The US Federal Drug Administration (FDA) requirements under the regulation 21 CFR part 11 states all manufacturers of regulated brands must comply to these standards. Meeting these requirements for Quality Window Applications involves employing an number of features available in the standard version of the product.
They are:
- Use of the Protected setting for a variable when data is coming from a measuring device like a scale
- Creating a Security Database with User Id’s and Passwords
- Limiting access to the QWAdmin (formerly QWSETUP) Security Maintenance
- Setting access restrictions for functions like Add, Edit, Delete of data
- Turning on the Transaction Logging feature to ensure there is an Audit Trail of all data transactions.
- Using the Transaction Log Viewer to review data for regulated applications.
Let’s review them one at a time.
Use of a Protected setting for a Variable:
This is a very useful setting when the data should not be changed once collected. This could be data coming from a device like a scale and having the data unaltered is important for tracking the data such as in the case of a regulated brand. To perform this you use the utility program QWAdmin (formerly QWSETUP). It can be found in the Busitech QW5 directory. On the Variable definition screen there is a setting for Required? Click on this option and you will see Yes/No/Protected. Select Protected. Save the change and now, no one can change the value in this field. So how do you get the data in the variable originally? Through the use of Input/Output files. In the input file definition QW5 can pick up a data value placed in a file by another process like QWRS232 scale interface utility or directly from an DDE or OPC source in PLC or automation system.
Creating a Security Database:
This is done in the QWAdmin (formally QWSETUP) Utility under the Security option on the main menu. Here you can create User Id’s and Passwords for use in securing access to functions like Editing and deleting of data. Each User ID listed in this database will have access to restricted functions. Their Identifier will be logged in the transaction log to identify when and who performed the function.
Limiting access to the QWAdmin Security Maintenance:
By defining a user id of Admin in the security database it then limits access to the the security database to the Admin user. That is the only user allowed to access, and maintain User Id’s and passwords.
Setting access restrictions for functions like Add, Edit, Delete of data:
Using the QWAdmin Applications Selection and selecting the General Information screen go to the Security Options. Here you can select which functions you wish to restrict access to for this application. Setting the Template option will require a User to enter a valid user Id and password to access that application. The Views MGR option will limit access to the Views Manager in the application which would mean a user would not be able to change or create Views without a valid User Id and Password.
In addition, in the field “Variable Used to Store Security Info” will instruct QW 5 to place the User’s Name that made a restricted change in this field in the QW application file. Typically this field would use the Required – Protected option mentioned above to not allow the information to be changed. If you intend to use this type of variable you should create a variable for just that purpose.
Transaction Logging – creating an Audit Trial:
A very important requirement to meet the 21 CFR part 11 requirements is to document every time the data has been updated. Using the QWAdmin Applications General screen Transaction Audit Trial option and entering a file name will automatically begin the logging process. The file will be created and updated each time the data is changed. If you do not define a location for the file it will be placed in the same directory as the QW Application resides in. Using the same name as the QW Application makes identifying the file simpler as well. We use the file extension of .LOG just so the purpose of the file is easily identified as well.
Viewing the Audit Trial:
Turning on the Transaction Audit feature provides the necessary traceability for the data collected. To view this data within the Quality Window 5 Application select Macros at the top of the QW 5 screen and pick the Display Audit Trail option. A viewer will be displayed of the transaction log listing when Add, Edits, and Deletes were made to the data in chronological order. The date and time at the start of record is when the record was originally created and the date and time at the right end of the record is when the transaction was processed.