Electronic signatures

Subpart C – Electronic Signatures
§11.100 - General Requirements
Requirements
Application notes
Procedure links
§11.100, section a
Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, anyone else.
FactoryTalk Optix Studio allows creation or integration of unique login profiles for each user, either through local FactoryTalk Optix users or Active Directory users.
NOTE: Refer to
§11.10, section d
for more information.
If managing local FactoryTalk Optix users, during both the design time and runtime, the
User editor
widget allows to create and manage any newly created users, as well as the enablement of their login credentials.
Procedures should be implemented to ensure that user IDs do not get deleted or reassigned. It is recommended to disable user IDs rather than deleting them as a best practice.
TIP: It is highly recommended to use domain users only, to allow for autonomous login credentials configuration according to policy (password strenght, expiry date, and so on).
§11.100, section b
Before an organization establishes, assigns, certifies, or otherwise sanctions an individual’s electronic signature, or any element of such electronic signature, the organization shall verify the identity of the individual.
In FactoryTalk Optix Studio, once a user is sanctioned and a unique account has been created, the user is required to enter their login credentials and password to access the application. Furthermore, each user can be set so as to be prompted to change their password after their first login, either through Doman policy or through custom NetLogic script. This process validates the user identity.
NOTE: Domain users shall be associated with groups through the Active Directory server.
NOTE: It is highly recommended to include an individual's identity verification prior to sanctioning an individual’s electronic signature.
Customer is responsible for informing the FDA about their willingness to use the electronic signature as a legally binding equivalent of traditional handwritten signatures.
Once a user has been sanctioned and a unique account with a password has been created in FactoryTalk Optix Studio, the user is required to enter their login and password to access FactoryTalk Optix Studio. This process validates the identity of the user to FactoryTalk Optix Studio.
NOTE: It is highly recommended to include an individual's identity verification prior to sanctioning an individual’s electronic signature.
The implementation of any measures aimed at meeting this requirement lies with the customer.
§11.100, section c
Persons using electronic signatures shall, before or at the time of such use, certify to the agency that the electronic signatures in their system, used on or after August 20, 1997, are intended to be the legally binding equivalent of traditional handwritten signatures.
Customer is responsible for informing the FDA about their willingness to use the electronic signature as a legally binding equivalent of traditional handwritten signatures.
The implementation of any measures aimed at meeting this requirement lies with the customer.
§11.100, section c, 1
The certification shall be submitted in paper form and signed with a traditional handwritten signature, to the Office of Regional Operations (HFC-100), 5600 Fishers Lane, Rockville, MD 20857.
Customer is responsible for informing the FDA about their willingness to use the electronic signature as alegally binding equivalent of traditional handwritten signatures.
The implementation of any measures aimed at meeting this requirement lies with the customer.
§11.100, section c, 2