Server and Part 11

reyinqu
reyinqu used Ask the Experts™
on
1- How to set a server that is in compliance with 21 CFR Part 11?

2- What audit trail can be used?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017

Commented:
OS on server? Purpose of server?
Data stored on server?
Shawn McCloskeySystem Analyst

Commented:
I have worked with multiple Pharmaceutical companies and what you are asking is a big question that you have to answer by yourself.  Implementation of 21 CR21 CFR Part 11 can never be implemented in a vacuum.

It must be implemented within the confines of what the company decides is acceptable on how to implement 21 CFR part 11.  As an implementer of a solution, a server, or an application, this should have been worked out and presented to you to follow, not for you to develop.  

Of course you would have some responsibility, but for it to be handed blindly to you to resolve, is tantamount to failure.

Can you provide some more details of what is expected of you?

Author

Commented:
To store data in a file server.  Shawn,  looking what is usually done
Bootstrap 4: Exploring New Features

Learn how to use and navigate the new features included in Bootstrap 4, the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first websites.

Distinguished Expert 2017

Commented:
The picture is incomplete. Data files stored on the file server with users being able to directly access them, or will they have access through a document management system, IBM documentum, opentext's Livelink ECM, alfresco, etc.

Auditing on the file access for creating, deleting, updating, etc.....versioning control.......

Author

Commented:
a computer will sends the files to the server using a service account.  Users will be able to view the files at the server directly.

Author

Commented:
None of the responses answer the question:

How to complies with part 11 using a file server to store data?
Distinguished Expert 2017
Commented:
Restrictions granting rights by security group and auditing enabled on the share.
Auditing on login/logout to the system as well.
You have to centralize auditing potentially using splunk.
Depending on the data, you may have to proactively analyze the data deals with alerting when a single user accesses an inordinate number of files I a set period.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial