21cfrpart11-中英对照self整理

1、联邦法规Code of FederaI Regulations第21章第1卷Title 21, Vo Iume 12006年04月01日修改代号:21CFR 11CITE： 21CFR 11第21章一食品与药品TITLE 21Food And DrugsRev i sed as of Apr i I 1, 2006第1节一食品和药品管理局CHAPTER I-Food And Drug Administration健康与人类服务部Department of Health And Human Services亚节一一般规定Subchapter AGenera I第11款 电子记录；电子签名PART

2、 11 ElectronicRecords;Electronic Signatures分章A 一般规定Subpart AGenera I Prov i s i ons适用范围Sec. Scope.本条款的规则提供了标准，在The regulations in this part set 此标准之下FDA将认为电子记录、电子签名、和在电子记录上的手签 化计the criteria under which the 名足可后赖的、可靠的并且通出等agency considers eIectronic records, 同于纸制记录和在纸上的手写签.electronic signatures, and

3、 handwr itten(b)本条款适用于在FDA规则中阐 明的在任何记录的要求下，以电子 表格形式建立、修改、维护、归档、 检索或传送的记录。本条款同样适用于在联邦食 品、药品和化妆品法案和公众 健康服务法案要求下的呈送给 FDA的电子记录，即使该记录没有 在FDA规则下明确识别。然而，本条款不适用于现在和retr ieved, or transmitted,under anys i gnatures executed to electronic records to be trustworthy, re I i abIe,and genera I Iy equ i vaI ent to

4、paper records and handwr i tten signatures executed on paper.(b) This part appI ies to records in electronic form that are created, mod i f i ed, ma i nta i ned, arch i ved,(c) 一旦电子签名和与它相关的电 子记录符合本条款的要求，FDA将 会认为电子签名等同于完全手签 名、缩写签名、和其他的FDA规则 所求的一般签名。除非被从1997 年8月20日起(包括该日)生效 后的规则明确地排除在外。已经以电子的手段传送的纸制记r

5、ecords requirements set forth in 录oagency reguI at i ons.Thi s part a I so appIi es to eIectron i c records submitted to the agency under requ i rements of the Federa I Food, Drug, and Cosmet i c Act and the Pub I ic Hea I th Service Act, even if such records are not specifics Ily identified i n age

6、ncy reguI at i ons.However, this part does not appIy to paper records that are, or have been, transmitted by eIectronic means.(c) Where electronic signatures and thei r associated electronic records meet the requ i rements of th i s part, the agency will consider the eIectronic s i gnatures to be eq

7、u i va I ent to fu I I handwr itten signatures, initials, and other genera I signings as requi red by agency reguI at ions, unI ess specificaI Iy excepted by reguI at i on (s) effect i ve on or after August 20, 1997.（d）依照本条款，除非纸制圮录有g） Electronic records that meet the 特殊的要求，符合本条款要求的电子记录可以代替纸制记录使用。 re

8、quirements of this part may be used inI i eu of paper records, i n accordance在本条款下维护计算机系统 （包括硬件和软件）、控制权、和 随附的文件应便于被FDA用到，和 服从于FDA的监管。with , unI ess paper records are spec ificaIly requ i red.(e) Computer systems (includinghardware and software), controIs, and(f)这部分内容不适用于根据本attendant documentation ma

9、intained章至建立或维护的记录。需要满足第一章（part 1）,和本章中子章under this part shaI I be readi ly ava i I ab I e for, and subject to, FDA节J要求的记录，如果同时在其i nspect i on.他应用法规或条款中也有要求，则履行(a)需要维护，但不提交给FDA的 记录，如果符合本条款的要求，人 们可以使用全部或部分电子记录 代替纸制记录或用电子签名代替 传统签名。(b)提交给FDA的电子记录，人们 可以使用全部或部分电子记录代 替纸制记录或电子签名代替传统根据这部分内容执行。(f) Thi s part

10、 does not app I y to records requi red to be estab Ii shed or 62 FR 13464, 1997 年 3 月 20ma i nta i ned by through of th i s 日，在2004年12月9日的69FRchapter. Records that sati sfy the 71655中做了修订requ i rements of part 1, subpart J of th i s chapter, but that a I so are requ i red under other appIi cab Ie st

