Electronic records in a GxP context are data created, modified, maintained, archived, or transmitted by a computerized system to fulfill an FDA record-keeping obligation. This includes batch production records in an EBR, laboratory results in a LIMS, chromatography data in a CDS, and deviation entries in a QMS. The defining factor is not the file format — it is whether the record satisfies a regulatory predicate rule. If a regulation requires you to keep that record and you keep it electronically, it is a GxP electronic record.
Yes — but only when the electronic system meets the requirements of 21 CFR Part 11. The FDA considers electronic records equivalent to paper when the system is validated, maintains tamper-evident audit trails, enforces access controls, and uses compliant electronic signatures where required. An electronic record in a system lacking these controls is not a trustworthy substitute for paper. The burden of equivalency falls entirely on the regulated company to demonstrate through validation and technical controls — not on the format alone.
Under 21 CFR Part 11, an electronic signature is a legally binding computer-data compilation representing the same commitment as a handwritten signature. It is not a typed name or a scanned ink signature — it requires specific technical controls: unique user identification, at least two identification components for non-biometric signatures, and a binding mechanism permanently linking the signature to its associated record. A compliant electronic signature cannot be excised, copied, or transferred to falsify a different document.
Part 11 recognizes two electronic signature types. Biometric signatures use unique physical characteristics — fingerprints, retinal patterns, or voice recognition — inherently attributable to one individual and impossible to share. Non-biometric signatures use knowledge-based factors such as username and password, requiring at least two distinct identification components. Non-biometric signatures also require the signer to re-enter both components after an initial login session ends, preventing a colleague from using an open session to sign on someone else's behalf.
A GxP-compliant audit trail must capture who performed an action, what was done, when it occurred, and — for changes or deletions — the original value before modification. For Part 11 systems, the audit trail must be computer-generated and tamper-evident: no user, including administrators, can create or alter it manually. Any attempt to modify or delete audit trail records must itself be detectable. The trail must be retained for the same period as its associated record and available for FDA review on request.
Audit trail review frequency must be risk-based and defined in a written procedure. For high-risk systems — LIMS, CDS, EBR, and QMS — reviews should occur routinely during batch release or quality oversight, not only at periodic review intervals. FDA expects audit trails to be actively monitored, not simply preserved. Failing to review trails — even technically compliant ones — has been cited in warning letters as a data integrity failure. Frequency should be documented in a site SOP and justified by system risk.
Part 11 applies to any system that creates, modifies, maintains, archives, or transmits electronic records required by an FDA predicate rule. In practice, this includes LIMS, chromatography data systems, electronic batch records, QMS platforms managing deviations and CAPAs, EDC systems in clinical trials, and pharmacovigilance systems. IT infrastructure that does not directly generate GxP records — network switches, backup servers, general email — is generally outside strict Part 11 scope, though its failure can indirectly affect in-scope systems.
A predicate rule is any FDA regulation other than Part 11 that requires a company to create or maintain a specific record. For example, 21 CFR Part 211.188 requires batch production records and Part 211.192 requires their review. Part 11 applies when companies fulfill these obligations using electronic records instead of paper. The predicate rule determines whether a record must exist at all — Part 11 governs only how it may be maintained electronically. Systems generating predicate rule records are subject to Part 11 regardless of original design intent.
A hybrid system is one where paper and electronic records coexist for the same regulatory purpose — for example, a system generating electronic data where operators sign a paper printout as the official GxP record. FDA permits hybrid approaches provided predicate rule requirements are met and record content is preserved. However, companies must clearly designate the official version, ensure the paper copy accurately represents the electronic source, and prevent discrepancies between both. Hybrid systems are increasingly viewed as a compliance risk because they are difficult to manage consistently.
ALCOA+ is the global data integrity framework regulators use to define required attributes of GxP data. ALCOA stands for Attributable, Legible, Contemporaneous, Original, and Accurate; the "+" adds Complete, Consistent, Enduring, and Available. For electronic records: Attributable means every entry traces to a named individual. Contemporaneous means records are created at the time of the activity. Original means raw data is preserved — not just processed outputs. Enduring means records survive system migrations. ALCOA+ compliance is the practical outcome that Part 11 technical controls are designed to achieve.
Part 11 requires that each electronic signature include — or be permanently linked to — the signer's printed name, the date and time of signing, and the meaning of the signature: its purpose, such as "reviewed," "approved," or "performed by." Meaning matters because different roles carry different accountabilities for the same record. A QC analyst signing "performed by" has a different obligation than a QA manager signing "approved." Systems must capture all three elements — name, timestamp, and meaning — as permanent, unalterable components of every signed electronic record.
