What is considered an acceptable electronic method for collecting eSignatures?
An acceptable method follows these guidelines:
Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, anyone else.
Before an organization establishes, assigns, certifies, or otherwise sanctions an individual’s electronic signature, or any element of such electronic signature, the organization shall verify the identity of the individual.
Persons using electronic signatures shall, prior to or at the time of such use, certify to the agency that the electronic signatures in their system, used on or after August 20, 1997, are intended to be the legally binding equivalent of traditional handwritten signatures.
The certification shall be submitted in paper form and signed with a traditional handwritten signature, to the Office of Regional Operations (HFC-100), 5600 Fishers Lane, Rockville, MD 20857.
Persons using electronic signatures shall, upon agency request, provide additional certification or testimony that a specific electronic signature is the legally binding equivalent of the signer’s handwritten signature.
When an individual executes a series of signings during a single, continuous period of controlled system access, could the initial logging into an electronic system using a unique username and password be used to perform the first signing and satisfy the requirements found in 21 CFR 11.200(a)?
Is it an FDA requirement to have wet signatures for certain documents? If there are, is it acceptable to keep a copy of these documents?
There are no restrictions for which documents are maintained electronically or signed with eSignatures. A site should have procedures defined for validating eSignatures. If certain documents have wet signatures, and the site wishes to only have copies, they must be certified copies and it is recommended to have clear SOP for certifying copies (from 2015). Documentation in the Florence Library of FDA eRegulatory and eSource Guidance
Have eSignatures been used for regulatory documents and audited by the FDA? What have been the pitfalls?
Yes they have been used and audited. The main things you need to ensure when implementing is that you have a secure process to authenticate signers, program timeouts/logs-outs so users must re-enter their password to gain access to the system, link eSignatures to the document signed, implement safeguards to immediately detect/report unauthorized attempts to sign, have a process for an emergency to allow a person to authorize another person to use his/her signature, have an audit trail showing when a document was signed and who signed it, and have the ability to have multiple signers for a document (from 2016). Documentation in the Florence Library of FDA eRegulatory and eSource Guidance
Is there special software equipped to recognize and verify the validity of eSignatures on documents?
Is it an acceptable approach for a user to sign in to a secure data management system with their ID and password, and then only requiring the password to execute eSignatures during that log-in session?
For an IND study, if a research study drug is ordered through a computerized medication ordering system, does 21 CFR Part 11 apply to the physician’s electronic signature for the research medication order?
The summaries presented in our library are for informational purposes only, they are not for implementation in operations. Please consult official FDA guidance documents for operational use.
Florence is a team of clinicians, research professionals and technologists working to improve clinical trial efficiency from startup to closeout.
Our solution eliminates workflow bottlenecks at the site, tracks study and site progress, and provides remote monitoring capabilities to sponsors — thus reducing uncertainty between visits, delivering cost savings, increasing compliance, and improving site-sponsor relationships.