Today's Chemist at Work
November 1997
Today's Chemist at Work, 1997, 6(10), 15-16, 18-19.
Copyright © 1997 by the American Chemical Society.


The rule becomes final: As we lean on our computers more, FDA is stepping up regulations dealing with records and signatures in today's paperless lab

HELEN GILLESPIE


W ith the growing dependence on computers to perform all types of laboratory tasks - from sample log-in to reporting - the issues surrounding the integrity, accuracy, and authenticity of electronic records and signatures and the ability to validate those data effectively have come to the fore.

The US Food and Drug Administration (FDA) has been wrestling with the issue of electronic alternatives for handwritten records and signatures since computers first entered the laboratory. From the lab's perspective, stopping a task in mid-stride whenever data are being updated to print out a copy, sign that copy, file it manually, and then continue with the task adds needless paperwork, slows productivity, and defeats the purpose of computers. From FDA's perspective, personal computers are anything but personal, and electronic data can too easily be changed accidentally or intentionally, without the proper authority or audit trail for validation purposes.

In 1991, FDA created a task force called the Electronic Identification/Signature Working Group to determine how to accommodate paperless record systems under the current Good Manufacturing Practice (GMP) regulations. On 20 March 1997, the final rule on electronic records, signatures, and submissions - known as 21 Code of Federal Regulations (CFR), Part 11 (1) - was signed. It became effective 20 August, five months after publication in the Federal Register.

PAPER VS. ELECTRONIC
The central issues surrounding electronic records and signatures hinge on the validation of such data. Validation of a laboratory procedure, method, record, or data of any kind requires that several points be addressed, including the existence of a process definition, documentation, demonstration of fitness for use, and provision for maintenance. Simply stating that a person is authorized to change a record and having that person sign off on the change is inadequate. There are numerous differences between paper and electronic record technologies that must be addressed before an electronic system can be validated.

For instance, electronic records are culled from information databases. Such databases are dynamic. The content changes as new information is added; therefore, the electronic records contained in information databases are transient views rather than static entities. In addition, all database software is slightly different, in how it is programmed and in how it operates. Depending on the way the software is written, it is possible to misrepresent the database information when performing certain operations (e.g., similar queries can provide different answers). Worse, database elements can easily be changed at any time without evidence that a change was made and in a manner that destroys the original information.

Electronic signatures face similar issues. It is much more difficult to falsify a paper signature and easier to detect when this has happened than it is to falsify an electronic one. In addition, paper signatures cannot be borrowed or loaned, whereas an electronic one can. These issues do not arise in paper-based systems. Therefore, additional controls are necessary for electronic signatures.

THE FINAL RULE
According to the FDA (1):

The final rule provides criteria under which FDA will consider electronic records to be equivalent to paper records, and electronic signatures equivalent to traditional handwritten signatures. Part 11 applies to any paper records required by statute or agency regulations and supersedes any existing paper record requirements by providing that electronic records may be used in lieu of paper records. Electronic signatures which meet the requirements of the rule will be considered to be equivalent to full handwritten signatures, initials, and other general signings required by agency regulations.

The rule provides the additional controls necessary to ensure the integrity, accuracy, and authenticity of system operations and information stored in the systems. In particular, the issue of security was addressed. FDA is mainly concerned with control - not only of the data in the system, but also of the system and access to the system - and set forth certain stipulations. System access must be limited to authorized individuals. Operational system checks must be performed regularly. Database information must provide time- and date-stamped audit trails. Access to the database search software must be limited. The type of security required also depends on the type of system being used and whether that system is open or closed.

SECURITY FACTOR
Electronic signatures are a significant factor in the security of the system. Hence, according to the rule (1), the electronic signature must be backed up with documentation that includes:

the printed name of the signer, the date and time the signature was executed, and the activity (such as review, approval, responsibility, and authorship) associated with the signature. In addition, electronic and handwritten signatures executed to electronic records must be linked to their respective records so that signatures cannot be excised, copied or otherwise transferred to falsify an electronic record by ordinary means.

Because of these security concerns, electronic signatures must be unique. Unique signatures comprise more than just different usernames and passwords. The reuse or reassignment of electronic signatures to someone other than the original user must also be taken into consideration. In a forensic laboratory, for instance, officers may be assigned electronic signatures based on their badge numbers rather than their names. If an officer retires or a badge number is reassigned, the previous owner must not be confused with the current owner. The same criteria apply to any other laboratory.

Because electronic signatures can often be guessed easily, FDA included requirements to guard against this occurrence. Each signature must consist of more than just a password, and passwords must be unique. It is not acceptable for people to use passwords associated with their personal lives, such as the names of their children or pets. And passwords need to be changed frequently. FDA believes that without such precautions, the possibility of a password being compromised and of impersonation and/or falsification continuing as long as the password is valid is greatly increased. These parameters are more awkward than difficult to accommodate.

Despite the stringency of FDA requirements, any number of electronic signature technologies may be used so long as the conditions of the rule are satisfied. These technologies range from identification codes used in conjunction with manually entered passwords to more sophisticated biometric systems.

