BlueCielo Meridian FDA Module 2018 Configuration Guide
About auditing vault activity
The Meridian FDA Module is capable of logging all actions that have been completed that create, modify, delete, or export data related to any object in the vault using any of the client applications and application links, including Meridian Enterprise Configurator. This feature meets the requirements of Title 21 Part 11 of the U.S. Code of Federal Regulations that applies to the Food and Drug Administration. Once configured for a vault, audit data is logged automatically. No client configuration is required.
Audit data is only logged for standard Meridian Enterprise and Meridian FDA Module commands. Custom commands can be audited by adding calls to the Vault.AuditEvent method in the vault’s VBScript event handlers. The data is stored in a secured database separate from the document metadata. Audit log data is generated automatically in chronological order. Data cannot be imported into the activity database. No user, regardless of their privileges, can modify the audit data. New audit data does not overwrite existing audit data. Audit data is retained for the life of the vault. For a list of the audited actions, see Audited actions.
- Releasing documents using VBScript (for example, Document.ChangeWorkflowState AS_WF_RELEASED, "", "") is not logged if the SDWFEvents setting is set to N (default) in the vault configuration. If such script exists in the vault configuration and the document type workflow events must be prevented, then you must provide custom notification scripting. If the document type workflow events do not need to be prevented, set SDWFEvents to Y. The setting can be found in the [ScriptEvents] section of the Application Integration tab in the Environment branch of the configuration tree in Configurator.
- Electronic signatures made in Meridian Power are only logged if the Enable Web Access client components option is enabled for that user. For information about deploying standard user settings, see the BlueCielo Meridian Enterprise Administrator's Guide.
Meridian Enterprise supports one of the following stores for audit data:
- Standalone database that can be viewed by users with the special audit log viewer web application described in this chapter. The data can be viewed, filtered, and exported by authorized users as described in the BlueCielo Meridian Enterprise User's Guide. Configuring a Meridian Enterprise server to use this method is described in the following topics.
- Meridian Enterprise Server database that can only be viewed by users with access to the Meridian Enterprise Server Administration Console. We recommend using this method if Meridian Enterprise Server is deployed. Configuring a Meridian Enterprise server to use to use this method is done with the Use Enterprise server for the audit log option described in the BlueCielo Meridian Enterprise Administrator's Guide.