1. Executive Summary
The vast majority of information today is generated and processed in electronic form. Consequently the majority of business conducted today is in part or entirely electronic. However, the need to obtain signatures causes business processes to be driven to the physical world, resulting, not only, in delays and costs, but also, in the loss of competitiveness and the ability to adapt. The objective is simple — maintain an endto- end electronic state throughout the business process. But are electronic signatures legal? Are they regulatory compliant? Can I hold my management accountable for approvals and decisions? Are my contracts enforceable? Can I have the same degree of control and security over my business? The answer is yes, if done correctly.
The U.S. e-Sign Act provides for the non-discrimination of electronic signatures and records when compared to their physical counterparts. In legal terms, the legislation provides the same “legal effect and validity” to an electronic signature as that granted to a handwritten signature on a paper. Note, the legal recognition granted a handwritten signature, which is that of admissibility in a court-of-law, is far greater than the legal recognition granted an electronic signature, which is not to be deemed invalid solely because it is electronic. The key challenge is how to have an electronic signature have the same legal recognition as a handwritten signature — that of admissibility.
In converting from ink-based signatures to electronic signatures, governing laws and regulations describe the overall goal that electronic signatures be generally “equivalent” to handwritten signatures. In order to achieve this requirement, one must understand first what makes an ink signature reliable. Secondly, one must understand what new challenges and risks are created by adopting the electronic medium.
There are many abstract and intangible factors involved in the formation of a multiparty electronically signed record. If not performed and maintained reliably, internal approvals may not be accountable; electronic evidence in legal disputes may not be admissible; and regulated processes may not be compliant.
This white paper defines the life cycle of an electronically signed record and describes the equivalence requirements throughout its retention period. A risk management framework called Electronic Signature Assurance will be presented that defines a generic Digital Chain of Evidence that guides the architectural choices available in deploying an electronic signature solution. However, the requirement for equivalence establishes a minimum legal admissibility standard that restricts the architectural choices to high reliability options. The result is a high assurance Digital Chain of Admissibility that holds individuals accountable for approvals and decisions and is deemed admissible and regulatory compliant.
This white paper will lay out an innovative risk management model (Electronic Signature Assurance) and reference architecture (Digital Chain of Evidence) that can be used to deliver confidence that an electronic signature solution can execute signed records that will meet the requirements for legal admissibility.
2. Electronic Signatures shall be Equivalent to Handwritten Signatures — Easier Said than Done
Currently, for a legally significant transaction, such as contract execution, or a regulatory significant transaction, such as e-Clinical Trial approval, electronic documents are printed and ink-based signatures are captured on paper. These signed documents are then stored and archived for a predetermined retention period driven by legal and or regulatory requirements. Anytime during this period, these documents can be called upon in a discovery request and offered as evidence in legal or regulatory proceedings.
Ink signed paper documents are deemed sufficiently reliable to be admitted as evidence due to their intrinsic physical attributes or reliability. That is, they are inherently stable, indelible, durable, self-contained and transportable.
In addition, decades of laws, regulations, precedence and established practices have created a human condition that generally presumes that when individuals sign paper documents, the:
- person signing is who they say they are, their identity can be established from their signature and they have the authorization to sign;
- person signing has applied their signature in a state of informed consent, in full awareness of the meaning of content being signed and the implications of signing;
- intent of their act-of-signing is an agreement to be bound by the content;
- document being signed will not change after the signature, and the signature only relates to the associated document...
