WIXLIB

Secure SoftwareFor Use with OM-CP Series Data LoggersOM-CP-SVP-SYSTEMU Install, Validate and OperateOne Software ProgramUniversallyU Compatible with Most OM-CPSeries Data LoggersU Time and Cost Saving ValidationPackage–Stands up toInterrogation from AuditorsU Automatic Data Securityand Audit TrailU Sophisticated UserMaintenanceU Traceability with CustomizableElectronic Signatures andAudit TrailsU Aids in Compliance withFDA 21 CFR Part 11/820and GxP GuidelinesApplicationsU PharmaceuticalU MedicalU HospitalsU FDA Regulated OrganizationsU Temperature MappingThe OM-CP-SVP-SYSTEMSecure Software aids customers incompliance with 21 CFR Part11 requirements. The softwareensures standards in which electronicfiles are considered equivalent topaper records, saving time andeffort. OM-CP-SVP-SYSTEMSecure Software contains criteriasuch as electronic signatures,access codes, secure data files,and an audit trail which meet therequirements of 21 CFR Part 11 andhelp provide data integrity. IQ/OQ/PQ(Installation Qualification) protocols are includedwith the purchase of theOM-CP-SVP-SYSTEM SecureSoftware to validate that the softwarehas been installed and is operatingcorrectly. The layout of the securesoftware is similar to the OM-CPSeries Data Logger StandardSoftware, allowing users to easilylearn the additional features.The Windows based softwarepackage allows the user toeffortlessly collect, display andanalyze data. A variety of powerfultools provide the ability to examine,export, and print professional lookingdata with just a click of the mouse.Logger Auto-Detection—Saves Time, Secures DataThe software automatically detectsloggers as soon as they are pluggedinto the computer. With minimaluser involvement, drivers are theninstalled, data is downloaded, anda graph of the data is rendered onscreen.Linked Data—Saves Time and EffortGraphs and data grids can now belinked, allowing the user to quicklyand easily modify multiple views ofthe same information. Make a changeto the data grid and the informationon the linked graph synchronizesimmediately and automatically!Multiple Data Sets—Makes Mapping a BreezeMapping data has never been soeasy—or fast! Now data from multipleloggers can be easily combined in asingle data grid by simply draggingand dropping data sets, creating aside by side comparison of data foreach logger.Software Overview—Security SettingsOn the following pages are anoverview of the important 21 CFRPart 11 compliance features in theOM-CP-SVP-SYSTEM SecureSoftware. Each feature is important insecuring data and ensuring tampereddata is recognized by theOM-CP-SVP-SYSTEM SecureSoftware.1

Administratorand User SettingsUsers can be given two levels ofaccess, either administrator or user.Administrators have access to all thesecurity settings, while users onlyhave access to communicate with thedata loggers and analyze data.GroupsUsers and Administrators can beassigned to Groups and can beeasily maintained using a varietyof permissions.LoginLogin attempts and lockoutduration can be assigned withinthe Login tab. There are numerouspassword and account settingsfor the administrator to set suchas the complexity of the passwordand status of each user account.The user management tab is onlyavailable to administrative users.2

Audit TrailAn Audit Trail is kept automaticallywith information such as who haslogged in and out, what files weredownloaded, saved, printed etc. Eachrecord is date and time stamped andincludes the user information.Electronic SignatureBy clicking the Electronic Signature button, usersand administrators can add electronic signaturesThe electronic signature contains the printedname of the signer, date and time of the signingand the meaning of the signing.3

21 CFR PART 11 Requirement Checklist21 CFR Part 11RequirementThe system must be capableof being validated.It must be possible to discerninvalid or altered records.The system must be capableof producing accurate andcomplete copies of electronicrecords on paper.The system must be capableof producing accurate andcomplete copies of recordsin electronic form forinspection, review andcopying by the FDA.Records must be readilyretrievable throughout theirretention period.System access mustbe limited to oftware Comply?No AdditionalAction Requiredto Comply?YesNoThe customer must execute the IQ/OQ/PQ tovalidate that the software is installed correctlyand that it operates properly.YesThe file format used in the Secure software isproprietary and cannot be opened in any otherpiece of software. Only .MTFFS files are ableto be saved and/or opened by theOM-CP-SVP-SYSTEM Secure software.YesThe OM-CP-SVP-SYSTEM Secure softwareallows the graph and all data records to beprinted on paper. In addition, device status, datafile statistics, audit trails and other pertinentinformation may be printed.YesAll data files may be transferred by e-mailor other means to other users ofOM-CP-SVP-SYSTEM Secure software, orprinted to a secure document in another formatsuch as PDF.YesAll data downloaded from a device areautomatically saved to an internal securedatabase, these data cannot be altered, but isalways available for the user to generate a visualrepresentation of the data in grid, graph, andstatistic format.NoThe OM-CP-SVP-SYSTEM Secure softwareensures that only users with a valid User ID andpassword can gain access to the software. Enduser SOPs should be developed and maintainedto ensure that users do not share their uniqueuser ID and or password.YesYesYesYesYesCommentsThe system must be capableof producing a secure,computer-generated, timestamped audit trail thatrecords the date and time ofoperator entries and actionsthat create, modify or deleteelectronic records.YesYesThe OM-CP-SVP-SYSTEM Secure softwaremaintains an audit trail file on any salientoperation performed on the system. The audittrail is secure and encrypted and contains alloperations performed by date, time and operator.Upon making a change toan electronic record, originalinformation is still available.YesYesChanges cannot be made to raw data datasets;however, reports generated by the user may bechanged as desired.Electronic records audit trailsare retrievable throughout therecord’s retention period.YesYesAll audit trails are saved as a part of the recordand cannot be deleted or modified in any way.

