Crossing the Rubicon: Digital Signatures and Digital Transformation
•
2 likes•1,051 views
Digital signatures are the perfect tool for digital transformation of your organization. Open, standard digital signatures enable you to easily create truly paperless business processes. With digital signatures, your pdf's and other document types include the digital signature, there is no need to rely on a third signature company for signature verification. Your digitally signed pdf, itself, serves as your original document. Its signatures may be verified by using the free PDF Reader or other applications. Open digital signatures ensure no lock-in and full interoperability between signature applications from multiple vendors.
Recommended
Recommended
More Related Content
What's hot
What's hot (19)
Viewers also liked
Viewers also liked (11)
Similar to Crossing the Rubicon: Digital Signatures and Digital Transformation
Similar to Crossing the Rubicon: Digital Signatures and Digital Transformation (20)
Recently uploaded
Recently uploaded (20)
Crossing the Rubicon: Digital Signatures and Digital Transformation
- 1. ARX | 855 Folsom St. Suite 939 San Francisco, CA | (415) 839 8161 | www.arx.com | sales@arx.com Crossing the Rubicon: Digital Signatures and Digital Transformation Larry Kluger CoSign Marketing Manager, Integrations larryk@arx.com Ronan Lavelle UK Country Manager
- 2. Digital signatures are already in use in your industry and many others. You will use digital signatures, the only question is when. Digital signatures use open, international and national (UK) standard technology. Open digital signatures for digital transformation. (CoSign) 3 Things to Remember
- 3. Legal & regulatory framework • EU Directive on a Framework for Electronic Signatures (99/93/EC) • UK – Electronic Communications Act 2000 • UK - Electronic Signatures Regulations 2002 • FDA CFR 21 part 11 Technology match Digital signature solution must be: • uniquely linked to the signatory • capable of identifying the signatory • created using means that the signatory can maintain under his control • linked to the data to which it relates in such a manner that any subsequent change of the data is detectable. Can you use digital signatures? Yes!
- 4. European Court of Human Rights, Strasbourg France Digital transformation: workflow system in place, using SharePoint But, still too much paper needed to be signed Solution: CoSign Open Digital Signatures Results: • Meets all legal and security issues • Full electronic archiving with no need to scan • Over 300,000 digital signatures per year Case Study
- 5. Technology and terminology were created by boffins—it can be confusing… Digital Signatures same as Advanced Electronic Signatures. Same as Open Digital Signatures. Same as Open Signatures. Same as X.509 digital signature. ―Electronic signatures‖ and ―E signatures‖ refers to any computer technique for signing. All Digital signatures are E Signatures, not all E Signatures are Digital signatures. Open Digital Signatures
- 6. Digital Signatures: open, interoperable standard confirms document integrity, signer identity and intent. Peer-reviewed and vetted for security and consistency by: NIST, ETSI, ISO, IETF, W3C. Digital Signatures on one foot + + Document hash code Public/ Private Key Digital ID Hidden part of a digital signature Document integrity confirmed Document change detected Visible part of a digital signature
- 7. Digital Signatures: open, interoperable standard confirms document integrity, signer identity and intent. Digital Signatures on one foot Document integrity confirmed Document change detected Verification by different applications NB. It is mathematically impossible to create an undetectable change
- 8. The power of using open standards: No lock-in Interoperability: a document signed with one app can be viewed and verified using another application Best value: vendors focus on better features for you, not re- inventing proven technology Best technology: the standards and their technology are under constant scrutiny by academics and industry. Conformance testing. Open Digital Signatures
- 10. City investigates forged approval Fraud alleged on three engineer's seals By: Jen Skerritt 02/21/2013 1:00 AM Whoever forged an engineer's seal of approval on three Winnipeg properties could be charged with fraud or fined up to $20,000. A recent report revealed the city revoked three of Hollywood Homes Inc.'s building permits for properties on Pritchard Avenue, Bowman Avenue and Chevrier Boulevard after officials discovered submitted drawings were deliberately altered to indicate they were approved by an engineer. http://goo.gl/3nxzg
- 11. CoSign Product Demo Signing via CoSign Web App Verification
- 12. Digital Transformation and Digital Signatures The Forrester Wave™: E-Signatures, April, 2013 “Enterprise architects should include e-signatures as part of an overall ECM and BPM strategy… a foundational technology along with records management, eDiscovery, and other content services.” “Dramatic savings, successful implementation, no legal challenges”
- 13. Digital Transformation and Digital Signatures Level 1: Paper scanned and tracked online. Print, sign, scan. Slow, expensive, error-prone. And what happens to the signed original? Level 2a: Original documents are created on-line and digitally signed. The digitally signed document is the original. The signed document remains signed and verifiable when sent out of the ECM system. Level 2b: Form data is stored in XML format, digitally signed. This enables signed/certified/authorized data to remain machine- readable.
