GenomeLab GeXP system tools for electronic records and electronic signatures


New features for FDA 21 CFR Part 11 compliance

Mario A. Pulido, Suneel Mallela,
Greg Manley and Sunil Deliwala

SCIEX, USA

Abstract


Given the continuous growth of genomics and genetic studies to support cell and gene therapy products, personalized medicine, and vaccines, the need for implementing electronic records and electronic signatures has increased the demand for adhering to FDA 21 CFR Part 11. As a result, here we present a GenomeLab GeXP genetic analysis system software package with integrated 21 CFR Part 11 tools to support the DNA and RNA analytical needs faced by personnel working in R&D and manufacturing.

Introduction


Given the continuous growth of genomics and genetic studies to support cell and gene therapy products, personalized medicine and vaccines, there is increased need to adhere to the FDA 21 CFR Part 11 guidance by implementing electronic records and electronic signatures.1 Here, we present a GenomeLab GeXP system software package with integrated 21 CFR Part 11 tools to support the DNA and RNA analytical needs faced by personnel working in R&D and manufacturing. This new software package provides security features that ensure the authenticity of electronic records and electronic signatures and allow for system traceability for all important or key events performed on this platform (Figure 1). These features complement the high-quality nucleic acid data that have been demonstrated by the GenomeLab GeXP system for more than 2 decades.

Figure 1. GenomeLab GeXP system home page with 21 CFR Part 11 tools activated. The software includes application upgrades that meet 21 CFR Part 11 compliance, such as login controls, document security, electronic signatures and traceability.

Figure 2. GenomeLab GeXP system and graphical interface for nucleic acid analysis. A) GenomeLab GeXP system. B) Assembly and operation workflow for the  GenomeLab GeXP system. C) GenomeLab GeXP system software interface showing the instrument operation controls (left) and nucleic acid analysis tools (right).

The GenomeLab GeXP system is fully automated and capable of determining the base sequence and fragment length of DNA samples.2 RNA sequence, fragment and structural analysis is also supported on this platform, following reverse transcription.3 Among others, the GenomeLab GeXP system main applications for genomics and gene therapy studies include gene expression profiling, DNA sequencing and genomic variants and short tandem repeat analysis. Equally important, highly qualified scientists have trusted the GenomeLab GeXP system for more than 2 decades for multiplexing applications in stem cell research, tissue transplantation studies and pathogenic identification of harmful viral strains, such as SARS-CoV-2 and influenza.

Key Features


Key features of the 21 CFR Part 11 tools for the GenomeLab GeXP system content here
 

  • Accountability for activities performed on the GenomeLab GeXP system is provided for regulatory compliance and/or for internal and external audits

  • Security features in the software protect record integrity, data storage and system operation from intentional or accidental modification or deletion

  • Activation of the 21 CFR Part 11 tools maintains high-quality nucleic acid data on the GenomeLab GeXP system

Briefly, the dual-rail GenomeLab GeXP system has the capacityto process 2 96-well plates at once (Figure 2). Sample detection is based on the migration time or mobility of fluorescently labeled nucleic acid fragments through the separation gel and wavelength excitation utilizing 2 long-life diode lasers and 4 spectral channels. The Windows-based GenomeLab GeXP system software provides the graphical user interface for manual or automatic control of the system, data capture and basic data analysis. The Windows 10 (SQL Server 2019) or version 12.1 includes the FDA 21 CFR Part 11 compliance features, such as login controls, encrypted document security, electronic signatures and system operation traceability.

21 CFR Part 11 compliance features on the GenomeLab GeXP system2


Tools for 21 CFR Part 11 compliance
 

The GenomeLab GeXP system software is a closed system and Windows-based C++ code designed to support nucleic acid sequencing and fragment analysis. This platform utilizes SQL 2000 Desktop Engine from Microsoft for data storage. Three pillars support the software architecture: 1) the device control and interface containing the software simulator, 2) the business layer containing the sequence and fragment algorithms and 3) the presentation layer containing the instrument controls and nucleic acid analysis tools. Main upgrades to the  Windows 10-based GenomeLab GeXP system software include removal of the 2 GB database size limitation and addition of a Database Migration tool to migrate data from the Windows 7 operating system to the Windows 10 (SQL Server) operating system. The GenomeLab GeXP system software, version 12.1 is built with integrated tools to allow the user to comply with 21 CFR Part 11, such as login controls, document security, electronic signatures and record traceability. For a detailed description of these features and system specifications, refer to the GenomeLab GeXP system User Guide and software Release Notes.2,4

