If you work in the public sector, and your department or agency is evaluating electronic signature (eSignature) or digital signature solution, there are a lot of things to consider: technical specifications, compliance standards, internal processes and personnel behavior.
The good news is that the acceptance of and preference for eSignatures within government settings continues to grow. As standards and security improve, agencies can reap the benefits of digital technology without the challenges that previously hampered adoption.
[Read More: This article is part of our series on What are online government services?]
For example, the Vermont Department of Information and Innovation (DII) says switching to eSignatures has, in some cases, shortened its contract approval process to within two business days.
In this article, we cover some of the basics of eSignatures and digital signatures, their legality, the compliance standards that guide them, and what benefits they can have for a government agency. We’ve also spoken to a number of government employees in a range of different departments to share their key takeaways when implementing an eSignature system.
What’s the Difference Between eSignatures and Digital Signatures?
Though it sounds like eSignatures and digital signatures are synonymous terms, there are a few key differences that set these two apart.eSignature defined
The U.S. Federal ESIGN Act, which passed in 2000, defines an electronic signature as an “electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.” In short, an electronic signature is a legal concept as long as you’re able to verify a signer’s identity and “intent” to sign a document. Examples of forms where eSignatures are ideal include Special Events Permits, Business Licenses and internal forms like Purchase Orders.Digital signature defined
A digital signature is more complex. Specifically, it’s security measures are more far-reaching. A digital signature contains an algorithm that encrypts a signature and generates a unique digital certificate to verify the authenticity of a signed record. StateScoop, in it’s recap of California Assembly Bill 2296 (more on that later in this article) offers a succinct definition of how the two differ: “Though the two terms may seem interchangeable, they actually represent two very different methods of electronic identity verification — an electronic signature consists of a symbol signifying that a person is agreeing to sign a document, while a digital signature joins that symbol together with a secure certificate verifying the identity of the signer.” Many municipalities use a combination of these signature types. Joe Battinelli, Business & Location Innovative Services Supervisor at Cabarrus County North Carolina, says they use almost every signature option available. “For some forms, eSignatures are sufficient – a person can type in their name and it transforms it into a nice cursive signature and you just hit submit. Other forms require the added level of security and encryption, so we have used Adobe Sign digital signature that uses a certificate based digital ID so they can submit. And in the case of federal forms we have a signature pad that can be brought to the signer.”Are eSignatures Legitimate and Secure?
When it comes to choosing which signature type is right for your agency, know that both are legally binding. Electronic signatures are easier to implement, but digital signatures provide an added layer of security. Both are enforceable, but there is less enforcement risk with a digital signature. Agencies we spoke with tackle which to use on a form-by-form basis. Shirlene Larsen, an accountant for Box Elder county, said her agency doesn’t use eSignatures for contracts that represent an obligation between two parties. “Instead, we mostly use it for application submittals–like a request for tax exemption, employee requests for travel, job applications, purchasing supplier justification forms, grant applications, property tax appeal forms etc. None of these are contracts where I think we would have any compliance issues from both parties being legally obligated.” Mrudul Sadanandan, IT Manager for the City of Sacramento, remembers that when his department initially ventured into the eSignature possibilities, there was a lot of confusion around what constitutes a legally binding signature. “As technology has evolved and people within our organization see the benefit of eSignatures, more people have become open to the idea that we don’t need digital signatures, with the highest level of security, for every form.” Batinelli says his agency is about a 70/30 split—online vs. actual signatures—and among the digital options they employ, they rely most on eSignatures.Compliance Legislation for Electronic Signatures
There are electronic signature compliance standards your government agency should consider when vetting software. Some municipalities may already have a list of approved vendors to choose from. The City of Charlotte for example has approved two eSignature vendors. In agencies where this work has not already been done, it’s important to know what compliance standards are at play. These include:- The U.S. Federal ESIGN Act – Passed in 2000, this is the federal law that lays out the guidelines for interstate commerce. The ESIGN Act was the first to state explicitly that a contract or signature “may not be denied legal effect, validity, or enforceability solely because it is in electronic form.”
- Uniform Electronic Transactions Act (UETA) – Most states have adopted this uniform act that aligns state laws around the validity of electronic signatures.
- California Assembly Bill 2296 – Approved in 2016, this legislation set clear standards around how state and local agencies can use both electronic and digital signatures. It also made it much easier for CA agencies to get online signature systems up and running.
Security Measures to Ensure Compliance
GovOS, for example, takes security measures very seriously, providing users:- An audit trail tracking every signer action
- 256 bit AES encryption and TLS (Transport Layer Security) 1.2
- Access permission control of designated signers
- Unique signatures created by each user
- Geolocation on every eSignable document
- User authentication with multilayered authentication options
- Timestamp logs of action in the document process
- An audit log of complete document history
- Lost documents
- Errors in processing
- Insecure storage
Time Savings and Improved Efficiency
Electronic Signatures significantly streamline workflows and processes. By eliminating the manual work of physical forms which requires documents to be:- Printed
- Filled in
- Handed off for processing
- Physically moved around internally for signatures
- Manually filed
- Documents need to be carbon copied
How to Get Buy-in Across Your Organization
When it comes to implementing change, it’s not just technology and processes that you need to consider. The human element is a critical component to ensure high adoption rates. Jamie Klenetsky Fay, Digital Media Manager for Morris County, NJ recommends framing the case for eSignatures from the end-user perspective. “When we began talking about implementing an eSignatures feature, I asked, ‘Well, what if you had to submit this form, do you have a printer at home that you can use to print this form so you can sign it? Do you have stamps so that you can mail in the completed form?’ That helped our team empathize with the citizens who relied on these forms.” Keep in mind, it’s not just the technology that’s changing, but also systems and processes that people have come to rely on. Perhaps the most important component to winning your team’s trust when changing to electronic signatures will be educating and empowering them so they feel comfortable with the new technology faster. Muhammed Umair, System Applications Specialist for the City of Bristol says no matter how ubiquitous electronic signatures become, there’s always going to be a learning curve. “Changing people’s mentality—no more paper!—it’s not easy, but it can be done. You have to teach everyone that now they just have to click a button and apply a signature, and then it will move on to the next person to get the signatures it needs.”How to Incorporate eSignatures into Existing Forms and Workflows
Best practices for seamlessly incorporating eSignatures into your existing workflow are:- Select important documents to digitize: Don’t bite off more than you can chew. Start by selecting one or two forms to add the eSignature option on and test its success. Are there lessons that you can implement as you continue to roll out the process to make it more successful?
- Model other rollout plans: Look to how other departments have successfully implemented their eSignatures, and replicate their blueprint.
- Consider cross-departmental communication: Incorporating new technology will involve many different staff members across different departments. For example, the procurement department probably can’t make any decisions about technology without considering the IT and security teams needs. Be sure to communicate change early and often to make for a seamless rollout.
- Test Everything: Muhammed in Bristol underscores the need for testing before going live with your eSignature system. “Do a lot of testing in the beginning! Try to think through every scenario, i.e. if someone’s not there, can someone else sign it?”