HIPAA, 21 CFR part 11 and Extended Security

The PAX-it base software includes tools for managing projects, with its own database and management tools, including user login accounts with some assignable permissions. Browsing and retrieving assets are only allowed for authorized users, fulfilling the key HIPAA requirements.

If additional security is required, for example to the level of 21 CFR part 11 security including audit trails, digital signatures, and verification of original data, then the Extended Security module is recommended.

For example:

  • If your images contain private or sensitive information that should be restricted from view
  • Legal proceedings require images and/or reports to be shown as unaltered
  • Departmental audits require knowledge of personnel activities related to image deletion or modification
  • Certain users must be restricted in activities within the software, such as the ability to recalibrate, or to delete assets, or to export assets…

These scenarios are covered with the Extended Security (ES) Module.   It is designed for those requiring tools for more strict control over access to the PAX-it database assets, for locking down images, reports, presentations, data sets, and other digital assets with digital signatures (electronic signatures / electronic records), for setting up for Title 21 CFR Part 11 compliance as defined for the FDA, and more. The ES module is an add-on component to a PAX-it network site license set up as an MS SQL-Server or Oracle database (database license is not included).

The Extended Security Module addresses security through three main components:

  • Administrative Tools (assigning permissions to managed user logins)
  • Digital Signatures (to lock down images, reports, and other items as unalterable)
  • Audit Trail Logs for recording user activity
Secure images within areas of your collectionClick on Image to Enlarge
The PAX-it Extended Security module is available
for tighter security controls, including
digital signatures and audit trails for 21 CFR Part 11
compliance or other corporate administration of security.