This document gives a brief introduction to Title 21 of the Code of Federal Regulations, Volume 11 (21 CFR 11 for short), and describes how it impacts information security in the pharmaceutical industry.
The Hitachi ID Identity and Access Management Suite is then introduced, and its use to comply with the requirements set forth in 21 CFR 11 is described.
Please note that this document does not constitute legal advice, or a legal interpretation of 21 CFR 11. This document represents the best understanding of Hitachi ID Systems of the relevance of this legislation to information security, and to identity management in particular.
21 CFR 11 is a set of rules governing the use of electronic records and digital signatures in business processes and in documents submitted to the FDA under requirements of the Federal Food, Drug and Cosmetic Act and of the Public Health Service Act.
Title 21 of the Code of Federal Regulations governs food and drugs. Parts 1 thru 99 are regulated by the Food and Drug Administration (FDA). Part 11 is titled "ELECTRONIC RECORDS; ELECTRONIC SIGNATURES."
21 CFR 11 sets out appropriate methods to manage electronic records and digital signatures, primarily by pharmaceutical companies and their suppliers, in such a manner as to make them equivalent to paper records and handwritten signatures.
The 21 CFR 11 includes the following parts:
The 21 CFR 11 came into effect on August 20, 1997.