- 14. Documents and signatures Need signatures on more than half of their documents Add more than 1 day to their processes just to collect signatures Print more than half of their documents just to add signatures Source: ARX/AIIM Survey - 2013
- 15. After deploying digital signatures Source: ARX/AIIM 2013 Survey
- 16. Digital Transformation and Digital Signatures Save Money with a 12 month (or faster!) ROI Customer and Employee delight Your digital signature project will be the most successful of your digital transformation projects Your competitors are already investigating open digital signatures
- 17. Case Study Povisa Hospital, Vigo, Spain Digital Transformation project (paperless hospital) based on their existing applications Developed their own connector using CoSign’s Signature API Result: No more paper. Better, faster systems and processes for staff and patients.
- 18. Digital signatures are already in use in your industry and many others. You will use digital signatures, the only question is when. Digital signatures use open, international and national (UK) standard technology. Open digital signatures for digital transformation. (CoSign) 3 Things to Remember
- 19. What to look for in a Digital Signature solution? Implements the open digital signature standards. Conformance tests. Interoperates with no problems. Low Total Cost of Ownership: automatic synchronization with Active Directory and other directory systems. – Administering signers should not be a burden. Integrate with a range of document applications Connectors (products, not specials) for ECM systems (SharePoint, OpenText, Oracle, Alfresco, etc) APIs enable developers to extend and integrate the signature system with your own apps and products
- 20. Why CoSign? • Freedom of choice • Control and security • Comprehensive compliance • Low TCO: Cost-effective operations
- 21. The Forrester Wave™: E-Signatures, April, 2013 The most advanced Digital Signature Solution “CoSign by ARX has the most advanced digital signature capability in the field… easily integrates with internal security and credential management along with a strong central administration”
- 22. Regulated and security-minded markets, industries and governments Dominant Market Share Life Sciences Architectural, Engineering & Construction US Federal, State and & Local Gov’t Finance, Legal & Insurance Healthcare Payers & Providers Labs, Research & Education EU & Other Global Gov’t Energy & Petrochem
- 23. Selection of our world-class customers
- 24. CoSign integrates seamlessly with your existing workflows and technologies Document authoring tools Enterprise business systems Web-enabled applications Freedom of Choice
- 25. Freedom of Choice In-app on the desktop Embedded in your ECM solution As part of your key business workflows On any device With your own applications and products ??? CoSign® Central CoSign® Cloud
- 26. BYOD? Sure. Sign on any device, anywhere.
