Part 11 Compliant Digital Signature Requirements - Sharepoint

M

Micked

#1
Hi,


I have come across a software package for digital signatures, that is said to be part 11 compliant. The company has lots of customers in the medical device industry.

The package works fine, except for the following:
When signing digitally, the system prompts for an additional password. Just as it is supposed to do.

But there is a backdoor...
There is a possibility to go into the configuration menu and turn off the prompting for an additional password. The deficiency is that the configuration menu is not password protected. The setting can be changed by anyone.

The protection of the signature is based on the screen lock functionality, and metadata created in Sharepoint where the signatures are stored.
This implies that the non-repudiation of the signature may be questioned. The supplier of the software package is not worried at all about this issue.
What do you fellow cavers think?
Is this acceptable by a part 11 compliant digital signature package?
 
Elsmar Forum Sponsor
M

MIREGMGR

#2
As you describe it, it sounds problematic. What's the supplier's argument as to why it's not of concern?

Can the supplier provide references that you can check, i.e. other FDA-regulated companies that you regard as regulatorily proactive and competent, and perhaps reputable third party auditors that have qualified the package?
 
Thread starter Similar threads Forum Replies Date
K 21 CFR Part 11 (and EU) compliant Digital Signatures on a Production Line Other US Medical Device Regulations 5
D FDA 21 CFR Part 11 Compliant Digital (electronic) Signatures Document Control Systems, Procedures, Forms and Templates 7
K 13485 do e-signatures have to be 21 CFR Part 11 compliant? ISO 13485:2016 - Medical Device Quality Management Systems 8
D 21 CFR Part 11 Assessment (Fully Compliant or Not) Qualification and Validation (including 21 CFR Part 11) 9
S Is Adobe Sign - E-signature for QMS documents - 21 cfr part 11 compliant? ISO 13485:2016 - Medical Device Quality Management Systems 2
M Suggestions for Electronic Signature Software (FDA 21 CFR Part 11 Compliant) Qualification and Validation (including 21 CFR Part 11) 12
A Alternative to keeping hard copy records that is 21 CFR part 11 compliant Document Control Systems, Procedures, Forms and Templates 0
M How to validate a system to make it compliant with 21 CFR Part 11 Qualification and Validation (including 21 CFR Part 11) 2
B Part 11 Compliant Document Control Software recommendations Quality Assurance and Compliance Software Tools and Solutions 30
A 21 CFR part 11 compliant Electronic Document Management Systems Document Control Systems, Procedures, Forms and Templates 20
D Affordable electronic CAPA system (compliant to FDA 21 CFR Part 11) ISO 13485:2016 - Medical Device Quality Management Systems 1
W Part-11 Compliant Document Control & Integrated Training Software Document Control Systems, Procedures, Forms and Templates 15
J Software Outsourcing - 21 CFR Part 11 and HIPAA Compliant Applications Career and Occupation Discussions 1
X Separation of battery powered FB type applied part IEC 60601 - Medical Electrical Equipment Safety Standards Series 1
N Direct Part Marking of the "CE" symbol- Class I Device EU Medical Device Regulations 1
P Controls over Systems Documentation in 21 CFR Part 11 Qualification and Validation (including 21 CFR Part 11) 1
R Separation and PE Requirements of a Type B Applied Part IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
P Part 21G - Liabilities of a Quality Manager Form 4 Post Holder EASA and JAA Aviation Standards and Requirements 1
W Part 145 Maintenance Data Review EASA and JAA Aviation Standards and Requirements 1
C Part selection for Faro arm MSA Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 7
R Understanding ISO12944 (Part 4) Manufacturing and Related Processes 6
M Part submission warrant with every rev up of drawings APQP and PPAP 2
E Performing a GRR when you get multiple readings over time per part. Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 5
I Restricting scope to one part number for one customer IATF 16949 - Automotive Quality Systems Standard 6
P Certifying Staff leaving Part-145 organisation EASA and JAA Aviation Standards and Requirements 3
A Industry standard for stamped part Various Other Specifications, Standards, and related Requirements 2
P Can credentials (ID/PW) used to login be the same as when applying Electronic Signature (Part 11) US Food and Drug Administration (FDA) 2
M Mains on Patient with Part Attached to Protective Earth in Patient Area IEC 60601 - Medical Electrical Equipment Safety Standards Series 6
M Documentation accompanying an aerospace part AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
H Better to retain previous made parts or one part that is perfect Reliability Analysis - Predictions, Testing and Standards 2
T Accreditations as part of 9001 - Quality checks on your company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
T Customer Rejecting Part for Basic Dimension Inspection, Prints (Drawings), Testing, Sampling and Related Topics 16
H Should we stop inspecting a part if its never been rejected? Reliability Analysis - Predictions, Testing and Standards 6
M MSA - Dealing with inherent within-part variation in assemblies Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 1
C Multiple Part Numbers, IMDS RoHS, REACH, ELV, IMDS and Restricted Substances 2
J IEC 60601 Applied Part - Probes intended to be covered by sheaths IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
M Saline Infusion- Applied Part, Patient Connection IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
S Comparing measurement results for a part from two ring gage General Measurement Device and Calibration Topics 3
PQ Systems SQCpack Tech Tuesday Webinar 3-Part Series Using SQCpack Software 0
E Biocompatibility testing of our applied part seems redundant Other Medical Device Related Standards 2
A APPLIED vs ACCESSIBLE PART IEC 60601 - Medical Electrical Equipment Safety Standards Series 4
PQ Systems Device Integration with SQCpack - 3 Part Series Using SQCpack Software 0
PQ Systems Gage R&R - 3 Part Series Using GAGEpack Software 0
PQ Systems GAGEpack Tech Tuesday - 4 part series Using GAGEpack Software 0
PQ Systems GAGEpack Tech Tuesday - 3 part series Using GAGEpack Software 0
D Is an ethernet port part of the User Interface IEC 62304 - Medical Device Software Life Cycle Processes 5
C DV/PV Test Part Storage IATF 16949 - Automotive Quality Systems Standard 9
D IATF Requirements if remote plant has no interface with OEMs who are part of IATF? IATF 16949 - Automotive Quality Systems Standard 6
W Classes and Applied Part IEC60601 Electromedical Equipment IEC 60601 - Medical Electrical Equipment Safety Standards Series 1
E How to test 8.7.4.7 d) ? What "not protectively earthed accessible part" means? IEC 60601 - Medical Electrical Equipment Safety Standards Series 3

Similar threads

Top Bottom