Electronic Records

Part 11 Password Safeguards: What’s Really Required?

Q: My question concerns the requirement for Part 11 password safeguards (Part 11.300(d)) that prevent unauthorized use of passwords or identification codes. We’ve always considered the “detect and report” portion of this requirement to include logging unsuccessful attempts and then reviewing those…

Share

Re-Audits: When and Why Should You Conduct Them?

Q: What is industry practice — or more importantly, FDA’s viewpoint — regarding re-audits? Do we need defined and documented criteria for when to conduct re-audits? If so, what would such criteria include? A: My experience is that industry rarely does what is…

Share

Validating an HR-Related System: What Would FDA Say? 

Q: We’re having an internal debate about validating an HR-related system. We understand FDA expects us to validate manufacturing or operational-related systems such as manufacturing execution systems (MES), laboratory information systems (LIMS), quality management systems (QMS), and learning management systems (LMS). But…

Share