This document discusses how 21 CFR Part 11 (electronic records and signatures) relates to other FDA regulations known as "predicate rules". It explains that predicate rules determine requirements around record creation, content, signatures, retention and archiving. Part 11 applies to electronic records and signatures for those required by predicate rules. The document provides examples of predicate rules for GLP, GCP, GMP and QSR. It also discusses concepts like raw data, signatures, time stamps, validation and record retention as they relate to both Part 11 and predicate rules.

1. Interpretation of Part 11 by the
GxP Predicate Rules

2. Agenda
 Predicate Rules Background
 Predicate Rules and 21 CFR Part 11
 A Few Examples of Where in the GxPs
Records are Required to be Created
and Maintained
 Sigs Too!

3. How Does It Work?
 Laws within the US are formulated by Congress
and enter into the United States Code of Federal
Regulations
 Once approved by Congress and the President
 The United States Code of Federal Regulations
(CFR) is official record of all US Federal Law
 Holds regs for the implementation of the US Acts (Laws)
 The root of the US document hierarchy
 Proposed regs are first published in the Federal
Register for public comment
 Once approved, entered in final form into the CFR
http://www.access.gpo.gov/cgi-bin/cfrassemble.cgi?title=199821

4. The CFR
 The Code of Federal Regulations is
divided into Titles…
 The two Titles relevant to Pharma are…
 Title 21 Food and Drugs
 Title 42 The Public Health and Welfare
 Within Title 21 that we find various “Parts”
e.g. 21 CFR Part 11 on ERES and 21 CFR
Part 820 on Quality Systems

5. Title 21 and 42
 Each contains chapters dealing with a wide
range of food, drug and health issues
 The important chapter in Title 21 is Chapter
9, the Federal Food, Drug, and Cosmetic
Act (The Act)
 Title 21 §393 authorizes the existence of the
FDA as part of the US Department of Health
and Human Services, to carry out its duties
 Title 42, Public Health, contains Chapter
6A, the Public Health Service Act (PHS)

6. Other “Parts”
 21 CFR Part 312: Investigational New Drug
Application
 21 CFR Part 314: Application For FDA Approval To
Market New Drug
 21 CFR Part 52: Obligation of Sponsors and
Monitors of Clinical Investigation
 21 CFR Part 54: Financial Disclosure by Clinical
Investigators
 21 CFR Part 50: Protection of Human Subjects
 21 CFR Part 56: Institutional Review Boards
 21 CFR Part 310: New Drugs
 21 CFR Part 820: Quality System Regulation
http://www.access.gpo.gov/nara/cfr/cfr-table-search.html#page1

7. So What Are The Predicate Rules?
 “The Underlying Requirements Set Forth in the US
Federal Food, Drug, and Cosmetic Act (The Act),
 US Public Health Service (PHS) Act,
 ..and FDA Regulations Under Title 21 are Referred
to in the Part 11 Guidance Document as….
 Predicate Rules”.
 The term “predicate rules” should really only be used in
relation to US regulations
 However, there is creeping usage of the term to refer to
both US and European higher-level regulations

8. Scope, 21 CFR 11.1
 Records are Required by a “Predicate Rule”
 Predicate Rules, not Part 11, Determine:
 Record creation
 Record content
 Record signature requirements
 Record retention period
 Archiving
 Original vs copy

9. Guidance Documents
 In Addition to the Regulations in the CFR,
the FDA Also Publishes a Number of
Guidance Documents
 To Assist in Understanding the Various
Rules and Regulations
 Not Binding on the Industry or Agency
 Only Represent the FDA’s “Current
Thinking”
“Contains Non-Binding Recommendations”

10. What About E-Signatures?
 For Electronic Signatures, the Requirements
Imposed Upon Systems Not Only Come
Form Pharmaceutical Regulations but From
Other Legislation
 Such as the ….
 US E-sign Act (2000)
 EU Directive 1999/93/EC on Electronic
Signatures

