Going Digital ' With Signatures

When was the last time you had to sign a document or collect signatures as part of a larger business process? Or wait on someone else for a signature? Did you opt for the old-fashioned “wet signature” or the new-fashion electronic version?

With more than 90% of the world's data generated within the last two years, we can make the sound assumption that your inbox ' whether virtual or physical ' is overflowing. Everything around us is moving faster. Our on-demand, in-an-instant mindset has zero tolerance for bandwidth limitations and mobility constraints. Despite this, some of us are still allowing slow and inefficient old-fashioned processes to endure.

According to a recent ALM Media Survey on signature-dependent processes and the use of digital signatures, 49% of all documents are printed for the sole purpose of adding signatures. And with 47% of respondents signing documents at least four times per week, you can quickly figure out what that means in terms of wasted resources, precious time, and money. Speaking of time, the survey also revealed that processes involved with obtaining physical signatures were extended by 1.24 days on average, spelling potential disaster for time-sensitive transactions, especially those that travel globally.

Based on this data, we can safely assume that electronic signature alternatives are alive and well. In fact, the ALM research indicates that 52% of surveyed corporate counsel and small, medium and large firms are either already using an electronic signature solution or plan to implement one in the next 12 months. Further, in the ALM survey, when asked what factors were most important in a digital signature solution, law firm and corporate legal respondents cited security and integrity of sensitive data (87%) and practical considerations, ease of use (86%), ease of implementation (81%) and acceptance by the courts (78%) as primary drivers.

But beware: Not all electronic signatures are created equal.

What's in a Name?

The terms “electronic signature” and “digital signature” describe two very different technologies, yet they are often used interchangeably. The information offered here aims to clarify the differences between digital signatures and electronic signatures, and to help frequent signers understand which of these two technologies is more appropriate for an organization's needs.

Electronic signatures can be as basic as a typed name, font, or a scanned image of a handwritten signature that is attached to an electronic document. As you can imagine, because they lack the required measures for preventing forgery and information tampering, electronic signatures can be very problematic in terms of maintaining security and integrity.

Digital signature s, also known as advanced, standard, or secure electronic signatures, provide the highest levels of security and represent openly vetted and peer-reviewed techniques that provide a higher level of confidence and reliability. By providing clear evidence that the signer's identity is bound to the document and that the document has not been altered after it was signed, the act of signing a document with a digital signature can actually transform any document into a legally enforceable record. Digital signatures allow organizations to securely and responsibly automate signature-dependent processes with the proper integrity.

Digital Signature Options

So when looking at digital signature solutions, what questions should you be asking? Which critical issues should you take into consideration before making a “digital,” “electronic” or “neither” decision?

1. Does it allow you to natively sign document formats ( e.g. , Word, Excel, PDF, etc.) typically used within the law firm or department and will the native applications recognize and verify the resulting signatures? The digital signature solution should allow you to sign using the applications/file types you are already using ' from the most common ones such as Microsoft Word, Excel and Outlook to SharePoint lists, InfoPath, and AutoCAD.

2. Does it make it easy to digitally sign documents? The digital signature solution should be simple to use for everyone within the firm. A quick and intuitive signing process, which takes no more than 10 seconds or one to two mouse clicks, will encourage broad and smooth user adoption. One must achieve user adoption to realize an ROI.

3. Does it work with existing content/workflow management applications? The right digital signature solution needs to be able to seamlessly integrate with the electronic content/document management and/or workflow automation systems currently in use, including SharePoint, OpenText, HP WorkSite, Nintex, K2 and others. Firms investing in automation and pursuing a paperless strategy can gain the full benefit by quickly adding a digital signature engine, which eliminates the need to reintroduce paper into otherwise automated processes.

4. Does it enable the firm to keep sensitive documents inside its secure IT domain? For security purposes, the digital signature solution should ensure that documents remain inside the firm's IT domain and are never saved on external third-party servers. Solutions that require documents to be saved externally expose them to the risk of tampering, privacy compromises and fraud because they are subject to third-party controls and service adequacy. In addition, they are subject to additional document collections and electronic discovery related rules, in some cases this means US rules might be applied to EU enterprises or government agencies.

