Compliance you can verify, not just read about.
Every claim on this page maps to an enforcement mechanism in the running system, database triggers, cryptographic hashes and generated evidence, not to a policy document.
21 CFR Part 11
Clause by clause.
System validation via generated IQ/OQ/PQ reports, computer-generated audit trails, role-based authority checks on every API route, and operational checks enforced by the workflow state machine.
Append-only AuditLog with field-level before/after values, actor, timestamp, IP and user agent. PostgreSQL BEFORE UPDATE/DELETE triggers reject mutation, immutable even with direct database access.
Printed name, date/time and the meaning of the signature (submitted, approved, rejected, shipped, delivered) stored on every ESignature record and displayed on read.
Signatures live in an append-only table keyed to the shipment record; they cannot be excised, copied or transferred.
Each signature is tied to a unique user identity and is never reused or reassigned.
Session JWT plus password re-entry on every signing action, regardless of session age. Org-wide TOTP MFA enforcement available.
The signature integrity hash is SHA-256 over the full shipment state, signer, timestamp and meaning at signing time. Any post-signature edit is detectable on verification.
GxP & EU GDP
Custody and cold chain, inspection-grade.
Hash-chained custody
Each custody entry hashes the previous entry plus the new event. Append-only enforcement at the database layer makes the chain tamper-evident end to end.
Excursion investigations
Automated detection from logger data, TAET stability budgets per ICH Q1A(R2)/Q5C, and generated GxP deviation reports for temperature investigations.
Document gates
Corridor rules enforce required documentation by origin, destination and material class before a shipment can move.
APR/PQR evidence
The transport chapter of your Annual Product Review generates from live records: volumes, excursions, compliance rates, carrier performance and screening stats.
GDPR
Privacy rights that respect regulated records.
Only name, email and role are collected. Tokens live in httpOnly cookies, never localStorage. PII fields are encrypted at rest with AES-256-GCM.
Admin tooling exports a user’s data and corrects inaccurate records, with every change audit-logged.
Crypto-shred: PII replaced with hashed placeholders, all sessions revoked, while regulated shipment and audit records stay intact and attributable to an anonymised actor. The erasure itself is audited.
JSON/CSV export of user and shipment data on request.
ErasureRequest records and the platform-wide audit trail document processing activity end to end.
Security architecture
Defence in depth, inside your perimeter.
Field-level encryption
AES-256-GCM on PII (names, emails, contact details) via a transparent ORM extension, encrypted at rest without application code changes.
Hardened authentication
JWT pinned to HS256 (no algorithm-confusion surface), refresh rotation, session revocation, time-boxed and fully audited admin impersonation.
SAML 2.0 SSO + MFA
SP-initiated SSO with signed assertions and InResponseTo replay protection. TOTP MFA with org-wide enforcement.
Rate limiting & headers
Redis-backed login throttling (10 attempts/IP/min), strict CSP, HSTS, frame-deny and referrer policy on every response.
Secrets hygiene
Secrets come from environment configuration only, never baked into images. Key-rotation scripts ship with the platform.
Division-level scoping
Users see only their division’s shipments unless explicitly granted global access; partner tokens are per-shipment, per-role and revokable.
Validation
IQ/OQ/PQ, generated per deployment.
Your CSV programme gets real evidence rendered against the running system, not a vendor PDF. Every deployment produces:
Installation Qualification
Build info, database schema version, runtime versions, environment variable presence (no values), object storage and queue connectivity, plus verification that the append-only triggers exist.
Operational Qualification
Audit event breakdown, active users by role, shipment status distribution and e-signature integrity verification across the record set.
Performance Qualification
30-day compliance approval rate, average time-to-approve, denied-party screening coverage and cold-chain excursion detection rate.
Posture
What’s shipped, what’s next.
Shipped today
- 21 CFR Part 11 §§11.10–11.200
- GxP / EU GDP custody & cold chain
- GDPR Art. 17 & 20 tooling
- EMA Annex 11 alignment
In progress
- ISO 27001 alignment
- SOC 2 Type 1 (attestation 2026-Q3)
Roadmap
- DSCSA / EU FMD unit-level serialisation (2027)
See it live in 25 minutes.
Eight guided flows: compliance review, DPS screening, Part 11 e-signature, custody chain, breach prediction, GDPR erasure and the validation report. Then a 90-day pilot on your own programme, fully creditable.