How It Works Features Compliance Login Book a Demo
21 CFR Part 11

Built for FDA Compliance

21 CFR Part 11 is the FDA regulation governing electronic records and electronic signatures in pharmaceutical manufacturing. GXP Share meets every requirement — out of the box.

What Is 21 CFR Part 11?

Title 21 Code of Federal Regulations Part 11 is the FDA rule that defines the criteria under which electronic records and electronic signatures are considered trustworthy, reliable, and equivalent to paper records and handwritten signatures. Any pharmaceutical company using electronic systems to create, modify, maintain, archive, retrieve, or transmit records required by FDA regulations must comply with Part 11.

In practice, this means your data collection software must provide: validated system controls, audit trails that cannot be altered, role-based access restrictions, and a mechanism for electronic signatures that tie each action to a specific authenticated user.

GXP Share is compliant out of the box

Audit trails, electronic signatures, access controls, and tamper-evident exports are core platform features — not configuration options. You don't need to configure compliance; it's already there.

How GXP Share Meets the Requirements

Each clause of 21 CFR Part 11 is addressed by a specific platform capability.

§11.10(a)

Validation

System validation ensures accuracy, reliability, and consistent performance. GXP Share undergoes continuous automated testing.

§11.10(b)

Legible Copies

All records can be exported as human-readable PDFs or machine-readable CSV/JSON at any time.

§11.10(c)

Record Protection

Data is stored with encryption at rest and in transit. Original records are never overwritten — corrections produce new versions.

§11.10(d)

Access Controls

Role-based permissions (Admin, Submitter, Reviewer) limit access to authorized users only. All access is logged.

§11.10(e)

Audit Trails

Every create, edit, submit, correct, and export action is logged with user identity, timestamp, and stated reason.

§11.50

Electronic Signatures

Submission and correction actions require user authentication and are treated as binding electronic signatures.

Data Integrity Principles (ALCOA+)

FDA guidance on data integrity references the ALCOA+ principles: data must be Attributable, Legible, Contemporaneous, Original, and Accurate — plus Complete, Consistent, Enduring, and Available. GXP Share enforces each of these at the platform level.

Attributable

Every record is tied to an authenticated user identity.

Legible

All records are readable in browser and PDF export.

Contemporaneous

Timestamps are server-side and tamper-proof.

Original

Source records are never overwritten or deleted.

Accurate

Field validation and double-blind entry prevent errors.

Complete

All required fields enforced at submission time.

Have Compliance Questions?

Our team can walk you through our compliance posture in a 30-minute call.

Book a Demo