21 CFR Part 11 Compliance with Thermal Analysis Software

21 CFR Part 11 Compliance

Ladies and Gentlemen,

Welcome to the METTLER TOLEDO webinar on 21 CFR Part 11 Compliance.

21 CFR Part 11 is the acronym for part of Title 21 of the Code of Federal Regulations that establishes the United States Food and Drug Administration regulations on electronic records and electronic signatures.

During the course of this webinar, I would like to describe the scope, requirements and significance of these guidelines.

المحتويات

تسرد هذه الشريحة الموضوعات التي أريد تناولها.

I would like to start with a brief introduction to 21 CFR Part 11.

I will then present the scope and requirements for CFR compliance and the METTLER-TOLEDO STAR^e software solutions in this context.

Following this, I want to explain the technical features of the CFR Compliance option in the STAR^e software.

Finally, I will summarize the topic and list a number of useful references for further information and reading.

مقدمة

Typical questions for companies working under regulated FDA environment are:

Have you read 21 CFR Part 11?

Is your system validated for its intended use?

Who entered the data?

How do you know which data have been changed?

During the seminar, I will present more details about questions like this and how they can be addressed using the STARe software CFR Compliance option.

Introduction to 21 CFR Part 11

CFR is the acronym for the US Code of Federal Regulations.
The CFR is divided into sections, or parts, that pertain to different areas. Title 21 is for Food and Drugs.

It covers Good Clinical Practice - or GCP,

Good Laboratory Practice - or GLP, and

Good Manufacturing Practice - or GMP,

for the pharmaceutical and healthcare industries.

The FDA not only promotes and protects the market reach of safe and effective products for the public but also monitors the products for its continued safety.

The FDA also helps the public to get the accurate, science-based information needed to improve health. This is ensured by Part 11, which defines the criteria under which electronic records and electronic signatures are considered to be trustworthy, reliable, and equivalent to paper records and handwritten signatures, for acceptance by the FDA.

21 CFR Part 11 is in fact a law to prevent any falsification or fraud while permitting the use of electronic technology.

Scope and Requirements of CFR

As discussed in the earlier slide, 21 CFR Part 11 regulations are obligatory for all healthcare industries that manufacture or export their products in or to the U.S. market.

Part 11 is designed to help FDA-regulated companies benefit from the use of electronic data management. In short, it gives detailed guidelines on how to manage electronic records and electronic signatures in order to maintain accuracy and security.

The key objectives of Part 11 regulations are shown in the slide, and include

- ensuring the generation of trustworthy and reliable electronic records; and

- the ability to detect and keep track of any alterations to electronic records. 

Part 11 and the Predicate Rule

Part 11 contains detailed guidelines for keeping trustworthy electronic records and signatures.

However, Part 11 does not state which records must be generated and which records must be signed - this is the role of the predicate rule. Predicate is simply a legal term meaning pre-existing.

For example, 21 CFR 211 current Good Manufacturing Practice covers all phases of finished product manufacturing and correction and problem reporting. The predicate rule mandates what records must be maintained, the content of records, whether signatures are required, how long the records must be maintained, and so on.

If there is no predicate rule requirement for a record, then 21 CFR Part 11 most likely does not apply to the record.

There are only six explicit requirements for signing records in 21 CFR 211, but consider that “reviewed”, “approved” and “verified” in the regulation also implies a signature.

The 3 Types of Controls Required by Part 11

According to FDA regulations, all systems that come under Part 11 compliance require three types of controls, namely

- Technical controls,

- Procedural controls, and

- Administrative controls.

Technical control is a vendor/ supplier responsibility. It includes functions built into software to ensure the reliability and integrity of electronic records and signatures - for example, to provide security and access to the application and audit trails.

Procedural control is a user responsibility - generally that of the quality control department, which provides SOPs or instructions for using and maintaining the system.

Administrative control is the responsibility of the company to verify the identities of users.

