Swissmedic Updates eIAM Portal Administrator Guidance – Version 3.4 Effective February 2026

Escrito por Commercial 4Easy PRRC

Swissmedic has published Version 3.4 of the “Information Sheet – eIAM Portal Administrator”, applicable from 3 February 2026. This document defines how companies manage user access, roles, and authorisations across Swissmedic’s eGov services through the eIAM (eGovernment Identity and Access Management) portal .

For medical device and pharmaceutical manufacturers interacting with Swissmedic portals, this update is relevant as it governs who can access, submit, and manage regulatory information on behalf of the company.

What the eIAM Portal Is Used For

The eIAM portal enables delegated user administration for Swissmedic’s electronic services, including access to platforms such as:

  • eSubmission

  • ElViS (Electronic Vigilance System)

  • Clinical Trials (CT)

  • GMP/GDP certificates

  • Licences – major changes

  • Swissmedic Portal (company data access)

Each company must appoint user administrators, who are responsible for setting up users, assigning roles, and maintaining access controls.

Key Requirements for Manufacturers

To access Swissmedic eGov services:

  • Each user must have a CH-LOGIN account, including two-factor authentication.

  • User administrators are onboarded by Swissmedic once a user licence agreement is signed.

  • Access to services is only possible after correct role assignment and onboarding completion.

Swissmedic explicitly places responsibility on user administrators to ensure that only authorised individuals have access to regulatory systems.

User Roles and Authorisations

The document details a structured role system, including:

  • Application roles (e.g. read, upload, submit, download)

  • Product or case-specific roles (medi-full vs medi-restricted)

  • Business roles, which bundle multiple permissions to simplify access management

Incorrect role assignment can lead to incomplete onboarding, restricted access, or—in the case of ElViS—incorrect classification of users, potentially resulting in regulatory submissions being processed under the wrong profile .

Managing External and Multi-Company Users

Version 3.4 also confirms that:

  • A single individual can manage users for multiple companies, provided the same email address is used across profiles.

  • When logging in, the user must select the correct company profile before performing actions.

This is particularly relevant for consultants, authorised representatives, or shared regulatory service providers.

Onboarding Status and Access Control

User administrators can track onboarding status, including:

  • In process

  • Ongoing

  • Overdue

  • Expired

  • Completed

Swissmedic highlights that expired onboarding codes must be reissued and that users who do not log in for more than six months are automatically deactivated.

Why This Matters for Manufacturers

For manufacturers placing products on the Swiss market, correct user and role management is essential to:

  • Maintain uninterrupted access to Swissmedic regulatory systems

  • Ensure submissions and safety reports are attributed to the correct legal entity

  • Avoid administrative delays caused by incorrect onboarding or authorisation errors

While Version 3.4 does not introduce new regulatory obligations, it reinforces operational controls that directly affect regulatory workflows and compliance readiness.

Read the full document below.

Commercial 4Easy PRRC https://www.4easyprrc.com
Anterior

Swissmedic Publishes Updated EUDAMED UDI Enumerations: What Manufacturers Should Know
Próximo

FDA Issues Updated Final Guidance on Cybersecurity in Medical Devices