Sudhakar - an additional comment: The eAudit feature I mentioned was the underpinning for that product’s CFR 21 (Part 11) compliance. Over the years, several pharmaceutical companies would visit our product development sites to conduct their audits and this feature was demonstrated to show compliance with that standard.
I think we’ve a good information set in this thread for you to draw your conclusions. > On Mar 29, 2018, at 1:21 PM, sam sriramadhesikan > <sam.sriramadhesi...@oracle.com> wrote: > > You are right. One of the products that I was involved with had an “eAudit” > feature baked into the application layer tracking every change and capturing > user, changed value, affected attribute / column, an event type (insert, > update, delete), and the datetime stamp of the event. > > Sudhakar - your question is too broad. Looks like you want to hear of use > cases and solutions based on Cassandra. > > > >> On Mar 29, 2018, at 1:04 PM, Jonathan Haddad <j...@jonhaddad.com >> <mailto:j...@jonhaddad.com>> wrote: >> >> If you require a full audit trail then you'll need to do this in your data >> model. I recommend looking to event sourcing, which is a way of tracking >> all changes to an entity over its lifetime. >> >> https://martinfowler.com/eaaDev/EventSourcing.html >> <https://urldefense.proofpoint.com/v2/url?u=https-3A__martinfowler.com_eaaDev_EventSourcing.html&d=DwMFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=AJfDCyM3u5-XbEgygLPEjU2yutePmNCLC8Dp7T2lLug&m=G0XkFZ3Q60mxXZxoKdsrH-HPiu2CZsAP7RLXkfMcgss&s=8gg44--3P7ybfWSvgobr8TkeXvmxq7W2pmIKlvEQmmE&e=> >> >> Instead of thinking of data as global mutable state, think of it as a time >> series where you save each change as a completely new object. Then you can >> go back in time to any point to see how it got to be the way it is. >> >> On Thu, Mar 29, 2018 at 9:59 AM sam sriramadhesikan >> <sam.sriramadhesi...@oracle.com <mailto:sam.sriramadhesi...@oracle.com>> >> wrote: >> Rahul, >> >> CFR 21 (part 11) is an FDA-mandated electronics records standard. For any >> software solution built for the life sciences / pharma industries, >> compliance with this standard is a must. There are three parts to this: >> >> (1) Controls and audit of user logins / forcing re-login when session times >> out >> (2) Tracking change history of key software records (for example, a work >> order) >> (3) Protecting the data from unauthorized access / establishing data was not >> tampered with >> >> Most of the compliance is built into the business application layer in the >> form of data validations, audit trails, and process workflows. >> >> Cassandra’s RBAC plus encryption at rest would satisfy (3). If there was a >> granular audit trail capability, that would address (2). (1) is a business >> application function, I think. >> >> Thanks, >> >> Sam >> >> >>> On Mar 29, 2018, at 12:29 PM, Rahul Singh <rahul.xavier.si...@gmail.com >>> <mailto:rahul.xavier.si...@gmail.com>> wrote: >>> >>> Is that an encryption related policy? If you can clarify — maybe able to >>> get better answers. There are products like Vormetrics (?) which can >>> encrypt data at rest. >>> >>> -- >>> Rahul Singh >>> rahul.si...@anant.us <mailto:rahul.si...@anant.us> >>> >>> Anant Corporation >>> >>> On Mar 29, 2018, 12:23 AM -0400, Sudhakar Ganesan >>> <sudhakar.gane...@flex.com <mailto:sudhakar.gane...@flex.com>>, wrote: >>>> Hi, >>>> >>>> >>>> Did anyone used Cassandra in medical industry since FDA enforces CFR 21 >>>> (part 11) compliance ? >>>> >>>> >>>> Regards, >>>> >>>> Sudhakar >>>> >>>> Legal Disclaimer : >>>> The information contained in this message may be privileged and >>>> confidential. >>>> It is intended to be read only by the individual or entity to whom it is >>>> addressed >>>> or by their designee. If the reader of this message is not the intended >>>> recipient, >>>> you are on notice that any distribution of this message, in any form, >>>> is strictly prohibited. If you have received this message in error, >>>> please immediately notify the sender and delete or destroy any copy of >>>> this message! >> >
