News您当前的位置:Home > EN > News >

Federal regulations 21 chapter 11 - electronic records; The


Chapter A general provisions

11.1 scope of application

11.2 to perform

11.3 definitions

Chapter B electronic records

Control of the closed system

11.30 control of open system

Verification of signature of 11.50

11.70 signature/record connection

Chapter C electronic signature

11.100 general requirements

11.200 the composition and control of electronic signature

11.300 control of code and password

Chapter A general provisions

11.1 scope of application

(a) the rules of this article provides a standard, under this standard FDA will think electronic records and electronic signatures, and hand signature on electronic records is trustworthy, reliable and often equated with paper records and the handwritten signature on the paper.

(b) this provision is applicable to the record of establishing, modifying, maintaining, archiving, retrieving, or transmitting in electronic form at the request of any records stated in the FDA rules. This clause applies to the federal food, drug, and cosmetic act and the public health service act under the requirement of electronic records are sent to the FDA, even if the record is not under the rules of the FDA's clear identification. However, this provision does not apply to the paper-based records that are now and electronically transmitted.

(c) once the electronic signature and electronic records related to it in accordance with the requirements of this clause, the FDA will think electronic signature is equivalent to completely hand signature, abbreviation, signature, and other general signature the desires of the FDA's rules. Unless the rules are explicitly excluded from the effective date of 20 August 1997 (including this date).

(d) in accordance with the provisions of this article 11.2, the electronic records in conformity with the requirements of this provision may be substituted for the use of paper records unless there is a special requirement in the paper record.

(e) the maintenance of computer systems (including hardware and software), control, and accompanying documents under this provision shall be accessible to the FDA and subject to FDA regulation.

11.2 to perform

(a) need to be maintained, but not submitted to the FDA records, if accord with the requirement of this clause, people can use all or part of the electronic records instead of paper records or use the electronic signature instead of traditional signature.

(b) the electronic records submitted to the FDA may be used to replace the traditional signature (hand signature) by using all or part of electronic records instead of paper or electronic signatures if:

(1) meet the requirements of the provisions;

(2) the submitted document or part of the document, as the type of submissions received by the FDA in electronic form has been identified by the 92S - 0251 public summary. This paper will be clearly identified, what type or part of the file without paper records and the FDA receiving unit (for example, a specific center, office, department, branch) at the time of the electronic form submission is acceptable. If it is not explicitly stated on the public summary, the documents submitted to the FDA in electronic form will not be considered formal; The written form of this document will be considered formal but must be accompanied by electronic records. People are expected to negotiate with future FDA receiving units on how and whether to conduct electronic submission (e.g., methods, media, file formats, and technical protocols).

11.3 definitions

(a) the definitions and translation of terms contained in section 201 of the act also apply to those terms used in this provision.

(b) the definitions of the following terms apply to this provision

(1) the act refers to the federal food, drug and cosmetic act

(2) the agency refers to the food and drug administration (FDA)

(3) the biometrics refers to a kind of based on personal physical characteristics and repetitive behavior (these characteristics and behavior is the only to the individual, and can be measured) method of measurement to verify personal identity.

(4) the closed system refers to an environment where the login of the system is controlled by those responsible for the content of the electronic records on the system.

(5) digital signature refers to a method that identifies encryption based on the sender, using a set of rules and a series of parameters to calculate the full performance of the signer's identity and data.

(6) electronic records refers to any text, graphics, data, voice, graphic, or other information represented in the form of electronic hybrid, it establish, modify, maintain, archive, retrieve, or distribution is performed by a computer system.

(7) refers to a kind of electronic signature performed by a person, adopt or approval for its personal handwritten signature has the same legal effect of any symbol or a series of symbols of the computer data compilation.

(8) hand signature refers to the personal signature or legal sign of a person's handwriting or legal symbol which is adopted in the form of permanent writing. Signature behavior using writing and marking tools, such as a pen or stylus, is preserved. A handwritten signature or a legal symbol can be used in writing or other equipment for obtaining names and marks.

(9) the open system refers to an environment where the login of the system in this environment is not controlled by those responsible for the content of the electronic records on the system.

Sub-chapter B - electronic record

The management of the closed system

People use closed systems to create, modify, maintenance, or transmit electronic records should be used to design can ensure record authenticity, integrity and confidentiality of appropriate procedures and controls, to ensure that the signer cannot easily deny already signed record is not true. Such procedures and controls should include the following:

(a) validation of the system to ensure accurate, reliable, and stable expected performance, capable of identifying invalid and altered records.

(b) ensure that accurate and complete copies of electronic forms of electronic form that are easy to read and suitable for FDA inspection, review, and copies are produced. The FDA should be contacted when people suspect that the FDA is capable of performing such electronic record reviews and copies.

(c) record protection to enable the record to be accurate and easy to retrieve during the entire storage period.

(d) to limit system logins by izing individual users.

