21cfrpart11-中英对照self整理

1、(a)本条款的规则提供了标准，在此标准 之下FDA将认为电子记录、电子签名、 和在电子记录上的手签名是可信赖的、 可靠的并且通常等同于纸制记录和在纸 上的手写签名。(b)本条款适用于在FDA规则中阐明的 在任何记录的要求下，以电子表格形式 建立、修改、维护、归档、检索或传送 的记录。本条款同样适用于在联邦食品、 药品和化妆品法案和公众健康服务 法案要求下的呈送给FDA勺电子记录， 即使该记录没有在 FDA规则下明确识 别。然而，本条款不适用于现在和已经 以电子的手段传送的纸制记录。一旦电子签名和与它相关的电子记 录符合本条款的要求，FDA将会认为电 子签名等同于完全手签名、缩写签名、 和其他的

2、FDA规则所求的一般签名。除 非被从1997年8月20日起(包括该日) 生效后的规则明确地排除在外。联邦法规第21章第1卷2006年04月01日修改代号:21CFR 11第21章一食品与药品第1节一食品和药品管理局健康与人类服务部业下一般规止Code of Federal RegulationsTitle 21, Volume 1Revised as of April 1,2006CITE: 21CFR 11TITLE 21-Food And DrugsCHAPTERI-Food And Drug AdministrationDepartment of Health And Human Ser

3、vicesSubchapter A-General第11款 电子记录；电子签名PART 11 Electronic Records; ElectronicSignatures分章A 一般规定Subpart A-General Provisions适用范围Sec. Scope.(a) The regulations in this part set forth the criteria under which the agency considers electronic records, electronic signatures, and handwritten signatures exe

4、cuted to electronic records to be trustworthy, reliable, and generally equivalent to paper records and handwritten signatures executed on paper.(b) This part applies to records in electronic form that are created, modified, maintained, archived, retrieved, or transmitted, under any records requireme

5、nts set forth in agency regulations.This part also applies to electronic records submitted to the agency under requirements of the Federal Food, Drug, and Cosmetic Act and the Public Health Service Act, even if such records are not specifically identified in agency regulations.However, this part doe

6、s not apply to paper records that are, or have been, transmitted by electronic means.(c) Where electronicsignaturesand theirassociated electronic recordsmeet therequirements of this part, the agency will consider the electronic signatures to be equivalent to full handwritten signatures, initials, an

7、d other general signings as required by agency regulations, unless specifically excepted by regulation(s)(d)依照本条款，除非纸制记录有特殊的 要求，符合本条款要求的电子记录可以 代替纸制记录使用。(e)在本条款下维护计算机系统(包括硬 件和软件)、控制权、和随附的文件应使 于被FDA用到，和服从于FDA的监管。(f)这部分内容不适用于根据本章至建 立或维护的记录。需要满足第一章(part 1),和本章中子章节J要求的记录，如 果同时在其他应用法规或条款中也有要 求，则根据这部分内容执行。

8、effective on or after August 20, 1997.(d) Electronic records that meet the requirements of this part may be used in lieu of paper records, in accordance with , unless paper records are specifically required.(e) Computer systems (including hardware and software), controls, and attendant documentation

9、 maintained under this part62 FR 13464, 1997 年 3 月 20 日， 在 2004年12月9日的69 FR 71655中做了修订履行(a)需要维护，但不提交给FDA的记录, 如果符合本条款的要求，人们可以使用 全部或部分电子记录代替纸制记录或用 电子签名代替传统签名。(b)提交给FDA的电子记录，人们可以使 用全部或部分电子记录代替纸制记录或 电子签名代替传统签名(手签名)假如:shall be readily available for, and subject to, FDA inspection.(f) This part does not a

10、pply to records required to be established or maintained by through of this chapter. Records that satisfy the requirements of part 1, subpart J of this chapter, but that also are required under other applicable statutory provisions or regulations, remain subject to this part.62 FR 13464, Mar. 20, 19

11、97, as amended at 69 FR 71655, Dec. 9, 2004Sec. Implementation.(a) For records required to be maintained but not submitted to the agency, persons may use electronic records in lieu of paper records or electronic signatures in lieu of traditional signatures, in whole or in part, provided that the req

12、uirements of this part are met.(b) For records submitted to the agency, persons may use electronic records in lieu of paper records or electronic signatures in lieu of traditional signatures, in whole or in part, provided that:(2)提交的文件或部分文件，作为 FDA 以电子形式接收的提交物的类型已经被 编号为92S-0251公共摘要识别出来。这个摘要将明确地识别出，何种

