[Code of Federal Regulations]

[Title 21, Volume 1]

[Revised as of April 1, 2006]

From the U.S. Government Printing Office via GPO Access

[CITE: 21CFR11.200]



[Page 113]

 

                        TITLE 21--FOOD AND DRUGS

 

CHAPTER I--FOOD AND DRUG ADMINISTRATION, DEPARTMENT OF HEALTH AND HUMAN 

                                SERVICES

 

PART 11_ELECTRONIC RECORDS; ELECTRONIC SIGNATURES--Table of Contents

 

                     Subpart C_Electronic Signatures

 

Sec.  11.200  Electronic signature components and controls.



    (a) Electronic signatures that are not based upon biometrics shall:

    (1) Employ at least two distinct identification components such as 

an identification code and password.

    (i) When an individual executes a series of signings during a 

single, continuous period of controlled system access, the first signing 

shall be executed using all electronic signature components; subsequent 

signings shall be executed using at least one electronic signature 

component that is only executable by, and designed to be used only by, 

the individual.

    (ii) When an individual executes one or more signings not performed 

during a single, continuous period of controlled system access, each 

signing shall be executed using all of the electronic signature 

components.

    (2) Be used only by their genuine owners; and

    (3) Be administered and executed to ensure that attempted use of an 

individual's electronic signature by anyone other than its genuine owner 

requires collaboration of two or more individuals.

    (b) Electronic signatures based upon biometrics shall be designed to 

ensure that they cannot be used by anyone other than their genuine 

owners.