BD FACSuite™ and BD FACSuite™ Clinical Application
2Pages

BD FACSuite™ and BD FACSuite™ Clinical Application U.S. FDA 21 CFR Part 11 (Electronic Records; Electronic Signatures) Support BD FACSuite™ and BD FACSuite™ Clinical Application have many functions and options relevant to 21 CFR Part 11. The following table refers to both BD FACSuite™ and BD FACSuite™ Clinical Application. 11.10 Controls for Closed Systems Section Rule Summary BD FACSuite™ and BD FACSuite™ Clinical Application Validation to ensure accurate, reliable and intended performance, and the ability to discern altered/invalid records System validation BD FACSuite™ Application goes through validation and verification testing by BD. The validity of the exported date is ensured by checksum and the database and audit log cannot be tampered with. IQ and OQ procedures are available for the BD FACSLyric™ System and an OQ is available specifically for software features related to 21 CFR Part 11. Generate valid copies in humanreadable and electronic records suitable for inspection Record generation for inspection The software provides both electronic and human-readable formats (for example, reports, audit trails, user logs). A sample report is available as a PDF with a configurable header and footer in the BD FACSuite™ Application. A predefined report in the BD FACSuite™ Clinical Application tracks all necessary characteristics of the sample. Up to three electronic signatures, with comments, can be included in the report. A usage tracking log and audit log is also available as a PDF. Protect records, enabling their accurate retrieval Record protection The software stores operational files, data files and result information in an encrypted format within a hidden folder structure controlled by an indexing database. All records are retained until the user decides to delete records. Database backup and restore capabilities are available for the system. The validity of any exported data is ensured by checksum. Recorded FCS file names are disguised in the Windows™ operating system. All metadata is maintained in the database and is not available through the Windows file system. Limit system access to authorized individuals System access limitation The software requires all users to log in. Each user will have a defined role, including access privileges. Users are authorized within the User Management function. Roles and Permissions are assigned within User Management. Only active users may access the software via a valid User ID and Password. Access to User Management is restricted to the Administrator role. The system allows the Administrator to restrict access to certain features. Use audit trails to record date, time, operator, actions (for example, create, modify); changes shall not obscure previous information Audit trails Audit trails are automatically enabled for all entries in all worklists. For each worklist entry, the software will automatically track the lifecycle through audit trails including reason for change. The usage tracking log tracks the timestamp of each login and logout. The software records actions related to password management, worklist acquisition and other functions. Use of operational checks to enforce permitted steps and events Operational checks The software restricts what users can do based on their role and access privileges (Administrator and Operator). Each user can only perform operations as permitted by their role assigned by the Administrator. An Administrator can restrict Operators from performing operations. A hierarchy of up to three signatures can be defined by the Administrator for each test. Use of authority checks to ensure system use, record signature, operation of computer system or alter record Authority checks The software provides the users with the authority to carry out particular functions based on their roles and access privileges. For example, an Administrator (highest access privilege) is able to restrict an Operator (lower access privilege) from deleting data. For each test, a hierarchy of up to three signatures can also be defined by the Administrator. The software also has a tracking log to enable users to monitor system use. The validity of the exported data is ensured by checksum. Check to determine validity of data input or operation Data/operation validity checks The software informs a user who attempts to put invalid information into a software field based on the design specifications and limitation of each input field. The software also prevents accidental or malicious alteration of the data in an exported file by attaching a checksum value to the file when it is exported. Before it can be imported, the software checks the value and prevents the import if the value has changed. Persons using electronic records/ electronic signatures has proper training User training BD provides software and BD FACSLyric™ System user training with certification. The user’s organization is responsible for training on the Electronic Record/Electronic Signature SOP. An electronic reference system is available for detailed instructions on how to use the software. Visit bdbioscienc

Rule Summary BD FACSuite™ and BD FACSuite™ Clinical Application Written policies holding individuals accountable for actions User accountability Written policies holding individuals accountable for actions is the responsibility of the user’s organization. However, password expiration time and number of unsuccessful login attempts can be configured by an Administrator according to lab standard operating procedures. In addition, password length, complexity and restrictions on reuse of passwords is implemented by the system. Controls over distribution and use of documentation of system and its...