From: Carolyn Apperson-Hansen [capperso@bio.ri.ccf.org] Sent: Monday, June 07, 2004 3:10 PM To: fdadockets@oc.fda.gov Cc: capperso@bio.ri.ccf.org; S.Revolinski@WXSMS.com Subject: Public Meeting June 11, 2004; Docket No. 2004N-0133 Agency: Food and Drug Administration, HHS Subject: Public Meeting June 11, 2004; Docket No. 2004N-0133 Issue: Application of Risk Mitigation Controls Participants: Scott Revolinski Washington Safety Management Solutions 2131 S. Centennial Avenue Aiken, SC 29803 s.revolinski@wxsms.com 803-502-9678 Carolyn Apperson-Hansen Cleveland Clinic Foundation 9500 Euclid Avenue Cleveland, Ohio 44195 capperso@bio.ri.ccf.org 216-445-3618 Abstract: Part 11 guidance recommends a risk-based approach for the selection of controls to ensure electronic record security, authenticity, and integrity. The intended uses of the risk mitigation controls are then to eliminate concerns regarding the use of electronic records without unnecessary cost and infringement upon the use of technological advances. For the cases where the electronic records are clearly supporting product quality and where human safety concerns are readily apparent, the judgment to determine the level of risk mitigation control robustness is straightforward. However for cases where the electronic records are Part 11 electronic records only because they support a predicate rule requirement or because they form an electronic submission, judgment criteria for the required robustness of the controls remains unspecified. Unfortunately, these scenarios pose the majority of concerns when Part 11 is applied to industry electronic records. With the opportunity to speak before this public meeting I will discuss the importance of separating these two classes of Part 11 electronic records and a basis for judging the robustness of the risk mitigation controls for the latter. Examples specific to the application with electronic records supporting clinical research will be included. ------------- End Forwarded Message -------------