Looking at various technology suppliers who offer Part 11 solutions, we constructed some of the attributes of the ideal solution. While we do not believe that any one supplier offers all these features, it can serve as a useful checklist for food companies looking for 21 CFR Part 11 solutions.

Electronic signature placements-Where should electronic signatures exist within your system? The FDA suggests a risk-based approach. As you might expect, different companies interpret the requirements differently. That results in different views of where electronic signatures are required. Some vendors decide in advance where the electronic signatures are placed and give the food company a minimal amount of flexibility. (The company may be able to "turn-off" the signature of a specific transaction but cannot add them in other places.) Other vendors place the electronic signature function within the infrastructure of the product and give the food company the option of placing the signatures anywhere in the system. In general, this second, more flexible approach is more desirable than the former, more rigid approach.

Document-Part 11 asks for electronic signatures of electronic documents. However, most vendors have interpreted this to mean an electronic signature on the transaction. Users often feel uncomfortable signing the transaction because it does not represent the total picture. Not all of the information that would be on a paper document appears on the transaction screen. At least one vendor has chosen to provide the user with a complete picture of the document before requesting a signature. The document, including all appropriate information, is displayed on the screen in its entirety. This document is saved as a pdf file as signed, along with the signatures. This approach minimizes user reluctance.

Data security-How the documents or information are stored is of importance to the FDA. They are concerned about the safety and integrity of the documents. We suggest that documents are best kept in read-only format and on a secure, dedicated server.