Rahul, CFR 21 (part 11) is an FDA-mandated electronics records standard. For any software solution built for the life sciences / pharma industries, compliance with this standard is a must. There are three parts to this:
(1) Controls and audit of user logins / forcing re-login when session times out (2) Tracking change history of key software records (for example, a work order) (3) Protecting the data from unauthorized access / establishing data was not tampered with Most of the compliance is built into the business application layer in the form of data validations, audit trails, and process workflows. Cassandra’s RBAC plus encryption at rest would satisfy (3). If there was a granular audit trail capability, that would address (2). (1) is a business application function, I think. Thanks, Sam > On Mar 29, 2018, at 12:29 PM, Rahul Singh <rahul.xavier.si...@gmail.com> > wrote: > > Is that an encryption related policy? If you can clarify — maybe able to get > better answers. There are products like Vormetrics (?) which can encrypt data > at rest. > > -- > Rahul Singh > rahul.si...@anant.us > > Anant Corporation > > On Mar 29, 2018, 12:23 AM -0400, Sudhakar Ganesan > <sudhakar.gane...@flex.com>, wrote: >> Hi, >> >> >> Did anyone used Cassandra in medical industry since FDA enforces CFR 21 >> (part 11) compliance ? >> >> >> Regards, >> >> Sudhakar >> >> Legal Disclaimer : >> The information contained in this message may be privileged and confidential. >> It is intended to be read only by the individual or entity to whom it is >> addressed >> or by their designee. If the reader of this message is not the intended >> recipient, >> you are on notice that any distribution of this message, in any form, >> is strictly prohibited. If you have received this message in error, >> please immediately notify the sender and delete or destroy any copy of this >> message!
