ERES Reminiscing: Thoughts on 21 CFR Part 11 Past, Present & Future
I’d never heard of an Electronic Signature until 21 CFR Part 11 was first published in 1997. This iconic regulation had the uninspiring title “Electronic Records; Electronic Signatures.” Little did I know at the time that it would define part of my professional life for the next two decades.
At the time, it was the Electronic Records half of Part 11 that seemed to generated interest in the regulated industry where I started my career. I was working as a validation consultant involved making legacy equipment compliant with the Electronic Records regulations in Part 11. I remember serious discussions about what was, and what was not, an electronic record. Unlike paper, which travels from place to place as a physical item, Electronic Records leave copies. I recall intense discussions to determine if a temporary copy of an electronic record stored in a printer buffer required control and protection under Part 11. This is an example of the exploration we underwent to comply with Part 11 in the early days of Electronic Records.
It is curious looking back to notice that I had no such discussions about Electronic Signatures. At the time, the Electronic Signature was rare. Those that existed at the time usually didn’t meet the Part 11 requirements and quickly fell out of use. I think it is worth asking why there was so much immediate traction for Electronic Records, but not for Electronic Signatures. Let’s look back at 1997 and see what was going on then…
If I travel back to 1997 (let’s ignore the ponytail I was sporting) and remember the technology of the time, I used credit cards for shopping, but wrote and mailed checks to pay bills. My bank statements were paper. My first cell phone was a couple years away. And while I used email, I had many years to go before my first online purchase. Although I didn’t think of it this way at the time, I already had some electronic records in my life. However, legal or official records were still always in paper. Even credit card purchases still required a signature on a paper receipt.
I like using credit cards and checks as examples because they are signature processes that we are familiar with. With a check we are using an individually numbered paper template document supplied by a bank. We add a few details (recipient, dollar amount, and date) and then sign it granting permission to the bank to release the funds to the recipient.
But what happens to that check? The recipient (or their bank as a proxy) sends the paper check right back to my bank. The signature I created happened within a closed system controlled by financial institutions. They created the documents to be used in transactions and maintain a copy of our signature on file. The stored signature can be used to verify the authenticity of future signatures. This system worked because it was a closed system with a built-in authentication system.
So there’s an interesting aspect of signatures on records; the system in which they are signed is the only context in which they are valid.
The record and the signature are meaningful within that context only. I could not, for instance, write a check on any random piece of paper. In another context, a signature and the paper it is written on changes entirely. An autograph, for example, might have value for a collector among other collectors who value the same signature. The context sets the value. The fact that there is more than one collector will allow for verification.
Once a signature is on a document, we immediately realize the need to verify its authenticity. For important documents in our lives, we use professional witnesses to ensure authenticity. If you get married, it is a judge who witnesses the signature. If you buy a house, it is a Notary Public who witnesses the signature. In both cases, the professional witness keeps a separate record of the signing event, and notes their credentials on your signed record. If the authenticity of the signature is ever questioned, we can simply access the notary records to verify that the signature event occurred.
In both cases, the check and the notary, the paper signature was valid because it was happening in the context of a closed system in which we could verify authenticity.
Paper systems have clear boundaries and signatures are only are considered authentic within that system.
What complicates Electronic Signatures is that there are no easy ways to create boundaries on the systems. For most GxP companies, if we create manageable boundaries for the system, then the system ends up too small to be useful. This is why Electronic Signatures did not see the same widespread use as written signatures.
So here we are, back in 2019. Has anything changed? Electronic records are common; we are in a mass exodus from paper records. Simply take a picture of a check with your phone to deposit it to your bank account. Send money by email. Given, fraud is a constant threat with digital banking, but that is not stopping this trend. Paper records are still more reliable, but electronic records are so much more useful and efficient. The efficiency of a method drives adoption. Adoption drives the need for new and improved security measure.
Then, there are the cost savings realized in the incremental departure from paper and ink transactional documents. Think of how hard it would be to search a large paper document for a single keyword. And there is the physical space needed for storage of years of records. So, we can easily understand why electronic records are rapidly increasing in our lives and our industries.
At the end of all this we have to admit that electronic signatures have not yet taken over due to authentication issues.
