If we are supposed to be certified by an external authority then we are not compliant. Though while reading the CFR document, we found no reason to not comply this certification.
Aspose for Cloud provides Cloud Storage to its customers but we also let our customers use their own Cloud Storage or some other third party Storage they are comfortable with. So you can use Microsoft Azure or Dropbox that are Part 11 compliant with our APIs as a storage provider.
In short, you should not rely on our system alone to get the compliance. But if you use our system from a system that is Part 11 compliant, we don’t find any reason why we will break the compliance.
@rstellar I am very familiar with the FDA regulations. I would suggest that you take a risk based approach to determine if the data is Part 11 compliant.
With this in mind, I would second the idea of storing the data in external storage provider such as AWS S3 and encrypt the bucket. Depending on the perceived level of risk, this could be a valid approach to remain Part 11 compliant.