Intent

Requirement: Showing intent on behalf of the signatories to sign.  As a subset of this principle, the solution must be able to provide authentication of the signature.  In other words demonstrate that it is the signature of the individual it professes to be.

How SignCenter addresses this requirement:

• Each time a signer adds their signature to a document in SignCenter, they are informed that “By drawing or entering your name you indicate your intent to electronically sign this document.” In order to finalize the document, the person finalizing must click to show confirmation “that you, and all signing parties that have signed the document, are indicating intent to electronically sign and finalize this document.”
• For documents signed in-person, authentication occurs outside of SignCenter, as it would with any in-person transaction. In this case the verified user controlling the signing event authenticates with their username and password and by completing the document, confirms that they and all signers intended to sign.
• For documents sent through email, a unique cryptographically secure link is sent to the users email box. By accessing the link the user demonstrates that they have access to the email address inbox to which the document was sent.

 

Consent to do business electronically

Requirement: Showing of consent to do business electronically.  

How SignCenter addresses this requirement:

• In order to finalize a document in SignCenter, the person finalizing must click to show confirmation “that you, and all signing parties that have signed the document, are indicating intent to electronically sign and finalize this document.”

 

Permanent Record

Requirement: The signature must be associated with the record.  The solution must create a permanent non-alterable association between the signature, whatever form it takes, and the record (contract, consent, etc.) that it is meant to approve.

How SignCenter addresses this requirement:

• SignCenter stores the final document in a secure hosted database. Once a document is signed and stored it provides no method to change the document.

 

Retention

Requirement: Retention of the record in a format that is capable of accurate reproduction for all parties entitled to retain the contract or record.

How SignCenter addresses this requirement:

• The record is stored in industry standard PDF and can be provided to all parties.

 

HIPAA

Requirement: According to the U.S. Department of Health and Human Services, “[...] The Privacy Rule generally allows for electronic documents, including business associate contracts, to qualify as written documents for purposes of meeting the Rule’s requirements. However, currently, no standards exist under HIPAA for electronic signatures. In the absence of specific standards, covered entities must ensure any electronic signature used will result in a legally binding contract under applicable State or other law.”

More generally, all Healthcare related transactions are subject to the requirements of HIPAA and a signature solution should be examined from that perspective.

How SignCenter addresses this requirement:

• The ways that SignCenter addresses Federal requirements for electronic signature are listed above. To ensure that all HIPAA protected data is protected, Medforce has extensive security and privacy controls in place. For a full description of these please refer to the Medforce Cloud Architecture and Security document. Medforce will sign a business associate agreement with all clients that have patient data. Most electronic signature companies charge additional fees to sign a BAA and get HIPAA compliance, SignCenter is built specifically for healthcare and provides HIPAA compliance for all accounts.

 

Click to Learn more about SignCenter