11. Predicate Rules & Part 11

12. The Predicate Rules
GLP:
 21 CFR 58 Good Laboratory Practice for Non-Clinical Lab Studies
 GCP:
 21 CFR 310 New Drugs
 21 CFR 312 Investigational New Drug Application
 21 CFR 314 Applications For FDA Approval To Market A New Drug
 21 CFR 510 New Animal Drugs
 21 CFR 511 New Animal Drugs For Investigational Use
 21 CFR 514 New Animal Drug Applications
GMP:
 21 CFR 210 Current Good Manufacturing Practice In Manufacturing, Processing, Packing, Or
Holding Of Drugs
 21 CFR 211 Current Good Manufacturing Practice For Finished Pharmaceuticals
QSR:
 21 CFR 820 Quality System Regulation
Food related "GMPs"; ‘GOOD FOOD PRACTICES’:
 PART 106 Infant Formula QC Procedures
 PART 110 Current Good Manu Practice in Manu, Packing and Holding Human Food
 PART 113/114 Thermally Processed and Acidified Low-Acid Canned Foods
 PART 123 Fish and Fishery Products
 PART 129 Bottled Drinking Water

13. Records and Signatures Subject to
Part 11
 Any Record Required by FDA that is in
Electronic Form
 Any Electronic Signature that Appears
in an FDA-required Record, Whether
or Not Signature is Required
 Electronic Submissions to FDA

14. E-Records?
Predicate
Rules
Apply?
High Risk?
Audit
Remediation
Plan
NOT
Part 11
Records
No
No
No
Part 11 Decision Flow Chart

15. Importance of Predicate Rules
 21 CFR 11 Interpretation Always via Predicate Rules
 GMP, GLP, GCP
 Draft Guidance Places Increased Emphasis on Predicate Rule
Interpretation
 Not all e-records produced by a company are Part 11 records
 Documented assessment
 Read predicate rules and understand where records and
signatures are required
 How Will Investigator Evaluate Compliance With Part 11
During an Inspection for Another Purpose?
 An investigator will look at records to evaluate compliance with
the predicate rule. At the same time, the investigator may check
compliance with Part 11 for adequacy of recordkeeping.

16. Understanding Predicate Rules
 Some Requirements for Signatures
are Explicit:
 “signature or initials”
 “handwritten, full signature”
 Others are Implicit:
 “approved”
 “authorized”

17. Part 11 Guidance Document Predicate
Rule Reference: Triggering Part 11
 Under narrow interpretation, FDA considers Part 11 to be
applicable to the following records or signatures in electronic
format:
 Records that are required to be maintained under predicate rule
requirements and that are maintained in electronic format in
place of paper format. On the other hand, records (and any
associated signatures) that are NOT required to be retained
under predicate rules, but that are nonetheless maintained in
electronic format, are NOT part 11 records.
 We recommend that you determine, based on the predicate
rules, whether specific records are Part 11 records. We
recommend that you document such decisions.

18. Guidance Document Predicate Rule
Reference: Time Stamps
 “Persons must still comply with all
applicable predicate rule requirements
related to…
 …documentation of….
 …date, time, or sequencing of events…
 …and requirements for ensuring that
changes to records do not obscure
previous entries.”
 e.g., § 58.130(e)

19. 11 Guidance Document Predicate
Rule Reference: e-Signatures
 “Electronic signatures that are intended to
be the equivalent of handwritten signatures,
initials, and other general signings required
by predicate rules. Part 11 signatures
include electronic signatures that are used,
for example, to document the fact that
certain events or actions occurred in
accordance with the predicate rule (e.g.
approved, reviewed, and verified).”

