21CFR Part 11 compliance

The 21CFR Part 11 compliance is supported, starting with visionCATS 2.0. It includes many administration and security features described in this section.

Note

This section does not describe the 21CFR Part 11 itself nor its implementation. It provides only a user-oriented view of its impacts in visionCATS.

Understanding the logging features

visionCATS contains many logging features, but the logging features related to the 21CFR Part 11 compliance consist of 2 separate loggers:

  • The System Logger, available at the application-wide level.

  • The HPTLC Logger, available at the explorer item (Method, Analysis and Comparison) level.

All the important actions made in the visionCATS software are logged in the System Logger, whereas modifications made directly to an HPTLC item are logged in its own HPTLC Logger. However, there are overlapping actions, like some actions made in the Explorer view. For example, creating a new method inserts a log entry in the System Logger because there is a modification to the Explorer view, and a log entry in the HPTLC Logger of the newly created method to detail all its characteristics.

System logger

The System Logger logs automatically the important actions made by the users of the visionCATS software. It therefore builds a global history of the activity of its users. Each important action results in a new line in the System Logger, which contains essentially the timestamp of the action, the user and the message. The messages are also categorized in a 2-levels hierarchy to facilitate the future searches.

To access to the System Logger, go to Tools ‣ System Log. This displays all the messages of the last 24 hours.

../_images/systemloggertoolbox.png

A full tabular view is available by clicking the Show full view button. This view provides the following features:

  • Filtering by

    • client (combo box): the machine name when the action occurred in the visionCATS application, or ‘visionCATS Server’

    • user (combo box): the user login when User Management is activated (‘visionCATSuser’ is the default user otherwise)

    • category and action (checkboxes and combo boxes)

    • date (date filter section) : the table shows by default the entries of the last week, but, by expanding the date range, all the entries since the installation of the system are accessible

    • text (text box) : textual search through the messages

  • Sorting, by clicking on the column headers (the table is by default sorted by date)

  • Pagination, by using the paginator on top of the table

  • Export (XPS export of the items, taking account of the current filter)

../_images/systemlogger.png

Client and User may not always refer to human users. The visionCATS software itself can record messages in the system logger when an important operation occurs without any user interaction. For example:

  • When migrating an HPTLC item during the installation of a new visionCATS version, the visionCATS installer insert system logger messages indicating which files it has created

  • When a scheduled backup fails, the visionCATS server writes the issue in the system logger.

  • When a visionCATS application crashes, the visionCATS server closes the connection with the client after some time and logs the operation in the system logger.

HPTLC Logger

The HPTLC Logger logs all the modifications made to each HPTLC item in a tree. Each log item corresponds to an action (for example: the creation of the item, the execution of a step or the ‘save’ action after having modified some parameters) associated with a timestamp and the user who has issued the modification. When the value of a parameter is modified, the tree shows the old and the new value. More complex modifications, like lists or table modifications, are handled case by case but, at least, the log entry will always indicate that there was a change and display the new values. Globally, the structure of the tree follows the tab structure of the HPTLC item. For example, in case of an analysis, modifications are grouped by their location (Steps/chromatography, Data, Spectrum, SST, Evaluation) and inside each evaluation, modifications are further grouped by tab (Definition, Integration, etc.). To access the HPTLC Logger of an HPTLC item, open the HPTLC item (typically via the Explorer view) and then open the Log tab. This tab shows all the history of the modifications made to the item. The following features are provided:

  • Navigate in the tree by expanding/collapsing elements and/or by using the helper buttons

  • Invert the chronological ordering of the log entries

  • Filter by date, user, type of message and type modification

  • XPS Export

../_images/tlclogger.png

Data deletion

Note

This feature is only available on visionCATS installations where the 21 CFR Part 11 Compliance option is active.

