21CFR11

Get started

Legislative summary
In order to assist medical companies in complying with electronic records and electronic signature requirements of Part 11 of Title 21 of the United States Code of Federal Regulation (commonly abbreviated 21 CFR 11), the U.S. Food and Drug Administration (FDA) has published guidance for the proper use of electronic records and electronic signatures for any record that is required to be kept and maintained by FDA regulations. The guidance outlines "criteria under which the agency considers electronic records, electronic signatures, and handwritten signatures executed to electronic records to be trustworthy, reliable, and generally equivalent to paper records and handwritten signatures executed on paper."

Due to the law and FDA guidance, medical companies and organizations dealing with highly sensitive medical information are being required to provide secure electronic signatures as part of 21 CFR 11. The new requirements ensure that electronic records and electronic signatures are trustworthy, reliable and generally equivalent substitute for paper records and handwritten signatures. As interactions among equipment, operators and computers become commonplace, it is important to establish a secure means to communicate and store information.

HP Application Security Center capabilities

• Assess your web applications for vulnerabilities that may result in the disclosure of sensitive or private medical record information
• Verify that web application access to sensitive information is controlled by authentication and authorization
• Identify web application command injection vulnerabilities that may execute malicious code or programs
• Verify that communications with your web applications are secure
• Get detailed security assessment reports categorized by 21 CFR 11 sections

Learn more