Respon-


11.50 Signed electronic records shall contain N/A N/A None – this is explanatory text only(a) information associated with the signing

that clearly indicates all of the following:

(1) The printed name of the signer; Techno Pall (39) The entry of a valid UserID and password will logical result in the logical associated user name.

(2) The date and time when the signature was Techno- Pall (40) The date and time of the test are automaticallyexecuted; and logical logical inserted into the test record at the time of the

electronic signature being generated

(3) The meaning (such as review, approval, Techno- Pall (41) The printed name of first signer is prefaced responsibility, or authorship) associated with logical by ‘Signed by’ in a test result record.

(42) The printed name of second signer is prefacedby ‘Accepted by’ in a test result record.

11.50 The items identified in paragraphs (a) (1), Techno- Pall (43) There is no facility within the Palltronic Flowstar (b) (a) (2), and (a) (3) of this section shall be logical IV instruments to modify or delete the electronic

subject to the same controls as for electronic signature, date, time or meaning of signature.records and shall be included as part of any human readable form of the electronic record (such as electronic display or printout).

11.70 Signature / Record LinkingType of Respon-


11.70 Electronic signatures and handwritten Techno- Pall (44) The electronic signature, date, time and signatures executed to electronic records shall logical meaning of the signature are a permanentbe linked to their respective electronic records part of the electronic records. The Palltronic to ensure that the signatures cannot be Flowstar IV instruments do not have anyexcised, copied or otherwise transferred to means or copying or deleting these items.falsify an electronic record by ordinary means.


3. Subpart C – Electronic Signatures

11.100 General RequirementsType of Respon-


11.100 Each electronic signature shall be unique to Procedural User The user must ensure the uniqueness of the user (a) one individual and shall not be reused by, or names used for electronic signatures, and that they

reassigned to, anyone else. are not re-used or re-allocated.

Techno- Pall (45) The Palltronic Flowstar IV instruments will not logical allow any two current UserID codes to be the same.

(46) The Palltronic Flowstar IV instruments will not allow any two current user names to be the same.

11.100 Before an organization establishes, assigns, Procedural User The user needs to verify the identity of individuals (b) certifies, or otherwise sanctions an individual’s being granted access to the system.

electronic signature, or any element of such electronic signature, the organization shall verify the identity of the individual.

11.100 Persons using electronic signatures shall, Procedural User The user must provide to the agency this required(c) prior to or at the time of such use, certify to certification at an organizational level.

the agency that the electronic signatures in their system, used on or after August 20, 1997, are intended to be the legally binding equivalent of traditional handwritten signatures.

(1) The certification shall be submitted in paper form and signed with a traditional handwritten signature, to the Office of Regional Operations (HFC-100), 5600 Fishers Lane, Rockville, MD 20857.

(2) Persons using electronic signatures shall, upon agency request, provide additional certification or testimony that a specific electronic signature is the legally binding equivalent of the signer’s handwritten signature.

18

11.200 Electronic signature components and controlsType of Respon-


11.200 Electronic signatures that are not based upon N/A N/A None – introductory text only.(a) biometrics shall:

(1) Employ at least two distinct identification Techno- Pall (47) For the electronic signature of a test result components such as an identification code logical record the Palltronic Flowstar IV instruments require and password. two elements, a UserID and a password. From these

two elements the system generates the electronic signature, which consists of the printed text of the user name.

(i) When an individual executes a series of Techno- Pall (48) To electronically sign a test result, a UserID andsignings during a single, continuous period logical password have to be entered. A series of signings isof controlled system access, the first signing not possible.shall be executed using all electronic signature components; subsequent signings shall be executed using at least one electronic signature component that is only executable byand designed to be used only by, the individual.

(ii) When an individual executes one or more Techno- Pall (49) To electronically sign a test result, a UserID andsignings not performed during a single, logical password have to be entered for every signature.continuous period of controlled system A series of signings is not possible.access, each signing shall be executed using all of the electronic signature components.

(2) Be used only by their genuine owners; Procedural User The user must ensure that staff only use their ownand electronic signature, not anyone else’s even on their

behalf, as that would be falsification. A procedure is required to ensure that personnel change their UserID and password on first use.