20.  “….must still comply with all applicable
predicate rule requirements for
validation (e.g., 21 CFR 820.70(i)).”
 “We suggest that your decision to
validate computerized systems, and
the extent of the validation, take into
account the impact the systems have
on your ability to meet predicate rule
requirements.”
Part 11 Guidance Document Predicate Rule
Reference: Validation

21.  “The system [must meet] all applicable predicate
rule requirements before the effective date.”
 “The system [must] currently meet all applicable
predicate rule requirements.”
 “If a system has been changed since August 20,
1997, and if the changes would prevent the system
from meeting predicate rule requirements, Part 11
controls should be applied to Part 11 records and
signatures…”
Part 11 Guidance Document Predicate
Rule Reference: Legacy Systems

22. Part 11 Guidance Document Predicate
Rule Reference: Copies of Records
 “All records held by you are subject to
inspection in accordance with
predicate rules (e.g., §§ 211.180(c),
(d), and 108.35(c)(3)(ii)).”

23.  “Persons must still comply with all applicable predicate rule
requirements for record retention and availability (e.g., §§
211.180(c),(d), 108.25(g), and 108.35(h)).”
 “We suggest that your decision on how to maintain records be
based on predicate rule requirements and that you base
your decision on a justified and documented risk assessment
and a determination of the value of the records over time.”
 “Persons must still comply with all predicate rule
requirements, and the records themselves and any copies of
the required records should preserve their content and
meaning.”
 “As long as predicate rule requirements are fully satisfied
and the content and meaning of the records are preserved
and archived, you can delete the electronic version of the
records.”
Part 11 Guidance Document Predicate
Rule Reference: Record Retention

24. 21 CFR Part 211 cGMP
 §211.182 – Equipment Cleaning and Use Log
 §211.184 – Component, Drug Product Container,
Closure and Labeling Records
 §211.186 – Master Production and Control Records
 §211.188 – Batch Production and Control Records
 §211.192 – Production Record Review
 §211.194 – Laboratory Records
 §211.196 – Distribution Records
 §211.198 – Complaint Files

25. 21 CFR Part 211 cGMP
 For Finished Pharmaceuticals
 Covers Use of Computers
 §211.68; Automatic, mechanical and electronic
electronic equipment
 Covers Use of Records
 §211.180 – 211.198; Records and reports

26. §211.194 : Order of Signing
 Laboratory Records
 (7) The initials or signature of the person who performs
each test and the date(s) the tests were performed.
 (8) The initials or signature of a second person showing
that the original records have been reviewed for accuracy,
completeness and compliance with established standards.
 Evaluate Systems Carefully:
 What is a signature versus identification of action
 Two signatures only required for each test
 Order of signing is important: technical control for system

27. §211.100: Written Procedures;
Deviations
 (a)…. These written procedures, including and
changes shall be drafted, reviewed and approved
by the appropriate organizational units and
reviewed and approved by the quality control unit.
 (b)… Any deviation from the written procedure shall
be recorded and justified.
 No Stated Requirement for a Record of the Paper
Procedure
 Defined Sign-offs Required for the Final Procedure
 Deviations: No Stated Requirement for Signatures
or Initials

28. Part 211: Record Requirements
 §211.188 Batch Production & Control
Records
 Batch production and control records shall be
prepared for each batch of drug product
produced and shall include complete information
relating to the production and control of each
batch
 §211.194(a) Laboratory Records
 Laboratory records shall include complete data
derived from all tests necessary to assure
compliance with established specifications and
standards

29. § 211.68: Record Requirements
 For Automatic, Mechanical and Electronic
Equipment
 (a) Automatic, mechanical, or electronic equipment
or other types of equipment, including computers,
or related systems that will perform a function
satisfactorily, may be used in the manufacture,
processing, packing, and holding of a drug product.
 If such equipment is so used, it shall be routinely
calibrated, inspected, or checked according to a
written program designed to assure proper
performance. Written records of those calibration
checks and inspections shall be maintained.

30. Record Integrity: §211.68(b)
 (b) Appropriate controls shall be exercised over
computer or related systems to assure that
changes in master production and control records
or other records are instituted only by authorized
personnel. Input to and output from the computer
or related system of formulas or other records or
data shall be checked for accuracy.
 The degree and frequency of input/output
verification shall be based on the complexity and
reliability of the computer or related system.

