Phone: (919) 573-6132 Fax: (919) 677-8470 21CFR Part 11 FDA Public Meeting Comments Presented by: M. Rita.

Slides:



Advertisements
Similar presentations
Nishidh, CISSP. To comply with Sarbanes oxley and other legislations To comply with industry standards and business partner requirements To protect.
Advertisements

IT Security Policy Framework
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Company LOGO Capstone Project By Kristie Brown Agenda 1. Overview 2. Future Changes and Possibilities 3. Challenges 4. Skills and Abilities Developed.
© 2014 Nelson Brown Hamilton & Krekstein LLC. All Rights Reserved PRIVACY & DATA SECURITY: A LEGAL FRAMEWORK MOLLY LANG, PARTNER, NELSON BROWN & CO.
Brief Synopsis of Computer Security Standards. Tenets of Information Systems Security Confidentiality Integrity Availability Over the years, standards.
Security Controls – What Works
E-Commerce: Legal and Practical Issues Legal Issues: Security – December 2, 2005 Stephen M. Foxman Philadelphia.
WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Selecting and Implementing an LMS for your Company Session Code #2411.
 Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall Chapter 15 Implementing and Validating the Quality System.
RC14001 ® Update GPCA Responsible Care Committee September 23, 2013.
Session 3 – Information Security Policies
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
11/2/991 CDER’s 21 CFR Part 11 Implementation Study Greg Brolund Associate Director, Office of Information Technology, CDER/FDA.
Pharmaceutical Regulatory and Compliance Congress and Best Practices Forum 21 CFR Part 11 Considerations November 14, 2002.
Top Tactics for Maximizing GMP Compliance in Blue Mountain RAM Jake Jacanin, Regional Sales Manager September 18, 2013.
21 CFR Part 11 A Food Industry Perspective FDA Public Meeting June 11, 2004 Sia Economides Center Director Center for Development of Research Policy and.
Are you ready for a recall? Medical Device Regulatory, Reimbursement and Compliance Congress March 28, 2007 Willie R. Bryant, Jr. Consultant Stericycle,
1 HIPAA Security Overview Centers for Medicare & Medicaid Services (CMS)
© 2009 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Career Education Computers in the Medical Office Chapter 2: Information Technology.
MethodGXP The Solution for the Confusion.
IN FOCUS LEGAL AND OTHER REQUIREMENTS RECYCLER QUALIFICATION OFFICE MARCH 2014.
Evolving IT Framework Standards (Compliance and IT)
Business Analysis: A Business Unit Perspective International Institute of Business Analysis January 18, 2012.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Basics of OHSAS Occupational Health & Safety Management System
HIPAA PRIVACY AND SECURITY AWARENESS.
ISMS for Mobile Devices Page 1 ISO/IEC Information Security Management System (ISMS) for Mobile Devices Why apply ISMS to Mobile Devices? Overview.
FDA Docket No. 2004N-0133 Themes for Renewal of 21 CFR Part 11 Rule & Guidance by Dr. Teri Stokes, GXP International
PERSONNEL TRAINING IN BIOANALYSIS DR. SHIVPRAKASH MANAGING DIRECTOR SYNCHRON RESEARCH SERVICES PVT. LTD., INDIA.
How to Gain Comfort in Losing Control to the Cloud Randolph Barr CSO - Qualys, Inc SourceBoston, 23. April 2010.
Compliance Management Platform ™. Compliance Management Platform Compliance is the New Marketing – Position yourself to thrive in the new regulatory and.
The PRISM Privacy Tool: A User’s Guide PHDSC Home Page  PRISM Web Page 
Supervision of Information Security and Technology Risk Barbara Yelcich, Federal Reserve Bank of New York Presentation to the World Bank September 10,
PwC 21 CFR Part 11 – A Risk Management Perspective Patrick D. Roche 07 March 2003, Washington D.C.
1 Thank you for visiting our site and welcome to the “Introduction to ISO 22000” Presentation that you requested. For more information.
Technology Supervision Branch Interagency Identity Theft Red Flags Regulation Bank Compliance Association of CT Bristol, CT September 3, 2008.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Engineering Essential Characteristics Security Engineering Process Overview.
May 22, 2000Wright-Hamilton Associates1 How Environmental Management System Development Can Enhance Your Company’s Environmental Health and Safety Michele.
Compliance Promotion Formalizing an Approach to Support Stakeholder Compliance.
Part 11 Public Meeting PEERS Questions & Responses The opinions expressed here belong to PEERS members and not the corporate entities with which they are.
SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:
. 1.  EH&S Strategic Plan ◦ Review Mission, Vision, Values ◦ Strategic Objectives  Projects and Action Plans to support Objectives  Aligning Working.
ISO CONCEPTS Is a management standard, it is not performance or product standard. The underlying purpose of ISO 1400 is that companies will improve.
February,  On October 23, 2015 the Commodity Futures Trading Commission (“CFTC”)approved National Futures Association’s (“NFA”) interpretive notice.
Cyber Risk Management Solutions Fall 2015 Thomas Compliance Associates, Inc
HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.
| |
© ITT Educational Services, Inc. All rights reserved. IS4680 Security Auditing for Compliance Unit 1 Information Security Compliance.

