Movicon Help on Line - Rel. 11.7.1301
The aim of the CFR21 Part 11 regulations, written up by the FDA (Food & Drug Administration), is to obtain a legal equivalence between electronic documents (digital records and electronic signatures) and traditional paper documents. This has evolved due to the increasingly frequent use of automatic systems in managing production processes in systems that operate under FDA approval. In order that automation and control systems are realised in conformance with the CFR21 Part 11 regulations it is necessary that all recorded data is made referable to the operator in charge (Electronic signature), furthermore certain regulations regarding any precautions must be adapted to safeguard against forgery and mishandling of electronically recorded data, or to allow easy identification of any misuses, whether intentionally or unintentionally, of electronic devices which generate electronic records. Many pharmaceutical industries have especially benefited from using electronic records where untold amounts of paper documentation, archived over many years of research, has been transferred into electronic records which not only has reduced space but also precious time in acquiring and reviewing important information before releasing medicine on the market for sale.
It is absolutely crucial that these types of industries have the devices with the right protection mechanisms to safeguard against any intentional or unintentional data errors in electronic format.
General Concepts for supporting these regulations
The concepts described below define how to use Movicon to develop applied projects with compatibility with the act and its regulations discussed in this document.
A list of the main concepts has been put together by Emerson to give a clearer picture on the indications explained henceforth and which are based on the understanding that it remains the user's responsibility to ensure that the application, developed with Movicon, is compliant with these requirements.
Security
The Movicon project must be encripted (Movicon uses a 128 bit encoding) so that all the configurations and passwords used in the project are accessible from the outside.
Movicon guarantees unique user password entries in the project. Each user is identified in the project with a UserID, Password, printable Description or Name (Electronic Signature). Movicon does not accept Users with the same electronic signature name (unique identity control) of another individual. The names must be made up with not less than 4 characters and not more than 64 characters.
To guarantee data integrity and safeguard against any tampering of data, the Movicon application should be run as Service of the Windows operating systems. This will require identification of users registered in the system's domain according to the security requirements stipulated in order to access the operating system and its files.
Movicon supports Windows OS domain sharing so that the user passwords, set up by the system administrator, can be used.
Users who manage the recording of data by using the Data Loggers must take the right measures to prevent any unauthorized access, undesired modifications and tampering to database records. The IMDB archives (InMemory DB) allow users to manage encrypted historical log files or secure databases can be used, such as Microsoft SQL Server or Oracle with the appropriate administering of the Windows 32/64 bit operating system, which only permit the system administrator or developer access to records.
To put an access limit on the developed application's functions and controls, the Movicon project must use the User Password Profile management correctly, which involves the entering of a Password, UserID, User Name and Access Level. Movicon provides 1024 access levels and 16 areas.
Users must manage their passwords with great care and integrity. New users, inserted by the administrator, can replace their password with a more personal one on their next Log On.
All passwords can be set with an expiry time to make the user to issue a new password periodically, which will contribute to increasing system security.
To fully comply with the regulations, the Auto LogOff (timeout of enabled access) must be appropriately used in the Movicon password management in order to prevent unauthorized access to the system after a certain period of user inactivity.
To ensure validity and the correct entering of data, users must make sure that the Movicon operating stations are allocated in safe places and that they are accessible to authorized personnel only.
The Movicon AutoLogoff function must be used in systems in continuous use.
Movicon has tools and procedures that can be used for discouraging any unauthorized access attempts and are the same as those used in the Windows 32/64 bit operating system as required by the regulations. After the third failed attempt to access, Movicon will purposely take longer to respond to the re-entry of the password to discourage the intruder.
Any further attempts to violate the system (Upon the fifth unauthorized Log On attempt) Movicon will display and record the event in the Historical Log in order to safeguard against and control any further system violations.
Digital Recording/Electronic Signatures
Movicon returns the descriptive name of the registered user to identify and individualize the active operator.
The applied program must be configured to record electronic signatures each time a digital recording is carried out (creating a record in the database) as required by the regulations. The user must execute LogOn in the project by linking two combined data (UserID and Password), and the electronic signature must be the genuine name of the user, the date, time and reason for the recording. The Movicon Data Logger allows the recording of all necessary data on the Database.
For reasons of legal responsibility relating to the Electronic Recording, the operator must always be acknowledged every time data is recorded or when accessing the system. The User's ID is unique and belongs to that user only in Movicon and no other individuals are allowed the same ID.
To satisfy the Electronic Recording requirements, the recording of events must be configured appropriately by using the IMDB archives (InMemory DB) where crypted historical log files can be managed or if ODBC archives, such as the Microsoft SQL Server or Oracle, secure databases must be used with the correct security management administered. Furthermore the user must configure applications to acquire and record electronic signatures on record of any operator undertaking actions. The user must also prevent any data from being lost by configuring the application to execute backups of all data recorded, or by using the Movicon redundancy functions. The user can also eventually configure the system so that it uses the Data Logger resource to record crypted data on IMDB or on relational ODBC database files. If needed, new data files can be created with prefixed timeframes (eg. Every 4, 8 or 24 hours) by using the Basic Script functions.
The user can configure the system to copy recorded data in a safe and secure location by using procedures appropriately written with Basic Script codes. The Windows OS security functions protect files and their data from any unauthorized access. When multiple files are created the user must control whether the right code is entered to prevent saturating free space on the hard disk where the oldest files may need to be deleted.
The user may have to synchronize the system's time in real time or to that of another system's (Microsoft or third parties) so that recorded data relate to the true date and time, or they may have to manage data synchronization between Client and Server so recording becomes coherent. Synchronization of this type can be managed directly with the Windows OS functions or with the Basic Script codes for third party products.
Validation and Documentation
Some of the requirements stipulated in the regulations are not altogether implemented in software applications. These Part 11 requirements can be satisfied if the client validates their application to guarantee accuracy, reliability and security when recording data, as well as the capacity to prevent unauthorized editing, errors and data deletions. The Movicon users must validate their application in order to comply with the FDA act. The users can develop and/or execute the validation of programs and protocol themselves or delegate this task to others. The validation must follow a methodology established from system's life cycle (SLC).
In order to meet the controls requested by the regulations in this act, the client must adopt adequate procedures to verify the identity of the individuals who have been assigned an electronic signature.
The client must enter and set up the operator and their operating responsibilities executed under their electronic signature, to impede any forgeries or tampering of signatures or recordings, in compliance to the regulations of this act.
The client must always be certain on the identity of the individual assigned an electronic signature. Further more the client is held responsible that the enrolled operator is fully aware of the regulations stipulated by the FDA agency and that they intend to use their electronic signature as a substitution and an equivalent of their own handwritten signature used on traditional paper and, when necessary, produce certification of their true identity, being legally binding to their handwritten signature, when under FDA inspection.
The client is responsible for producing documentation on system use or on the application realized, on its distribution and updates, and also the details on personnel training. However, the client is not responsible for documentation on the platforms being used (Movicon, Windows).
Other
All the data must be stored in a relational database, which fully meets the necessary security requirements (ie. IMDB crypted data, SQL Server or Oracle with the relevant protection) and protected from any violation to or tampering of the security functions belonging to the Windows 32/64 bit OS. Data must be filed and kept available for an adequate period of time according to the operating requirements.
To further enforce the safeguard of data, project, images and recipes the user should use a third party software type, which can guarantee version maintenance and management (eg. Microsoft Source Safe can be used for controlling the versions).
