21 CFR 11 and FISMA

FDA Regulations

FDA regulation 21 CFR 11 Electronic Records; Electronic Signatures and the Federal Information Security Management Act (FISMA) require very specific information security controls to be present for IT systems. Sponsors may request specific contract language related to 21 CFR 11 and FISMA, require the site to complete a compliance assessment of the electronic health record or other systems used during the course of a research study, and/or request the site to provide a statement of certification to the FDA regarding electronic signatures.

Please contact the Information Security to have these assessments completed. We will work with the appropriate university entities to respond to sponsor requests. Principal Investigators and study staff are not authorized to respond to these sponsor requests on behalf of the college.

Electronic Applications Obtaining IHIS Access for Research