Compliance 13 min read

Electronic Signatures Under 21 CFR Part 11: What Counts and What Doesn't

By Batch Buddy Team

Electronic Signatures Under 21 CFR Part 11: What Counts and What Doesn't

You click "Approve" on a batch record in your manufacturing software. You type your name in a text field at the bottom of a PDF. You scan a wet-ink signature and paste it into an electronic document. You enter your username and password to release a product for sale.

Which of these qualifies as an electronic signature under 21 CFR Part 11?

The answer matters more than most manufacturers realize. When the FDA reviews your electronic records during an inspection, the validity of your electronic signatures determines whether your batch releases, quality approvals, and formulation changes are legally defensible — or whether they are just clicks on a screen with no regulatory standing.

This guide breaks down what 21 CFR Part 11 actually requires for electronic signatures, how common practices fall short, and what a compliant electronic signature system looks like in practice.

What 21 CFR Part 11 Actually Says

21 CFR Part 11 is the FDA regulation governing electronic records and electronic signatures. It was finalized in 1997 — well before modern cloud software — but its principles remain the regulatory standard for any FDA-regulated manufacturer using electronic systems.

The regulation covers two interconnected requirements:

Electronic Records (Subpart B)

Electronic records that are used to meet FDA predicate rules must include:

  • Audit trails — Computer-generated, time-stamped records that independently document the date and time of operator entries and actions that create, modify, or delete electronic records. The audit trail must not be modifiable by the operator.
  • System access controls — Limited to authorized individuals, with documentation of who has access and at what level.
  • Authority checks — The system must ensure that only authorized individuals can use the system, electronically sign records, access the system, or alter records.
  • Record integrity — Electronic records must be protected against unauthorized modification, deletion, or loss.

Electronic Signatures (Subpart C)

Electronic signatures used to meet FDA signature requirements must:

  • Be unique to one individual — No shared accounts, no generic logins
  • Not be reused or reassigned — Once assigned to a person, that signature credential cannot be given to someone else
  • Require at least two distinct identification components (such as a user ID and password) for non-biometric signatures
  • Be linked to their respective electronic records so that signatures cannot be copied, cut, or transferred to falsify another record
  • Include the printed name of the signer, the date and time the signature was applied, and the meaning of the signature (such as review, approval, or authorship)

What Counts as a Valid Electronic Signature

Compliant: Username/Password Authentication Tied to a Specific Action

When a user enters their unique credentials (username and password) to execute a specific action — such as approving a batch release or signing off on a formulation change — and the system records who signed, when they signed, what they signed, and why they signed, this meets Part 11 requirements.

The key elements:

  • The credentials belong to one specific individual (not a shared account)
  • The act of entering credentials is tied to a specific record and a specific action
  • The system logs the signature with a timestamp, the signer's identity, and the meaning of the signature
  • The signature record cannot be altered or deleted after the fact

Compliant: Biometric Signatures

Fingerprint, retinal scan, or other biometric identifiers that are unique to an individual and designed to be used by only that individual satisfy Part 11 requirements. Biometric signatures require only one identification component (the biometric itself), unlike password-based signatures which require two.

In practice, biometric signatures are uncommon in supplement and cosmetic manufacturing software, but they are fully compliant.

Compliant: Digital Certificates with PKI

Cryptographic digital signatures using Public Key Infrastructure (PKI) exceed Part 11 requirements. These signatures use asymmetric cryptography to create a mathematically verifiable link between the signer's private key and the signed record. Any modification to the record after signing invalidates the signature.

This is the strongest form of electronic signature, and it is used in some enterprise quality management systems.

What Does Not Count

Not Compliant: Typing Your Name in a Text Field

Typing "John Smith" into a signature line on a PDF or electronic form is not an electronic signature under Part 11. There is no authentication — anyone could type that name. There is no link between the typed text and the person's verified identity. There is no system control preventing someone from typing a different person's name.

This is the most common mistake in small and mid-size manufacturing operations. It feels like a signature, and it looks like a signature on the printed document, but it has no regulatory standing.

Not Compliant: Scanned Wet-Ink Signatures

Scanning a handwritten signature and pasting it into an electronic document does not create a valid electronic signature. The scanned image is just a picture — it is not linked to the signer's authenticated identity, it is not tied to a specific electronic record, and it can be copied and pasted into any document by anyone with access to the image file.

Not Compliant: Shared Account Approvals

If multiple people share a login account (even if they take turns using it), any action performed under that account cannot be attributed to a specific individual. Part 11 requires that signatures be unique to one person. A shared account fundamentally violates this requirement.

This is surprisingly common in manufacturing environments where operators share workstations. "Everyone knows the production login" is a Part 11 violation.

Not Compliant: Email Approvals Without System Integration

Sending an email that says "I approve batch 2024-001 for release" is not a Part 11 compliant electronic signature, even though email systems authenticate users. The email is not linked to the electronic batch record in a way that prevents the signature from being separated from the record. The approval is not captured in the system of record with the required signature elements (printed name, date/time, meaning).

Email approvals can supplement a formal electronic signature as additional communication, but they cannot replace one.

Not Compliant: Checkbox Confirmations Without Authentication

Clicking a checkbox that says "I confirm this record is accurate" without entering authentication credentials is not an electronic signature. There is no identity verification at the moment of signing. The system has no way to confirm that the person clicking the checkbox is the authorized signer.

