1. Hello and Welcome to The Quality Forum Online...Continuing in the spirit of People Helping People !
    Dismiss Notice
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Active Directory

Discussion in 'Qualification & Validation (21 CFR Part 11)' started by Jesper wagner, Jul 4, 2018.

  1. Jesper wagner

    Jesper wagner New Member

    Joined:
    Sep 20, 2015
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    When signing on electronic record - can a combination of login to a computer using the active directory combined with a pin code (for each signoff) – be considered to fulfill the requirements of an electronic signature?

    Is there a requirement for the electronic signature to be recorded together with the record?
    The active directory password is changed every quarter.
     
  2. yodon

    yodon Active Member

    Joined:
    Aug 3, 2015
    Messages:
    80
    Likes Received:
    33
    Trophy Points:
    17
    Assuming all other requirements are met, I'd say technically, no; but practically, probably.

    The main sticking point I see is compliance with (11.200.a.1.i):

    When an individual executes a series of signings during a single, continuous period of controlled system access, the first signing shall be executed using all electronic signature components; subsequent signings shall be executed using at least one electronic signature component that is only executable by, and designed to be used only by, the individual.

    One could argue that the continuous session could be from the time of initial login but if you had a tech-savvy, picky reviewer, that may not fly. I think, though, if you can show sufficient controls are in place to ensure that that person who originally signed in is, indeed, the person executing the signature electronically, most reviewers would accept it. Again, that's predicated on the assumption that all other requirements are met.

    Typically, most tools require a login (to initiate the 'continuous session') and then the (unique) PIN (or password) is provided for each signature.
     

Share This Page