Product Information Rheometers Rheoplus and 21 CFR Part 11 21 CFR Part 11 has been introduced by the US Food and Drug Administration (FDA) to allow the use of electronic records and signatures instead of paper records. The Rheoplus software with the optional module "21 CFR Part 11" supports the requirements stated in that part. The Rheoplus software with "21 CFR Part 11" has been developed, tested and validated as stated in the “Certificate of Compliance”. The procedures are established in the ISO 9001 certified quality control system of Anton Paar GmbH. The certificate is available for each released software version. The Rheoplus software with "21 CFR Part 11" module assists in achieving compliance by providing key features such as the electronic signature, login, audit trail and data retrieval. It needs to be noted that for full compliance, the implementation of procedures with the regard to the administration and use of the software and equipment are necessary as well as suitable measures on the operating system level. This document lists the features of the Rheoplus software with "21 CFR Part 11" module with direct reference to the corresponding section of the FDA document.

General The Rheoplus software with "21 CFR Part 11" is intended to be used as a closed system and should therefore be subjected to the requirements given in 21 CFR Part 11 for closed systems. The software alone cannot provide the access control and data security that is required for full compliance. It should therefore only be installed on a secure operating system such as Windows XP, Windows Vista or Windows 7 with a secure file system (NTFS). Access to the operating system needs to be restricted to the appropriate persons, further, access to safety relevant folders, such as the audit trail and user record directories, needs to be set up correctly. Detailed access right settings are available from Anton Paar GmbH. The protection of files, such as workbook templates, is only possible at operating system level. The access to vital files needs to be restricted to persons with the required knowledge about the Rheoplus software and the measurement requirements. Further, appropriate procedures for the set up and change of templates as well as the use of the software have to be established. The audit trail of the software, an XML based system, tracks all actions performed on the templates, workbooks and relevant software files within the Rheoplus software, including date, time and current user. The software can be set up in a way that either one or two electronic signatures, i. e. one or two unique users, are required for each modification.

Anton Paar High-precision Instruments www.anton-paar.com

Tel.: +49 (0)711 720 91-0 E-mail: [email protected]

White Paper 21CFR Part11 and Rheoplus_b.doc Page 1 of 8

Product Information Rheometers Requirements 21 CFR Part 11 – Subpart B Electronic Records 11.10 Controls for closed systems (a) Validation of systems to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records

Yes

The validation of the intended performance and correct operation of each release of the Rheoplus with "21 CFR Part 11" is done by Anton Paar GmbH in accordance with the internal QM regulations and ISO 9001. The user templates including all measurement and analysis parameters are developed, validated, signed and released by one or two users of the software. It is the responsibility of the user to ensure correct operation of these files and to ensure a version management. Software settings, such as automatic numbering, may assist in this. A modification of a template requires saving the file, the event is recorded in the audit trail and the previous version can be retrieved. External modification of the files is also noted in the audit trail, these files are invalid. Measurement data are saved in a coded binary format and cannot be modified by normal means. The measurement data further included the parameters that have been used to generate the data thus providing additional traceability of the method. Imported data are marked as ‘ASCII data’ and can therefore not be mistaken for genuine measurement data. Further details on data safety are given in the document “Safety of electronic recording”.

(b) The ability to generate accurate and complete copies of records in both human readable and electronic form suitable for inspection, review and copying by the agency.

Yes

Measurement and analysis results can be automatically printed as pdf-files or exported as txt/csv files. The contents of the audit trail can be exported.

(c) Protection of records to enable their accurate and ready retrieval throughout the retention period.

Yes

Anton Paar GmbH recommends to store the archive files (audit trails, e.g. saved on optical archive, CD or DVD) together with the corresponding Anton Paar software. Whenever data is exported to external format such as ASCII or PDF we expect that these formats are still readable in the future. Also for exported files it is recommended to store them together with the corresponding reading tools. All files in the archive should be „read only“.

(d) Limiting system access to authorized individuals

Anton Paar High-precision Instruments www.anton-paar.com

Yes

The access to the software is restricted to registered users only. A user account has to be set up by the administrator. The account mainly consists of name, group (i.e. access level) and password. Length of password and validity is set by the administrator, reusing a password is prohibited throuhout a number of days (also set by the administrator). All changes to users are logged in the audit trail. The use of the Windows login is possible, depending on the setup chosen by the administrator.