13、类 型文件或部分文件在没有纸制记录和 FDA接收单位(举例来说，特定的中心， 办公室，部门、分支机构)时的电子形 式提交物是可接受的。如果没有在公共摘要上明确出来，(1)符合条款的要求；和(1) The requirements of this part are met; and (2) The document or parts of a document to be submitted have been identified in public docket No. 92S-0251 as being the type of submission the agency accepts i

14、n electronic form.This docket will identify specifically what types of documents or parts of documents are acceptable for submission in electronic form without paper records and the agency receiving unit(s) ., specific center, office, division, branch) to which such submissions maybe made.他们以电子形式提交给

15、FDA接收单位的 文件将不被认为是正式的；这种文件的 书面形式将被认为是正式的但必须伴有 电子记录。人们期望与未来的FDA接收单位就 详细的(举例来说，传送的方法、媒体、 文件格式和技术协议)怎样和是否进行 电子的提交物进行协商。Documents to agency receiving unit(s) not specified in the public docket will not be considered as official if they are submitted in electronic form; paper forms of such documents will

16、be considered as official and must accompany any electronic records.Persons are expected to consult with the intended agency receiving unit for details on how ., method of transmission, media, file formats, and technical protocols) and whether to proceed with the electronic submission.定义Sec. Definit

17、ions.(a)包含于法案201部分中术语的定义 和翻译同样适用于那些在本条款中使用 到的术语。(b)下列术语的定义同样适用于本条款：(1) 法案是指联邦食品、药品、化妆品法案(21 321-393 )(2) 机构是指美国食品和药品管理局(3) 生物测定学是指一种基于个人的 身体特征及重复行为(这些特征和行为 对个人来说是唯一的和可以测量的)的 测量来校验个人身份的方法。(a) The definitions and interpretations of terms contained in section 201 of the act apply to those terms when us

18、ed in this part.(b) The following definitions of terms also apply to this part:(1) Act means the Federal Food, Drug, and Cosmetic Act (secs. 201-903 (21 321-393).(2) Agency means the Food and Drug Administration.(3) Biometrics means a method of verifying an individual's identity based on measure

19、ment of the individual's physical feature(s) or repeatable action(s) where those features and/or actions are both unique to that individual and measurable.(4) 封闭的系统是指一种环境，在此环 境中系统的登录是被那些对系统上电子 记录的内容负责的人们所控制。(4) Closed system means an environment in which system access is controlled by persons wh

20、o are responsible for the content of electronic records that are on the system.(5) 数字签名是指一种基于发信方鉴 别加密的方法，使用一套规则和一系列 参数计算以使签名者的身份和数据的完 整性能被校验。(6) 电子记录是指任何文本、图表、数据、声音、图示的或其他的以电子形 式表现的信息的混合，它的建立、修改、 维护、归档、检索或分发是由计算机系 统来完成的。(7) 电子签名是指一种由一个人执(5) Digital signature means an electronic signature based upon

21、cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified.(6) Electronic record meansany combination of text, graphics, data, audio, pictorial, or other information r

22、epresentation in digital form that is created, modified, maintained, archived, retrieved, or distributed by a computer system.行、采用或批准成为与其个人的手写签 名具有相同的法律效力的计算机数据的 任意符号或一系列符号的编译。(8) 手签名是指个人的手迹签名或合 法的标志，以永久的形式书写真实意图 所采纳的个人签名或合法标志。用书写及标志工具(例如一支钢笔 或尖笔)的签字行为是被保存的。手写 签名或合法的标志当约定俗成地适用于 书面上，也可以适用于其它的获取名字 及标志

23、的设备。(9) 开放系统是指一种环境，在此环 境中系统的登录不是被那些对系统上电 子记录的内容负责的人所控制。(7) Electronic signature meansa computer data compilation of any symbol or series of symbols executed, adopted, or authorized by an individual to be the legally binding equivalent of the individual's handwritten signature.(8) Handwritten sig

24、nature means the scripted name or legal mark of an individual handwritten by that individual and executed or adopted with the present intention to authenticate a writing in a permanent form.The act of signing with a writing or marking instrument such as a pen or stylus is preserved. The scripted nam

25、e or legal mark, while conventionally applied to paper, may also be applied to other devices that capture the name or mark.(9) Open system meansan environment in which system access is not controlled by persons who are responsible for the content of electronic records that are on the system.子分章B电子记录

26、Subpart B-Electronic Records封闭系统的管理人们使用封闭系统来建立、修改、 维保、或传送电子记录应该使用设计的 能够保证记录真实性、完整性和适当的 机密性的程序和控制，以保证签名者不 能轻易地否认已经签署的记录是不真实 的。这样的程序和控制应包括如下：(a) 系统的验证以保证准确、可靠、稳 定地预期性能，有能力识别无效的和被 改变的记录。(b) 确保产生人们易读的和适合FDA检查、回顾、和拷贝的电子形式的准确 的、完整的记录的副本。Sec. Controls for closed systems.Persons who use closed systems to cr

