Requirement for Signature on Document

Jen C

Involved In Discussions
#1
Hello - we work in Medical Devices, under ISO 13485, EU MDR, 21 CFR 820 and numerous other country regulations.

We're working on updating our document control process, and QS would like to remove the requirement to have an actual signature on each document (i.e., there would be neither physical nor electronic signature).

Our documents go through an extensive document change process, and signatures are captured on the DCO form. The argument is that we can show documents are approved via the process and thus an actual signature is not required on the document itself.

I agree insofar as I can't find any specific requirement for a signature on each document, as long as we can show it's gone through an established approval process and we have signatures from the appropriate defined approvers. But in practical terms, I'm concerned this will lead to constant questions in audits and submission reviews about how we can show each document is approved if it doesn't have a signature on it. I don't want to be always having to show the DCO form to prove the approvals were obtained.

Has anyone successfully implemented a system without signatures on the documents themselves?
 
Elsmar Forum Sponsor

Tagin

Trusted Information Resource
#2
21CFR820.40 Document controls

Document approval and distribution. Each manufacturer shall designate an individual(s) to review for adequacy and approve prior to issuance all documents established to meet the requirements of this part. The approval, including the date and signature of the individual(s) approving the document, shall be documented.
...Each manufacturer shall maintain records of changes to documents. Change records shall include a description of the change, identification of the affected documents, the signature of the approving individual(s), the approval date, and when the change becomes effective.
I believe there may be the possibility to use electronic signatures as an alternative to handwritten ones, but I'm not certain.
 

indubioush

Quite Involved in Discussions
#3
Has anyone successfully implemented a system without signatures on the documents themselves?
Yes. At most of the medical device companies I have worked for, the controlled documents do not have any signature. The document contains a reference to the change order number. The change order record contains the approval signature. There is absolutely no problem with this.

But in practical terms, I'm concerned this will lead to constant questions in audits and submission reviews about how we can show each document is approved if it doesn't have a signature on it. I don't want to be always having to show the DCO form to prove the approvals were obtained.
Yes, you will have to show the DCO to prove that the approvals were obtained. However, the auditor will not be asking for every DCO for every document they look at. They will do a sampling of your DCOs when auditing your document control and change control processes.
 

silentmonkey

Involved In Discussions
#4
Should be fine. Our documents don't have signatures on it. In some cases, I have seen "refer to XYZ for approvals" where XYZ can be a change order document or the audit trail in the electronic document management system.
 

yodon

Staff member
Super Moderator
#5
I believe there may be the possibility to use electronic signatures as an alternative to handwritten ones, but I'm not certain.
There is... but in the US, that is governed by 21CFR Part 11 (the dreaded electronic records / electronic signatures regulation). They're still applying "enforcement discretion" so if you can demonstrate good controls, it's likely fine. (It's definitely worth a read if you plan on going this route.)
 

Jen C

Involved In Discussions
#6
Thanks all! Yes, we are implementing Part 11-compliant electronic signatures for other things (e.g., for the DCO approvals), but we don't want any signatures at all on the documents. It helps to know others have done this without too many issues. I'll likely suggest including a generic statement on the front page of each document stating something like "approval signatures are documented on the DCO form in accordance with SOPXXX" in an attempt to head off too many questions, but I'm sure even that isn't necessary.
 

indubioush

Quite Involved in Discussions
#7
"approval signatures are documented on the DCO form in accordance with SOPXXX" in an attempt to head off too many questions, but I'm sure even that isn't necessary.
It is actually quite helpful to the organization to have a revision history table with reference to each revision's change order. Not required, but this is typical.
 
#8
I have worked for a number of global Medical Device and Pharma companies. I have yet to see any of them not have a signature page included as part of the released document. Not to say it can't be done other ways, but attaching a signature page to the document is the cleanest (Most EDMS do this automatically nowadays). How you deploy your DCOs? Consider if a DCO will contain multiple documents and if those documents always have a uniform approval matrix or different approval matrices (in other words, do all approvers of the DCO approve all attached documents or only those pertinent to them/their department/function). If not uniform, then how will you document who approved which document? Depending on the size and complexity of your company, perhaps the same functions approve all documents today, but as you grow, this seldom remains the case. Plan for growth and design for the future.

During an audit, the auditor always wants to know who reviewed/approved a document. They may also want to know the meaning of a signature (ie: approver, technical reviewer, etc.). Whatever you do, be certain that the approval process clearly documents who approved which documents.

Lastly consider this; If you always have to produce a DCO to document the approvals, will this practice ever lead the auditor on a "fishing expedition"? If all they want to know is if the appropriate functions approved a document, do you need to give them more information than what they ask for and possibly lead them down another path of investigation because of something that catches their eye in the DCO?
 

indubioush

Quite Involved in Discussions
#9
How you deploy your DCOs? Consider if a DCO will contain multiple documents and if those documents always have a uniform approval matrix or different approval matrices (in other words, do all approvers of the DCO approve all attached documents or only those pertinent to them/their department/function).
They approve all documents in the DCO. Signature matrices show minimum required approvers.

will this practice ever lead the auditor on a "fishing expedition"?
There is a chance of that, but this has never been an issue for me and nor is it a fear. I would much rather show approvers through the DCO alone rather than go obtain final signatures on my final document after the DCO has been approved. Now I have a question for you. Do your approvers also sign the DCO or do they just sign the document?
 
#10
They approve all documents in the DCO. Signature matrices show minimum required approvers.


