Digital Signature - 21 CFR part 11 compliance

Thanks a lot! I've found most of these references as well. My main question is: Adobe Reader also has a standard option (for free) to certify documents with a digital signature. However, does this offer to same features and level of compliance then AdobeSign, i.e. is there any added value to subscribe and pay for AdobeSign. We're working in a regulated environment so compliance is key.
Many thanks,
Bert

Hi,

Adobe Reader meets the same criteria.

As a matter of fact, When compared with Adobe Acrobat Pro, its does provide the users with a more restrictive and tighter security.

Hi, I have been struggling with this as well. 

is there evidence to be found on the FDA regs that states AdobePro and/or Reader to be 21 CFR Part 11 compliant? I have seen the above links, but looks like it just refers to Adobe Sign.

Thanks,

Thanks so much for the communication back and the information. Yes, i am looking into some of the Food and Drug Administrations approved electronic signatures they allow for institutions to be compliant with them.

I know AdobeSign the application is compliant. I am avoiding the E Sign Application, because once you sign, it locks the docuemnt and i cannot edit it after the signature goes in place. I was trying to research and decipher if when creating an Adobe document, using the "prepare" field and adding a "digital Signature" for a user, if that would also be compliant in their regulations, but couldn't seem to find the language. But now, I see that I may need to research "e-signature" vs. "digital signature" as I have seen other threads that they may not be the same thing. I guess it just takes some digging. Thanks again for the reply, you were very helpful!

Here you go,

The self-signed digital certificates and/or  employing the use of common access card readers is the way to go definitely.

Is hard to beat SHA encryption and decryption, specially when it is used in combination with reputable and trusted root certificate issuing authorities.

This workflow definitely cuts out the unnecessary middlemen, and it also allows you  to have mechanisms ready that validate digital signatures and to protect the integrity of such documents. 

This was my prior thread to another user with a similar concern as his organization was about to do business with another company in Europe: https://community.adobe.com/t5/acrobat/how-to-see-the-certificate-validity-in-document-signed-with-d...

To be thorough evaluate this document on ISO 27001 and 27002 from the FDA's 

"COLLABORATIVE APPROACHES FOR MEDICAL DEVICE AND HEALTHCARE CVBERSECURITY"  : 

• https://www.fda.gov/media/89789/download

AND THEN  --->>>  If your inquiry is related to the manufacturing and deployment of medical devices during this pandemic, the FDA has the following document: What-is-the-relationship-between-FDA’s-Quality-System-Regulation-for-Devices--Part-820-and-ISO-9001--2000 

This has nothing to do with Adobe but it is worth looking into with every other ISO related things that are evolving during the new world order transition and as we type in here .

In that document, look into the FDA's Quality System Regulation Part 820 as they claim that it doesn't harmonize with other ISO standards such as ISO 9001. Is constantly under revision because it involves how other countries employ their own quality management standards.

You can get it from their website:

• https://www.fda.gov/media/75903/download

+++ Below is a list of resources on the Adobe side of the house:

Adobe Current list of Certifications:

• https://www.adobe.com/content/dam/cc/en/security/pdfs/MasterComplianceList.pdf

Adobe Experience Cloud discussion on ISO 27001:2013 certification:

• https://experienceleaguecommunities.adobe.com/t5/adobe-experience-cloud-questions/iso-27001-2013-cer...
  
  

Adobe Industry Standards and Regulations

• https://www.adobe.com/security/compliance.html

Adobe Common Control Framework (which is open source)

• https://blogs.adobe.com/security/2018/10/introducing-the-adobe-common-controls-framework-ccf-version...

+++ Additional informational Resources:

• https://asq.org/quality-resources/iso-9001

ASQ/ANSI/ISO 9001:2015: Quality Management Systems - Requirements (E-Standard)

• https://asq.org/quality-press/display-item?item=T1040E

International Organization for Standardization

• https://www.iso.org/isoiec-27001-information-security.html

Hi Bert, Skye,

Did either of you figure this out? I am also wondering if we are able to use the free version Adobe reader version for part 11 compliance. Thank you. 

@Skye29625825cy2k ,

Thank you for updating the thread!