21 CFR PART 11 Requirement Checklist21 CFR Part 11RequirementThe audit trail is available for reviewand reproduction by the FDA.When any sequence of systemsteps is important, that sequencemust be enforced by the system.The system should ensure that onlyauthorized individuals can use it,electronically sign records, accessthe operation or computer systeminput or output device, alter arecord, or perform other operations.The system should be able tocheck the validity of the sourceof any data or instructions if it isa requirement of the system thatinput data or instructions can onlycome from certain input devices.DoesOM-CP-SVP-SYSTEMSecureSoftware Comply?YesNoYesYesNo AdditionalAction Requiredto Comply?CommentsYesThe OM-CP-SVP-SYSTEM Secure softwareallows the Audit Trail to be printed ortransferred electronically for review andreproduction by the FDA.NoThe OM-CP-SVP-SYSTEM Secure softwaredoes not require any specific sequence ofsteps or order of operation. The customer isresponsible for defining, writing and enforcingany SOPs that require a sequence of steps.NoOM-CP-SVP-SYSTEM Secure softwarerequires unique User IDs and passwords tologin to the system. Different features areavailable to different users depending on theirlevel of access. These levels may be definedand created by the user. Defined SOPsshould be implemented so the PC requires anauthorized login and directs that users cannotshare their unique user IDs and or passwords.YesOM-CP-SVP-SYSTEM Secure software willonly accept input and communicate withOM-CP Series data loggers using proprietarycommunication protocol.Each OM-CP Series data logger is uniquelyidentified by an electronic serial number.(Note: This applies where data or instructions can come from more than one device, and therefore the system must verify theintegrity of its source, such as a network of weigh scales, or remote, radio controlled terminals.)A documented training, includingon the job training for system users,developers, IT support staff shouldbe available.A written policy that makesindividuals fully responsiblefor actions initiated under theirelectronic signatures should be inplace.YesNoNoUsers may provide their own trainingthrough testing and the support ofOM-CP-SVP-SYSTEM Secure softwaredocumentation package.NoIt is the responsibility of the customer toprovide a written policy that informs individualusers that they are responsible for all actionstaken while under their login.The distribution of, access to, anduse of systems operation andmaintenance documentation shouldbe controlled.YesNoThe customer is responsible for obeying thelicensing terms and distribution of thesoftware and documentation that supportsOM-CP-SVP-SYSTEM Secure software.A formal change control procedurefor system documentation thatmaintains a time sequenced audittrail of changes should be in place.YesYesThe OM-CP-SVP-SYSTEM Secure softwareoperations document is revision controlled.5

Signed Electronic Records21 CFR Part 11RequirementDoesNo ware Comply?to Comply?CommentsSigned electronic records shouldcontain the following relatedinformation: Printed name of the signer Date and time of signing Meaning of the signingYesNoThis name of the signer, the date and time ofsigning and the meaning of the signing arecontained in all electronically signed recordsand all printed material. The customer isrequired to define the meaning of signingthe document.The above information should beshown on displayed and printedcopies of the electronic record.YesYesAll the above information is displayed andprinted on all copies of records.Signatures should be linked totheir respective electronic recordsto ensure that they cannot be cut,copied, or otherwise transferredby ordinary means for thepurpose of falsification.YesYesSignatures are linked to the original record andcannot be cut, copied, or transferred.Electronic Signatures (General)21 CFR Part 11RequirementElectronic signatures mustbe unique to each authorizedindividual.The reuse or reassignment ofelectronic signatures should bediscouraged.The identity of the individualshould be verified before anelectronic signature is allocated.6DoesNo ware Comply?to Comply?YesYesYesCommentsYesThe OM-CP-SVP-SYSTEM Secure softwarewill not allow the user to duplicate electronicsignatures. It is recommended that SOPsinclude a statement clearly defining that onlyone person is linked to each user ID. Theadministrator must define the unique user IDs,the user must define their own unique password.NoThe end user SOPs should state that user IDsare not to be re-used or reassigned to anyoneelse. User IDs should be inactivated and a newID created.NoThe end user SOP should state that theidentity of the individual is verified before anID is assigned. Once a new user is created, anemail will be sent to the administrator and userverifying his/her own unique login password.Once verified the OM-CP-SVP-SYSTEM Securesoftware will identify the individual in the futurevia the user ID and password. The user will berequired to enter their username and password.