21 CFR Part 11 - Requirements and New Scope

The FDA rule on electronic signatures and electronic records was issued in 1997, but the details of implementation are still being debated. The 2003 FDA guidance redefines the scope of 21 CFR Part 11. Understanding which records now fall under the scope of the rule can help you begin implementing your compliance plan.

In 1997, FDA issued 21 CFR Part 11, which provides criteria for FDA acceptance of electronic records, electronic signatures, and handwritten signatures.¹ In response to requests from industry, the regulation allows electronic records to be treated as equivalent to paper records and handwritten signatures. By providing faster and more productive access to documentation and accelerating the approval process, electronic records are expected to be more cost effective for industry and FDA.

The rule applies to FDA-regulated industry segments that must follow Good Laboratory Practice (GLP), Good Clinical Practice (GCP), and current Good Manufacturing Practice (cGMP) requirements.

Analytical development and quality control laboratories that regularly use computers for instrument control, data acquisition, data evaluation, data management, data transfer, and archiving must comply. Part 11 applies whenever computer systems are used for regulated activities, whether they are used as part of an automated analysis system, as part of a network, or as stand-alone machines (for example, for spreadsheet applications or word processing).

The primary requirements of Part 11 include:

use of validated computerized systems
secure retention of electronic records allowing instant reconstruction of analyses
user-independent, computer-generated, time-stamped audit trails
system and data security, data integrity, and confidentiality through system access control
use of secure electronic signatures
use of digital signatures for open systems.

Internal server error