11、atutory prov i s i ons or reguI at i ons, rema i n subject to thi s part.62 FR 13464, Mar. 20, 1997, as amendedat 69 FR 71655, Dec. 9, 2004Sec. ImpIementat i on.(a) For records requi red to be maintained but not submitted to the agency, persons may use electronic records i n I ieu of paper records o

12、r eIectronic signatures in I ieu of traditional signatures, in whole or in part, provided that the requi rements of签名(手签名)假如: this part are met.(1)符合条款的要求；和(2)提交的文件或部分文件，作为 FDA以电子形式接收的提交物的类 型已经被编号为92S-0251公共摘 要识别出来。这个摘要将明确地识别出，何 种类型文件或部分文件在没有纸 制记录和FDA接收单位(举例来 说,特定的中心,办公室,部门、 分支机构)时的电子形式提交物是 可接受的。如果没

13、有在公共摘要上明确 出来，他们以电子形式提交给FDA 接收单位的文件将不被认为是正 式的；这种文件的书面形式将被认 为是正式的但必须伴有电子记录。人们期望与未来的FDA接收 单位就详细的(举例来说，传送的 方法、媒体、文件格式和技术协议) 怎样和是否进行电子的提交物进 行协商。(b) For records submitted to the agency, persons may use eIectronic records in I ieu of paper records or electronic s i gnatures in I i eu of trad it ionaI s i g

14、natures, i n who Ie or i n part, prov ided that:(1) The requi rements of thi s part are met; and(2) The document or parts of a document to be submitted have been identified in pub I ic docket No. 92S-0251 as be i ng the type of submission the agency accepts in electronic form.This docket wi I I iden

15、tify specifically what types of documents or parts of documents are acceptab I e for submi ss ion i n electronic form without paper records and the agency receiving unit (s) , specific center, office, division, branch) to which such submissions may be made.Documents to agency receiving unit (s) not

16、specified i n the pub I ic docket wi I I not be considered as official if they are submitted in electronic form; paper forms of such documents wi I I be cons i dered as officiaI and must accompany any eIectronic records.Persons are expected to consu11 with the i ntended agency receiving unit for det

17、a i Is on how ., method of transmission, media, file formats, and technical protocoIs) and whether to proceed with the electronic submission.定义Sec. Definitions.(a)包含于法案201部分中术语的 定义和翻译同样适用于那些在本 条款中使用到的术语。(a) The definitions and interpretationsof terms conta i ned i n sect i on 201 of the(b)下列术语的定义同样适

18、用于本 条款：(1) 法案是指联邦食品、药品、act appIy to those terms when used i nthi s part.化妆品法案(21 321-393)(b) The fol lowing def i nit ions of terms a I so appIy to th i s part:(2)机构是指美国食品和药品官理局(1) Act means theFederaI Food, Drug,and Cosmet i c Act(secs. 201-903 (21(2) Agency means the Food and DrugAdmin i strat i o

19、n.(3)生物测定学是指一种基于个321-393) 人的身体特征及重复行为(这些特 征和行为对个人来说是唯一的和 可以测量的)的测量来校验个人身 份的方法。(4) 封闭的系统是指一种环境， 在此环境中系统的登录是被那些 对系统上电子记录的内容负责的 人们所控制。(3) Biometr ics means a method ofver ifying an individual 1s identitybased on measurement of thei nd i v i duaI 1s phys i caI feature (s) or repeatab Ie act i on (s) whe

20、re thosefeatures and/or actions are both unique to that i nd i v i duaI and measurabIe.(4) Closed system means an envi ronment in which system access is controI Ied by persons who are responsibIe for the content of electronic records that are on the system.(5)数字签名是指一种基于发信 伏)n. . . nan Digital signat

21、ure means an 方鉴别加密的方法，使用一套规则和一系列参数计算以使签名者的electronic signature based upon 身份和数据的完整性能被收脸。 cryptograph i c methods of or iginatorauthentication, computed by using a set(6) 电子记录是指任何文本、图 表、数据、声音、图示的或其他的 以电子形式表现的信息的混合，它 的建立、修改、维护、归档、检索 或分发是由计算机系统来完成的。(7) 电子签名是指一种由一个 人执行、采用或批准成为与其个人 的手写签名具有相同的法律效力 的计算机数据的

