How to Meet Health Canada’s Rules with e-Signatures for the e-Ordering of Controlled Substances

Andrea Masterton, May 16, 2014
Thumbnail

Canadian pharmaceutical manufacturers, retailers and distributors are under enormous regulatory pressure, especially when it comes to the distribution of controlled substances. And like many of our customers, they struggle with the delays and errors inherent in paper processes. For example, if a purchase order, signed by an Authorized Person, is not received by a distributor within five days of sending out narcotics, the store or institution will be placed on hold and not be allowed to order further.

This regulatory pressure is what led the Canadian Association for Pharmacy Distribution Management (CAPDM) to put together an Electronic Signature Committee to promote the adoption of e-ordering in the Canadian pharmaceutical supply chain.

 

 

 

 

Electronic Signature

The Beginner's Guide to Electronic Signatures

Comprehensive guide to getting started with e-signatures

Download Now

As part of this effort, Silanis was recently invited by CAPDM to explain Health Canada’s Policy Statement on the Electronic Ordering of Controlled Substances that allows for the use of electronic signatures and data when ordering controlled substances. In the presentation, we broke out the Health Canada requirements and explained how an e-signature solution should address requirements.

Here are the highlights: Secure transactions 

  • Secure Sockets Layer (SSL) v3
  • Documents are not downloaded locally
  • Data and documents are encrypted prior to storage in a database
  • Database table files are stored on encrypted volumes
  • Digital signatures tamper-proof the document, signatures and evidence

Limit access

  • System-to-system access through a unique key
  • Administrator access granted by Silanis, protected by username/password
  • User accounts set up by account administrator, protected by username/password

Authentication and authorization

  • Senders authenticate through username/password selected at time of account creation
  • Industry best practices used to protect passwords (hashing, complexity, expiry, maximum failed attempts, etc.)

Traceability

  • Link between Authorized Person (AP) and signed order
  • Signed orders are secured with digital signatures
  • Detailed audit trails are embedded in the record and include the AP’s unique identifier
  • Summary of evidence produced includes signer IP, date and time stamp for every action taken during the signing event
  • Process evidence includes a recording of every page viewed and how it was displayed in the browser during the transaction

Retention

  • Link between Authorized Person (AP) and signed order
  • Signed orders are secured with digital signatures
  • Detailed audit trails are embedded in the record and include the AP’s unique identifier
  • Summary of evidence produced includes signer IP, date and time stamp for every action taken during the signing event
  • Process evidence includes a recording of every page viewed and how it was displayed in the browser during the transaction

Access

  • Managers can access and search for signed orders by date, status, name, etc.

Want to find out how you can leverage the benefits of e-signatures as a pharmaceutical manufacturer or pharmacist in the e-ordering of controlled substances or other operations in your organization? Watch the recorded webinar now.