5. Does it to give you complete control over its implementation? The digital signature solution should be able to adapt to the organization's specific processes, technologies, user management systems and authentication requirements ' not the other way around. This will enable easy digital signature management in the ways that best suit your internal governance policies and standard operating procedures. The solution should also readily integrate with your standard HR, IT, security and user-screening policies already in place.

6. Does it comply with relevant regulations? The digital signature technology should be based on internationally accepted standards that comply with geographic and industry-specific regulations wherever the signature may need to be relied on. If the firm or its clients require higher levels of security, the solution should be validated to comply with NIST's FIPS or ETSI standards. A digital signature system must meet the requirements of even the strictest regulations and legislation, such as the FDA's Title 21 CFR Part 11, HIPAA, Sarbanes Oxley, E-sign, UETA and the EU Directive for Electronic Signatures.

7. Does it enable anyone to validate the signature, even without access to the system? Digital signatures that are based on NIST, ETSI, IETF and ISO standards ensure signature portability, enabling anyone inside or outside of the firm or company to use widely available software such as Microsoft Office or any PDF reader to easily verify common signature parameters including the signer's identity and intent. Standard digital signature technology also seals the document with a one-time “fingerprint” that is unique to both the signer and the document, ensuring that the signer is legitimate and that the document was not altered after signing. Should a change occur after signing, the digital signature is automatically invalidated, providing protection against forgery or document tampering.

8. Does it provide the ability to digitally sign via the web and mobile devices? Users must be able to digitally sign using any device, anytime and anywhere, whether they are at the office on their PC, at home on their tablet, or in court using a mobile device. The right solution should enable everyone'including partners, clients, experts and others ' to digitally sign their documents without having to install software.

Your Choice or Theirs?

Ultimately, individual firms, law departments and even practice groups will need to make their own decisions about whether to adopt digital or electronic signature solutions. This can be based on compliance factors, security concerns, client demands and portability requirements.

John Marchioni is the General Manager & VP Business Development at ARX, provider of the CoSign Standard Digital Signature Solution.

When was the last time you had to sign a document or collect signatures as part of a larger business process? Or wait on someone else for a signature? Did you opt for the old-fashioned “wet signature” or the new-fashion electronic version?

With more than 90% of the world's data generated within the last two years, we can make the sound assumption that your inbox ' whether virtual or physical ' is overflowing. Everything around us is moving faster. Our on-demand, in-an-instant mindset has zero tolerance for bandwidth limitations and mobility constraints. Despite this, some of us are still allowing slow and inefficient old-fashioned processes to endure.

According to a recent ALM Media Survey on signature-dependent processes and the use of digital signatures, 49% of all documents are printed for the sole purpose of adding signatures. And with 47% of respondents signing documents at least four times per week, you can quickly figure out what that means in terms of wasted resources, precious time, and money. Speaking of time, the survey also revealed that processes involved with obtaining physical signatures were extended by 1.24 days on average, spelling potential disaster for time-sensitive transactions, especially those that travel globally.

Based on this data, we can safely assume that electronic signature alternatives are alive and well. In fact, the ALM research indicates that 52% of surveyed corporate counsel and small, medium and large firms are either already using an electronic signature solution or plan to implement one in the next 12 months. Further, in the ALM survey, when asked what factors were most important in a digital signature solution, law firm and corporate legal respondents cited security and integrity of sensitive data (87%) and practical considerations, ease of use (86%), ease of implementation (81%) and acceptance by the courts (78%) as primary drivers.

But beware: Not all electronic signatures are created equal.

What's in a Name?

The terms “electronic signature” and “digital signature” describe two very different technologies, yet they are often used interchangeably. The information offered here aims to clarify the differences between digital signatures and electronic signatures, and to help frequent signers understand which of these two technologies is more appropriate for an organization's needs.

Electronic signatures can be as basic as a typed name, font, or a scanned image of a handwritten signature that is attached to an electronic document. As you can imagine, because they lack the required measures for preventing forgery and information tampering, electronic signatures can be very problematic in terms of maintaining security and integrity.