Securing Information Systems
FDA's Two New Draft Guidance on Software and Device
Clinical Trials Validation, 21 CFR Part 11 Compliance
Office 365 Security Assessment Workshop
Learn Your Information Security Management System
Securing Information Systems
IS4680 Security Auditing for Compliance
OHS Staff Introduction Training
WEBINAR: Addressing the Software Testing & Compliance Challenges For Healthcare Providers with the Move to Cloud Computing We will be starting the webinar.
Drew Hunt Network Security Analyst Valley Medical Center
HSE SOFTWARE Modularity tailored to your needs.
Colorado “Protections For Consumer Data Privacy” Law
Computer System Validation
WELCOME TO MELSAFE. Internal Audit Services Our internal audit professionals can work with you to understand your business strategy and its associated.
Presentation transcript:

Phone: (919) Fax: (919) CFR Part 11 FDA Public Meeting Comments Presented by: M. Rita Geiger President/CEO InfoStrength, Inc.

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 2 Introduction InfoStrength Services –Quality and regulatory compliance strategy development and implementation –Audit and assessment of computer systems and quality programs –Training and consulting services Custom Software Development –Web-enabled applications that meet regulatory compliance needs Products - InfoStrength SES –Web-based compliance management –Knowledge management and collaboration among employees and third parties M. Rita Geiger President/CEO of InfoStrength Over 14 years of regulatory & technology expertise Over 10 years of Standards and Safety Requirements development experience Participant in National and International Standard committees Education: –B.S. in Electrical Engineering with focus in Computer Science from Polytechnic University –M.B.A. from The Fuqua School of Business at Duke University

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 3 Agenda Regulatory Compliance Landscape Implementation Gap Overview Part 11 Compliance Challenges –Definitions –Processes –Technological Controls Closing the Implementation Gap

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 4 Regulatory Compliance Landscape Regulatory Compliance 21CFR Part 11 HIPAA Patriot Act Gramm- Leach- Bliley Sarbanes- Oxley Other Regulations

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 5 Implementation Gap Overview Addressing Risks System Safety Risks Regulatory Risks Legal Risks Business Risks Compliance Response: Prescriptive Regulations Confusing Guidance Precise Checklists Prescribed Processes Specific Controls FDA Concerns Protect Public Safety Permit Use of Electronic Technology Industry Concerns Comply with 21CFR Part 11 Use Electronic Records Decrease Compliance Costs

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 6 Part 11 Compliance Challenges 21 CFR Part 11 Compliance = Interpretation + Process + Controls + Team + Documentation + Validation

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 7 Part 11 Compliance Challenges Interpretation Definitions Application of Part 11 Electronic Records Closed v. Open Systems Legacy Systems

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 8 Part 11 Compliance Challenges Processes, Documentation, & Validation Processes –SOPs –Guidance –Company Common Practices Risk Analysis –Methodology Validation –Methodology

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 9 Part 11 Compliance Challenges Controls Electronic signature –Use and application of Electronic Signatures Controls for Identification Codes/Passwords –(d) Use of transaction safeguards to prevent unauthorized use of passwords and/or identification codes, and to detect and report in an immediate and urgent manner any attempts at their unauthorized user to the system security unit, and, as appropriate, to organizational management

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 10 Part 11 Compliance Challenges Team Knowledge –Regulatory –Business Resources –Process / Project Management –Method expertise –Technology Expertise Infrastructure –Tools –Training –Top Down / Bottom Up Support

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 11 Closing the Implementation Gap 21 CFR Part 11 Compliance = Interpretation + Process + Controls + Team + Documentation + Testing/Validation  Regulatory Compliance 21CFR Part 11 HIPAA Patriot Act Gramm- Leach- Bliley Sarbanes- Oxley Other Regulations Compliance Strategy

Copyright © 2004 InfoStrength, Inc. All rights reserved. Page 12 Thank You If you have questions, Please contact me at or (919)