22、任意符号或一系 列符号的编译。(8) 手签名是指个人的手迹签 名或合法的标志，以永久的形式书 写真实意图所采纳的个人签名或 合法标志。用书写及标志工具(例如一支 钢笔或尖笔)的签字行为是被保存 的。手写签名或合法的标志当约定 俗成地适用于书面上，也可以适用 于其它的获取名字及标志的设备。(9) 开放系统是指一种环境，在 此环境中系统的登录不是被那些 对系统上电子记录的内容负责的 人所控制。of ruIes and a set of parameters such that the identity of the signer and the integr ity of the data can

23、 be ver if ied.(6) Electronic record means any combination of text, graphics, data, audio, pictorial, or other information representation in digital form that is created, mod i f i ed, ma i nta i ned, archived, retr i eved, or d i str ibuted by a computer system.(7) Electronic signature means a comp

24、uter data compi I at ion of any symbol or ser i es of symbo I s executed, adopted, or author i zed by an i nd i v i dua I to be the IegaIly binding equi vaI ent of the i nd i v i duaI 1s handwr itten s i gnature.(8) Handwr itten s i gnature means the scr i pted name or I ega I mark of an i nd i v i

25、duaI handwr itten by that i ndi vidua I and executed or adopted withthe present intention to authenticate a子分章B电子记录封闭系统的管理人们使用封闭系统来建立、修 改、维保、或传送电子记录应该使 用设计的能够保证记录真实性、完 整性和适当的机密性的程序和控 制，以保证签名者不能轻易地否认 已经签署的记录是不真实的。这样writing in a permanent form.The act of signing with a writing or marking instrument su

26、ch as a pen or sty I us i s preserved. The scr i pted name or IegaI mark, while conventionaI Iy app I i ed to paper, may a I so be app I i ed to other devices that capture the name or mark.(9) Open system means an env i ronment i n wh i ch system access i s not contro I I ed by persons who are respo

27、nsible for the content of electronic records that are on the system.Subpart BElectronic RecordsSec. ControIs for cIosed systems.Persons who use cIosed systems to create, modify, maintain, or transmit eIectron i c records shalI empIoy procedures and controIs des igned to ensure the authent i c i ty,

28、i ntegr i ty,的程序和控制应包括如下:and,whenappropriate,theconfidentiality of electronic records,(a)系统的险证以保证准确、可 靠、稳定地预期性能，有能力识别 无效的和被改变的记录。(b)确保产生人们易读的和适合 FDA检查、回顾、和拷贝的电子形 式的准确的、完整的记录的副本。当人们怀疑FDA执行这样的 电子记录回顾和拷贝的能力时，应 该联络FDAoand to ensure that the s i gner cannot readi Iy repudiate the signed record as not gen

29、uine. Such procedures and controIs shaI I incIude the fol lowing:(a) Vai idation of systems to ensure accuracy, reliabiIity, cons i stent i ntended performance, and the abilityto d i scern invaI id or a Itered records.(b) The ab i I i ty to generate accurate and comp I ete cop i es of records i n bo

30、th human readabIe and electronic form suitable for inspection, review, and copying by the agency.Persons shouId contact the agency if there are any questions regarding the ability of the agency to perform such review and copying of the electronic records.(C) 记录的保护以使记录能够在/ X D . . r,.J" ) (c) Pr

31、otection of records to enable整个的保存期内是准确的和易于 检索的。(d)通过授权个人用户以限制系 统的登录。使用安全的、计算机产生的、 时间印记的审核跟踪以便独立地 记录操作者登录和建立、修改、或 删除电子记录的行为的日期和时 间。记录的改变不能使先前的记录 信息被覆盖。这样的审核跟踪文档将至少 被保留这样一段时间，这取决于从 属于的电子记录在FDA复查和拷 贝时保证是可得到的。(f)必要时，使用操作系统检查 以加强进程和事件的排序。(g)使用验证检查以保证只有被 授权用户才可以使用系统，以电子 方式签署记录，使用操作或计算机 系统的输入输出设备，改变记录或 手工

32、执行操作。the i r accurate and ready retr i evaI throughout the records retention per i od.(d) Limiting system access to author i zed i nd i v i duaIs.(e) Use of secure, computer-generated, t ime-stamped aud it tra iIs to independentIy record the date and time of operator entr ies and actions that create

33、, modify, or de Iete electronic records. Record changes shaI I not obscure prev i ousIy recorded i nformat i on.Such audit tra i I documentat ion sha I I be reta i ned for a per i od at I east as Iong as that requ i red for the subject electronic records and shaI I be ava iIabIe for agency rev i ew