31. Record Back-up: §211.68(b)
 A backup file of data entered into the computer or related
system shall be maintained except where certain data, such
as calculations performed in connection with laboratory
analysis, are eliminated by computerization or other
automated processes.
 In such instances a written record of the program shall be
maintained along with appropriate validation data.
 Hard copy or alternative systems, such as duplicates, tapes,
or microfilm, designed to assure that backup data are exact
and complete and that it is secure from alteration, inadvertent
erasures, or loss shall be maintained.

32. Retention Period: §211.180
 a) Any production, control, or distribution record that is
required to be maintained in compliance with this part and is
specifically associated with a batch of a drug product shall be
retained for at least 1 year after the expiration date of the
batch or, in the case of certain OTC drug products lacking
expiration dating because they meet the criteria for exemption
under § 211.137, 3 years after distribution of the batch.
 (b) Records shall be maintained for all components, drug
product containers, closures, and labeling for at least 1 year
after the expiration date or, in the case of certain OTC drug
products lacking expiration dating because they meet the
criteria for exemption under § 211.137, 3 years after
distribution of the last lot of drug product incorporating the
component or using the container, closure, or labeling.

33. §211.68(b): Risk
 Computerised Systems “Changes to
Records Made by Authorized Personnel”
 Many firms use a help desk to co-ordinate
change requests for GXP systems
 Help desk software needs to be validated: e-
records
 Risk assessment: what is the impact on product
safety, efficacy and quality?
 Direct?
 Indirect?

34. Record Inspection: §211.180(c)
 All records required under this part, or copies of
such records, shall be readily available for
authorized inspection during the retention period at
the establishment where the activities described in
such records occurred. These records or copies
thereof shall be subject to photocopying or other
means of reproduction as part of such inspection.
Records that can be immediately retrieved from
another location by computer or other electronic
means shall be considered as meeting the
requirements of this paragraph.

35. Record Archival: §211.180(d)
 Records required under this part may be
retained either as original records or as true
copies such as photocopies, microfilm,
microfiche, or other accurate reproductions
of the original records. Where reduction
techniques, such as microfilming, are used,
suitable reader and photocopying
equipment shall be readily available.

36. 21 CFR Part 58 GLP
 Subpart J—Records and Reports
 §58.185 Reporting of Non-clinical Lab
Study Results
 §58.190 Storage and Retrieval of
Records and Data
 §58.195 Retention of Records

37. Raw Data
 Definition of ER from Part 11
 Broad scope
 Predicate Rules Define Application to ER
 Narrow scope
 FDA Guidance to Clarify
 Industry Coalition Seeks to Define “Raw
Data” as NOT Being ER

38. Raw Data: 21 CFR Part 58
 FDA Says “Raw Data” Available for Inspection Requires
Integrity as Electronic Records
 (k) Raw data means any laboratory worksheets, records,
memoranda, notes, or exact copies thereof, that are the result
of original observations and activities of a non-clinical
laboratory study and are necessary for the reconstruction and
evaluation of the report of that study.
 In the event that exact transcripts of raw data have been
prepared (e.g., tapes which have been transcribed verbatim,
dated, and verified accurate by signature), the exact copy or
exact transcript may be substituted for the original source as
raw data.
 Raw data may include photographs, microfilm or microfiche
copies, computer printouts, magnetic media, including dictated
observations, and recorded data from automated instruments.