- 27. CoSign adapts to your requirements instead of the other way around Procedures and policies User provisioning Authentication (HR, security, proofing, etc.) and user-management methods Leaves the Controls In Your Hands
- 28. CoSign meets the broadest diversity of regulation and compliance worldwide Digital Signature Industry Governmental Standards Regulations Acts & Directives Comprehensive Compliance ESIGN UETA GPEA UECA EU UK (HIPAA) (SOX)
- 29. How CoSign Works
- 30. CoSign Central (appliance) • FIPS (140-2 level 3 certified) • Enterprise (1U rack-mountable) CoSign Cloud (hosted) CoSign Web App CoSign Connectors • SharePoint, Nintex, K2 • OpenText, Oracle, Alfresco, Laserfiche, SAP • Box, Google Drive CoSign for Developers • CoSign Signature API (SAPI) • CoSign Signature Web Agent CoSign Product Line
- 31. Centralized Turnkey Control User Directory (AD or LDAP) End-Users Securely Request Signature Services Signature Privileges Admin (onboarding and HR policies) FIPS 140-2 level 3 secure appliance CA / Certificate Management Key Management; Private Key Ops Graphical Signature Management Desktop Access Web Access Mobile Access
- 40. Signing directly in MS SharePoint®
- 41. Embedding CoSign® in your workflows
- 42. Put CoSign® in the centre of your business transformation initiatives …
- 43. Questions?
Editor's Notes
- With a digital signature the viewer also gets a visual indication of the signature’s validity; No tampering will ever go un-detected with a digital signature.
- With a digital signature the viewer also gets a visual indication of the signature’s validity; No tampering will ever go un-detected with a digital signature.
- Self-contained, portable and sustainable records with embedded digital signatures which can be verified independent of technologies, timing, organizations and geographies.With a digital signature the viewer also gets a visual indication of the signature’s validity; No tampering will ever go un-detected with a digital signature.Only digital signatures create self-contained, portable and sustainable electronic records that have value and trust outside of the repository and the organization, independent of the system that created them.
- GxP: Quality Management (QMS) and Electronic Document Management (EDM) for compliance and audit documentation including SOPs, work instructions, training records, and project/task specific documentation.GCP: Clinical data and Site Visit Monitoring Reports needing to be signed by CRAs and project managers. cGMP: Manufacturing Execution Systems (MES), Recipes and Electronic Batch Records (EBRS).GLP: Lab Reports, Certificates of Analysis, and Chain of Custody forms, LIMS. R&D: Electronic Lab Notebooks (ELN) and other IP/patent documentation. And other non FDA regulated enterprise operations: HR, Legal, Finance, Contracts, Agreements, Executive Management, Purchasing, AP/AR, Sales & Marketing...Transactional Document ExamplesGovernance Document ExamplesClaimsClinical DocumentationCustomer service change ordersDesigns, Drawings, PlansField Service, Maintenance, and Calibrations ReportsGeneral Contracts, Master Service, and Sub-contractor AgreementsHIPAA patient forms and consent formsInvoicesLab Reports, Notes, and Certificates of AnalysisLease AgreementsLoan AgreementsManufacturing Instructions and ReportsMedical RecordsPleadingsPurchase OrdersSale ProposalsTest ProceduresWork OrdersBoard ActionsCorporate Communications and Public ReportsDisbursements: Check, Wire Transfer Orders, and ACH TransactionsEmployee ActionsEmployee Benefit ChangesEmployee On-Boarding DocumentsEmployee Time SheetsEmployee Training AcknowledgementsExpense Reports & Re-imbursement ApprovalsFinancial Spreadsheets: Data Collection and AggregationGift RecordsJournal Entries related to Accounting and General LedgerStandard Operating Procedures, Policies, Work Instructions, and Training DocumentsTax Filings
