21 CFR Part 11 establishes electronic record-keeping regulations for food-processing and pharmaceutical industries. The provisions fall under the Food and Drug Administration under the organization’s Title 21 Code of Federal Regulations. The best way to ensure compliance is via a SaaS platform that follows the regulations to a T, therefore ensuring your company is within guidelines.
This report outlines some of the 21 CFR Part 11 requirements and how Dokeos complies. Our LMS is designed to meet the latest GxP compliance standards.
Section 11.10 (b)
This section establishes that copies of records must be readable, interpretable, and in a format appropriate for review and inspection.
Dokeos’ response: Export training reports to each course taker in PDF and Excel format. The report comes complete with time stamps and the identity of the individual requesting the report.
Section 11.10 (d)
Electronic record access must be limited to authorized individuals only.
Dokeos’ response: Our LMS requires sign-in via login and password. Furthermore, HR can distribute roles to individual users, granting them special access rights. These rights can be granted or revoked by admin at any time.
Section 11.10 (e)
Electronic records must contain fully trackable audit trails complete with time stamps and information about who accessed the system and edits made. Even data that is deleted or modified must be retrievable in its original format.
Dokeos’ response: all actions completed in our LMS are automatically logged and timestamped.
Section 11.10 (f)
The system must enforce all sequences of events. No individual step may be bypassed.
Dokeos’ response: Unless permitted by the administrator, learners may not skip any course module. Each section completed must be verified with the learner’s e-signature.
Section 11.50 (a) (1) (2) (3)
All forms requiring a signature must meet these three parameters: the signee’s printed name, the date the form was signed, and the purpose of the signature (e.g. contract renewal, administrative clearance).
Dokeos’ response: Our audit reports fulfill these three elements. That is, it records the names of signees, the time of signing, and logs the intent of the form.
Section 11.70 (a)
All e-signatures must be directly linked to their respective documents. The signatures cannot be copied, duplicated, or transferred in a manner that may lead to fraudulent records.
Dokeos’ response: when you e-sign a document in Dokeos’ platform, that signature is linked to the signee’s account. This prevents the signature and records from being copied or falsified.
Section 11.200 (a) (1)
In addition to a password, log-ins must include at least one other identification component, such as a one-time passcode by text.
Dokeos’ response: Apart from two-factor authentication, our LMS requires users to create a unique password that cannot be deciphered through traditional brute-force attacks. Passwords require upper and lower case alphabets, as well as numbers and symbols.
Section 11.200 (a) (1) (i)
After a certain period of inactivity, the system must automatically time out and log users out.
Dokeos’ response: Anyone signed into our LMS is automatically signed out after three hours of inactivity.
Section 11.200 (a) (3)
Any account holder who attempts to use an electronic signature other than their own must collaborate with at least one other account holder.
Dokeos’ response: Sharing of electronic signatures is strictly prohibited. Beyond the electronic signature’s original owner, the global administrator is the only user who can access another account holder’s e-signature.
Section 11.300 (a) (b)
All usernames and passwords must be unique; no two account holders can have an identical username or password. Furthermore, passwords must be changed after a set period of time.
Dokeos’ response: Our LMS prohibits individuals from having the same usernames and passwords. The system is also set to automatically instruct users to update their passwords after a period of time determined by the administrator.
Section 11.300 (d)
Safeguards must be in place to detect and report the unauthorized use of usernames, passwords, or e-signatures.
Dokeos’ response: we block users from our system after a set number of unsuccessful login attempts. The incident is immediately reported to the administrator.
Dokeos makes 21 CFR Part 11 compliance intuitive
We mentioned just a handful of the sections that comprise the complex framework of 21 CFR Part 11. Fortunately, there’s a shortcut solution for the life sciences and pharmaceutical industries. Dokeos complies with the latest GxP measures; this is reflected in its cloud and LMS platforms that implement rigid security and encryption protocols. Our comprehensive Computer System Validation enforces user action traceability, chain of command, and security management as part of its tight security risk assessment measures.
Furthermore, the admin can produce individual training files and accredited certificates via a compliant step-by-step process complete with electronic signatures and log traceability for authentication and fraud prevention. Sign up for a free trial today to get your employees trained and accredited in a compliant manner!
Looking for an online course about FDA 21 CFR PART 11 ? Discover, our awarded partner, GxP-Training, and their certified course about CFR PART 11 and electronic signature . They have more then 50 accredited courses about pharmacovigilance, 100% online, interactive and they provide a certificate of completion with CPD/CEU accreditation.