Techno- Pall (50) When a user identity is created by the systemlogical administrator, he/she will enter a UserID and

password. When the operator first uses that identity, he/she is forced to change the password so that only the operator knows his/her current password.

(3) Be administered and executed Procedural User The user needs procedures to ensure that users do to ensure that attempted use of an not divulge their UserID and passwords.individual’s electronic signature by Techno- Pall (51) No user, including the System Administrator, anyone other than its genuine owner logical is able to view passwords belonging to other users.requires collaboration of two or more Each user can change their password at any time. individuals. Passwords are not shown on the screen but are

represented by an asterisk (*).

11.200 Electronic signatures based upon N/A N/A The Palltronic Flowstar IV instruments do not use(b) biometrics shall be designed to ensure biometrics to identify users.

that they cannot be used by anyone other than their genuine owners.

11.300 Controls for identification codes / passwordsType of Respon-


11.300 Persons who use electronic signatures based upon use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. Such controls shall include:

11.300 Maintaining the uniqueness of each combined Techno- Pall The mechanism for achieving this has already been(a) identification code and password, such that no logical defined in points (45) and (46).

two individuals have the same combination of identification code and password.

11.300 Ensuring that identification code and Procedural User A user procedure is required to cover: removal of (b) password issuances are periodically obsolete users; changing of profiles as user roles

checked, recalled or revised (e.g., to change and periodic checking of identification codes cover such events as password aging). and passwords for inconsistencies with current users.

Techno- Pall (52) Any user can change their password at any time.logical (53) The time after which a password expires can

be defined in the access management configuration.(54) The password length can be defined in the access management configuration.(55) The number of attempts to enter the system using an invalid password before the user is locked out can be defined in the system configuration.

11.300 Following loss management procedures to Procedural User The user needs a procedure for the management (c) electronically deauthorize lost, stolen, missing, of passwords whose integrity may have been

or otherwise potentially compromised tokens, compromised.cards, and other instruments that bear or generate identification code or password information, and to issue temporary or permanent replacements using suitable, rigorous controls.

11.300 Use of transaction safeguards to prevent N/A N/A (56) The Palltronic Flowstar IV instruments can lock (d) unauthorized use of passwords and / or out a user after multiple failed attempts using a valid

identification codes, and to detect and report UserID. Only a system administrator can re-activate in an immediate and urgent manner any a locked out user by changing the user password.attempts at their unauthorized use to the system security unit, and, as appropriate, to organizational management.

11.300 Initial and periodic testing of instruments, N/A N/A (57) The Palltronic Flowstar IV instruments do not (e) such as tokens or cards, that bear or generate use tokens or cards.

identification code or password information toensure that they function properly and have not been altered in an unauthorized manner.


Europe+41 (0)26 350 53 00 phone+41 (0)26 350 53 53 [email protected] E-mail

United States800.717.7255 toll free (USA)516.484.5400 phone516.801.9548 [email protected] E-mail

International OfficesPall Corporation has offices and plants throughout the world in locations such as: Argentina, Australia, Austria, Bel-gium, Brazil, Canada, China, France, Germany, India, Indonesia, Ireland, Italy, Japan, Korea, Malaysia, Mexico, theNetherlands, New Zealand, Norway, Poland, Puerto Rico, Russia, Singapore, South Africa, Spain, Sweden, Switzer-land, Taiwan, Thailand, the United Kingdom, the United States, and Venezuela. Distributors in all major industrial areas of the world.

The information provided in this literature was reviewed for accuracy at the time of publication. Product data may besubject to change without notice. For current information consult your local Pall distributor or contact Pall directly.

© 2011, Pall Corporation. Pall, , and Palltronic are trademarks of Pall Corporation. ® indicates a trademarkregistered in the USA. Filtration. Separation. Solution.SM is a service mark of Pall Corporation.

1/11, PDF, UK GN10.4135 USTR 2573

Visit us on the Web at www.pall.com/biopharmE-mail us at [email protected]

Recommendations for Using the Palltronic® Flowstar IV ... · Instruments in a 21 CFR Part 11...

Documents

Transcript of Recommendations for Using the Palltronic® Flowstar IV ... · Instruments in a 21 CFR Part 11...