In 21 CFR Part 11, various criteria are formulated according to which electronic records, electronic signatures and handwritten signatures on electronic records are considered with regard to their trustworthiness, reliability and equivalence to paper documents or signatures executed on paper. The requirements apply to data that is created, modified, stored, or transmitted electronically and that is intended to be available for inspection, verification, or copying. The directive also distinguishes between open and closed systems.
What is the difference between an open and a closed system?
The regulation defines a closed system as an environment in which system access is controlled by individuals who are responsible for the contents of the records on the system. Otherwise, it is an open system. This is the case, for example, when raw data is transferred from the device to a network without encryption.
Our 21 CFR Part 11 compliant Aquisys 3 software
SCHMIDT + HAENSCH offers the fully 21 CFR Part 11 compliant software Aquisys 3 as an integrated part of the VariFamily instruments – VariPol polarimeter, VariRef refractometer and VariDens density meter. Availability only in the “Pharma Ready” version P.
The software is able to handle extensive data storage and create a detailed audit trail in a correctly deployed IT infrastructure on the device. A user administration, a validation process and furthermore a password protection are part of Aquisys 3. All measurements are stored in an encrypted database and protected against data manipulation. Statistical evaluations of the results on the device as well as a comfortable and individual report creation and export are possible.
Closed system
Full access to the system is reserved only for persons authorized by SCHMIDT + HAENSCH. The administrator as well as the users cannot make any metrologically relevant changes to the system.
Data storage
All raw data is stored tamper-proof and permanently in the device and in encrypted backups. The electronic records cannot be changed, added to or deleted. This ensures the authenticity, integrity and confidentiality of your data.
Autarkic user management independent of Windows
The user accounts are set up in the device itself at the administration level. When setting up the user accounts, a unique user name, password and authorization level must be defined, thus a specific user account can be set up for each authorized person. The corresponding criteria for password assignment can be defined by the administrator. User account management is thus completely internal to the system and independent of external systems (for example, a Windows computer).
Access control
In 21 CFR Part 11 mode autologin is disabled. Only authorized persons can access the system. An automatic logout after a defined time can be set.
Audit Log
All relevant processes and configuration changes are stored in the audit log with date and time stamp and user ID. This means that all changes can be tracked to the minute and without gaps. The data in the audit log cannot be subsequently changed either. The audit log can be exported as a text file, but the original data remains on the device.
Would you like to learn more about our Aquisys 3 software? Please feel free to contact us.
We are ready to give a live online demonstration.
