About electronic signatures

According to 21 CFR Part 11, which regulates electronic records and electronic signatures, each electronic signature must be unique to one individual and cannot be reused by, or reassigned to, anyone else. The OutcomeLogix application authenticates each user and patient signature, comprising a user name and password, to ensure that each is unique and associated with a valid account.

Password rules define the number of invalid attempts at entering a user name/password combination before the application locks the account, logs out the user, and forces the user to change the password at the next sign-in.

Depending on the study design, both site users and patients provide electronic signatures on the ICD page.

• If the currently signed-in user or patient enters an invalid user name/password combination, after the number of attempts exceeds the configured maximum number of allowed attempts, the application locks the user account and logs the user out, forcing the user to change the password at the next sign-in.
• If a user or patient who is not currently signed in enters an invalid user name/password combination, the application clears out the incorrect User Name and Password fields and displays a message for the user to try again.
• If a user or patient who is not currently signed in exceeds the number of permitted attempts, the application:
  • Issues a message asking the user or patient to change the password and try again.
  • Closes the ICD page.
  • Locks the user or patient account, forcing the user or patient to change the password at the next sign-in.

  Note: If a user or patient is not signed in and becomes locked out while attempting to co-sign the ICD signature page in the session of the currently signed-in user or patient, the application does not log out the currently signed-in user or patient.