E signature technology improves many workflows in documentation that reduce delays and also save money by decreasing postage, paper and faxing. It also reduces the amount of time needed to distribute documents to signers, and makes it easier for them to sign online.
A standard electronic signature is a picture of a handwritten or typed name that is attached to digital documents. These types of electronic signatures don’t include security features, encryption or authentication, or authenticate the signature of the signer. A more sophisticated eSignature makes use of verification technology to generate a hash of the signature, and connects it to an associated public key that identifies the signer’s name. The recipient is able to decrypt the hash, and compare it to the public key to confirm that the document was not altered after it was signed.
An agency can also employ other verification methods to improve the security of electronic signatures, such as passwords biometrics, two-factor authentication as well as biometrics. These types of verification are employed when there is greater chance that the authenticity of the signature will be challenged.
Agencies should give special consideration to long-term, electronically-signed records that preserve legal rights. Records with these rights may require an extended software cycle and it’s important to maintain the integrity of a record in any upgrade or migration processes. The guidance provided by NARA on records scheduling can assist agencies in determining the appropriate retention periods for these records.