39. Records Storage and Retrieval:
§58.190
 (a) All raw data, documentation, protocols, final reports, and
specimens (except those specimens obtained from
mutagenicity tests and wet specimens of blood, urine, feces,
and biological fluids) generated as a result of a non-clinical
laboratory study shall be retained
 (b) There shall be archives for orderly storage and expedient
retrieval of all raw data, documentation, protocols, specimens,
and interim and final reports. Conditions of storage shall
minimize deterioration of the documents or specimens in
accordance with the requirements for the time period of their
retention and the nature of the documents or specimens. A
testing facility may contract with commercial archives to
provide a repository for all material to be retained. Raw data
and specimens may be retained elsewhere provided that the
archives have specific reference to those other locations
 (c) An individual shall be identified as responsible for the
archives
 (d) Only authorized personnel shall enter the archives
 (e) Material retained or referred to in the archives shall be
indexed to permit expedient retrieval

40. GLP Raw Data
 Bottom Line:
 Apply risk analysis to evaluate the
importance of ‘raw data’
 Document how the data is being
controlled to ensure integrity based upon
its value to the integrity of the ER it
supports
 i.e. Save data records in a normal manner
 Save checksum of data records as ER

41. Equipment Design: §58.61
 Equipment used in the generation, measurement, or
assessment of data …. shall be of appropriate design and
adequate capacity to function according to the protocol and
shall be suitability located for operation, inspection, cleaning
and maintenance
 Note similar requirements for 21 CFR 211.63
 Appropriate Design:
 Write a user requirements specification
 Adequate Capacity:
 Design – liaison with IT and/or supplier
 Incorporate in a design document or URS
 Suitably Located:
 Read and follow the supplier’s instructions
 Documented evidence of installation (IQ/OQ)

42. 21 CFR Part 820 QSR
 §820.180 – General Requirements
 §820.181 – Device Master Record
 §820.184 – Device History Record
 §820.186 – Quality System Record
 §820.198 – Complaint Files

43. 21 CFR Part 820 QSR
 21 CFR Part 820 – Quality Systems
Regulation
 Covers the use of computers in devices
 §820.30 Design controls
 §820.70 Production and Process Controls
 Covers records for device development
 Subpart M, §820.180 – 820.198

44. Automated Processes:
820.70(i)
 When computers or automated data processing systems are used as part of
production or the quality system, the manufacturer shall validate computer
software for its intended use according to an established protocol.
 All software changes shall be validated before approval and issuance.
 These validation activities and results shall be documented
 Wide Scope:
 Systems for QMS and device production
 Intended Use:
 Write a user requirements specification
 Established Protocol:
 CSV policy, validation plan and testing scripts
 Changes Approved:
 Change control SOP & authorization signatures

45. Record Requirements:
§820.30(a)(1)
 Each manufacturer of any Class III or Class
II device, and the Class I devices ….. shall
establish and maintain procedures to
control the design of the device in order to
ensure that specified design requirements
are met
If Electronic, Records within and About the Equipment
Must Meet Part 11 Requirements

46. Record Requirements:
§820.180(i)
 When computers or automated data
processing systems are used as part
of production or the quality system, the
manufacturer shall validate computer
software for its intended use according
to an established protocol.
 All software changes shall be validated
before approval and issuance
 These validation activities and results
shall be documented

47. Record Retention Period :
§820.180(b)
 All records required by this part shall
be retained for a period of time
equivalent to the design and expected
life of the device, but in no case less
than 2 years from the date of release
for commercial distribution by the
manufacturer.

48. Record Archival : §820.180
 All records required by this part shall be maintained at the
manufacturing establishment or other location that is
reasonably accessible to responsible officials of the
manufacturer and to employees of FDA designated to perform
inspections.
 Such records, including those not stored at the inspected
establishment, shall be made readily available for review and
copying by FDA employees.
 Such records shall be legible and shall be stored to minimize
deterioration and to prevent loss
 Those records stored in automated data processing systems
shall be backed up.

49. Summary
 Predicate Rules Rule!!
 You Must Be Familiar With What Records
and Signatures Are Required By the
Applicable Predicate Rules
 Part 11 Is Triggered By
 Predicate Rule Requirements
 High Risk
 Electronic Decision Making
 Incorporate a Risk Analysis
 Document Your Justification

50. Thank You For Your Attention!
Questions……………………?