Regulatory Open Forum

This message was posted by a user wishing to remain anonymous

Hi,

My company has a certain electronic form that is used daily and we just realized we might have a potential 21 CFR 11 violation.

Our electronic form is "unlocked" (meaning, changes can be made to the top part of the form) until personnel puts down their signature. However, 
 Adobe allows for an "unsigning" of signed forms, which then re-unlocks the form for modification. 

We thought of putting something in SOP stating that personnel is not allowed to modify the form after the fact. But I am not sure how the FDA would interpret that. 

Any thoughts?

Thank you all in advance.

This seems rather strange. If you digitally sign a document in PDF, it cannot be changed, or it will show that it has been changed since the signature was applied.
Therefore, if your staff unsign a document, they will create a completely new file when they sign the changed document.
Of course, you have no audit trail that the original was discarded and a new document created.
That is not a Part 11 issue, but a data integrity issue

------------------------------
Siegfried Schmitt
VP Technical
Braintree
United Kingdom
haag33@yahoo.com
------------------------------

Original Message:
Sent: 10-Dec-2018 11:40
From: Anonymous Member
Subject: Potential 21 CFR Part 11 violation

This message was posted by a user wishing to remain anonymous

Hi,

My company has a certain electronic form that is used daily and we just realized we might have a potential 21 CFR 11 violation.

Our electronic form is "unlocked" (meaning, changes can be made to the top part of the form) until personnel puts down their signature. However,
 Adobe allows for an "unsigning" of signed forms, which then re-unlocks the form for modification.

We thought of putting something in SOP stating that personnel is not allowed to modify the form after the fact. But I am not sure how the FDA would interpret that.

Any thoughts?

Thank you all in advance.

Form controls especially the ones directly or indirectly connected to product quality and thereby patient safety is important from data integrity perspective. It is not understood from your question whether the situation applies to such forms as well. If yes, then as long as there is an audit trail and the system ask and captures the reason for change with date and time, it should be fine. If this is not available you have to develop a system around preventing adhoc changes. Mere putting a statement in the SOP may not suffice. It could require a vigilance, audit and governance around that statement with a definitive evidence on a sample basis that original data is not tampered.

------------------------------
Rashida Najmi, Sr VP
Quality, Regulatory and Pharmacovigilance
Piramal Enterprises Ltd
Bethlehem PA
USA
------------------------------

Original Message:
Sent: 10-Dec-2018 11:40
From: Anonymous Member
Subject: Potential 21 CFR Part 11 violation

This message was posted by a user wishing to remain anonymous

Hi,

My company has a certain electronic form that is used daily and we just realized we might have a potential 21 CFR 11 violation.

Our electronic form is "unlocked" (meaning, changes can be made to the top part of the form) until personnel puts down their signature. However,
 Adobe allows for an "unsigning" of signed forms, which then re-unlocks the form for modification.

We thought of putting something in SOP stating that personnel is not allowed to modify the form after the fact. But I am not sure how the FDA would interpret that.

Any thoughts?

Thank you all in advance.

​Hello - What feature of Adobe are you using? If it is the certificates then that is digital and once the document is locked (check the lock button) it cannot be removed nor can the document be modified. If you are using the "Fill and Sign" feature that is not a signature to begin with as what it inserts in an image or handwriting that cannot be traced back to any individual and that is not a true signature. That being said, if the technical controls are not working, a SOP by itself will not suffice. This is a data integrity issue and must be addressed by data integrity policies and a SOP and Work Instruction for the signatures. In addition, you will also need to put some kind of audit mechanism in place to ensure there are no violations around the usage of these tools.

------------------------------
Premkumar Iyangar
Bangalore
India
------------------------------

Original Message:
Sent: 10-Dec-2018 11:40
From: Anonymous Member
Subject: Potential 21 CFR Part 11 violation

This message was posted by a user wishing to remain anonymous

Hi,

My company has a certain electronic form that is used daily and we just realized we might have a potential 21 CFR 11 violation.

Our electronic form is "unlocked" (meaning, changes can be made to the top part of the form) until personnel puts down their signature. However,
 Adobe allows for an "unsigning" of signed forms, which then re-unlocks the form for modification.

We thought of putting something in SOP stating that personnel is not allowed to modify the form after the fact. But I am not sure how the FDA would interpret that.

Any thoughts?

Thank you all in advance.