In our one of the project we have to meet all 21 CFR Part 11 Requirements. The system has to be designed using Java, MySQL. Through the basic concept I came to know that 21 CFR Part 11 Req. mainly emphasis on following:
- Digital Signature
- Audit Trails
- Security/Validation of the system.
Can anyone have an idea how they can be achieved wrt 21 CFR ... specifically about best practice for Audit Trails and digital signature
Thanks
[Disclosure: I work for CoSign]
Meeting 21 CFR Part 11 requirements is a big job. I suggest that you outsource it to a vendor. CoSign is used in over 100 Part 11 compliant installations. It includes a FIPS certified tamper-proof hardware appliance for securely storing the private keys.
Because the CoSign appliance is self-contained, it also enables you to limit the scope (and expense and time) of your part 11 compliance project. See CoSign info on part 11 compliance.
The CoSign Signature Web Agent is easy to integrate into your app using https calls to sign and verify your docs.
Re: audit trails-- the CFR Part 11 faq has some info on this. But if you work in a regulated industry (Life Sciences, Healthcare, etc) that needs part 11 compliance, then you should talk with your legal department to ensure that you meet the requirements per the regulations. Or outsource the issue.