BIOMETRIC DEVICES
The final rule allows for the use of a wide variety of electronic record technologies - the most popular being biometric devices. Biometrics is the method of verifying an individual's identity based on measurement of physical features or repeatable actions that are unique to that individual. Biometric devices use one or more biometric parameters to identify the individual. These devices include palm-print readers, fingerprint readers, iris scanners, and retinal-pattern scanners. They are connected, usually by direct wire or network, to the system that requires authentication and are typically placed next to the computer. Biometric devices verify identification by comparing patterns presented by the individual at the time of verification with stored patterns obtained from the authorized user under controlled circumstances. Most of these devices are easily adapted to a variety of situations. For instance, iris scanners are already being used by Japanese banks to authenticate users of automatic teller machines.

When biometric devices are used for electronic signatures, the electronic signature must be designed in such a way that it cannot be used by anyone other than the genuine owner. Some devices integrate biometric signature capture with cryptographic technology that binds signatures with time and date stamps to documents. Some biometric-based electronic signature systems use dynamic signature verification with a parameter code recorded on magnetic-strip cards. These biometric devices are effective and meet the provisions set forth in the final rule, but they can be expensive, particularly when there are many system users.

Despite the complexity of the requirements, FDA does not establish numerical standards for levels of security or validation. This flexibility allows industry to determine what level is appropriate for a particular situation. Furthermore, although the rule requires operational checks, authority checks, and periodic testing of identifying devices, organizations have the flexibility to use any suitable method to accomplish these tasks. And, in situations in which the final rule calls for a particular control, such as periodic testing of identification tokens, organizations can determine the frequency.

IMPLEMENTATION
Laboratories that have implemented a laboratory information management system (LIMS) have already set the foundation for validating electronic records and signatures in accordance with Part 11, although industry manufacturers are modifying their products to conform to the final rule more precisely.

Instrument manufacturer Beckman Instruments (Allendale, NJ) recently announced the inclusion of electronic signature functionality that meets the requirements of Part 11 in a version 8.4 update for its LIMS and chromatography data systems. "It provides the ability to re-identify who the operator is at the workstation prior to a major operation being committed, such as updating something, validating results, or releasing a sample," states Bob Voelkner, worldwide tactical marketing manager for Beckman. "It confirms that the name in the database matches the operator who performs the function. The system administrator has the ability to configure where and when this confirmation takes place. Biometric devices can be used, but old-fashioned keyboard entry works well" (Figure 1).



FIGURE 1. Beckman's Electronic Signature...

The R&D laboratory for the electronic materials division (EMD) of Morton International (Chicago) addressed electronic signatures through its document control system, which is connected to its LIMS. "FDA is concerned that someone walking by a desk could alter data in the system," remarks Phil Lofty, scientist at EMD. "Of course, anyone who did would be fired. However, FDA wanted to ensure that whenever data were changed they were approved `contemporaneously' - their favorite word. This means that at the time you commit the data, there's a pop-up box that requires the username and password to be re-input in order for the change to take place."

Whether accessing such electronic signature functionality on or through the LIMS, most systems have yet to pass an FDA audit. Beckman Instruments worked closely with its customers to implement an electronic signature solution. "Our customers believe that they can defend it and that FDA will OK it," Voelkner emphasizes. "And, most importantly, this function can be validated," he adds.

SAP AG (Walldorf, Germany), a well-known developer of enterprise solutions, will be implementing an electronic signature solution in much the same way as Beckman Instruments has. With various industry players addressing the issue in similar ways, there's no doubt that such solutions will soon be commonplace.

WHAT'S NEXT
The newly effective 21 CFR Part 11 does not require, but rather permits, the use of electronic records and signatures, so the initial financial impact will be minimal because any company already in compliance with FDA regulations remains in compliance. However, the opportunity is now available for modifying certain electronic practices in ways that enhance productivity.

Indeed, there are many benefits to using validatable electronic records and electronic signatures in the lab. These benefits include increased speed of information exchange, reduced costs for storage space, reduced numbers of errors, streamlined manufacturing processes, and improved process control. In addition, there are advantages to using electronic systems over paper systems, including the ability to search a database for information; view information from multiple perspectives; determine trends, patterns, and behaviors easily; and avoid the potential for misfiled documents. In fact, these benefits and advantages are expected to offset any system modification costs required to achieve compliance.

However, these same benefits might not offset the costs of implementing biometric solutions. "Originally, FDA was going to make biometric devices mandatory," recalls Voelkner, "but every PC would need one, and at $1,000-$2,000 a pop, it's too expensive." However, Voelkner points out that "smart cards may be used as the biometric device, and the capability to use these will become standard. Standard hardware will be coming out that includes smart-card ports just like floppy disk, CD-ROM, and modem ports. But it may be too easy to steal someone else's card, and FDA may not find them acceptable." Hence, FDA expects to issue supplements to the regulations as time goes on, depending on the issues that arise.

Industry can expect to see FDA criteria for electronic records and signatures spill over into other areas. These rules will most likely be viewed by other government agencies as a standard and may also strongly influence the direction of electronic record and signature technologies. What has affected the GMPs will no doubt also affect the GLPs, GCPs, GAMPs, and other government regulations as well as certain voluntary standards, such as ISO 9000 and ISO 14000. What form this influence will take remains to be seen.


REFERENCE
ACS Pubs Chem Center