Signature Uniqueness—11.100 (a)
- Last UpdatedDec 13, 2016
- 1 minute read
21 CFR Part 11:
"(a) Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, anyone else."
FDA-audited industries should use the OS User Based or OS Group Based Security model for best results. Both OS Security models use Windows operating system authentication. This permits user name and password management, outside InTouch, directly in the Windows operating system environment. By using OS Security you benefit from the standard Windows functions for password aging, logon maximum trial, user name uniqueness and more.
It is not recommended to use local OS Groups as Roles, as that requires each node within a Galaxy to have the same OS Users, Groups, and user-group mappings to get the same level of access to the user at each node. Defining users on individual nodes creates a possibility of the same user name being assigned to different users. For example, if user name jdoe was used on a node for John Doe and jdoe was used on a different node for Jane Doe, within the same system, alarm or event records would not be able to distinguish between the users. Managing users in a single location and authenticating by connecting to that location eliminates the potential for multiple users having the same user name, which in turn ensures signature uniqueness.