Docket Management
Docket: 03D-0060 - Draft Guidance: Part 11, Electronic Records, Electronic Signatures--Scope and Application
Comment Number: EC -2

Accepted - Volume 1

Comment Record
Commentor Dr. Octavi Colomina Date/Time 2003-03-03 10:42:02
Organization TDV
Category Health Professional

Comments for FDA General
Questions
1. General Comments After carefully reading the new draft Guidance published last Thursday, I believe that such dramatic change on the approach of Part 11 interpretation and practical application needs to clarify some concepts for better understanding of the new guidance and future re-examination. At this early point, two comments come up, mainly because both have immediate practical implications in a lot of the Part 11 compliance plans that a lot of companies have been developing in the last two years. The two comments are as follows: Comment 1: Narrow Interpretation of Scope According to some sections of the daft, it can be interpreted that persons can choose whether or not they are going to use electronic records to comply with the predicate rule. A common example: an HPLC data acquisition and management system used in a QC lab. For this system and according to the above sections, the person could choose whether the analytical reports printed on paper (from electronic records) are the records used to meet the requirements GMP. Therefore, there is no need to ensure compliance to Part 11 controls for the data, methods and result files existing in the computer system (interpreted as electronic records prior to February 20th ), since those files are not used to perform any regulated activity. Only the printed paper is used to perform such activities and therefore, this is the GMP record in this case. Would this system be out of the scope of Part 11? The same comment could be done for a SCADA system about the requirement of keeping the electronic file containing process data if you are attaching a printout of the process data, issued by the computer to the Batch Manufacturing Record. I think more clarification is required regarding this “freedom for choosing” whether or not we should comply with Part 11 controls. It can be clear for some systems (management systems mainly) that Part 11 would apply. For them, it can be obvious that persons can take decisions and perform regulated activities depending on information directly displayed by the computer system. The business practices determine this. But it is not so clear for the above examples. I believe a lot of companies and persons, working in the last two years to ensure Part 11 compliance would appreciate a clarification on that point. Comment 2: Metadata Also related to narrow interpretation. The Guidance do not make any mention about the limits of the metadata concept. I understand that this would be maybe entering in too much detail for an scope and application guidance, but it should be born in mind that this concept has given rise to broader interpretations on the scope of Part 11. Under the consideration of metadata almost any information managed by a computer system, directly or remotely related to a “regulated record”, has had the consideration of candidate to comply with Part 11 controls. A clarification of this concept would also be appreciated.




EC -2