| Rule Number | Regulation | ENSUR Document Control Software |
|---|---|---|
| 11.10a | Validation of systems to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records. | Validation manuals are available from DocXellent to ensure the accuracy, reliability and consistent intended performance of each module in the system. Read-only content Audit Trails track the creation, modification, review, approval and deletion of records along with computer generated date and time stamps and user identification. In addition, ENSUR prevents alteration of all documents and records that have been Approved in the system. |
| 11.10b | The ability to generate accurate and complete copies of records in both human readable and electronic form suitable for inspection, review, and copying by the agency. Persons should contact the agency if there are any questions regarding the ability of the agency to perform such review and copying of the electronic records. | ENSUR provides electronic copies of documents in their native form and a PDF form suitable for inspection, review, and copying. ENSUR allows the export of document content and document meta data by users that have been granted the permission to do so. |
| 11.10c | Protection of records to enable their accurate and ready retrieval throughout the records retention period. | ENSUR locks down content and meta data on all approved content in the system to prevent any alteration. ENSUR content is fully indexed and provides extensive search and retrieval tools. All content and electronic records are retained throughout the retention period even when they have been marked as obsolete. |
| 11.10d | Limiting system access to authorized individuals. | Access to the system is controlled by username and password login and each user’s actions can be restricted by rights. ENSUR supports Windows and Active Directory authentication. Accounts will be locked after a configurable number of unsuccessful login attempts. These accounts must be unlocked by an ENSUR system administrator to allow that account access to the system. Electronic Signatures are also required after logging into the system in order to check in content, or perform a review, approval, or rejection. |
| 11.10e | Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying | The ENSUR system uses database generated time-stamps, secure log in, and electronic signatures to create a comprehensive read-only audit trail. In addition, ENSUR maintains all content (native format and PDF format) and audit trails in its database throughout the life of the content. This audit trail information can be retrieved at any time for review. |
| 11.10f | Use of operational system checks to enforce permitted sequencing of steps and events, as appropriate. | Incorporated into ENSUR is a six phase, rules-based Life Cycle: Draft, Submitted for Approval, Approved, Current, Historic and Archived. Business rules prevent inappropriate actions in each phase of the lifecycle. The system also enforces dependency links among content. This forces supporting content to become current prior to the content which relies upon it. Change Order links allow a collection of content to proceed synchronously for review and approval. |
| 11.10g | Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand. | Windows Domain or Active Directory authentication can be used to access the system. This authentication is utilized to verify each user’s electronic signature once they have gained access to the system. Each user account can be controlled to limit which actions may be performed within the system. This includes importing and exporting content and data. PDF overlays are used to further control the security on specific content which can suppress printing, copying, and altering data. All alterations are recorded in a read-only audit trail with date-time stamps. Alterations are prohibited to content which has been approved. |
| 11.10h | Use of device (e.g., terminal) checks to determine, as appropriate, the validity of the source of data input or operational instruction. | ENSUR challenges the user for their identity whenever data is altered or content status is modified. User rights are granted by group membership in accordance with organizational structure. |
| 11.10i | Determination that persons who develop, maintain, or use electronic record/electronic signature systems have the education, training, and experience to perform their assigned tasks. | ENSUR provides a training module that can capture all training that users have completed and preserves a read-only record of all completed training and assessments that have been rendered. |
| 11.10j | The establishment of, and adherence to, written policies that hold individuals accountable and responsible for actions initiated under their electronic signatures, in order to deter record and signature falsification. | ENSUR provides for users to record, via electronic signature, the fact that they have read and understood any policy or procedure stored in the ENSUR repository. Quizzes can be developed and managed within ENSUR to assess user comprehension. |
| 11.10k | Use of appropriate controls over systems documentation including:
| All documentation can be automatically distributed in PDF format with security controls to prevent alteration, copy or printing of the content. Distribution is controlled by ENSUR group membership that prevents distribution to unauthorized individuals. Access to the system is strictly controlled by username and password authentication and by rights granted within the system. Revision and change control are built into the document lifecycle business rules and controlled by the security model in ENSUR. Each document maintains a full read-only, unalterable, time sequenced audit trail that records all actions taken on a given document. |
| 11.50a | Signed electronic records shall contain information associated with the signing that clearly indicates all of the following:
