Jira for CFR 21 Part 11 compliance: how to get audit trail for FDA inspection

Companies that represent safety-critical industries such as aerospace, medical devices, or clinical research must comply with complex regulations. FDA CFR 21 Part 11, or simply Part 11, covers requirements for digital health companies selling their devices in the US. This regulatory audit requires detailed planning and documentation management, along with proof that the organization uses a compliant Quality Management System (QMS). Atlassian Jira is a great tool to use if you need to record track of the data for FDA inspectors. Let’s overview specific regulatory requirements and how Jira can help.

Which standards are obligated to ensure compliance  

Part 11 establishes a series of rules to ensure that any submitted electronic material is authentic. If a company cannot comply, the file may be incorrect or fake, and the FDA will not review it.

When configuring Jira to assist regulated processes, make sure the file can be exported and contains all components of Jira issues:

• Standard and custom fields
• The entire history of issues or audit trail
• The name of the person who exported it, as well as the date and time of the export
• Any supportive attachments
• Followed the electronic signature guidelines.

Benefits of using Jira for FDA compliance

Jira users often use Confluence as their QMS. It’s helpful because it manages such aspects as links, references, versions, grouping in spaces, and so on. Confluence and Jira Software are tightly integrated. Issues may be easily accessed from the Confluence page for status updates, and Jira Software can read links to related Confluence pages. These links provide tracking and tracing between issues in Jira and Confluence QMS records.

Manual document control can be effective, but it’s frequently followed by human mistakes. To avoid this problem, you need to track all changes of issues. Regulatory audits demand a documented historical trail, such as a change in history.

How to get an audit trail?

An audit trail is a log of all modifications made to a database or file. Atlassian Marketplace offers such a solution as Issue History add-on. It helps to obtain a full issue changelog and prevent falsified records. You’ll get a full ticket history report of all changes that have been made in the selected list of issues. 

Many regulated organizations have compliance, security, and governance regulations, and the issue history is meant to meet such policies.

With the audit trail, you’ll find out:

• What changes were made to the issues
• When modifications occurred
• Which user has updated the field values
• What actions the assignee has taken for a required period
• What issues were deleted

E.g., If some person has changed the issue summary field, the grid will display these changes.

One more essential requirement for compliance is to see if any of issue was deleted. When you erase an issue in Jira, it can’t be recovered. With Issue History, you can overcome this trap. Just enable the “Keep deleted issues” option, and nothing will fall out of your sight.

For further processing, you need to export data from the system into a clear, accurate document, as Part 11 requires. Issue History app allows you to download the report as an XLSX or CSV file.

Takeaway

When you need to comply with FDA inspections, Jira offers some tools that facilitate compliance. It has the potential to boost the impact of your quality management methods. Issue History add-on will help you to get and export the full issues changelog. All records will include the exact username and date.

• The audit trail will be collected as part of the issue processing
• The records will be tracked automatically and stored in the one place
• You’ll get one-stop access to all essential data and clear reports

What Jira tools do you use to comply with Part 11? Try how you can meet regulations by delivering the right information with Issue History add-on.