Guidelines are published to achieve these controls. One of the guidelines for software is GAMP or Good Automated Manufacturing Practice.

سأشرح ذلك الآن بتفاصيل أكبر.

CSV Compliance with 21 CFR Part 11

GAMP or Good Automated Manufacturing Practice provides guidance to help with the validation of a computerized system. CSV stands for computerized system validation.

This slide shows the classification of software into different categories.

Systems used to control the instruments, acquire and process the data and report the final results are classified into categories three, four and five.

As we progress through the categories, validation becomes more specific.

According to the definition of validation, one has to demonstrate that the software operates as expected. However validated software may contain bugs so software support is the responsibility of vendor.

The STAR^e software is classified in Category 3. It is used off-the-shelf and controls the instrument, acquires and processes data, and reports the final results.

What Is Computerized System Validation?

Now, let’s take a closer look at computerized system validation, or CSV  using the model shown in the slide.

CSV demonstrates thatthe computerized system operates in accordance with predefined specifications. The predefined specifications are written in the User Requirements Specification or URS. It documents the functional parameters of the instrument and software that the user requires. The term DQ or Design Qualification is also used.

IQ, OQ and PQ are performed after the user has purchased the system that best suits his or her requirements.

The IQ or Installation Qualification is the documented evidence that the installed system matches the vendor's specifications.

The OQ or Operational Qualification is performed once the IQ has been completed and approved by the user. This documents the evidence that the system operates as specified by the vendor.

Finally, the PQ or Performance Qualification is carried out. The PQ is the documented evidence that the system performs according to the URS.

The PQ is the last step before the instrument is ready to use.

Finally, Change Control is part of the on-going validation process. It consists of periodic reviews to ensure that the system remains fit-for-purpose and controlled, for example when changes are made to the system.

Solutions Provided by the STAR^e Software

GMP and 21 CFR Part 11 compliance means providing additional security to the data management system.

The STARe software is designed as a closed system, more precisely an environment in which system access is controlled by persons who are responsible for the content of electronic records present on the system.

In order to achieve this compliance, the STARe software provides password access-control to the application, assigns user-rights for each user-level, ensures file integrity with electronic records, and properly logs the audit trail and electronic signatures.

The STARe software is designed and tested according to the METTLER TOLEDO internal ISO9001 quality management standards.

METTLER TOLEDO provides IQ and OQ at installation and can assist the customer with PQ.

Furthermore, the STARe software can be integrated into a Laboratory Information Management System or LIMS for short.

The STARe software is delivered with a certificate of system validation.

Access Control

Now let’s discuss each technical feature of the STARe software in more detail.

First, Access Control. The primary role of access control is to limit system access only to authorized individuals.

When data management is controlled technologically, it is mandatory that the system owner should know who is accessing and altering system data.

STARe software provides state-of-the-art access control; this implies password policies for user identification so that every user is unique and has a user name and a specific password.

The STARe software can therefore only be used if the login is successful.

Old accounts can be disabled but not deleted.

Users cannot be deleted or renamed, even if no other records refer to this user. In this way, the STARe software ensures that the entries in the audit trail can be uniquely assigned to a particular user. As a result, it is not possible to have more than one distinct user with the same identification throughout the lifetime of the STARe database.

Access Control                                        

The STARe software provides additional features related to access control for password policies. The User-Policies-dialog-box on the right of the slide shows how an administrator can assign these password policies to a user account.

The system administrator defines the minimum password length, with or without special characters. An expiration date for the password, which must be periodically changed, can be set and, if allowed, a reuse period can be assigned.

To ensure that unauthorized people cannot access the STARe software, the administrator is provided with certain extended features, for example, the maximum number of logon attempts permitted before an account gets locked.

The administrator can define a deactivation time for the STARe screen-saver lock, which allows automatic logging-off of a STARe user after a certain period of inactivity, or if the user has forgotten to lock his applications before leaving the PC.

