Paperless Records Compliance Requirements
My company is currently using the Redzone Compliance for the on line monitoring.
All the physical records (CCP check, quality check, incoming receiving, production process control, material usage etc) will be replaced by the real time data key in in the software.
Is there any paperless compliance requirement that we need to consider?
No, but you may want to prep your CB ahead of an audit so they are aware
Be prepared to demonstrate the document control.....how do you know it was completed at the right time, by a trained employee (i.e. log in credentials, time stamped signature etc)
Maggie,
In the US, digital records have to comply with Title 21 Section 11.100 of the Code of Federal Regulations. It sets the standards we have to follow for digital records related to food production and food safety. We also utilize Rezone in our operation. The only extra step we took was to have a document signed by each employee stating that they understand that their "electronic" signature is the same as their hand written signature. That all rules for document falsification still apply meaning that they cannot share their username, password, and pin number with anyone else or use anyone else's.
Hi maggie.tan,
I will echo Scampi and PieGuy191 here. Electronic Signoff consenting is very important in this situation. To build off what Scampi said, Redzone also has some reporting features on its backend where you can generate custom reports on a whim. I would highly recommend getting to know the reporting feature in redzone. Auditors typically ask for production records related to a certain past run, or an arbitrary timeframe. Knowing how to generate these reports will be to your advantage. The redzone team is also familiar with electronic compliance standards, I would recommend reaching out to them if you have any concerns about relying solely on redzone for your documentation.
For paperless recording, remember it's important to have some policies in place that account for control over users. Things like:
- How often are users required to change their password?
- Are the signoff permissions for each user set appropriately?
- Are electronic records being delivered to the appropriate users for review?