Yes, we see many places where they are being used. But if you look closely, you will see that these electronic signatures are always occurring in the context of a controlled system. This constraint is always there. The only places that GxP industries were able to fully implement electronic signatures are in systems that had controllable and meaningful boundaries; usually those systems designed to control and store the signed records as well.
Given that context is everything, we have witnessed the birth of the Electronic Content Management Systems (ECMS), where documents can be imported as scanned paper, or as PDFs, and signed and stored in the ECMS. We also have E-signatures in other repository systems, especially when it involves changes to data, such as Laboratory Information Management Systems (LIMS) systems. And we saw E-Signatures in some manufacturing systems, when dealing with processes with many approval and verification steps, such as Enterprise Resource Planning (ERP) systems. So that’s progress, but it’s very slight when compared to other advances in technology. And we only see it within systems with well-defined boundaries.
We only have seen E-Signatures implemented in centralized systems that are equipped with tools that manage approval workflows and are intended to be the final storage location of the signed record. The record can never leave the system, because the information necessary to authenticate the signature is also captive in the same system. This is a major reason e-signatures are not yet ubiquitous. However, E-signature technology is moving towards something like universal authentication. This will allow E-signed documents to be transported outside the bounds of their signature system.
For an example of portable solutions, think of new Blockchain technologies...
These are fundamentally designed to act as a 3rd party verification of authenticity and could be used authenticate digital signatures. If properly implemented, this future technology can be used for signature verification, thereby demolishing the current boundaries of the closed system and making digitally signed documents truly portable – or at least portable within a much larger system, such as the Internet.
Until something like Blockchain can be used like a “universal” notary witness for E-Signature, we are stuck with our current options for signatures, so let's take a look at each.
Wet Ink, Scanned, Flattened, Digital, Electronic, Biometric
• Wet Signatures: These are the pen and ink signatures we know and love. In use for over 1000 years, it’s still considered the most secure for proving a chain of custody for a document, and can require a witness or notary system in place.
• Scanned Signatures: This is what you get when you scan and image of a Wet Signature on a document to make an Electronic Record. Now the signature is an element of a file that is little more than a digital image of the original document. Because electronic pictures are easily manipulated, including the signature, this isn’t a secure form of electronic signature unless the file can be proven to have been controlled against changes, which is an extension of the “chain of custody” practice from paper records and wet signatures.
• Flattened Signatures: This is a digital image of a signature added to an electronic file, then incorporated into the file by flattening. In the end, it turns the signature into a graphic element of the electronic file which can be subject to manipulation. Like scanned signatures, flattened images in an electronic record are not a secure form of electronic signature, again unless the file can be proven to have been controlled against changes.
• Digital Signature: In this signature, there is an image of the signature on the document, but it is safeguarded against alteration by linking the image to encrypted metadata in the document. Metadata includes information such as the name of the signatory, the date of signature, the intent of the signature, the type of document, etc. The encryption of this data within the hidden metadata allows changes to the signature to be easily detected, making it more secure.
• Electronic Signatures: This is really a loose term that can include any kind of E-Signature (scanned, flattened, or digital). However, there is a class of signature that is electronic that does not involve a signature image like the other varieties of E-Signature. In this case the signed document is logically linked to an Event Log of signature events, much like an audit trail. The document can never leave the signature system, but there is an indestructible link between the document and the signature event. Similar to this is the “Electronic Approval”, where a System Action (as opposed to a document) is approved through a Signature Event.
• Biometric Signatures: I included biometrics in this list because it’s a fast developing field, but I don’t truly consider it to be a different type of signature. It is a different method of authentication, a more secure method, because it relies on physical characteristics that are unique to the signer.
For example, a finger print is a unique biometric identification. But all we are doing is using the biometrics to identify the approver, and in the end, the approval event is linked to the signed record in the same manner as the signature. Imagine placing your ink fingerprint on a paper document instead of your wet signature. The document still needs the same controls, even though we have identified you biometrically rather than with a wet signature.
I think we will see more biometric signatures because it can simplify the process of acquiring the signature, and can prevent forgery at the time of approvals by making the signature truly unique. But I don’t expect it to alleviate the fundamental challenges of signatures we discussed today.
As always, we welcome your comments and emails.