By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Code of Federal Regulations - CFR Part 11: What Do I Need To Know?

November 30, 2008

So it's come time to take your systems forward and implement electronic signature management. To achieve success, you'll need to know all about the Code of Federal Regulations Title 21 CFR Part 11.

Code of Federal Regulations (CFR): Title 21 CFR Part 11 - What Is It?


The Code of Federal Regulations Title 21 CFR Part 11 sets forth the business system access standards necessary to replace paper based signatures with electronic ones. For reasons of efficiency, electronic signatures are becoming standard practice. While electronic signatures are efficient, they are also exposed to additional security considerations.

What Do I Need To Know When Selecting a New System?
The Code of Federal Regulations (CFR) - Title 21 CFR Part 11 regulation requires that companies implementing electronic signatures in favor of hand written ones ensure the systems they use comply with the following provisions:

  • Passwords shall age, and require periodic update by their (the more often the better)
  • User access shall comprise two components: user identification and a password
  • On failed entry, no indication shall be provided as to which of the user ID or password information failed validation
  • After 3 unsuccessful log in attempts, access for that user shall temporarily be suspended
  • Password strength shall be measured and recommendations made to improve it
  • Paper based acknowledgment of these conditions shall be held on file for each user of the system

And, while it sounds a little futuristic, biometric system access including - but not limited to - fingerprint recognition and voice/retina scanning are also accounted for in the Code of Federal Regulations.

A series of standard operating procedures (SOPs) will also need to be in place to ensure that all the "compliant" provisions of the business system are supported by business operations.

Code of Federal Regulations: Title 21 CFR Part 11 Audits
Particularly in the life science/biotech industry, the U.S. Food and Drug Administration (FDA) is becoming increasingly vigilant about compliance with this particular Code of Federal Regulations. The number of random audits as well as the fines for non-compliance within specified time frames are both increasing.

Slingshot systems are compliant with all Code of Federal Regulations requirements, and we strongly recommend that you review the level of compliance of any business systems you are looking to implement now and in the future.