Using Recipes in Compliance with FDA Standards

This topic describes the usage of GENESIS software in specific projects to help achieve compliance with Food and Drug Administration (FDA) standards, specifically FDA 21 CFR Part 11. It is very important to understand that no software, including GENESIS, can claim to be compliant with FDA 21 CFR Part 11 because this standard applies to the individual projects, not the software itself. GENESIS contains many optional settings that can be used in a wide variety of industries and applications, and therefore it does not force the project to use FDA-compliant settings. However, it provides tools and features to help you comply with those requirements.

What is FDA 21 CFR Part 11?

FDA 21 CFR Part 11 focuses on electronic records and signatures (e-signatures) and how they are created, maintained, archived, retrieved, or transmitted. The following key software features are needed to achieve the compliance with FDA requirements, although this is not intended to be a comprehensive list:

  • E-signature entry
  • Access control
  • Audit trail
  • Record retention and archiving

GENESIS Features for FDA Compliance

You need to use the following GENESIS features when working to achieve FDA compliance for your project:

  • Security users and groups
  • Alarm Historian features:
    • Audit logging
    • Data storage
    • Archiving
  • Electronic signatures for data writes
  • Electronic signatures for recipe modifications or actions

GENESIS Security

All recipes used in an FDA application must be listed as requiring authorization, with appropriate permissions assigned to the necessary users and/or groups. The Security section in Project Explorer in Workbench is the central location to configure nearly all things related to security, and this includes settings related to e-signatures. You can use Global Settings to specify authorization points that require the performer's and, optionally, a verifier's e-signature. You assign authorization privileges by setting permissions for each user or group of users.

Audit Logging

GENESIS components have built-in audit message generation for activities such as changing the value of a process point or modifying a recipe configuration from the operator interface. The system must be configured to log the audit events using a subscription in Alarm Historian. Learn more

You can view the audit event messages live in the Alarm Viewer control using an event subscription, or view historical logged event messages by creating a historical subscription to the audit events. You can also use the Reports component to generate reports for the logged audit events.

Runtime Operation

The e-signature support for recipes is built into the security system and works seamlessly with the Recipe Navigator and Recipe Grid controls. When the authorization for recipe points is configured in the security system, you are automatically required to log in to be able to perform any action requiring authorization. If a verifier is configured, the assigned person for the selected recipe must also log in. The following image shows a sample of a runtime authorization dialog requiring the performer and the verifier authorization for a recipe modification.