In a regulated environment, the label is part of the record. When an auditor or investigator asks "exactly what did you print, who approved it, and can you prove it hasn't been changed?", a screenshot and a spreadsheet are not an answer.
LabelInn was built so that the answer is always: yes, here is the cryptographically verifiable history. Print records are immutable by database rule, hash-chained and signed so tampering is detectable, and gated behind re-authenticated electronic signatures — the technical controls a FDA 21 CFR Part 11 / EU Annex 11 style program depends on.
No label tool is "certified" for 21 CFR Part 11 or EU Annex 11 — compliance is a property of your validated process, not a vendor stamp. LabelInn supplies the enforced records and access controls a Part 11 / Annex 11 style program needs. You own the validation; we make the underlying records tamper-evident and the approvals attributable.
🔐 Audit-ready out of the box. Immutable print history, a self-verifying hash-chained log, and re-authenticated e-signatures — bundled in Pro, not a separate Enterprise tier. Start free →
What "compliance" actually requires — and how LabelInn enforces it
| Control a regulated program needs | How LabelInn enforces it |
|---|---|
| Records can't be quietly edited or deleted | ✓ Immutable print history — enforced by database rules, not just app convention |
| Tampering must be detectable | ✓ SHA-256 hash-chained + per-company HMAC-signed self-verifying audit log |
| Signatures bound to a specific person + action | ✓ E-signature approval requiring fresh re-authentication at the moment of signing |
| Prove what was actually printed | ✓ Per-element saved-vs-printed capture + raw print-payload capture |
| Reconstruct a past label's full history | ✓ Label provenance reconstruction — design, data, operator, bytes sent |
| Limit who can do what; protect personal data | ✓ RBAC (owner/admin/editor/operator/viewer) + PII gating |
| Compliance shouldn't be an Enterprise-only upsell | ✓ Included in Pro ($24.90/mo) with API, MCP and the GHS engine |
1. Immutable print history — enforced at the database layer
The weak point in most "audit trails" is that the application says it won't change a record — but the underlying store still allows it. LabelInn enforces immutability with database security rules: once a print event is written, it cannot be updated or deleted, regardless of which client, API key, or user attempts it. The record is append-only by construction, not by good behavior.
2. A self-verifying, hash-chained audit log
Every entry in the print history is linked to the one before it. Each record stores the SHA-256 hash of the previous record, forming a chain, and the whole entry is signed with a per-company HMAC key. The result is a log you can independently re-verify at any time.
Hash-chained. Alter, delete, or reorder a single entry and every downstream hash stops matching — the break is mathematically obvious.
HMAC-signed per company. Signatures are keyed to your organization, so records can't be forged or transplanted from elsewhere.
Self-verifying. Re-run the chain on demand to produce a clean proof that the history is intact — exactly the kind of evidence an auditor wants to see.
3. E-signature approval that re-authenticates the signer
A signature only means something if it's bound to a real person at a real moment. LabelInn's label-approval e-signature requires a fresh re-authentication: the signer re-enters their credentials at the point of signing, so the approval is attributable to that individual and that specific action — not to "whoever happened to be logged in." This mirrors FDA 21 CFR Part 11 / EU Annex 11 style expectations for electronic signatures on regulated approvals.
4. Per-element saved-vs-printed capture
"We printed the approved design" isn't enough on its own — data-driven labels change at print time. LabelInn captures the saved-vs-printed state per element and stores the raw print payload that went to the printer. So you can show not just which template was used, but the exact field values, substitutions, and bytes rendered on a given run.
5. Label provenance reconstruction
Put the pieces together and you can rebuild the complete story of any historical label during an audit or investigation:
Which design and revision produced the label
What data values populated each element at print time
Who initiated and who approved the print (with the re-authenticated signature)
What raw payload was actually sent to the printer
Where it sits in the verified chain, proving the record is original and untampered
6. Role-based access control + PII gating
Compliance isn't only about records — it's about controlling who can act. LabelInn enforces role-based access control across five roles (owner, admin, editor, operator, viewer), checked in both the database security rules and the callable backend functions. Personal data is PII-gated so it's only visible to roles that should see it. Teammates are invited by email and slotted into the right role; an operator can print without being able to alter approved designs or read protected fields.
