Columns

Managing Software: Are new FDA regulations headed your way?

While 21 CFR Part 11 is optional, it may already apply to you.

The pharmaceutical industry is buzzing with the impact of an FDA regulation called 21 CFR Part 11 or simply Part 11.

Does a food company need to concern itself about Part 11? Roddy Martin of AMR Research believes it should. “Rest assured that the FDA Part 11 regulations will reach the food industry. For those who have taken an electronic versus paper-based approach to HACCP, it is already here.”

The FDA has been gearing up for Part 11. To date, they have trained over 700 inspectors in computerized systems that are now beginning to audit systems.

The FDA introduced 21 CFR Part 11 in August 1997 to guide all FDA regulated manufacturers’ handling of electronic records, signatures, authorization processes and traceability. The detailed FDA requirements must be adhered to if an organization chooses to maintain electronic records, including electronic signatures, as part of its compliance procedures. Since Part 11 only applies to electronic records, you only need to follow it if you use electronic records.

Although Part 11 is optional, it may already apply to you. Part 11 covers any records that are subject to FDA inspection. If you use automation to collect or maintain these records, you must comply. Even if you use the computer as a typewriter and later print out the records to be managed manually, Part 11 applies.

One area of FDA concern is HACCP. Companies have taken three approaches to HACCP. A manual paper-based approach uses no computerization. An automated approach uses computer-assisted methods to collect and manage HACCP information. Many of these systems are based upon MES or ERP systems and many are custom written. A hybrid approach uses some manual records and some computerized records.

Since a manual approach does not involve electronic records, Part 11 does not apply. At the other end of the automation spectrum, some companies have fully automated their HACCP efforts. These systems must meet the requirements of Part 11. The portions of hybrid approaches that use automation must meet the same requirements as systems that are 100% automated. The manual components of a hybrid system do not need to meet the requirements. However, you must be able to demonstrate how the manual and automated portions of a hybrid system work together and how the records stay in synch.

The key requirements of Part 11 are security, e-signatures, and records management. Part 11 sets security requirements that go beyond that which is available on most software products. For example, records must include the full name of individuals, not just user ID. Security must provide automatic session timeouts after a predetermined period of inactivity. Any unauthorized system access attempts must result in automatic notifications to the security officer.

Most transactions require electronic signatures or e-signatures. Electronic signatures serve as a legal signature and the related document is a legal document.

Since all records are in electronic format, Part 11 sets forth requirements on records management. For example, audit functions must record all changes or deletions to records. In all cases, the system must be able to reconstruct what the database looked like on a past date.

What should you do about Part 11? Does it apply to you? If areas of compliance involve records that are collected or maintained, in any way, electronically, Part 11 applies. If your computer systems are from a packaged software vendor, talk to the vendor about compliance. If the vendor enables Part 11 compliance, this may be your most inexpensive and quickest solution.

If the systems are custom, heavily modified versions of packages or just old, you face a bigger challenge. You may need to replace the existing systems. Both ERP and MES vendors are now touting systems that can help you comply. Be aware that the FDA does not validate software products. But software suppliers can assist you in compliance.

Software products also exist which connect to a variety of systems, (QA, MES, ERP, manual) and assist in bringing your legacy plus manual systems into compliance.

The FDA Compliance Policy Guide, can be accessed at http://www.fda.gov/ora/compliance_ref/cpg/.

What does the future hold? Roddy Martin tells us, “With the FDA training more specialist inspectors in computer based systems, we can expect more attention to our IT systems, infrastructure, and information security. Increasing integration of systems means that information traceability is an increasingly critical thread across your entire extended supply chain.”

Did you enjoy this article? Click here to subscribe to Food Engineering Magazine.

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

IPPE 2015

The 2015 International Production and Processing Expo (IPPE) was held in Atlanta at the Georgia World Congress Center, Jan. 27-29. More than 30,000 poultry, meat and feed industry representatives attended the event to interact with the 1,288 exhibitors on the show floor that covered more than 490,000 net square feet. At the show exhibitors demonstrated innovations in equipment, supplies and services utilized by firm in the production and processing of meat, poultry, eggs and feed products.

Podcasts

Burns & McDonnell project manager RJ Hope and senior project engineer Justin Hamilton discuss the distinctions between Food Safety and Food Defense as well as the implications for food manufacturers of the Food Safety Modernization Act.
More Podcasts

Food Engineering

Food Engineering March 2015 cover

2015 March

In this March 2015 issue of Food Engineering, we explore how a surprise FDA audit could be serious if you're not recording key data.

Table Of Contents Subscribe

Plant Facility/Site Issues

What issue about your current plant facility/site keeps you up the most at night?
View Results Poll Archive

THE FOOD ENGINEERING STORE

Food-Authentication-Flyer-(.gif
Food Authentication Using Bioorganic Molecules

This text provides critical tools and data needed to augment routine food analysis and enhance food safety by aiding in the detection of counterfeit, and potentially deleterious, foods.

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

STAY CONNECTED

FE recent tweets

facebook_40.pngtwitter_40px.pngyoutube_40px.png linkedin_40px.pngGoogle +

Food Master

Food Engineering Food Master 2015Food Master 2015 is now available!

Where the buying process begins in the food and beverage manufacturing market. 

Visit www.foodmaster.com to learn more.