After a couple of years hard working on a regulation regarding the use of electronic records and signatures for regulated activities, FDA released the rule 21 CFR 11 (also called "Part 11") entering into force on August 20th, 1997.
In September 2003, after several years of "wandering", FDA provided a Guidance for Industry clarifying the rule's scope and application.
Even if various guidelines, numerous articles, multiple conferences and trainings have been provided during the last 15 years, the maturity level of many players remains desperately low.
In 2013, regulated users have still to fight with strong and critical e-compliance weaknesses:
Too often equipment and solution developers are too far from the regulated user's operating environment and daily business constraints.
Too often the regulated user is not able to define clearly and precisely its expectation and needs regarding e-compliance, limiting the requirements to a (long) list of regulations without discussing how such regulations should be implemented into the system for supporting efficiently daily business activities.
Many discussions in various discussion groups show that the regulated industry, including its suppliers and providers, is still not able to reach a reasonable level of maturity regarding e-compliance.
The later developments of new approaches such as cloud computing emphasise once again the poor understanding of regulatory requirements by regulated companies, in particular in terms of data integrity.
Should we expect that Part 11 comes of age for achieving regulatory e-compliance in a simple and efficient way?
Yves Samson - www.kereon.ch/yves