34、and copying.(f) Use of operat i ona I system checks to enforce permitted sequencing of stepsand events, as appropr iate.(g) Use of author i ty checks to ensure that on Iy author i zed individuals can use the system, eIectronicaI Iy sign a record, access the operation or computer system input or outp

35、ut device, a I ter a record, or perform the operation at hand.(h)必要时使用设备(举例来说， 终端)检查以确定数据输入来源或 操作指导的有效性。确定开发、维护或使用电子记 录/电子签名系统的人员应具备与 执行他们被指派的任务相应的教 育、培训和经验。(j)为了阻止记录和签名的伪造， 确立与坚持源自个人电子签名行 为的责任与职责的书面策略。(k) 在系统文件方面运用适当的 控制包括：1)在分发的，有权使用，系统运 转和维护方面使用的文件有足 够的控制。2)修订和改变控制程序以保持一 个以时间顺序产生和修改的系(h) Use of d

36、evice . , terminaI) checks to determine, as appropr iate, the vaIidity of the source of data i nput or operat ionaI i nstruct ion.(i) Determination that persons who develop, maintain, or use eIectronic record/eIectron i c s i gnature systems have the educat i on, training, and exper ience to perform

37、 thei r assigned tasks.(j) The estab I ishment of, and adherence to, wr i tten polici es that ho I d i nd i v i duaIs accountabIe and统文件的审核跟踪。respons i b I e for act i ons i n i t i ated under thei r electronic signatures, in order to deter record and s i gnature falsification.(1) Use of appropr i a

38、te controIs over systems documentation including:(2) Adequate controIs over the di str i but ion of, access to, and use of documentation for system operation and ma i ntenance.(3) Rev i s i on and change control procedures to ma i nta i n an aud i t tra iI that documentst ime-sequenceddeveIopment an

39、d mod i f i cat i on of systems documentat i on.开放系统的管理Sec. ControIs for open systems.人们使用开放系统来建立、修改、Persons who use open systems to create,保持、或传送电子记录将使用设计mod i fy,maintain, or transmit程序和控制以保证电子记录从他eIectronic records shaI I empIoy们的创建处到他们的接收处的真procedures and controIs des igned to实性、完整性和机密性。这种程序和控制应

40、包括那些 在中被识别的，必要时，附加的测 量例如文档的加密术和运用适当 的数字签名标准以保证，在此环境 下，记录必要的正确性、完整性、 和机密性。appropr i atedigitals i gnature签名的显示standards to ensure, as necessary under the c i rcumstances, record authent ic ity,i ntegr ity,andconfidentia Iity.Sec. Signature man i festat ions.（a）签署电子记录应包含能清晰 显示如下所有与签名相关的信息：(a) Signed e

41、lectronic records sha I Iconta i n i nformat i on assoc i ated w i th the1）用印刷体书写出签名者的名字signing that clear Iy indicates a I I of2）签名生效的日期和时间；和the fol lowing:ensure the authenticity, integrity,and, as appropr i ate, the confidentiality of electronic records from the point of thei r creat ion to the p

42、oint of thei r receipt.Such procedures and controIs shaI I i ncIude those identified i n , as appropr iate and additional measures such as document encrypt i on and use of3）和签名相关的含意（例如回顾、(1) The pr i nted name of the s i gner;批准、职贝、或原创作者)(2) The date and time when thes i gnature was executed; and (b

43、) 该条款已识别出在这一部分(a) (1)、(a) (2)和(a) (3)节应服从 The mean i ng (such as rev iew, 于和电子记录同样的控制并且应.approvaI. respons i b i Ii ty, or 该被包括人们易读的电子记录的形式(例如电子显示或打印输出)。authorship) associated with the s i gnature.(b) The items identified in paragraphs (a) (1), (a) (2), and (a) (3) of th i s sect ion sha I I be subj

44、ect to the same controIs as for electronic records and sha I I be incI uded as part of any human readabIe form of the eIectron i c record (such as electronic display or pr i ntout).签名/记录连接在电子记录上签署的电子签 名和手签名应该链接到它们各自 的电子记录以保证电子签名不能 够被删去、拷贝或者其他方面的转 移以至于使用普通手段伪造一个Sec. Si gnature/record Ii nk i ng.Elect

45、ronic signatures and handwr itten s i gnatures executed to electronic records shaI I be I i nked to the i r respect i ve e I ectron ic records to ensure that the signatures cannot be excised, copied, or otherwise transferred to电子记录。分章C电子签名一般要求(a)每一电子签名应是唯一对应 单独一个人的并且不能被再使用、 或再分配给其他任何人。(b) 在一个组织建立，分配

