| Operational Requirements | |
| Require that a program be provided for the evaluation of measured values and the statistical process control, using different measuring devices to obtain the measured values. | This is basic functionality in MeasurLink Real-Time, which is an SPC data collection software. |
| Evaluations require to be immediately updated after change in the set data. | |
| The program should be based on a special data structure, which guarantees a high degree of data security. | The relational database used for MeasurLink applications is developed using SQL Server Database Management System and is based on a unique data structure. Data integrity is ensured through SQL transaction processing. |
| Produce various types of definitive reports. | MeasurLink Real-Time data collection software provides various reporting options with customizable features. |
| Security & Password Confidentiality | |
| Add/modify/delete User profiles | The MeasurLink Security Center, available with all MeasurLink applications, has been designed to comply with the 21 CFR Part 11 ruling of the FDA. |
| Assign Users to User profiles | The MeasurLink Security Center, available with all MeasurLink applications, has been designed to comply with the 21 CFR Part 11 ruling of the FDA. |
| Add/modify/delete Users | The MeasurLink Security Center, available with all MeasurLink applications, has been designed to comply with the 21 CFR Part 11 ruling of the FDA. |
| Unique User ID & password combination to gain access. | A user must have an assigned, unique User ID, a valid password, and proper authority to gain access to any MeasurLink application. |
| Auto-logoff after a period of 10 mins. | An idle time-out period may be set for each user individually. |
| Passwords must not be displayed on the screen as they are entered. | Passwords are never displayed on the screen. |
| Passwords must always be encrypted when held in storage for any significant period of time or when transmitted across the network. One-time passwords are accepted. | Passwords are stored in an encrypted format. |
| Passwords must never be embedded in sign-on utilities. For example, an unauthorized user must never be able to authenticate at sign-on merely by using a function key or by running an available program. | No embedded sign-on functionality has been introduced to any of the MeasurLink applications. User passwords must be successfully entered manually at the Log In prompt to gain access to a MeasurLink application. |
| Passwords must never be hard-coded in source code, command files, scripts or installation kits. | No passwords are hard-coded or stored in a plain text format. |
| Passwords must have a minimum length of six (6) characters. | A minimum password length can be established. |
| Passwords must be changed at least every ninety (90) days. System should prompt the User to change the password. | A password expiration period can be established. |
| Temporary and initial passwords must be marked as expired, and the user must be required to change the password at the first use. | MeasurLink Security requires all initial and temporary passwords to be changed by a user the first time a log on is attempted. Initial and temporary passwords cannot be used to access a MeasurLink Application. |
| User-chosen passwords must not be reused for five (5) iterations. | Restrictions on reuse of passwords can be established. |
| Proper proof of identification must be provided before changing a password. | Proper proof of identification must be provided in the form of the unique User ID and a password before a Login or password change is allowed. |
| If a resigning or terminated staff member was responsible for system administration, all relevant passwords must be changed immediately. | Someone with proper authority can change a password for any user at any time. Additionally, users can be placed in an inactive state, which restricts all access to the software. |
| Audit Trails | |
| Person Responsible | MeasurLink supports audit trails for the following:
Module login/logout
Data entry
- Edit/deletion of:
- Runs
- Measurement data
- Traceability tags
- Assignable Cause/Corrective Action tags
- Serial Number tags
- Note tags
- Part details
- Routine details
- Traceability List details
- Assignable Cause details
Information regarding the person responsible for the above actions is available through a series of report templates provided by MeasurLink. |
| Date and time stamp | MeasurLink supports audit trails for the following:
Module login/logout
Data entry
- Edit/deletion of:
- Runs
- Measurement data
- Traceability tags
- Assignable Cause/Corrective Action tags
- Serial Number tags
- Note tags
- Part details
- Routine details
- Traceability List details
- Assignable Cause details
Information regarding the person responsible for the above actions is available through a series of report templates provided by MeasurLink. |
| User action/entry (e.g. logging in/out, creating, modifying and deleting records). | MeasurLink supports audit trails for the following:
Module login/logout
Data entry
- Edit/deletion of:
- Runs
- Measurement data
- Traceability tags
- Assignable Cause/Corrective Action tags
- Serial Number tags
- Note tags
- Part details
- Routine details
- Traceability List details
- Assignable Cause details
Information regarding the person responsible for the above actions is available through a series of report templates provided by MeasurLink. |
| Backup | |
| System allows backup & restore of electronic data | The relational database used for MeasurLink applications is developed using SQL Server and can be maintained on a network server. This relational database can work directly with a multi-user Client/Server database system (purchased separately by the user) and can be archived and restored via the host database management system. |
| Backup can be setup to occur automatically | The relational database used for MeasurLink applications is developed using SQL Server and can be maintained on a network server. This relational database can work directly with a multi-user Client/Server database system (purchased separately by the user) and can be archived and restored via the host database management system. |
| Data Integrity | |
| System has ability to detect/prevent alteration of electronic data. | The relational database used for MeasurLink applications is developed using SQL Server and can be maintained on a network server. SQL Server requires specific authorization outside of the MeasurLink software. This authorization controls the ability of all users to access data from external sources. |
| Complete copies of data can be produced. | Simple data export functions are available in all MeasurLink data collection applications and MeasurLink Process Analyzer. All MeasurLink applications have report functions capable of producing SPC charting and data analysis. |
| Electronic Signature | |
| The User will be required to approve & sign-off on quality critical records electronically to prevent accidental or deliberate record and signature falsification. | Each authorized user will have a unique e-signature based on their User ID and password. |
| The e-sign will be unique to one individual. | Each authorized user will have a unique e-signature based on their User ID and password. |
| The e-sign will be based on 2 distinct components. | Each authorized user will have a unique e-signature base on their User ID and password. The authorized user is also required to provide a comment regarding the signature. |
| During a continuous session the password is executed at each signing. | Every application of an e-signature requires password verification. |