User Account Creation           

Each user is assigned a User Role. The user role defines the group of rights granted to that particular user, for example: administrator, lab manager, lab technician, or operator.

The system administrator is the only responsible authority who can create a new user account.

He or she allows a user role and a signature level for that particular user account.

The User-Accounts-dialog-box on the right of the slide shows how the system administrator West creates an account for the new STARe user, Michael Frazer, as a Lab Technician.

I will explain more about user roles and user rights in the slides that follow. 

User Level Management

Now let’s turn our attention to User Level Management.

User level management consists of user rights and user roles and allows you to limit the functions that can be performed by a particular user. It ensures that only the data and functions actually required are linked to that user. This is extremely valuable for a multiuser system that is shared by several individuals.

Each user is assigned an individual user role. The user role defines the group of rights granted to that particular user, for example: administrator, lab manager, scientist, lab technician, and so on. The number of user roles that can be defined is not limited.

One or more of up to 30 different rights can be granted as appropriate to an unlimited number of different user roles.

User Roles and User Rights

As I explained earlier on, each user is assigned a user role and signature level that corresponds to the user’s daily business requirements. This means that a user can only sign a record if he has the basic right to do so and also has the appropriate signature level.

Let’s assume that a system in a QC lab is used by multiple users and is supervised by a lab manager. As shown in the table, we have created four different hierarchical levels of user roles corresponding to the various functions of the personnel in this imaginary laboratory.

The user, Frazer, who has a user role defined as lab technician, is only authorized to run measurements. He has to sign a record as tested and submitted, for review to scientist, Miller. Once Miller has signed the record, only users with a signature level higher than 4 can additionally sign the same electronic record. Here, in this case, it’s Widman and Jones because they have signature levels of 7 and 10.

The final result is released by Jones, the lab manager. In this way, each person involved has to add his part to complete the puzzle.

Electronic Records 

In this regulated environment, electronic records must be protected against intentional or accidental modification in order to ensure file integrity.

All electronic records are stored in the STARe software database. This means that only authorized STARe users can access data via the STARe software. A Windows user cannot access data in the database via the operating system. This provides more enhanced security compared with a file-based system.

Copies in human readable form and in electronic form can be generated of all electronic records that can be signed. The content is the same as in the textual or graphical printouts.

Electronic copies for inspection by internal or external auditors, for example the FDA, are generated in a non-editable format. For the STARe software, this is the PDF file-format.

Electronic Signatures             

Once you decide to sign an electronic record, the process of signing involves User Authentication. This requires entry of your user name and password, and the selection of a predefined meaning of the signature. The signature right and the signature level are checked. The signature is linked to the record you sign and cannot be removed, copied or transferred.

The Electronic-Signature-dialog-box shown on the right illustrates the process of electronic signing of the record. User Jones is about to sign a record and the system is asking for user authentication. He has to enter the mandatory fields like user name, password and meaning of the signature. Additional information can be entered in the Remarks box.

Signature Level

This slide shows more details concerning the Signature Level. When you sign a record in the Electronic-Signature-dialog-box, you must give the signature a particular meaning.

The STARe software defines up to 10 meanings and levels of a signature.

Only the system administrator has the right to define the meaning of signatures. The Meanings-of-Signatures-dialog-box shown in the slide explains the meanings of signatures defined for a laboratory as an example.

Level 10 is the highest level responsible for the release of the electronic record, whereas the meaning of Level 1 is “tested” or “run a measurement”, and is the lowest. The first level check box is always selected and cannot be cleared.

The system administrator can select as many check boxes in the “Level” column as necessary, and enter suitable texts that describe the meaning of the signatures in the “Meaning column” . This can for example be in accordance with an existing SOP in the laboratory such as "Reviewed", "Approved", and so on.

To sign a record more than once, every subsequent signature must have a higher level of meaning than the previous signature.

Note that 21 CFR 211 requires at least two signatures.