27、eate, modify, maintain, or transmit electronic records shall employ procedures and controls designed to ensure the authenticity, integrity, and, when appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily repudiate the signed record as not genuine.Such p

28、rocedures and controls shall include the following:(a) Validation of systems to ensure accuracy, reliability,consistentintendedperformance, and the ability to discern invalid or altered records.(b) The abilityto generate accurate and当人们怀疑FDA执行这样的电子记 录回顾和拷贝的能力时，应该联络FDAcomplete copies of records in bo

29、th human readable and electronic form suitable for inspection, review, and copying by the agency. Persons should contact the agency if there are any questions regarding the ability of the agency to perform such review and copying ofthe electronic records.(c) 记录的保护以使记录能够在整个 的保存期内是准确的和易于检索的。(d) 通过授权个人

30、用户以限制系统的 登录。(e) 使用安全的、计算机产生的、时间 印记的审核跟踪以便独立地记录操作者 登录和建立、修改、或删除电子记录的 行为的日期和时间。记录的改变不能使 先前的记录信息被覆盖。这样的审核跟踪文档将至少被保留 这样一段时间，这取决于从属于的电子 记录在FDA复查和拷贝时保证是可得到 的。 必要时，使用操作系统检查以加强 进程和事件的排序。(g) 使用验证检查以保证只有被授权 用户才可以使用系统，以电子方式签署 记录，使用操作或计算机系统的输入输 出设备，改变记录或手工执行操作。(c) Protection of records to enable their accurate

31、and ready retrieval throughout the records retention period.(d) Limiting system access to authorized individuals.(e) Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic record

32、s. Record changes shall not obscure previously recorded information.Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying.(f) Use of operational system checks to enforce

33、permitted sequencing of steps and events, as appropriate.(g) Use of authority checks to ensure that only authorized individuals can use the system, electronicallysign a record, access theoperation or computer system input or output device, altera record, or performtheoperation at hand.(h)必要时使用设备(举例来

34、说，终端) 检查以确定数据输入来源或操作指导的 有效性。(i)确定开发、维护或使用电子记录 / 电子签名系统的人员应具备与执行他们 被指派的任务相应的教育、培训和经验。(j)为了阻止记录和签名的伪造，确立 与坚持源自个人电子签名行为的责任与 职责的书面策略。(k) 在系统文件方面运用适当的控制 包括：1)在分发的，有权使用，系统运转和 维护方面使用的文件有足够的控 制。(h) Use of device ., terminal) checks to determine, as appropriate, the validity of the source of data input or op

35、erational instruction.(i) Determination that persons who develop, maintain, or use electronic record/electronic signature systems have the education, training, and experience to perform their assigned tasks.(j) The establishment of, and adherence to, written policies that hold individuals accountabl

36、e and responsible for actions initiated under their electronic signatures, in order to deter record and signature falsification.(k) Use of appropriate controls over systems documentation including:2)修订和改变控制程序以保持一个以 时间顺序产生和修改的系统文件的 审核跟踪。(1) Adequate controls over the distribution of, access to, and u

37、se of documentation for system operation and maintenance.(2) Revision and change control procedures to maintain an audit trail that documents time-sequenced development and modification of systems documentation.开放系统的管理Sec. Controls for open systems.人们使用开放系统来建立、修改、保持、或传送电子记录将使用设计程序和控制以保证电子记录从他们的创建处到他

38、们Persons who use open systems to create, modify, maintain, or transmit electronic records shall employ procedures and controls的接收处的真实性、完整性和机密性。designed integrity,to ensure the authenticity,and, as appropriate,这种程序和控制应包括那些在中被 识别的，必要时，附加的测量例如文档 的加密术和运用适当的数字签名标准以 保证，在此环境下，记录必要的正确性、confidentiality of el

39、ectronic records the point of their creation to the point of their receipt.Such procedures and controls shall include those identified in , as appropriatethefromand完整性、和机密性。signature standards to ensure, as necessary under the circumstances, record authenticity, integrity, and confidentiality.签名的显示S

40、ec. Signature manifestations.(a)签署电子记录应包含能清晰显示(a) Signed electronic records shall contain如下所有与签名相关的信息：information associated with the signing that clearly indicates all of the following:1)用印刷体书写出签名者的名字(1) The printed name of the signer;2)签名生效的日期和时间；和(2) The date and time when the signature was execu

