21 CFR part 11 vs. EU Annex 11

Introduction

The United States Food and Drug Administration (FDA) and the European Commission have defined regulations for the conditions under which regulated companies can submit electronic records in lieu of paper documents.

These regulations define the measures that must be in place to ensure the integrity,  trustworthiness, and reliability of electronic records. The regulations define and require three types of controls:

1. Administrative controls, e.g. the definition of policies such as the identification of individuals and non-repudiation of electronic records.
2. Procedural controls, e.g. Standard Operating Procedures for using and maintaining the system.
3. Technical controls e.g. functions built into the software such as security and access to the system as well as the audit trail

For compliance with the regulation, all three of the above controls must be implemented.

Regulations

21 CFR part 11 (Electronic Record: Electronic Signatures final rule) defines criteria for acceptance by the FDA of electronic records and signatures on electronic records as equivalent to paper records and handwritten signatures. It defines the criteria for which electronic records and electronic signatures are considered trustworthy, reliable, and equivalent to paper records and handwritten signatures.

It requires FDA-regulated industries to implement controls, audit trails, validations, electronic signatures, and documentation of software systems involved in processing electronic data.

Where 21 CFR part 11 applies to the companies doing business with the USA, the European Commission has created for computerized systems the Annex 11(computerized systems)  to  Volume 4 of GMP for the European market. Similar to the FDA regulation, Annex 11 applies to all forms of computerized systems used where GMP regulations apply. Annex 11 applies when computerized systems replace manual operations; there should be no resultant decrease in product quality, process control, or quality assurance, as well as no process-related risks.

Orcanos is compliance to 21 CFR Part 11 & EU Annex 11

‍