Signed Evaluation and History

Once the electronic record has been signed; the signature is linked to the record you sign and cannot be removed, copied or transferred.

This process generates a printed name of the signer, date and time of the execution, and the history of all signatures related to this electronic record.

The electronic signature status is visible in the electronic display as well as on the printout of each electronic record.

The STARe Evaluation diagram in the slide shows a signed evaluation file. The Electronic-Signature-dialog-box on the upper right shows details of the electronic signature history.

The detailed history related to electronic signature can be obtained by clicking Electronic Signature in the File menu in the STARe software Evaluation Window. This shows all the relevant details of the signed record, that is

- when Frazer signed the record as tested and submitted it for review,

- when Miller reviewed the record, and finally

- when the Lab manager, Jones, released the record.

Audit Trail                 

METTLER TOLEDO has implemented two different types of computer-generated time- stamped audit trails in the STARe software.

The first is the System Audit Trail. This keeps detailed records of all system changes such as login attempts, software version changes, backup and restore, user creation, and so on.

The other is the Analysis Audit Trail. This keeps detailed records of all significant changes of electronic data objects. It documents the creation and modification of any electronic record. At the same time, it keeps track of what was changed in the data, its previous and new value, who made the change, when the change was made, and why the change was made.

I will explain this in more detail in the following slides.

System Audit Trail  

First, a few more details about the System Audit Trail, which keeps track of all system changes.

The System-Audit-Trail-dialog-box in the slide shows an excerpt of a system audit trail generated by a STARe system shared by multiple users in a laboratory. It records details of login attempts made by various users, user account creation, password changes made by different users with a log of date and time.

Analysis audit trail

The Analysis Audit Trail keeps detailed records of all significant changes of electronic data objects. It documents the creation, and modification of any electronic record.

Generally speaking, the analysis audit trail keeps track of what was changed in the data and logs it in the “Record Type” column - for example: who made the changes, when the change was made, and why the changes were made.

The Analysis-Audit-Trail-dialog-box shows an analysis audit trail of a STARe system shared by multiple users in a laboratory. In this example, the date was used as the filter criterion.

LIMS Integration

Some companies prefer to have their software systems integrated in a Laboratory Information Management System, or LIMS.

LIMS connectivity is made possible using a software part called the STAR^e Gateway.

The LIMS interface software option enables you to access the STAR^e software database and to control some features of the STAR^e system. The LIMS requests the STARe software to create a LIMS order. Typically, the purpose of the order is to run a thermal analysis experiment, evaluate the measured data, and generate a report.

The STARe software together with the LIMS interface can implement specific customer-requirements. For example, the LIMS order may comprise the order to export only a particular result of the evaluation of a curve, even though the evaluation may include several other results. It is of course also possible to export more than one result at a time to the LIMS.

A single press of a button then sends the report directly to the LIMS.       

Summary of STAR^e 21 CFR 11 Option

This slide shows a summary of the main features and benefits of the STARe 21 CFR 11 Compliance option.

In this webinar, I have explained features that are mandatory requirements of CFR regulations, such as strict access control, user management, electronic signatures of data records, and audit trails.

For More Information on STAR^e 21 CFR Part 11

Finally, I would like to draw your attention to information about the STARe software and the CFR Compliance option that you can download as PDFs from the Internet:

For example, you can download data sheets describing the “21 CFR 11 Compliance” and “User Rights” STARe software-options.

You can also obtain detailed information from our “Validation” and “Thermal Analysis in Practice” handbooks.

الشريحة 25: لمزيد من المعلومات حول التحليل الحراري

In addition to this, you can obtain details about webinars, application handbooks or information of a more general nature from the Internet addresses given on this slide.

الشريحة 26: شكرًا لكم

This concludes my presentation on the METTLER TOLEDO 21 CFR Part 11 Compliance option.

شكرًا جزيلاً لكم على اهتمامكم وانتباهكم.