Activating the 21 CFR Part 11 tools

Following the GenomeLab GeXP system Windows 10 upgrade, the user will have an opportunity to activate the 21 CFR Part 11 tools (Figure 3). Note that a Database Migration Tool was created to transfer data from the Windows 7 (SQL 2000) to the Windows 10 (SQL Server) operating system. To do this, download the Database Migration tool from the SCIEX GenomeLab system software CD on both the Windows 7 and Windows 10 operating systems. For a detailed description of these instructions, refer to the software Release Notes4 For the Windows 10 GenomeLab GeXP system, the user is provided with specific instructions to activate the 21 CFR Part 11 tools. Refer to the GenomeLab GeXP system User Guide.2

GenomeLab GeXP system login control

Figure 3. Window indicating approval request for 21 CFR Part 11 software installation on the GenomeLab GeXP system. During software installation, the user decides whether to activate 21 CFR Part 11 compliance tools or to proceed without 21 CFR Part 11 compliance. Note that once the 21 CFR part 11 option is activated, it cannot be changed.

A major security feature of the GenomeLab GeXP system is the ability of a user with administrative access to create protocols to ask for and verify specific user credentials using the User Management tool. The login control window is automatically activated when the GenomeLab GeXP system icon is launched (Figure 4). Here, the authorized user is asked to enter the assigned username and password. This security tool has the capacity to generate an unlimited number of authorized user accounts with personalized credentials and therefore provides a platform to keep track of as many personnel as needed. This security feature protects record integrity, data storage and system operation from intentional or accidental modification or deletion.

Figure 4. GenomeLab GeXP system login control window. Record integrity, data storage and system operation are protected by the 21 CFR Part 11 tools in the GenomeLab GeXP system software by providing unique and traceable login credentials. 

Figure 5. Creating login credentials and user access levels for the GenomeLab GeXP system with the 21 CFR Part 11 tools software activated. The User Management feature of the 21 CFR Part 11 software for the GenomeLab GeXP system provides different access levels to safeguard record integrity. A) An authorized user can be assigned to a functional role, such as analyst or administrator, with the ability to read or write data files, respectively. B) Personal information, username, password and functional role can be created for unlimited number of users. C) The user can update passwords as needed with traceability records. Optional digital signatures can be added as a .pfx file. Administrators can assign sign-off authority depending on functional roles.

User access levels and functional roles with the 21 CFR Part 11 tools on the GenomeLab GeXP system

The User Management tool of the 21 CFR Part 11 GenomeLab GeXP system allows authorized users to create user accounts with different access levels and functional roles (Figure 5A). User access is based on the concept of “User Types”. A user type defines a specific level of access based on defined responsibilities (Figure 5B). User access levels are defined and approved during the process of creating a user account. For the GenomeLab GeXP system, a user can be created and assigned by an administrator. Only an individual who has explicitly been given the privilege to create or alter a user account can change the access level of another user. As a security feature, changes to user types are documented in the audit trail of the system. The ability to create, modify or delete user types is a discrete privilege that may be assigned to specific individuals. Figure 5C illustrates the control window tool for setting up and editing personalized passwords or adding optional digital signatures to final reports. To maintain the uniqueness of each combined identification code and password, safety controls are in place such that no 2 individuals can have the same username and password. Usernames cannot be reused for multiples users and passwords cannot be reused for individual user accounts. Furthermore, passwords periodically expire to maintain current user access accounts. In this control window, the user can be granted report sign-off authority and can opt for a digital signature, different from an electronic signature, that can be added to final reports by uploading it as a .pfx file.

Creating a final report and report sign-off with the 21 CFR Part 11 tools on the GenomeLab GeXP system

Figure 6 illustrates representative sections of electronic records and electronic signatures generated by the 21 CFR Part 11 tools on the GenomeLab GeXP system. Key for 21 CFR Part 11 compliance are the closed system and automatically generated username identification (Figure 6A, top right) and time stamp in date-and-time format (Figure 6A, lower left) included in the header section of each analysis report.