| ENSUR records the full name of the user at the moment each electronic signature is collected. This signature is also date and time stamped. The signature and date are written to the audit trail along with a human readable description of the action taken. |
| 11.50b | The items identified in paragraphs (a)(1), (a)(2), and (a)(3) of this section shall be subject to the same controls as for electronic records and shall be included as part of any human readable form of the electronic record (such as electronic display or printout). | The user interface and printed reports all include the full name of the user, the date and timestamp, and an English description of the nature of each electronic record in a document’s audit trail. The full audit trail of every document is available for printout in accordance with this requirement. |
| 11.70 | Electronic signatures and handwritten signatures executed to electronic records shall be linked to their respective electronic records to ensure that the signatures cannot be excised, copied or otherwise transferred so as to falsify an electronic record by ordinary means. | The ENSUR system provides database linkages from each electronic signature to the respective documents and provides no means whatsoever to alter, erase, copy, or transfer these signatures and electronic records to other content for any purpose. |
| 11.100a | Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, anyone else. | Each electronic signature in ENSUR is tied to an account that is a unique based on the combination of domain, and username. The system enforces that every username within a domain is unique. A unique user identifier is assigned by the database each time a user account is added to the ENSUR system. This guarantees the unique identification of every account. Once a user has taken any action in ENSUR, (for example, signing a document) that unique user record may never be deleted and will remain a permanent electronic record in the database. User accounts may be inactivated, but may never be reused by another individual. |
| 11.100b | Before an organization establishes, assigns, certifies or otherwise sanctions an individual's electronic signature, or any element of such electronic signature, the organization shall verify the identity of the individual. | This is primarily the responsibility of individuals within the company to establish via its standard operating policies and procedures. ENSUR can record that personnel have read and understood the policies and procedures contained in ENSUR. ENSUR can even prevent such documents from becoming current until users tasked with marking the document as read and understood have done so within ENSUR by providing their electronic signature to signify they have read and understood the document. |
| 11.200a | Electronic signatures that are not based upon biometrics shall:
| The electronic signature implementation within ENSUR requires the user to provide two distinct identification components: • Username • Password The username is stored in the ENSUR system. The password is not stored in plain-text within ENSUR. It is stored using a one-way hashing algorithm. Reverse hashing the password is not possible, even with the involvement of technical support. Therefore, the password must be supplied by the genuine owner. |
| 11.300a | Maintaining the uniqueness of each combined identification code and password, such that no two individuals have the same combination of identification code and password. | ENSUR software does not allow duplicate Usernames and passwords. |
| 11.300b | Ensuring that identification code and password issuances are periodically checked, recalled, or revised (e.g., to cover such events as password aging). | User passwords can be set to expire after a defined period of time. |
| 11.300c | Following loss management procedures to electronically deauthorize lost, stolen, missing, or otherwise potentially compromised tokens, cards, and other devices that bear or generate identification code or password information, and to issue temporary or permanent replacements using suitable, rigorous controls. | Not applicable - ENSUR does not utilize these other authentication methods |
| 11.300d | Use of transaction safeguards to prevent unauthorized use of passwords and/or identification codes, and to detect and report in an immediate and urgent manner any attempts at their unauthorized use to the system security unit, and, as appropriate, to organizational management. | Unsuccessful attempts to login to ENSUR with a user account will cause the account to lock-out until intervention by administrator. |
| 11.300e | Initial and periodic testing of devices, such as tokens or cards, that bear or generate identification code or password information to ensure that they function properly and have not been altered in an unauthorized manner. | Not applicable - ENSUR does not utilize these other authentication methods |
- Products
- ENSUR
ENSUR
ENSUR is an easy-to-use, configurable, web-based Document Management and Quality Control Software System that will dramatically help you to improve and manage the efficiency of paper based or uncontrolled electronic file based processes. - ENSUR Cloud
ENSUR Cloud
Whether you’re an existing customer, a company looking to make a change in your provider or implementing your first document control, packaging specification, training management or quality system, DocXellent can provide the option of on-premises or a robust, secure and proven cloud based installation. - DocXellent Managed Cloud
DocXellent Managed Cloud
The DocXellent Managed Cloud (DMC) is the collection of people, competencies, and process controls provided by DocXellent that enables you to achieve well-architected, reliable, secure, durable, and compliant Cloud frameworks that promote business operations and growth.
