A set of rules published by the Food and Drug Administration in March of 1997 to facilitate electronic recordkeeping in the industries that it regulates: Part 11 of Title 21 of the Code of Federal Regulations; Electronic Records; Electronic Signatures. The rules seek to ensure that information in electronic forms will be secure. The rules also encourage the use of digital signatures.
According to the rules, organizations can choose to maintain paper records and submit reports to the FDA on paper, but if they decide to keep electronic records, the records are subject to these rules.
In 2003, the FDA issued a guidance for 21 CFR Part 11 that softened their impact. It acknowledged that the need for security measures was not the same for every piece of electronic information. It introduced the concept of risk analysis and promoted the formal process of risk assessment to determine appropriate security measures under the rule.