Figure 6B illustrates a representative section of an analysis report footer with the verified electronic signature and any comments associated with report sign-off. In this section, the authorized user is identified and the electronic signature is added to the report with the date and time of approval.

Figure 6. 21 CFR Part 11 GenomeLab GeXP system sign-off feature. A DNA sequencing report can be exported in PDF format with a A) header that shows the operator’s credentials and timestamp and B) footer with added electronic signature, timestamp and report status. C) Sign-off report history is generated that includes the name of the report, user credentials and date and time of sign-off. D) A sign-off report window requests user credentials, password and comments for report approval. E) A security feature protects the application of electronic signatures with invalid credentials.

Figure 6C shows a trail of report sign-offs using the 21 CFR Part 11 tools software. This feature provides a platform for both internal and regulatory record keeping. Prior to adding the electronic signature to the analysis report, the user must add the analyzed report to the sign-off report queue by selecting the Select Report to Sign tab. At this stage, the saved report is retrieved from the appropriate folder for the addition of the electronic signature. Note that an electronic record can be generated and printed with approved credentials without a need for electronic signatures. 

To validate the report with an electronic signature, the user is asked to enter their unique username and password, as shown in Figure 6D. Figure 6E demonstrates a security feature of 21 CFR Part 11 tool software, in this case preventing the approval or addition of an electronic signature when credentials are not verified correctly.

Audit trail and electronic record keeping with the 21 CFR Part 11 tools on the GenomeLab GeXP system

To support 21 CFR Part 11 compliance, the audit trail tool provides a platform for tracking the activity of all users, independent of user type (Figure 7). The audit trail settings cannot be changed or altered by unauthorized user types. The audit trail tool takes the date and time of performed activities from the server and imprints these data onto GenomeLab GeXP system-based records or reports (Figure 7). All activities and electronic records are then available, as needed, for inspections and audits. To support audit trails, all activities are tracked with the operator username, date, time and indication of record creation, modification, or deletion.

To ensure data integrity, whenever changes are made to data files, all previous values are stored in the embedded database and previous information is not overwritten or obscured. The privileges to change or delete data can be assigned only to specific users. Metadata can be archived off the system and includes all information that is part of the electronic record, including the audit trail.

Figure 7. Audit trail for all activities performed on the GenomeLab GeXP system for 21 CFR Part 11 compliance. The audit trail feature of the 21 CFR Part 11 of the GenomeLab GeXP system tracks all performed activities for both internal and external audits.

The 21 CFR Part 11 tools activation maintains high-quality data and performance on the GenomeLab GeXP system

Figure 8 illustrates a representative section from a DNA sequencing result obtained by analyzing a sample of the SCIEX Sequencing Test Sample (PN: 608070) with the 21 CFR Part 11 tools activated on the GenomeLab GeXP system. As described in the previous sections, the report header shows the operator’s credentials and the middle panel contains the analyzed data. In this example, the sequencing test sample was resolved, and finely defined peaks were corrected for signal crosstalk and migration time, as described in the User Guide for the GenomeLab GeXP system. The lower panel in Figure 8 shows the corresponding nucleic acid identity for each resolved fragment with the respective fluorescently labeled dye. In summary, we successfully confirmed the sequencing result of the test sample with the 21 CFR Part 11 tools on the GenomeLab GeXP system activated. 

Figure 8. 21 CFR Part 11 tools maintain high-quality nucleic acid data on the GenomeLab GeXP system. The SCIEX sequencing test sample was confirmed for 100% base identity following alignment to the reference sequence file by using the 21 CFR Part11 tools for electronic records and electronic signatures on the GenomeLab GeXP system.

Conclusion
 

  • GenomeLab GeXP system 21 CFR Part 11 tools provide a platform to comply with electronic record and electronic signature requirements. Documentation is available for examination during an audit

  • Highly structured software with user access based on expertise and functional roles to maintain complete accountability and traceability for all performed events

  • Demonstrated nucleic acid data quality and results support the upgrade of Windows 7 operating systems to Windows 10 operating systemscontent here