Tel.: +49 (0)711 720 91-0 E-mail: [email protected]

White Paper 21CFR Part11 and Rheoplus_b.doc Page 2 of 8

Product Information Rheometers 11.10 Controls for closed systems contd. (e)Use of secure, computer-generated, timestamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obsure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying.

Yes

(f) Use of operational system checks to enforce permitted sequencing of steps and events, as appropriate.

Yes

The sequence of single steps can be forced through the use of a so-called assistant in the workbook template.

(g) Use of authority checks to enforce permitted sequencing of steps and events, as appropriate.

Yes

Templates including the above named assistant are set up, signed and released by a user with administrator or superuser level. The assistant is set up by the administrator, users at operator level do not have access to the functions for changing the assistant. Once a user with a lower access level is logged in, the functions for the modification of a sequence are not accessible. The access rights for each user level is pre-defined in the software.

(h) Use of device (e.g. terminal) checks to determine, as appropriate, the validity of the source of data input or operational instruction.

n. a.

The device communication is limited to the devices that are installed to the Rheoplus software. The serial number of the device is checked before at test is started, measurements with unidentifiable devices is not possible.

(i) Determination that persons who develop, maintain, or use electronic record/electronic signature systems have the education, training, and experience to perform their assigend task.

n. a.

The determination whether a person fulfills this requirement is the responsibility of the user. Anton Paar GmbH and its subsidiaries can assist with the necessary training during installation of the system, software and rheology trainings and support.

Anton Paar High-precision Instruments www.anton-paar.com

All changes within the electronic records, i.e. workbooks and templates, user administration and general administrative tasks within the software will be stored automatically in the audit trail including date, time and the user logged in at the time of the event. All changed records can be retrieved from the audit trail, i. e. a record of all versions is available. The audit trail can be backed up to a suitable media, to ensure readability, the corresponding software version should be backed up as well.

Tel.: +49 (0)711 720 91-0 E-mail: [email protected]

White Paper 21CFR Part11 and Rheoplus_b.doc Page 3 of 8

Product Information Rheometers 11.10 Controls for closed systems contd. (j) The establishment of, and adherence to written policies that hold individuals accountable and responsible for actions initiated under their electronic signatures, in order to deter record and signature falsification.

n. a.

(k)Use of appropriate controls over systems documentation including: (1) Adequate controls over the distribution of documentation for system operation and maintenance. (2) Revision and change control procedures to maintain an audit trail that documents time-sequenced development and modification of systems documentation.

n.a.

The establishment and control of suitable policies is the responsibility of the user. The electronic signature in the software is safe in that regard that it cannot be modified by normal means. The meaning of an electronic signature is indicated whenever a user has to sign a document. Additional texts can be added by the administrator. Modifications of vital records are visible in the audit trail and not possible without the login of the user which is recorded as well. The fulfilment of this requirement is the responsibility of the users and outside the scope of the software.

11.30 Controls for open systems 11.30

Anton Paar High-precision Instruments www.anton-paar.com

n.a.

The software is a closed system. The software is using the Microsoft Windows encryption mechanism based on the MS Internet Explorer (IE8.0 or higher) technology.

Tel.: +49 (0)711 720 91-0 E-mail: [email protected]

White Paper 21CFR Part11 and Rheoplus_b.doc Page 4 of 8

Product Information Rheometers 11.50 Signature manifestations (a) Signed electronic records shall contain information associated with the signing that clearly indicates all of the following: (1) Printed name of the signer (2) the date and time when the signature was executed; and (3) The meaning (such as review, approval, responsibility, or authorship) asscociated with the signature.

Yes

The electronic signature consists of the following information: name, date, time. The meaning of the electronic signature as such is indicated whenever a user signs an electronic document. It is the responsibility of the user to establish appropriate procedures to ensure that users enter the correct information into the field provided by the software when signing an electronic record. The electronic sign can be shown and printed for each individual document.

11.70 Signature / record linking Electronic signatures and Yes/n.a. The relation of electronic record and electronic signature is unique handwritten signatures and cannot be changed by ordinary means. An attempt to modify a shall be linked to their signed electronic record outside of the software will result in an respective electronic invalid record. Handwritten signatures are not within the scope of records to ensure that the the software. signatures cannot be excised, copied or otherwise transferred to falsify an electronic record by ordinary means.

