Skyland PIMS and Regulatory Compliance
Infosheet
Approach for US FDA 21 CFR Part 11 electronic records and electronic signatures
Skyland PIMS has been designed, developed and tested to enable compliance to 21 CFR Part 11 to accommodate the regulatory needs of its users.
Skyland PIMS is a cloud-based, single-tenant SaaS application and available only through an internet connection. However, IDBS has no ability to access the application; the customer is in full control of system access and system content. Therefore, it is technically classified as a Closed System (11.3 (4)).
Skyland PIMS compliance-related features include:
PIMS configuration
- Approval Required
- Signature Required
- Session Timeout
- Limit Login Attempts (LDAP only)
Features supporting approval and signatures
- PIMS Limits
- PIMS Batch
Connections to customer data sources
When connections are made to SQL data sources (available starting with PIMS v3.1), PIMS maintains a strict read-only relationship with a customer’s underlying data source(s). The original data is never altered, replaced or supplanted by PIMS and the integrity of the original data as an electronic record is fully preserved. Thus the original data remains the customer’s formal “electronic record” even when PIMS is used to upload subsets of that data so that users can perform analyses or create reports.
Audit report
All changes within PIMS are fully audited, providing:
Acting User full name (stored with unique username)
- Action Performed
- Object Modified
- Audit Date and Time
- Old Value
- New Value
Regulation traceability
| 21 CFR Part 11 Section | Skyland PIMS |
| 11.10 a – Validation | a: customer is responsible – IDBS provides an optional Validation Kit to provide assistance |
| 11.10 b (ability to generate accurate and complete copies) | b: electronic records may be printed1 |
| 11.10 c (protection of records) | c: signature records are permanently recorded |
| 11.10 d (limited access) | d: user access is controlled by product and role |
| 11.10 e (audit trail) | e: electronic signature actions are audited |
| 11.10 f (system checks) | f: signers must have role and record must be ready for signature |
| 11.10 g (authority checks) | g: signer must have appropriate role and be the logged-in user |
| 11.50(a)(1) and (3); 11.50(b) – Signature manifestation | PIMS signatures provide the name of the signer, date/time and reason for signature (Submit/Approve/Reject)2 |
| 11.70 Signature/record linking | PIMS signatures are linked to the record (Limit, Batch, Batch Value) |
| 11.100(a) – Identity of signer | PIMS usernames are enforced to be unique; duplicate full names can be distinguished using the unique username ID |
| 11.200(a)(1)(i) and (ii) | 1: PIMS signatures are comprised of username and password 1i: first signing requires both components 1ii: subsequent signings require only password (LDAP only) |
| 11.200(a)(2)(3) | PIMS signatures must be by the logged-in user |
| 11.200(b) – signature components | PIMS signatures are comprised of username and password |
| 11.300(a) – uniqueness | PIMS usernames are forced to be unique |
1 – This is currently supported by printing relevant audit records
2 – Reasons for signatures are currently limited to Submit, Approve, Reject and Unapprove and are directly tied to the action
As with all GMP-related systems, IDBS expects that each customer will make its own evaluation of the applicability of 21 CFR Part 11 to PIMS based on its own internal standards, interpretations, guidelines, checklists and other applicable criteria.
IDBS is willing to provide additional assistance and consultation as needed.
Find out more about smarter drug manufacturing process data management.
Get started today. Download this paper.
More Info Sheets