- ENSUR
- Solutions
- Document Control Software
Document Control Software
Control your organization’s content across the globe or down the hallway with our flexible, secure, user-friendly online document control software, ENSUR. - Specification Management
Specification Management
Specification Management is easy with our document management software, ENSUR. We can even migrate legacy content seamlessly for easy access. - Packaging Specification Management
Packaging Specification Management
See how you can easily manage packaging documents, specifications and suppliers with our comprehensive document control software, ENSUR. - Document Version Control
Document Version Control
Your document control management protocol encompasses a wide variety of processes integral to the continued flow of your business. Version control, and how it’s handled, is often a pain point for companies, especially those managing content with paper or a file share. - Change Control
Change Control
See how our document control management software, ENSUR, can automate your change control processes. - Training Management
Training Management
We can help exceed your quality document management goals and report on employee training in seconds with our document management software, ENSUR. - Quality Management System
Quality Management System
Guaranteeing that your products and services meet the standards of your clients is easy with our document management and quality control software, ENSUR. - CAPA Solutions
CAPA Solutions
Easily collect, correlate, investigate and make informed improvements to your processes with our CAPA management software, ENSUR. - Intellectual Property Management
Intellectual Property Management
Our document management system, ENSUR, helps you manage your critical business documents with a configurable level of security and control. - Document Migration
Document Migration
DocXellent has helped many clients, from Fortune 500 companies to smaller firms, migrate data into our ENSUR document control system.
- Document Control Software
- Industries
- Life Sciences
Life Sciences
DocXellent's experience with Life Science companies will help comply with GMP and ISO Quality Standards. Save time and ensure compliance with document control management. - Medical Devices
Medical Devices
Our document management software can help with your medical device compliance. Contact us today for more document control information on the medical device industry. - Pharmaceuticals
Pharmaceuticals
Our document control software helps you easily satisfy auditor requests with a document master list for FDA & EPA compliance. Quality Document Control. - Laboratories
Laboratories
Laboratory companies must control their business content in accordance with the Clinical Laboratory Improvement Amendments (CLIA). See how our document control software can help. - Manufacturing
Manufacturing
Need help with document control management? Let DocXellent help you easily adhere to document management industry standards & OSHA manufacturing standards. - Packaging
Packaging
DocXellent can help you step up your packaging game with our packaging specification management software. Learn more about how we can optimize your efficiency. - Healthcare
Healthcare
Document Version Control is especially important in the ever changing healthcare industry. Get healthcare document control with DocXellent document software. - Cannabis
Cannabis
The alternative medicine and recreational cannabis industries are growing exponentially, and so are the requirements for complying with several regulations from governing bodies. Learn how we can help. - Food and Beverage
Food and Beverage
Our document management software helps companies in the food & beverage industry comply with FDA audit & SQF audit control guidelines. Contact DocXellent today! - Health & Beauty
Health & Beauty
FDA establishes the requirements for the cosmetic industry. Let DocXellent's document management system help you comply with regulations with document control. - Nutritional and Dietary Supplements
Nutritional and Dietary Supplements
Our software can help keep you compliant with FDA/CFR guidelines. Let DocXellent help you and your company manage business content with document control. - Chemical
Chemical
Chemical companies face many document control challenges that can be remedied with a document management system. Chemical industry EPA, OSHA, & FDA compliance. - Services
Services
Having a great documentation control approach is crucial in the service industry. Trust DocXellent with document management systems and control software needs. - Utilities
Utilities
Trying to optimize document workflow and control for your company? Let DocXellent help you implement a tailor-made solution for your business. - Government Agencies
Government Agencies
The ENSUR Policy Management Software eliminates inefficient filing processes and cumbersome paperwork by providing a secure platform for storing.
- Life Sciences
- Services and Support
- ENSUR Support
ENSUR Support
The DocXellent support team is available twenty-four hours a day; seven days a week; three hundred sixty-five days a year. Our U.S. based team works around the clock to keep your business running. - Business Continuity
Business Continuity
Need to access your industry standards and regulations to see if you comply? Visit our DocXellent resources for information on document control requirements. - Resources and Information
Resources and Information
Need to access your industry standards and regulations? Visit our DocXellent resources page for more useful information on document control systems and regulations.
- ENSUR Support
- Our Company
- About Us
About Us
DocXellent has been providing a trusted, web based document management system with quality control management solutions to companies from start-up businesses to the Fortune 500 since 1983. - Meet the Team
Meet the Team
Meet some of the team that makes DocXellent tick. Get to know the people who will be partnering with you in your success! - Customers and Partners
Customers and Partners
These are the brands and organizations that have experienced the power of our document control system, ENSUR - Careers
- Blog
- About Us