Anton Paar High-precision Instruments www.anton-paar.com

Tel.: +49 (0)711 720 91-0 E-mail: [email protected]

White Paper 21CFR Part11 and Rheoplus_b.doc Page 5 of 8

Product Information Rheometers Requirements 21 CFR Part 11 – Subpart C Electronic Signatures 11.100 General requirements (a) Each electronic signature shall be unique to one individual and shall not be reused by, or assigned to, anyone else.

Yes

The electronic signature is computed using a unique user ID assigned by the software, the user name and password.

(b)/(c)

n.a.

Not within the scope of the software.

11. 200 Electronic signature components and controls (a) Electronic signatures that are not based upon biometrics shall:

Yes

The electronic signature is computed using a unique user ID assigned by the software, the user name and password.

(i) When an individual executes a series of signings during a single, continuous period of controlled system access, the first signing shall be executed using all electronic signature components; subsequent signings shall be executed using at least one electronic signature component that is only executable by, and designed to be used only by, the individual.

Yes

Each electronic signature includes all components. The signature can only be carried out by the individual currently logged in and, if appropriate, a second registered user which needs to enter both user name and password for signing.

(ii) When an individual executes one or more signings not performed during a single, continuous period of controlled system access, each signing shall be executed using all of the electronic signature components.

Yes

Each electronic signature includes all components. The signature can only be carried out by the individual currently logged in and, if appropriate, a second registered user which needs to enter both user name and password for signing.

(1) Employ at least two distinct identification components such as an identification code and password.

Anton Paar High-precision Instruments www.anton-paar.com

Tel.: +49 (0)711 720 91-0 E-mail: [email protected]

White Paper 21CFR Part11 and Rheoplus_b.doc Page 6 of 8

Product Information Rheometers 11. 200 Electronic signature components and controls contd. (2) Be used only by their genuine owners; and

n.a.

It is the responsibility of the user to protect username and password against inappropriate use.

(3) Be administered and executed to ensure that attempted use of an individual’s electronic signature by anyone other than its genuine owner requires the collaboration of two or more individuals.

n.a.

An electronic signature can only be generated by the individual. To avoid the inappropriate use of a password, the user needs to be prompted to choose the password at the first login after creation.

(b)

n.a.

The software does not use biometrics.

11.300 Controls for identification codes / passwords (a) Maintaining the uniqueness of each combined identification code and password, such that no two individuals have the same combination of identification code and password.

Yes

The combination of user name, user ID and password in the software is unique. The use of the operating system login instead of a separate software login in is possible.

(b) Ensuring that identification code and password issuances are periodically checked, recalled, or revised.

Yes

The validity period of the password can be set by the user for the software. If the operating system login is used instead, the rules for that login apply which are outside the scope of the software.

(c) Following loss management procedures to electronically deauthorize lost, stolen, missing, or otherwise potentially compromised tokens, cards and other devices that bear or generate identification code or password information, and to issue temporary or permanent replacements using suitable, rigorous controls.

n.a.

The protection of the password is the responsibility of the user. A user may be disabled by the administrator to prevent unauthorized access or prompted to create a new password, if appropriate.

Anton Paar High-precision Instruments www.anton-paar.com

Tel.: +49 (0)711 720 91-0 E-mail: [email protected]

White Paper 21CFR Part11 and Rheoplus_b.doc Page 7 of 8

Product Information Rheometers 11.300 Controls for identification codes / passwords cont. (d) Use of transaction safeguards to prevent unauthorized use of passwords and/or identification codes, and to detect and report in an immediate an urgent manner any attempts at their unauthorized use to the system security unit, and, as appropriate, to organizational management.

Yes

(e) Initial and periodic testing of devices, such as tokens or cards, that bear or generate identification code or password information to ensure that they function properly and have not been altered in an unauthorized manner.

n.a.

Anton Paar High-precision Instruments www.anton-paar.com

Failed logons are recorded in the audit trail, a user is locked after a fixed number of incorrect logon attempts and can only be reactivated by an administrator. Passwords are not visible during entry.

The software does not use tokens or other identification devices.

Tel.: +49 (0)711 720 91-0 E-mail: [email protected]

White Paper 21CFR Part11 and Rheoplus_b.doc Page 8 of 8