Hello Karen,
First would comment whatever signature process you want to implement in your organisation, select one passed on your processes, maturity of your quality system, and where your documents would be transmitted (if they are being sent externally). More importantly make sure your internal procedures reflect the process for how you manage electronic or digital signatures.
There can be a distinction between electronic and digital signatures, where many will use electronic signature which is actually still handwriting their signature only in electronic format, i.e. if you have bought an item in a store using credit card and signed on the little screen with your signature. An electronic signature can also be something where you just select an option that you "sign" the document electronically such as a version of DocuSign.
The difference between an electronic signature and digital signature is with a digital signature there is a date stamp, usually a time stamp, and also potential a certificate accompanying the signature. A digital signature embeds a token, certificate, or personal identifier showing who signed. A digital signature is most secure because the person not only needs to login to the system, but must also digital sign with another password or token. You can even take it to the next level with biometric digital signature, so not only digitally signing with a token, but using biometrics like a fingerprint or eye to confirm identity.
Electronic signatures only are legally binding based on Acts, regulations, and laws passed in most countries. The need for digital signature is only is there is security concerns or identity needs associated with the signature. Though some programs like Adobe already have digital signature built into the program such as if using full suite of Adobe Acrobat can include this version just an electronic signature.
It can be quite complex on which to choose, so that is why I mention at the beginning to really determine based on your quality system, documentation, and where your records will be transmitted what type of signatures you need. Keep in mind most electronic signature options today a compliant to Part 11 requirements (don't get hung up on Part 11 it is more important your eQMS systems are validated). However, if you are making eSubmissions to FDA than getting a program providing digital signatures may be more appropriate.
------------------------------
Richard Vincins RAC
Vice President Global Regulatory Affairs
------------------------------
Original Message:
Sent: 12-Jun-2019 19:21
From: Karen Zhou
Subject: electronic signatures
There are different types of signatures defined in Part 11. Here are the three I need clarification on:
Digital signature
Electronic signature
Handwritten signature
For handwritten signatures (also known as electronically captured handwritten signatures), is it true that an approver can just sign off with a stylus, and that's equivalent to a traditional wet-ink signature? In this case, one can use Adobe Sign to sign off? It seems like a way to get around the actual electronic signature requirement. In this case, Part 11 does not apply.
Also, between digital signature and electronic signature, I have seen some companies go for Adobe digital signatures rather than implementing electronic signatures (e.g. through DocuSign or any of other dozens of e-signature vendors). Is one type of signature preferable to the other? Note, the company plans to store all documents (procedures, and records) in an electronic format, but do so in a way to comply with Part 11. It's a very small company of under 10 people so it would be great to implement a cost-effective electronic signature system. Can somebody provide some insight into this?
------------------------------
Karen Zhou
------------------------------