SAFE Identity Announces Industry Guidance for Compliance With Title 21 CFR Part 11


RESTON, Va., March 09, 2021 (GLOBE NEWSWIRE) -- SAFE Identity, an industry consortium and certification body operating a Trust Framework for digital identities in healthcare, today announced the publication of industry guidance that healthcare organizations can use as a tool to achieve compliance with the Food and Drug Administration (FDA) Title 21 CFR Part 11 regulation. The guidance document outlines how healthcare organizations can leverage vendor products and SAFE certification programs to assist in meeting FDA regulations for trustworthy and reliable electronic documents and signatures.

SAFE Identity operates certification programs in support of its Trust Framework for secure, interoperable digital credentials and Commercial off-the-shelf (COTS) products, which can be used to support trusted digital signatures. The SAFE Trust Framework is built on a 15-year legacy of the SAFE BioPharma Trust Framework, the criteria for which was developed in collaboration with the FDA. The SAFE Trust Framework infrastructure continues to be cross certified with the federal bridge, allowing for validation of SAFE Certified Credentials by the federal government.

Title 21 CFR Part 11 places the responsibility on healthcare organizations to conform to the FDA regulation, as the FDA does not offer certifications for compliant vendor products or services. Satisfactory implementations of 21 CFR Part 11 are extremely variable, which leaves healthcare organizations struggling to understand how vendor products can help to earn validation of healthcare systems and pass an FDA inspection.

To help combat this challenge, SAFE created the Document Management System Working Group which brought SAFE PMA member companies together to develop implementation guidance for 21 CFR Part 11 based on the processes and strategies they currently use in their own organizations. The working group resource, “Implementation Guidance of Title 21 CFR Part 11,” defines a set of responsibilities necessary for satisfying each control in 21 CFR Part 11. Involved parties are organized into three categories: SAFE Certification Programs, Vendor Products and Implementers/Healthcare Organizations. It then provides strategies and context that help explain the responsibilities by stakeholder category needed to implement each control in 21 CFR Part 11.

In support of this guidance, SAFE certifies identity providers and COTS products against a set of criteria that meet specific requirements laid out in 21 CFR Part 11. While there is no product certification endorsements recognized by the FDA, SAFE certification programs help healthcare organizations make better buying decisions by lab testing software products and certifying identity providers as part of its interoperable Trust Framework.

These providers will be listed on the SAFE website, as well as on the Qualified Products List (QPL). SAFE also offers a tool that verifies if a user’s certificate resides within the SAFE community, is connected to the federal bridge and is compliant with Electronic Prescription for Controlled Substances (EPCS) regulations.

This implementation guidance was developed by the SAFE Document Management System, a healthcare industry-driven working group chaired by SAFE Identity, that has provided several resources useful for addressing critical identity-related problems in healthcare. Industry members interested in participating in SAFE working groups and governance of the SAFE Trust Framework can start by joining the PMA.

More information about SAFE Identity is available at

About SAFE Identity

SAFE Identity is an industry consortium and certification body that provides an ecosystem for identity assurance in the healthcare sector to enable trust, security and user convenience. It reduces risk and assures the integrity of identities and data in virtual clinical trials, medical devices and trusted data exchange in healthcare supply chains.


Dana Kringel

Montner Tech PR