46、，证 明，或批准一个人的电子签名或其 他的任何这样的电子签名的要素 前，组织将校验个人的身份。签名者使用电子签名前或使用 时应向FDA证明，从1997年8月 20日起及以后在他们系统上的电 子签名，与传统的手写签名有同等 的法律效力。1)证明要以书面形式提交到“地 方运转办公室”(HFC700, 5600 Fishers Lane, Rockvi I Ie, MD 20857)并采用 传统的手写签名。2)应FDA要求，人们在使用电子 签名时，应提供一份明确电子 签名与签字者手写签名具有同falsify an electronic record by ord inary means.Subpar

47、t CElectronic SignaturesSec. Genera I requ i rements.等的法律效力的附加的证明书intended t。be the legally binding 或证据。equ i vaI ent of traditional handwr itten s i gnatures.(1) The cert ificat i on sha I I be submitted in paper form and signed with a trad it i ona I handwr i tten s ignature, to the Office of Regi

48、onaI Operations (HFC-100),5600 Fishers Lane,RockviI Ie, MD 20857.(2) Persons using eIectronic signatures shaI I, upon agency request, prov i de additional certification or testimony that a specific electronic signature is the IegaI Iy binding equ i vaI ent of the s i gner EmpIoy at I east two d i st

49、 i net2)仅被他们真正的所有者使用；Be used only by their genuine 和owners; and3)管理和签署以确保任何除其真正所有者外的其他人尝试使用，、.(3) Be administered and executed tos handwr itten s i gnature.电子签名的成分及管理Sec. Electronic signature componentsand controIs.成分,例如识另码和密码。i) 当一个人在一个独立的持续 受控的系统登录期间内签署了一 系列的签名，签署的第一个签名将 使用所有的电子签名成分。后续签 署的签名应使用至少一

50、种的电子 签名的成分。该成分只能由个人签 署，并且设计只能由个人来使用。i i)当一个人不在一个独立的持 续受控的系统登录期间内签署一 个或多个签名时，每一个被签署的 签名应使用所有的电子签名成分。identification components such as an identification code and password.(i) When an indi vidua I executes a ser ies of s i gn i ngs dur i ng a single, cont i nuous per i od of contro I I ed system access

51、, the fi rst signing shaI I be executed using a I I eIectron i c s i gnature components; subsequent s i gn i ngs shaI I be executed us i ng at I east one e I ectron i c s i gnature component that i s on Iy executabIe by, and des i gned to be used only by, the i nd i v i dua I.(i i) When an individua

52、l executes one or more signings not performed dur ing a single, cont i nuous per i od of contro I I ed system access, each signing shaI I be executed using all of the electronic s i gnature components.该电子佥名时电要一个或更多ensure that attempted use of an 的人的协作。individuaI 1s electronic signature by anyone oth

53、er than its genuine owner (b) 依据生物测定学的电子签名应被设计成能确保他们不能被真requires col laboration of two or more 正所有者之外的其他人使用。.,I nd I v I dua I s.(b) Electronic signatures based upon biometr ics shaI I be designed to ensure that they cannot be used by anyone other than thei r genu i ne owners.识别代码和密码的管理Sec. ControIs

54、 for identificationcodes/passwords.人们使用基于利用识别码和 密码混合的电子签名应使用管理 以保证他们的安全和完整，这种管 理应包括：Persons who use eIectronic signaturesbased upon use of identification codesin combination with passwords shaI IempIoy controIs to ensure the i r(a) 保持每一的识别码和密码结 合的唯一性，也就是不会有二个人 有相同的识别码和密码。secur ity and i ntegr ity. S

55、uch controIsshaI I i ncIude:(b) 保证识别码和密码发布能定 期被检查、收回或是修订(举例来 说，或盖象密码老化这样的事件)(a) Maintaining the uniqueness of eachcomb i ned identification code and(c)按照损失管理过程对丢失、password, such that no two individuals被盗、找不到或有损伤可能的记 号、卡片及其他装置(生成或创建 识别码或口令信息的装置)进行电 子失效，并应用适当、严格的控制 发行临时或永久的代用品。have the same combination ofidentification code and password.(b) Ensur i ng that identification codeand password issuances are periodical lychecked, recaI Ied, or revi sed