41、ted; and3)和签名相关的含意(例如回顾、批(3) The meaning (such as review, approval,准、职责、或原创作者)responsibility,or authorship) associatedwith the signature.(b) 该条款已识别出在这一部分(b) The items identified in paragraphs (a)(1),additional measures such as document encryption and use of appropriate digital(a)(1)、(a)(2)和(a)(3)节应服

42、从于和 电子记录同样的控制并且应该被包括人 们易读的电子记录的形式(例如电子显 示或打印输出)。(a)(2), and (a)(3) of this section shall be subject to the samecontrols as for electronic records and shall be included as part of any human readable form of the electronic record (such as electronic display or printout).签名/记录连接在电子记录上签署的电子签名和手 签名应该链接到它

43、们各自的电子记录以Sec. Signature/record linking.Electronic signatures and handwritten signatures executed to electronic records保证电子签名不能够被删去、拷贝或者 其他方面的转移以至于使用普通手段伪 个电子记录。shall be linked to their respective electronic records to ensure that the signatures cannot be excised, copied, or otherwise transferred to

44、falsify an electronic record by ordinary means.分章C电子签名 一般要求Subpart C-Electronic Signatures Sec. General requirements.(a) 每一电子签名应是唯一对应单独 一个人的并且不能被再使用、或再分配 给其他任何人。(a) Each electronic signature shall be unique to one individual and shall not be reusedby,or reassigned to, anyone else.(b) 在一个组织建立，分配，证明，或

45、 批准一个人的电子签名或其他的任何这 样的电子签名的要素前，组织将校验个 人的身份。(b) Before an organization establishes, assigns, certifies, or otherwise sanctions an individual'selectronic signature, or anyelement of such electronic signature, the organization shall verify the identity of the(c)签名者使用电子签名前或使用时应向FDA证明，从1997年8月20日起及 以后

46、在他们系统上的电子签名，与传统 的手写签名有同等的法律效力。individual.(c) Persons using electronic signatures shall, prior to or at the time of such use, certify to the agency that the electronic signatures in their system, used on or after August 20, 1997, are intended to be the legally binding equivalent of traditional handwr

47、itten1)证明要以书面形式提交到“地方运 转办公室"(HFC-100, 5600 Fishers Lane, Rockville, MD 20857 )并采 用传统的手写签名。signatures.(1) The certification shall be submitted in paper form and signed with a traditional handwritten signature, to the Office of Regional Operations (HFC-100), 5600 Fishers2)应FDA要求，人们在使用电子签名 时，应提供一份

48、明确电子签名与签 字者手写签名具有同等的法律效力 的附加的证明书或证据。Lane, Rockville, MD 20857.(2) Persons using electronic signatures shall,upon agency request,provideadditional certification or testimony that a specific electronic signature is the legally bindingequivalentof the signer'shandwritten signature.电子签名的成分及管理Sec. El

49、ectronic signature components and controls.(a)不依据生物测定学的电子签名应：(a) Electronic signatures that are not based upon biometrics shall:1)使用至少二种截然不同的证明成 分，例如识别码和密码。(1) Employ at least two distinct identificationcomponents such as anidentification code and password.i)个人在一个独立的持续受控的系统登录期间内签署了一系列的签 名，签署的第一个签名将使

50、用所有的电(i) When an individual executes a series of signings during a single, continuous period of controlled system access, the first signing子签名成分。后续签署的签名应使用至 少一种的电子签名的成分。该成分只能 由个人签署，并且设计只能由个人来使 用。ii) 当一个人不在一个独立的持续受 控的系统登录期间内签署一个或多个签 名时，每一个被签署的签名应使用所有 的电子签名成分。2)仅被他们真正的所有者使用；和3)管理和签署以确保任何除其真正所 有者外的其他人尝

51、试使用该电子签 名时需要二个或更多的人的协作。(b)依据生物测定学的电子签名应被设计成能确保他们不能被真正所有者之 外的其他人使用。(b) Electronic signatures based upon biometrics shall be designed to ensure that they cannot be used by anyone other than their genuine owners.shallbeexecutedusingallelectronicsignature components; subsequent signings shallbeexecutedu

52、singatleast oneelectronic signature component that is only executable by, and designed to be used only by, the individual.(ii) When an individual executes one or more signings not performed during a single, continuous period of controlled system access, each signing shall be executed using all of th

53、e electronic signature components.(2) Be used only by their genuine owners; and(3) Be administered and executed to ensure that attempted use of an individual's electronic signature by anyone other than its genuine owner requires collaboration of two or more individuals.识别代码和密码的管理人们使用基于利用识别码和密码混 合的电子签名应使用管理以保证他们的 安全和完整，这种管理应包括：(a) 保持每一的识别码和密码结合的 唯一性，也就是不会有二个人有相同的 识别码和密码。(b) 保证识别码和密码发布能定期被 检