HRA and MHRA Compliance with Electronic Signatures

In 2018 the HRA (Health Research Authority) and MHRA (Medicines and Healthcare products Regulatory Agency) confirmed their requirements for electronic signatures and eConsent. These requirements set out the legal and ethical requirements for seeking and documenting consent using electronic methods.

A statement supported and endorsed by the UK health departments, confirms that electronic methods may be used for seeking, confirming and documenting informed consent for participation specifically in the area of research. It also sets out their joint expectations regarding the use of electronic signatures in Clinical Trials of Investigational Medicinal Products (CTIMPS).

The DocuSign Agreement Cloud is used by NHS trusts, private healthcare and pharmaceutical and medical device companies to meet a range of compliance requirements, including those for CFR 21 Part 11 and Qualified Electronic Signatures (QES).

Here, we look more closely at CFR 21 Part 11 and QES and how both apply to the UK.

So what is 21 CFR Part 11 and how does it apply to the UK?

Part 11 of Title 21 of the Code of Federal Regulations; Electronic Records; Electronic Signatures (21 CFR Part 11) establishes the U.S. FDA regulations on electronic records and electronic signatures.

The term “Part 11” applies to records in electronic form that can be created, modified, maintained, archived, retrieved, transmitted or submitted, under any records requirements set forth by the FDA regulations/predicate rules. 

Life science, healthcare organisations and device manufacturers regulated by the FDA are required to follow CFR21 CFR Part 11. DocuSign eSignature can help your organisation with the compliance obligations set out by the HRA and MHRA.

What additional information does the 21 CFR Part 11 module collect?

Electronic signatures must include: 

• The printed name of the signer
• The date and time the signature was executed
• A unique user ID
• Digital adopted signature 
• The meaning of the signature (labeled “signing reason”) 

Watch this quick video to learn how you can enable and use features in a CFR part 11 account.

Qualified Electronic Signatures (QES)

Qualified Electronic Signatures (QES) use a Qualified Trust Service Provider (QTSP), which is an entity authorised by a government to: 

• Verify the identity of the signer, either face-to-face or through a video chat, with a valid identification document.  
• Streamline remote identification 
• Meet eIDAS requirements for a QES, when combined with our digital signature
• Validate the identity of the signer at the time of signature through signer-held or cloud-based certificates 
• Special EU legal status: equivalent to handwritten signature which is sometimes required by law and it Reverses the burden of proof

DocuSign is a QTSP on the EU trust list and works with an extensive list of trust service providers, broken down by country, that are available to help you meet your requirements.

DocuSign’s Life Sciences and Healthcare Modules for Part 11

Modern cloud technologies are not only easier to use and implement but can be far simpler to validate. Life sciences and healthcare leaders can make technology investments that support their current workflow and set them up for future growth—while choosing tools that meet requirements for regulatory compliance.

The DocuSign Part 11 module is a product enhancement available for DocuSign’s life science and healthcare customers. It includes additional security and controls, resulting in a different signing experience relative to non-regulated use cases.

The DocuSign Life Sciences Modules contain capabilities designed for documents and approvals regulated by 21 CFR Part 11, including:

• Prepackaged account configuration
• Signature-level credentialing
• Signature-level meaning (signing reason)
• Signature manifestation (printed name, date/time and signing reason)