🧪 Built for chemical, food and pharma labeling. Pair the audit trail with the GHS/CLP hazard-label engine for end-to-end regulated output. See the GHS/CLP engine →
Compliance bundled — not reserved for the top tier
The traditional pattern in this market is to lock audit trails and Part 11 style features behind the most expensive edition. BarTender, for example, typically places audit and Part 11 style capabilities in its Enterprise edition (roughly $5,595/year per BarTender's published editions, plus maintenance), with its REST-API tier (Automation) separate again.
LabelInn includes the immutable history, hash-chained audit log, and e-signature approval in Pro at $24.90/month — together with the REST API, MCP, and the full GHS/CLP engine. Larger or multi-site deployments are handled through a custom Enterprise quote.
Free — 1 printer, unlimited designs and prints
Starter $14.90/mo ($149.90/yr)
Pro $24.90/mo ($249.90/yr) — includes API, MCP, full GHS, audit log + e-signature
Enterprise — custom quote. See full pricing →
Compliance is one capability of a programmable label platform
The audit trail doesn't live in isolation. It sits inside a platform you can automate and integrate:
Cloud REST API — POST /v1/print/jobs with idempotency keys, batch/scheduled jobs, retry/reprint, webhooks, and audit-grade raw-payload capture. See the developer docs →
Visual workflow engine (cloud + on-prem edge) with a customizable operator Print Dialog as a human checkpoint before regulated output goes out. Explore workflows →
Read-only enterprise DB connectors — Oracle, SQL Server, PostgreSQL, MySQL/MariaDB via an on-prem sidecar; credentials never leave the machine, with a hash-chained query audit. (Windows.)
Native printer-language output — ZPL, TSPL/TSPL2, Toshiba TPCL, and Epson ESC/Label — driverless raw USB, TCP/IP, or Bluetooth, with bidirectional status readback.
MCP + AI design assistant for authoring, while every physical print still flows through the same immutable, signed history.
Frequently Asked Questions
Is LabelInn certified for 21 CFR Part 11?
No software is "certified" for 21 CFR Part 11 — compliance is a property of your validated process, not a vendor checkbox. LabelInn provides the technical controls a Part 11 / EU Annex 11 style program needs: immutable hash-chained print history, a self-verifying audit log, re-authenticated electronic signatures, and RBAC. You validate the process; LabelInn supplies the enforced records and controls to support it.
What makes the audit log tamper-evident?
Every print-history entry is chained to the previous one with a SHA-256 hash and signed with a per-company HMAC key. Altering, deleting, or reordering any entry breaks the chain and fails verification. The log is self-verifying — you can re-run the chain at any time to prove it hasn't changed.
Does label approval support electronic signatures?
Yes. Approval can require an electronic signature that forces a fresh re-authentication at the moment of signing, so the signature is bound to that specific person and action — FDA 21 CFR Part 11 / EU Annex 11 style.
Can I prove exactly what was printed on a past label?
Yes. LabelInn captures the design saved-vs-printed state per element and stores the raw print payload, so you can reconstruct any historical label's provenance — the design and revision, the data values, who initiated and approved it, and the exact bytes sent to the printer.
Is compliance behind an expensive add-on?
No. The immutable history, hash-chained audit log, and e-signature approval are included in Pro ($24.90/month) alongside the API, MCP, and full GHS engine. Enterprise plans are a custom quote for larger deployments.
Audit-Ready Label Printing, Bundled
Built for chemical, food, and pharma teams who need to prove what they printed — not just claim it. Start free and turn on the audit trail when you're ready.
Create Your Free Account →