The Three Elements Every Signature Must Have

Regardless of the technical method used, every compliant electronic signature must include three pieces of information recorded at the time of signing:

1. The Printed Name of the Signer

The system must record the full name of the individual who applied the signature. This is not the username or employee ID — it is the human-readable name that identifies the person.

2. The Date and Time

The exact date and time the signature was applied, generated by the system (not entered by the user). This must be a system-controlled timestamp that the signer cannot manipulate.

3. The Meaning of the Signature

What does the signature signify? Part 11 requires that the meaning be associated with the signature. Common meanings include:

  • Authorship — "I created this record"
  • Review — "I have reviewed this record"
  • Approval — "I approve this record for its intended purpose"
  • Verification — "I have verified that this information is accurate"

The meaning matters because different signature meanings carry different regulatory implications. Approving a batch for release is a different action from reviewing a batch record, and the FDA expects to see this distinction in your electronic signature records.

Common FDA Inspection Findings

During FDA inspections, electronic signature deficiencies frequently appear as 483 observations. Here are the patterns inspectors look for:

Shared User Accounts

Inspectors will ask to see a list of system users and may ask operators to demonstrate their login process. If they find shared accounts, or if multiple operators cannot demonstrate individual logins, this becomes a 483 observation.

Missing Signature Meaning

Systems that record who signed and when, but not why (the meaning of the signature), are technically non-compliant. An approval signature must be distinguishable from a review signature in the system records.

Modifiable Audit Trails

If an inspector can demonstrate that audit trail entries can be modified or deleted by system administrators or users, the entire electronic record system's integrity is called into question. Audit trails must be truly immutable.

No Signature Policy

Part 11 requires that organizations using electronic signatures have a certification on file with the FDA stating that electronic signatures are intended to be the legally binding equivalent of handwritten signatures. Many companies skip this filing.

Passwords That Never Expire or Lack Complexity

While Part 11 does not specify exact password policies, the FDA expects reasonable security controls. Passwords that never expire, lack complexity requirements, or are visibly posted near workstations undermine the authenticity of electronic signatures.

Building a Compliant Signature Workflow

A compliant electronic signature system is not just software — it is a combination of technology, policy, and practice.

Technology Requirements

  • Individual user accounts with unique credentials
  • Two-factor identification for each signature event (user ID + password minimum)
  • System-generated timestamps (not user-entered)
  • Signature records that capture name, date/time, and meaning
  • Immutable audit trail recording all signature events
  • Signatures cryptographically linked to their respective records

Policy Requirements

  • Written procedures governing electronic signature use
  • User account management procedures (creation, modification, deactivation)
  • Password policies (complexity, expiration, lockout)
  • Procedures for lost or compromised credentials
  • Training requirements for all system users
  • FDA certification letter on file

Practice Requirements

  • Individual logins enforced (no shared accounts in practice)
  • Prompt deactivation of accounts when employees leave
  • Regular review of user access levels
  • Periodic training refreshers on electronic signature responsibilities
  • Internal audits specifically reviewing electronic signature compliance

How Batch Buddy Implements Part 11 Electronic Signatures

Batch Buddy's electronic signature system was designed specifically to meet 21 CFR Part 11 requirements:

Individual user accounts — Every user has a unique account with individual credentials. Shared accounts are not supported by the system design. Each login is tied to a specific person.

Authenticated signature events — When a user performs a signable action (batch release, formulation approval, QC sign-off), the system captures their authenticated identity at the moment of the action. The signature is linked to the specific record being signed.

Complete signature records — Each electronic signature captures the signer's name, the date and time (system-generated), and the meaning of the signature action. These elements are stored as part of the permanent record.

Immutable audit trail — All signature events are recorded in the audit trail with timestamps and user identity. Audit entries cannot be modified or deleted by any user, including administrators. This provides the tamper-evident record keeping that Part 11 requires.

Record linkage — Signatures are permanently linked to their respective electronic records. A signature on batch record 2024-001 cannot be separated from that record or transferred to a different record.

Role-based access control — The system enforces authority checks, ensuring that only users with appropriate roles and permissions can perform signable actions. A production operator cannot sign a quality release, and a quality reviewer cannot sign a batch for production.

The Bottom Line

Electronic signatures under 21 CFR Part 11 are not about making things harder — they are about making your electronic approvals as trustworthy and legally defensible as the wet-ink signatures they replace. When implemented correctly, electronic signatures are actually more reliable than handwritten ones: they cannot be forged, they carry a precise timestamp, they are permanently linked to the signed record, and they create an automatic audit trail.

The manufacturers who treat electronic signatures as a regulatory checkbox tend to have systems full of compliance gaps that an FDA inspector will find. The manufacturers who understand the underlying principles — unique identity, authenticated action, permanent record — build systems that pass inspection naturally because they were designed to be trustworthy from the start.

Your batch releases, quality approvals, and formulation sign-offs are the decisions that determine whether your products reach consumers. Make sure those decisions are recorded in a way that can withstand regulatory scrutiny.

Back to Resources
Related Articles
What Happens When the FDA Sends You a Warning Letter — And How Manufacturers Survive It Hemp and CBD COA Requirements: What Retailers Actually Check and What Manufacturers Are Missing Hemp Manufacturing and FDA Compliance: The Batch Record Standard You Need Before the Rules Are Finalized
Put these ideas into practice

Batch Buddy gives you the tools to implement these strategies with built-in compliance and cost tracking.

Start Free Trial