EU GMP Annex 11 and 21 CFR Part 11 share the same core goal — trustworthy, attributable electronic records — but differ in scope. Part 11 focuses specifically on technical controls for electronic records and signatures. Annex 11 is broader, governing the full computerized system lifecycle: validation, change control, backup and recovery, disaster preparedness, and retirement. Annex 11 also explicitly addresses data backup and business continuity obligations that Part 11 does not. Multinational organizations must satisfy both, requiring careful SOP mapping to close all Annex 11-specific gaps.
Electronic record obligations follow the regulated company regardless of where data is hosted. A cloud-hosted LIMS, QMS, or EDC must maintain the same Part 11 controls as any on-premise system: validated operation, tamper-evident audit trails, access controls, and compliant electronic signatures. The key challenge is ensuring practical access to records and audit trails during inspections when infrastructure is vendor-managed. Contracts must guarantee audit trail availability, data export rights, retention compliance, and vendor cooperation with regulatory inspections. Regulated companies cannot outsource their electronic record obligations to a cloud provider.
Raw data is the original result of a measurement before any processing or transformation — in chromatography, the unprocessed detector signal rather than the integrated peak area. Regulators emphasize raw data because processed outputs can be manipulated while discarding the original evidentiary trail. FDA and MHRA require raw data to be stored in its original form, protected from modification, and retrievable for the full retention period. Systems permitting raw data overwrite without audit trail capture are consistently cited in data integrity enforcement actions.
The terms are often used interchangeably but carry distinct technical meanings. An electronic signature is any electronic mechanism indicating identity or assent — typed names, click-to-sign, or username/password combinations. A digital signature is a subset using cryptographic technology — typically a public/private key pair — mathematically binding the signature to document content. If the document changes after signing, the digital signature becomes invalid. GxP systems may use either approach provided signatures uniquely identify the signer and cannot be transferred. Digital signatures generally offer stronger technical assurance than non-cryptographic alternatives.
General e-signature tools can potentially be used for some GxP purposes but require careful evaluation. Part 11-compliant signatures require two-component identification, signature-to-record binding, compliant audit trail capture, and validated operation — controls that many commercial tools only partially meet without additional configuration. Critical evaluation questions include: Can the tool be formally validated? Does it capture Part 11-required meaning statements? Does it prevent signature excising or transfer? For lower-risk administrative documents some organizations use these tools; for batch releases or critical quality approvals, purpose-built GxP platforms offer more defensible compliance.
Metadata is contextual data giving meaning to a primary electronic record — timestamps, user IDs, instrument identifiers, calculation parameters, and system configuration at the time of capture. Regulators focus on metadata because manipulating raw data while preserving metadata, or vice versa, is a common data falsification mechanism. Both FDA and MHRA have clarified that metadata is itself a GxP record requiring capture, protection, and retention alongside the primary data it describes. A chromatography result without its acquisition parameters and audit trail metadata is incomplete and potentially untrustworthy during an inspection.
A GxP-compliant Electronic Batch Record must enforce contemporaneous entry — every step completed by the designated operator at the time it occurs. It must require electronic signatures at each defined signature point, maintain a tamper-evident audit trail, prevent out-of-sequence step completion, and capture all in-process data as it occurs rather than allowing retrospective entry. The completed EBR must generate a printable record for batch release and archive. The EBR system itself must be validated under GAMP 5 and Part 11 before production use.
Electronic record retention is governed by the predicate rule for each record type, not by Part 11 itself. Under 21 CFR Part 211, batch records must be retained for one year beyond the batch expiry date. Drug application records may require retention for the life of the application. Clinical trial records follow separate timelines under 21 CFR Part 312. Most pharmaceutical companies apply a conservative five-to-seven year minimum for GxP electronic records, with longer periods for certain product lifecycle documentation.
Part 11 §11.10(d) requires authority checks ensuring only authorized individuals can use the system, sign records, access input/output devices, and alter data. In practice this requires: role-based access control limiting users to functions appropriate to their role; unique non-shared accounts; automated session timeouts with re-authentication; complete access event logs; and a formal process for provisioning, modifying, and revoking access. SOPs must define who approves access requests and how role changes or employee departures trigger immediate access review — preventing unauthorized record creation or modification.