Products Services Information About Contact
Products
Ofni Systems provides your FDA-regulated business with software and products to assist with 21 CFR 11, Annex 11, HIPAA, and other regulatory requirements for electronic data and signatures.
ExcelSafe
Part 11 Compliance For
MS Excel® Spreadsheets Simple To Use
Get spreadsheet control in a matter of hours Full Part 11 Compliance
Audit trails, electronic signatures and user security Spreadsheet Validation
We are FDA experts on spreadsheet validation Free Trial
Get a copy of Excelsafe to test today
FastVal
A Complete Validation Management Solution Create Documents
Fastval creates all your validation documents Electronic Execution
Execute validation protocols electronically Deviation Tracking
Deviation generation, tracking and management Project Management
Tools and reports to help manage people & projects
Ofni Clinical
eCRF Data Collection Database For Clinical Trials Case Report Forms
Converts your paper CRF's into eCRF's Edit Checks
Ensure data integrity with validation rules MedWatch Reporting
Automatically generates MedWatch FDA Form 3500A Rapid Implementation
Ready to use in days, not weeks or months
Part 11 Toolkit
Makes Any MS Access® Database Part 11 Compliant Audit Trails
Track all changes made in a database Electronic Signatures
Secure data with electronic signatures Database Validation
Let us validate your database for you Free Trial
Try the Part 11 Toolkit in your own database
Part 11 Advisor
Part 11 Auditing, Remediation and Training Tool Starting Gap Analysis
Facilitates the process of starting gap analysis Assessments
Collect and review data to identify Part 11 gaps Long-Term Tracking
Track the completion of your corrective action plan On-site Implementation
Hands on training on 21 CFR Part 11
Services
Ofni Systems provides your business with the highest quality consulting services to meet all of your compliance and quality needs.
Validation Services Software Validation
 Method Validation
 Process Validation
 Equipment Validation
21 CFR Part 11 Part 11 Training
 Part 11 Auditing
 Compliance Testing
 Software Assesments
Clinical Trials Custom Databases
 Database Testing
 Statistical Analysis
 Statistical Reporting
Other Services Data Migration
 SOP Writing
 Process Automation
 Mock Audits
Information
Ofni Systems is committed to assisting organizations with electronic records compliance, such as 21 CFR Part 11 and Annex 11. Let Ofni Systems make knowledge management simple for you.
21 CFR Part 11
A complete set of resources for 21 CFR Part 11 21 CFR 11.10(a)
Validation of computer systems 21 CFR 11.10(b)
Accurate Generation of Records 21 CFR 11.10(c)
Protection of Records 21 CFR 11.10(d)
Limited System Access 21 CFR 11.10(e)
Audit Trails 21 CFR 11.10(f)
Operational System Checks 21 CFR 11.10(g)
Authority Checks 21 CFR 11.10(h)
Input Checks 21 CFR 11.10(i)
Education, Training and Experience 21 CFR 11.10(j)
Policies for Electronic Signatures 21 CFR 11.10(k)
Document Control Part 11 FAQ
Validation of computer systems
Validation Resources
On selected validation documents Validation Planning
Define the scope and goals of a validation project. Requirement Gathering
Operations and activities that a system must be able to perform. Design Specification
Design Specifications describe how a system performs the requirements Installation Qualification
Verifies the proper installation and configuration of a System. Summary Report
Provides an overview of the entire validation project.
Other Resources
More information on FDA compliance FDA Warning Letters
Sample FDA 483 and Warning Letters Part 11 Publications
Useful 21 CFR 11 resources. Clinical Data Management
Best practices in handling data from clinical trials. Ofni Compliance Blog
Resources and information straight from the Ofni team.
About Ofni Systems
Ofni Systems is dedicated to helping companies address the requirements of 21 CFR Part 11, Electronic Records and Electronic Signatures.
Clients
Alliances
Employment
Customer Support

No Audit Trail


Warning Letter: Data could be deleted, audit trails were not enabled, and audit trails were not reviewed for laboratory data computer systems. (ucm619450)

Tags: |

 Your firm failed to exercise appropriate controls over computer or related systems to assure that only authorized personnel institute changes in master production and control records, or other records (21 CFR 211.68(b)).

 The electronic data systems that you use to generate drug product results lack appropriate controls. There is no assurance that your systems have the appropriate controls to prevent deletion of data and record all modifications to data. For example, electronic data files generated from your [redact] system, used for identity testing of drug products, could be deleted. In addition, the [redact] that controls your high-performance liquid chromatography and gas chromatography systems for testing the actives in OTC drug products did not have all appropriate audit trails enabled to record significant changes.

View the original warning letter


Warning Letter: Failure to prevent unauthorized access or changes (ucm421544_Amended)

Tags: | |

Your firm released [redacted] API batch [redacted] with an unknown peak present in the residual solvents chromatogram. Although this unknown peak was not a part of your historical impurity data, neither the analyst nor the supervisor apparently noticed or evaluated this unknown peak during their reviews.

Subsequently, a customer complaint was received for this batch, and your investigation identified the unknown peak as [redacted]. Your firm found that this peak was a result of a contamination that occurred during your manufacturing process.