By default, deleting an HPTLC item or a folder causes all its data to be lost. visionCATS administrators can modify this behavior by going to Options ‣ Regulatories Settings and checking/unchecking the corresponding options in the Options related to deletion of methods, analysis, comparisons and projects section:

../_images/deletionoption.png

The possible selection options are described in the following table:

Desired effect

Selection

  • Users can delete Explorer items

  • The data are physically lost.

  • Allow complete deletion checked

  • Users can’t delete Explorer items

  • Allow complete deletion unchecked

  • Allow delete, but… unchecked

  • Users can delete Explorer items

  • Data is kept

  • Deleted items are invisible

  • Allow complete deletion unchecked

  • Allow delete, but… checked

  • Show Obsolete items in explorer unchecked

  • Users can delete Explorer items

  • Data is kept

  • Deleted items are shown and can be restored

  • Allow complete deletion unchecked

  • Allow delete, but… checked

  • Show Obsolete items in explorer checked

Some specific rules apply when deleted items are marked as obsolete:

  • Deleting a folder is not allowed anymore, because folders can’t be obsolete in visionCATS.

  • It’s possible to restore the displayed obsolete items by using the corresponding command

../_images/obsolete.png

Motivated change

Note

This feature is only available on visionCATS installations having the 21 CFR Part 11 Compliance option.

For methods and analyses, it’s possible to force users to give a reason on each save by checking the Force users to enter a reason to each change on HPTLC items option in Options ‣ Regulatories Settings.

../_images/motivatedchange.png

When this option is checked, a save on a method or on an analysis (with the exception of saves of changes consisting exclusively in automatically computed data) always shows the Motivated changes request window, and the motivation text entered by the user is saved in the HPTLC Logger.

../_images/motivatedchangereason.png

E-Signature

Note

This feature is only available on visionCATS installations having the 21 CFR Part 11 Compliance option.

The visionCATS software provides a custom E-Signature solution for methods and analyses files. For comparison files, the E-Signature is done for each sample track, following otherwise the same rules. This solution requires the User Management to be activated and the E-Signature feature to be configured in the Options ‣ Regulatories Settings window, sections E-Signature levels and E-Signature user rights.

../_images/esignconfig.png

On a given file, an E-Signature starts at level 1 (called here Submitter). For each level, each user can/can’t E-Sign files based on the items checked in the E-Signature user rights section table. A file already signed at level “n” can only be signed at level “n+1” if the level “n+1” has been defined. A user can’t E-Sign the same HPTLC item on more than one different signing levels. Any modification to a file containing an E-Signature removes its E-Signature.

To E-Sign a file, use the E-Sign… entry:

../_images/esignmenu.png

The E-Sign window always asks for credentials, and an optional comment. This information, associated with the current time stamp, constitutes the E-Signature itself.

../_images/esigndialog.png

After having E-Signed a file, any saving tentative in it will result in a warning, indicating that the save will delete the E-Signature. E-Signature related information is shown directly in the explorer item row itself, next to the tabs displayed inside the HPTLC item when opening it, and a complete view of the whole signature is available in the Preview area:

../_images/esignpreview.png

Some special rules apply to E-Signed elements:

  • When the E-Signature levels or names change, existing E-Signatures are kept as-is, but it’s not possible to further E-Sign them.

  • When a file is imported from a foreign system, its E-Signature is kept as-is, but it’s not possible to further E-Sign it.

Data integrity

The visionCATS software always performs a check of the validity of the data stored in each file when requesting (opening or displaying the preview) or saving it. This check ensures that the file requested is exactly the same since the last time it was saved, preventing data corruption. If, for any reason, a file is corrupted, the visionCATS software displays it in the following way:

../_images/corrupted.png

Corrupted items can be deleted, moved and categorized, but any other action is prohibited.

Note

The integrity check is not automatically performed to all explorer items, that’s why a corruption is detected only when trying to open the item or to display its preview.

However, the user can search for corrupted items in the currently displayed folder by using the Tags ‣ Refresh corrupted items in current folder entry.