Digital signature s, also known as advanced, standard, or secure electronic signatures, provide the highest levels of security and represent openly vetted and peer-reviewed techniques that provide a higher level of confidence and reliability. By providing clear evidence that the signer's identity is bound to the document and that the document has not been altered after it was signed, the act of signing a document with a digital signature can actually transform any document into a legally enforceable record. Digital signatures allow organizations to securely and responsibly automate signature-dependent processes with the proper integrity.

Digital Signature Options

So when looking at digital signature solutions, what questions should you be asking? Which critical issues should you take into consideration before making a “digital,” “electronic” or “neither” decision?

1. Does it allow you to natively sign document formats ( e.g. , Word, Excel, PDF, etc.) typically used within the law firm or department and will the native applications recognize and verify the resulting signatures? The digital signature solution should allow you to sign using the applications/file types you are already using ' from the most common ones such as Microsoft Word, Excel and Outlook to SharePoint lists, InfoPath, and AutoCAD.

2. Does it make it easy to digitally sign documents? The digital signature solution should be simple to use for everyone within the firm. A quick and intuitive signing process, which takes no more than 10 seconds or one to two mouse clicks, will encourage broad and smooth user adoption. One must achieve user adoption to realize an ROI.

3. Does it work with existing content/workflow management applications? The right digital signature solution needs to be able to seamlessly integrate with the electronic content/document management and/or workflow automation systems currently in use, including SharePoint, OpenText, HP WorkSite, Nintex, K2 and others. Firms investing in automation and pursuing a paperless strategy can gain the full benefit by quickly adding a digital signature engine, which eliminates the need to reintroduce paper into otherwise automated processes.

4. Does it enable the firm to keep sensitive documents inside its secure IT domain? For security purposes, the digital signature solution should ensure that documents remain inside the firm's IT domain and are never saved on external third-party servers. Solutions that require documents to be saved externally expose them to the risk of tampering, privacy compromises and fraud because they are subject to third-party controls and service adequacy. In addition, they are subject to additional document collections and electronic discovery related rules, in some cases this means US rules might be applied to EU enterprises or government agencies.

5. Does it to give you complete control over its implementation? The digital signature solution should be able to adapt to the organization's specific processes, technologies, user management systems and authentication requirements ' not the other way around. This will enable easy digital signature management in the ways that best suit your internal governance policies and standard operating procedures. The solution should also readily integrate with your standard HR, IT, security and user-screening policies already in place.

6. Does it comply with relevant regulations? The digital signature technology should be based on internationally accepted standards that comply with geographic and industry-specific regulations wherever the signature may need to be relied on. If the firm or its clients require higher levels of security, the solution should be validated to comply with NIST's FIPS or ETSI standards. A digital signature system must meet the requirements of even the strictest regulations and legislation, such as the FDA's Title 21 CFR Part 11, HIPAA, Sarbanes Oxley, E-sign, UETA and the EU Directive for Electronic Signatures.

7. Does it enable anyone to validate the signature, even without access to the system? Digital signatures that are based on NIST, ETSI, IETF and ISO standards ensure signature portability, enabling anyone inside or outside of the firm or company to use widely available software such as Microsoft Office or any PDF reader to easily verify common signature parameters including the signer's identity and intent. Standard digital signature technology also seals the document with a one-time “fingerprint” that is unique to both the signer and the document, ensuring that the signer is legitimate and that the document was not altered after signing. Should a change occur after signing, the digital signature is automatically invalidated, providing protection against forgery or document tampering.

8. Does it provide the ability to digitally sign via the web and mobile devices? Users must be able to digitally sign using any device, anytime and anywhere, whether they are at the office on their PC, at home on their tablet, or in court using a mobile device. The right solution should enable everyone'including partners, clients, experts and others ' to digitally sign their documents without having to install software.

Your Choice or Theirs?

Ultimately, individual firms, law departments and even practice groups will need to make their own decisions about whether to adopt digital or electronic signature solutions. This can be based on compliance factors, security concerns, client demands and portability requirements.

John Marchioni is the General Manager & VP Business Development at ARX, provider of the CoSign Standard Digital Signature Solution.