In response to this letter, provide the corrective actions implemented to ensure that all laboratory data is appropriately analyzed, accurately reported and approved by your quality unit.
Failure to prevent unauthorized access or changes to data and to provide adequate controls to prevent omission of data.

Your firm did not have proper controls in place to prevent the unauthorized manipulation of your electronic raw data. For example,

a. The inspection found that the audit trail feature for your gas chromatography (GC) instruments was not used until October 2013, even though your 2009 GC software validation included a satisfactory evaluation of the audit trail capability.

b. There is no assurance that you maintain complete electronic raw data for the [redacted] GC instruments, the Malvern particle size analyzer, and the ultraviolet (UV) spectrophotometer. Our inspection found that these instruments were connected to stand-alone computers that stored the data and that the data could be deleted.

c. Prior to our inspection, your firm failed to have a back-up system for the data generated by one of the [redacted] Fourier transform infrared spectrometers, the polarimeter, the UV spectrophotometer and the Malvern particle size analyzer.

View the original warning letter.


Warning Letter: QC personnel created unauthorized data folders on laboratory computerized systems without appropriate oversight (ucm432709)

Tags: | |

“Your firm failed to exercise appropriate controls over computer or related systems to assure that only authorized personnel institute changes in master production and control records, or other records (21 CFR 211.68(b)).

QC personnel created unauthorized folders on laboratory computerized systems without appropriate oversight. Our review of the HPLC Empower III data collected in 2013-2014 in the commercial QC laboratory found a data folder entitled “WASH.” According to your management, the folder was intended for column wash injections using blank solvent prior to and following sample runs, although you have no standard operating procedure (SOP) detailing this process. One of your laboratory analysts stated that this folder does not contain any standard or sample injection results. However, our investigator found that this folder contained a total of 3,353 injection results, some of which appeared to be samples.

As part of your comprehensive evaluation and risk assessment, include a detailed description of all computerized systems in your facility used for testing drugs. This description should include information on each electronic folder that was not created pursuant to a valid SOP and an assessment of every file in each such folder, including information about the sample (product), date of test, lot number and original test result over the last five (5) years, except for data relating to exhibit batches, in which case there is no time limitation. Also provide specific information about all retests during these time frames, where an initial out-of-specification or out-of-trend result was disregarded without an investigation and the date on which you became aware such information had been disregarded. In addition, for each batch, provide the number of injections performed and chromatograms reviewed, and of those, the number that were used to generate a reported result. Furthermore, provide an updated assessment on the possible effects of your firm’s practices on the quality, safety, and efficacy of the drugs you manufacture or plan to manufacture, including drugs covered by approved or pending applications.

Also describe the procedures established to manage and retain all computerized data.

View the original warning letter.


Warning Letter: No audit trail, data cannot be verified (s6736c)

Tags: | |

All study data are handled and controlled by your Study Coordinator, who enters the data into an electronic data base. There is no audit trail or log of data changes that are made to the information in the database. Data cannot be verified against source records, since such records are not maintained.”

View the original warning letter.


Warning Letter: Failure to maintain accurate records (ucm147820)

Tags: | |

Your firm failed to maintain complete and accurate records from which unsuitable donors could be identified so that products from such individuals would not be distributed [21 CFR 606.160(e)] and records to identify the person performing the work so to provide a complete history of the work performed [21 CFR 606.160(a)(1)]. Specifically, when the investigators requested a search of some of the various donor permanent deferral codes in your [redacted] database, 72 donors had various permanent deferral codes entered into the “Comment” field but these donors did not have a permanent deferral status entered into the “Deferral Code” field of the [redacted] database. The “Comment” field is not referenced for identification of deferred donors. Out of 72 donors, 10 were verified to meet the criteria for permanent deferral.

View the original warning letter.


Warning Letter: Uncontrolled database (m4116n)

Tags: | | |

 
"...It is also noted in the inspection report that you do not have adequate control over the receipt of study data and its subsequent input into the database. There are no records to show when study data is received and when it is entered into the database. There is also no
audit trail for changes made to the database
. No data queries or clarifications have ever been generated and sent to the sites to verify missing information or to clarify discrepancies...
Electronic records, the subject of SOP-100-720
, Electronic Database Maintenance, are subject to 21 CFR Part 11- Electronic Records; Electronic Signatures, as well as to the record keeping regulations found in 21 CFR 812.140. A guidance document regarding this regulation, Computerized Systems Used in Clinical Trials, dated April 1999. www.fda.gov/ora/compliance ref/bimo/ffinalcct.htm"

View the original warning letter.


Warning Letter: Deviations from Part 11 (m2811n)

Tags: | | |

 
"our inspection disclosed numerous and
significant deviations from part 11
. Examples include: The system does not generate an
audit trail
, and there is no way to determine if values have been changed on batch production records. This is important because an audit trail can be the only
evidence that an electronic record has been altered
. We note, for instance, that your system only records the last value entered by an operator and that values, such as Oxygen potency levels that my have been entered earlier and that may indicate potentially serious quality problems, are not recorded. The system prompts an operator when equipment detects that an Oxygen potency value is non-conforming, and permits the operator to record a value that is within specification, but does not record the original out of specification value."

View the original warning letter.




Ofni Systems Logo
Products Services Information About Contact Privacy Terms Of Use |   (919) 844-2494 Google+