There is a chance of that, but this has never been an issue for me and nor is it a fear. I would much rather show approvers through the DCO alone rather than go obtain final signatures on my final document after the DCO has been approved. Now I have a question for you. Do your approvers also sign the DCO or do they just sign the document?
It depends on the system being used, but most often the approvals are on the documents. The most recent Agile based PLM system uses the CR/CO approach (CMII). First a Change Request (CR) is created wherein the entire change is scoped out, impact assessment performed and documented, implementation plan created, SME input gathered, costs estimated, etc. The CR is approved. Then one or more change orders (CO) created to execute the change. The revised documents are signed then. COs also assign and track implementation activities to completion.

By the way, if your documents contain extensive change history tabulations, this can lead to auditor "fishing expeditions " as well. I have seen it happen. Just a word to the wise....
 
Last edited:
Thread starter Similar threads Forum Replies Date
B Requirement to have Customer Signature Profile on File Document Control Systems, Procedures, Forms and Templates 7
K AS9102 Field 19 Signature Requirement AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 9
E Language requirement DoC EU Medical Device Regulations 3
I QMS monitoring, measurement, analysis and evaluation requirement - Template ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
C Non-sterile reusable surgical instruments - FDA sterilization requirement Other Medical Device Related Standards 2
L Water requirement for Non-sterile topical OTCs Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 0
C Requirement to link Quality Manual to ISO 9001 clause numbers? ISO 13485:2016 - Medical Device Quality Management Systems 13
B FDA requirement for CAPA Signoff ISO 13485:2016 - Medical Device Quality Management Systems 6
W Pfmea function requirement and failure mode FMEA and Control Plans 6
Y 510k requirement for bringing in gloves Medical Device and FDA Regulations and Standards News 0
S PSUR - MDR First Submission Requirement? EU Medical Device Regulations 2
J When PPAPs are not a contractual requirement APQP and PPAP 9
I Overwhelmed with attribute MSA requirement for visual inspection IATF 16949 - Automotive Quality Systems Standard 8
Brizilla Employee Data Privacy Policy - ISO 9001:2015 requirement(s)? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
P Clinical Trial Requirement - No equivalent devices in the market CE Marking (Conformité Européene) / CB Scheme 3
J Requirement for Retention of Records of Withdrawn Documents of External Origin Document Control Systems, Procedures, Forms and Templates 3
T ISO 17025: Lockout/Tagout Requirement ISO 17025 related Discussions 1
A The requirement of the PMS plan--suitable indicators and threshold values EU Medical Device Regulations 0
S Battery powered device - electrical protection requirement IEC 60601 - Medical Electrical Equipment Safety Standards Series 18
K Regulatory requirement of SaMD with machine learning component IEC 62304 - Medical Device Software Life Cycle Processes 3
A ASL requirement when the supplier is certified for ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 6
P Regulatory or registration requirement for disinfectant in ASEAN Registrars and Notified Bodies 1
P IATF 16949 requirement - error-proofing in control plan IATF 16949 - Automotive Quality Systems Standard 3
C ISO/ IEC 17021 Resource requirement (need help) Document Control Systems, Procedures, Forms and Templates 5
D ISO 14971:2019 vs MDR Annex 1, Requirement #4 - "Manufacturers shall inform users of any residual risks" ISO 14971 - Medical Device Risk Management 5
B IATF16949 audit requirement - Auditor request UCL and LCL must be show Xbar-R, IATF 16949 - Automotive Quality Systems Standard 7
J 21 CFR 821 Medical Device Tracking Requirement 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
J Is Device Tracking Card an actual requirement under FDA regulation? Other US Medical Device Regulations 0
W Misinterpretation of requirement acceptable as root cause? Problem Solving, Root Cause Fault and Failure Analysis 19
S ECG Cable Banana to Snap or Tab electrode Adapters -- ISO 10993 Requirement Other Medical Device Related Standards 0
D IATF 16949 Requirement for CMMI in a Global Company Elsmar Cove Forum Suggestions, Complaints, Problems and Bug Reports 0
W Regarding Requirement for Hi pot & Leakage Current test Station Set-up IEC 60601 - Medical Electrical Equipment Safety Standards Series 6
L Stage 2 audit - Requirement for 3 months of records ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
M Requirement to manufacture under a quality management system EU Medical Device Regulations 4
A Risk Number for each software requirement IEC 62304 - Medical Device Software Life Cycle Processes 7
T ISO 17025:2017 requirement 5.7.b. about maintenance the integrity of the management system ISO 17025 related Discussions 1
I Laboratory Fridge / Freezer Inventory - Requirement(s) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
A Several sections of traditional 510(K) have the same or similar requirement of content. US Food and Drug Administration (FDA) 4
S Requirement to Conduct New Shelf-life Testing? (re-do testing for design change) EU Medical Device Regulations 3
C Compliance with ISO 17025 requirement 8.4.2 - Controls - Records recovery ISO 17025 related Discussions 4
Q User Requirement Specification for HR (Human Resource Management System) Manufacturing and Related Processes 1
P Obstruction alarm requirement ISO 80601-2-12 Other Medical Device Related Standards 1
P Electrosurgical Device User Need: Cord Flexibility -> Requirement Other Medical Device and Orthopedic Related Topics 4
C Industrial scales and MSA (IATF 16949 requirement 7.1.5.1.1) IATF 16949 - Automotive Quality Systems Standard 30
C ISO 13485 Requirement in Australia/NZ for class 1? ISO 13485:2016 - Medical Device Quality Management Systems 1
N Label Placement Requirement in MDD/MDR EU Medical Device Regulations 1
adir88 MDR requirement: Risk Management Plan for "each device" ISO 14971 - Medical Device Risk Management 5
S Article 61 - MDR Clinical Investigation Requirement EU Medical Device Regulations 5
V 3 PQ lots mentioned as requirement in PPAP. Is this necessary? APQP and PPAP 2
I MSA requirement for 5 Micrometers + CP changes need customer approval? IATF 16949 - Automotive Quality Systems Standard 2

Similar threads

Top Bottom