(e) use of secure, computer-generated, time-stamped audit trails to independently record the date and time of the operator's actions to log in and build, modify, or delete electronic records. The record change does not allow the previous record information to be overwritten. Such an audit trail document will at least be retained for a period of time, depending on the guaranteed availability of the electronic records that are under review and copy at the FDA.

(f) when necessary, use operating system checks to enhance the sequencing of processes and events.

(g) using validation checks in place to ensure that only ized users can use the system, to electronically sign the record, use the operation or computer system input and output devices, change records or manual operation.

(h) use of equipment (for example, terminal) when necessary to determine the availability of data input sources or operational instructions.

(I) the personnel responsible for the development, maintenance or use of electronic records/electronic signature systems shall have the education, training and experience corresponding to the tasks assigned to them.

(j) in order to prevent the falsification of records and signatures, a written strategy to establish and adhere to the responsibilities and responsibilities derived from personal electronic signature behavior.

(k) application of appropriate control in system documentation includes:

(1) there is sufficient control over the distribution of the documents used in the operation and maintenance of the system.

(2) revise and change the control procedures to maintain an audit trail of system files generated and modified in chronological order.

11.30 open system management

People use open system to establish, modify, maintain, or transmit electronic records will be used to design programs and controls to ensure that electronic records from their creation to their receiving the authenticity, integrity and confidentiality. This program and control should be including those identified in 11.10, when necessary, additional measurements such as document encryption and apply the appropriate digital signature standard to ensure that, in this environment, record the necessary accuracy, integrity, and confidentiality.

Display of signature at 11.50

(a) signature of electronic records shall contain the following information which is clearly relevant to the signature:

(1) print out the name of the signer

(2) date and time of signature of the signature; and

(3) the meaning associated with the signature (e.g. review, approval, responsibility, or original )

(b) the terms have been identified in this section (a) (1), (2), (a) and (a) (3) should be subordinated to and electronic records of the same control and should be included people easy to read in the form of electronic records (such as electronic display or printout)

11.70 signature/record connection

Sign the electronic records of electronic signature and hand signature should link to their respective electronic records in place to ensure that electronic signature will not be able to cut, copy, or other aspects of the transfer that using ordinary methods to forge an electronic record.

Chapter C electronic signature

11.100 general requirements

(a) each electronic signature should be unique to a single person and cannot be reused or redistributed to anyone else.

(b) the organization shall verify the identity of a person before an organization establishes, assigns, certifies, or approves a person's electronic signature or any other element of such an electronic signature.

(c) the signer when using electronic signature or use, should prove to the FDA, since August 20, 1997, and later on their system of electronic signature, and traditional handwritten signature has the same legal effect.

(1) the certificate shall be submitted in writing to the office of local operation and the traditional handwritten signature,

(2) at the request of the FDA, people should provide an additional certificate or evidence with an equal legal effect when using the electronic signature.

11.200 components and management of electronic signature

(a) electronic signature not based on biometrics:

(1) use at least two distinct proofs, such as identification codes and passwords.

(I) when a person signs a series of signatures during the login period of an independent, continuously controlled system, the first signature signed will use all electronic signature components. Subsequent signature should use at least one electronic signature component. This component can only be signed by individuals and designed for use only by individuals.

(ii) when a person does not sign one or more signatures during the login period of an independent, continuously controlled system, each signed signature should use all electronic signature components.

(2) only being used by their real owners;

(3) manage and sign to ensure that any other person other than its true owner may attempt to use the electronic signature in collaboration with two or more persons.

(b) electronic signatures based on biometrics should be designed to ensure that they cannot be used by anyone other than the true owner.

Identify code and password management

The use of electronic signatures based on the use of identification codes and passwords should be used to ensure their safety and integrity, which should include:

(a) maintain the uniqueness of each identification code and password, that is, no two people have the same identification number and password.

(b) ensure that the release of identification codes and passwords can be regularly checked, retracted or revised (for example, coverage of events such as the aging of passwords)

(c) according to the loss of the management process for lost, stolen, can't find or may damage mark, CARDS and other devices (generated or device to create identification code or password information electronic failure, and application, the strict control appropriate substitute to issue temporary or permanent.

(d) to deal with the use of safety device to prevent unized use a password or identification number, immediately and emergency measures to detect and report any unized attempt to use the system security unit, and appropriate, the organization management.

(e) initial and periodic testing equipment, such as marker or card, contain or generate identification code or password information, to ensure that they perform the duties of appropriate and by an act of unized change.


Noun interpretation:


Food and Drug Administration Food and Drug Administration

Address:Taizhou City Jiangyan Room 2206, 2nd floor, kaichuang business center, suzhong mould park    Tel:0523-88391108    Fax:0523-88391108
Copyright © 2002-2017 PuMaLi Support:启源网络 ICP备案编号:苏ICP备17043136号