FDA Compliance Software

CATSWeb complies 100% with the FDA's 21 CFR Part 11 requirements -- rest assured.

Are you concerned about Title 21 CFR Part 11 FDA regulations governing electronic records and electronic signatures? Don't be. The FDA Edition of CATSWeb is fully compliant.

Record Archiving (Audit Trail)
CATSWeb automatically maintains a secure, time-stamped audit trail of all changes made to any electronic record. It does this by saving a complete copy of the record to read-only archive tables immediately before a change is made. Users making changes must enter a reason for their change, and this information is also securely archived. The View Edit History button appears with each record and may be used to view all past versions of the record, from the time it was created until the present. Changes made to associated notes, file attachments, and links are also archived, delivering a complete solution.

Key advantages of the CATSWeb record archiving features include:

• Record level archiving (as opposed to just field-level). The entire record is archived, not just the changed fields
  
• Analogous to paper-based document control
  
• Audit trail is fully queryable
  
• The context of the record is preserved, and is court admissible evidence
  
• File attachments are stored within the database, and access control is maintained by CATSWeb.
  
• Prior versions of all attachments are maintained in their entirety
  
• The CATSWeb audit trail is useful, not just compliant

Electronic Signatures
The CATSWeb system utilizes dual independent passwords, one for login and a separate password used only for electronic signatures. Users must enter their signature password each time they add a signature to a record. The signature password is encrypted and known only to the user. Once added to a specific record, signatures cannot be modified, copied, transferred, or deleted. Signatures can be of various types (approval, acknowledgement, etc.) and comments may be included with each signature.

Security Controls
CATSWeb enables the administrator to define a number of parameters which help ensure "strong" passwords and a secure system. These include minimum password length, minimum number of numeric characters in a password, maximum password lifetime, and a maximum number of failed login attempts for each user. When the user exceeds the maximum number of failed login attempts, they immediately lose their ability to access CATSWeb, even if they eventually submit a valid password. An urgent message is also sent to all system administrators (via email, pager, etc.), allowing them to take further action if the login attempts are believed to have originated from an unauthorized user.

Key advantages of the superior CATSWeb security controls include:

• Field and record access restrictions (competitors typically have one or the other, but not both)
  
• NT Authentication can be enabled
  
• Restrict access or connections to specific IP addresses
  
• Independent electronic signature password
  
• SSL encryption can be enabled
  
• Flexible proxy signature permissions
  
• Dual Authenticated Password Resets (requires 2 separate administrators to collaborate to reset a user password)
  
• Password duration, minimum password length, minimum numeric characters in password are all configurable
  
• Password history (disallows password reuse)
  
• Inactivity timeout
  
• Maximum session duration

Click Here to Download