• Decrease font size
  • Return font size to normal
  • Increase font size
U.S. Department of Health and Human Services

CFR - Code of Federal Regulations Title 21

  • Print
  • Share
  • E-mail
-

The information on this page is current as of Aug 30, 2024.

For the most up-to-date version of CFR Title 21, go to the Electronic Code of Federal Regulations (eCFR).

New Search
Help | More About 21CFR
[Code of Federal Regulations]
[Title 21, Volume 9]
[CITE: 21CFR1304.06]



TITLE 21--FOOD AND DRUGS
CHAPTER II--DRUG ENFORCEMENT ADMINISTRATION
DEPARTMENT OF JUSTICE

PART 1304 -- RECORDS AND REPORTS OF REGISTRANTS

General Information

Sec. 1304.06 Records and reports for electronic prescriptions.

(a) As required by § 1311.120 of this chapter, a practitioner who issues electronic prescriptions for controlled substances must use an electronic prescription application that retains the following information:

(1) The digitally signed record of the information specified in part 1306 of this chapter.

(2) The internal audit trail and any auditable event identified by the internal audit as required by § 1311.150 of this chapter.

(b) An institutional practitioner must retain a record of identity proofing and issuance of the two-factor authentication credential, where applicable, as required by § 1311.110 of this chapter.

(c) As required by § 1311.205 of this chapter, a pharmacy that processes electronic prescriptions for controlled substances must use an application that retains the following:

(1) All of the information required under § 1304.22(c) and part 1306 of this chapter.

(2) The digitally signed record of the prescription as received as required by § 1311.210 of this chapter.

(3) The internal audit trail and any auditable event identified by the internal audit as required by § 1311.215 of this chapter.

(d) A registrant and application service provider must retain a copy of any security incident report filed with the Administration pursuant to §§ 1311.150 and 1311.215 of this chapter.

(e) An electronic prescription or pharmacy application provider must retain third party audit or certification reports as required by § 1311.300 of this chapter.

(f) An application provider must retain a copy of any notification to the Administration regarding an adverse audit or certification report filed with the Administration on problems identified by the third-party audit or certification as required by § 1311.300 of this chapter.

(g) Unless otherwise specified, records and reports must be retained for two years.

[75 FR 16306, Mar. 31, 2010]

-
-