Are Aspose Document Management REST APIs comply with FDA Part 11?

I asked this question on Stack overflow as well: aspose.words - Is Aspose Cloud FDA Part 11 compliant? - Stack Overflow

The US FDA has regulations for electronic record keeping:

TITLE 21–FOOD AND DRUGS CHAPTER I–FOOD AND DRUG ADMINISTRATION DEPARTMENT OF HEALTH AND HUMAN SERVICES SUBCHAPTER A–GENERAL

PART 11 ELECTRONIC RECORDS; ELECTRONIC SIGNATURES

https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=11

Q1. Is the Aspose Cloud service Part 11 compliant?

(The forums have no existing questions)

Q2. Are you using Aspose Cloud currently in a Part 11 compliant app, what are the pros/cons?

Thanks,

@rstellar

Thank you for contacting Aspose Support.

Please spare us some time to have a discussion with our Platform team, we are going to answer your questions shortly.

@rstellar

If we are supposed to be certified by an external authority then we are not compliant. Though while reading the CFR document, we found no reason to not comply this certification.

Aspose for Cloud provides Cloud Storage to its customers but we also let our customers use their own Cloud Storage or some other third party Storage they are comfortable with. So you can use Microsoft Azure or Dropbox that are Part 11 compliant with our APIs as a storage provider.

In short, you should not rely on our system alone to get the compliance. But if you use our system from a system that is Part 11 compliant, we don’t find any reason why we will break the compliance.

@rstellar I am very familiar with the FDA regulations. I would suggest that you take a risk based approach to determine if the data is Part 11 compliant.

With this in mind, I would second the idea of storing the data in external storage provider such as AWS S3 and encrypt the bucket. Depending on the perceived level of risk, this could be a valid approach to remain Part 11 compliant.

@greg-4

Thanks for adding your valuable input.

Awesome. Thank you @greg-4