Electronic Records - CORRECT ANSWER-Use of electronic records must have
procedures to ensure the authenticity, integrity and confidentiality of records.
... [Show More] Also, the
procedures must ensure the signer cannot readily repudiate the signed records a snot
genuine
Electronic Records - Audit Trail - CORRECT ANSWER-Electronic records must use
secure, computer generated, time-stamped audit trails to independently record the date
and time of entries and actions that create, modify or delete records.
Electronic Records - Changes - CORRECT ANSWER-Record changes must not
obscure previously recorded information
Electronic Records - Audit Trail Retention - CORRECT ANSWER-Audit trail
documentation must be retained for a period at least as long as that required for the
subject electronic records and must be available for agency (FDA) review and copying.
Electronic records - Controls over systems documentation - CORRECT ANSWER-1.
Controls over the distribution of, access to, and use of documentation for system
operation and maintenance
2. Revision and change control procedures to maintain an audit trail that documents
time-sequenced development and modification of systems documentation
Electronic records - Open system - CORRECT ANSWER-Procedures and controls must
be used to ensure the authenticity, integrity and confidentiality of electronic records from
the point of creation to the point of receipt.
Examples: Encryption, Use of digital signatures
Signed Electronic Records - CORRECT ANSWER-Must contain information associated
with the signing that clearly indicate all of the following:
1. Printed name of signer
2. Date and time when signature was executed
3. Meaning (such as review, approval, responsibility or authorship) associated with
signature
Electronic Signature Verification - CORRECT ANSWER-Before any organization
establishes, assigns, certifies or otherwise sanctions an individual's electronic signature,
the identity of the individual must be verified
Electronic Signature Certification - CORRECT ANSWER-Prior to using their electronic
signature, one must certify to the agency that the electronic signatures in their system,
used on or after 8/20/97, are intended to be the legally binding equivalent of traditional
handwritten signatures
1. Certification must be submitted in paper form and signed with a traditional
handwritten signature
2. Upon agency request, must provide additional certification or testimony that a specific
electronic signature is the legally binding equivalent of the handwritten signature
Electronic Signatures not based on biometrics - CORRECT ANSWER-1. Employ at
least 2 distinct identification components such as identification code and password
a. During a series of signings over a continuous period of controlled system access, the
first signing uses all electronic signature components while each subsequent signature
uses at least 1 electronic signature component that is only executable by the individual
2. Be used by the genuine owners
3. Administered and executed to ensure that attempted use of an electronic signature
by anyone other than its genuine owner requires the collaboration of 2 or more
individuals
Electronic Signatures based on biometrics - CORRECT ANSWER-Designed to ensure
that they cannot be used by anyone other that their genuine owners
Security and Integrity of identification codes/passwords - CORRECT ANSWER-1.
Maintain uniqueness of each combined ID code and password (No 2 people have same
combo)
2. ID code and password are periodically checked, recalled, revised (Prevent PW aging)
3. Loss management procedures to deauthorize lost, stolen, missing or otherwise
compromised devices that generate ID code or PW information and issue replacements
4. Use of safeguards to prevent unauthorized use of PWs and/or ID codes and to detect
and report any attempts at their unauthorized use
5. Initial and periodic testing of devices that generate ID or PW information to ensure
they function properly
General Requirements for informed consent - CORRECT ANSWER-Must obtain legally
effective informed consent
Must allow for sufficient opportunity to consider whether or not to participate
Minimize possibility of coercion or undue influence
Must use language understandable by participant
Informed consent - Language may not - CORRECT ANSWER-Language may not
include exculpatory language in which the subject is made to waive or appear to waive
their legal rights or releases or appears to release the investigator, the sponsor or its
agents from liability or negligence
Exception- Obtaining informed consent - CORRECT ANSWER-Obtaining informed
consent is deemed feasible unless both the investigator and a physician who is not not
participating in clinical investigation certify in writing all of the following:
1. Subject is confronted by life-threatening situation necessitating the use of the tes [Show Less]