- Life Sciences and FDA Regulated IndustriesCoSign has > 90% market share in the FDA regulated industries8 of the top 10 Pharma, 7 of the top 10 CROs, 5 of the top 10 Medical Device, AEC, High-Tech and Discrete ManufacturingARX chairs the Fiatech digital seal / signature project; ~20% of the ENR 50 Design use CoSignAutomotive, consumer/office/ scientific product engineeringUS Federal and Local GovernmentFederal: US Courts, NASA, HHS, DHS, VA, DOJ, DOT, DOE, FBIUS Commodities & Futures Trading CoLocal: DOTs, Health Depts, Public Safety, Transportation, District Clerks, Cities, CountiesFinance, Insurance and Legal Services; US COURTS (federal judiciary); ACORD (insurance standard body)Banks, insurance companies and law firms around the worldHealthcare Providers and PayersProviders: Health Depts, clinics, hospitals, EMR/EHR applicationsPayers: BCBS plans, the largest US insurance company, and the ACORD standards bodyEducation, Labs & Scientific ResearchSchool boards, universities & colleges, 50+ academic / CROs100+ Central Labs use CoSign, as well as numerous GC, LC, MS, Analyzer, LIMS, ELN VendorsEU and International GovernmentExecutive, legislative, and jusidicial branches and militaryEven the European Commission - the executive body of the EU - uses CoSignEnergy, Petrochem and Process ManufacturingNational Nuclear Security Admin, Los Alamos National Labs
- Unlike a proprietary electronic signature service, CoSign does not force use of fixed or rigid workflow, routing, forms or document management. Instead, CoSign is a flexible “signature engine” that easily integrates withany existing/future business process automation systems and technologies (enterprise and cloud) that you prefer for your specific applications. Any content authoring, workflow, DM, ECM, etc. application can be enabled using CoSign’s Signature API (SAPI) or Web Signature Agent (WSA) and many applications are already “CoSign Ready”
- It is ARX’s philosophy that our clients and partners should (must) have the freedom to choose and control the methods, policies, procedures and technologies that best fit their organizational governance and SOPs.You should not be required to re-engineer your business or disrupt your work environments because of the narrow specifications and requirements of some outside party or vendor including ARC. CoSign adapts to your polices, procedures and complementary technologies - not the other way around.
- CoSign is a standards-based digital signature solution. In the US these standards are known as FIPS PUB 186-3, FIPS PUB 180-3, and ITU-T X.509v3. These same standards are recognized, endorsed and adopted by governments, industries, and software vendors globally under NIST, ETSI, ISO, OASIS, IETF, and W3C.
- User-management policy (directory/DB) drives signature-privilege management.Signature credentials (keys & certs) maintained in secure appliance.CoSign Deploys in ~3 hours.
- Hence, CoSign provides Medium to High Assurance Digital Certificates for unique and individual identities.Not Rudimentary or Basic Assurance Digital Certificates - or even No Digital Certificates – used by many proprietary e-Sig SaaS services.
- CoSign / Digital Signatures are NOT just an electronic replacement for Pen & Paper!
- CoSign Central Appliance (ENT or FIPS) – hosted by end user organization or by ARx, installed and operational in < 2 hours.CoSign Agent + other features like MS Office Add-in and/or OmniSign distributed, users can upload graphical signatures.CoSign Agent + other features like MS Office Add-in and/or OmniSign can be loaded to virtual server (Citrix, Terminal Server).CoSign Agent can be loaded to Web Application Server and use the CoSign SAPI for server side signing (no CoSign client software required).CoSign Add-on for SharePoint can be loaded to SharePoint Application Server(s) for server side signing (no CoSign client software).
- CoSign / Digital Signatures are NOT just an electronic replacement for Pen & Paper!
- CoSign / Digital Signatures are NOT just an electronic replacement for Pen & Paper!
- Corporate EnterprisesCoSign provides an ever-present, secure and consistent signature service for the enterprise.CoSign is installed in hundreds of organizations as a enterprise or department-wide signature service for employees.Enterprise installations: 360,000+ users (avg: 500 users per account)Software ISVs, VARsIndependent software vendors and value-added resellers can add value to your clients with CoSign integration. CoSign is supported in leading document authoring tools and formats and advanced business process automation systems.SaaS and CloudsCoSign provides private clouds and SaaS service with a robust and easy to integrate signature engine.Cosign digital signature engine installations at public and private cloud services serve millions of users
- CoSign Signature Web Agent (SWA) or API (SAPI) can be used to integrate any other form, workflow, EDM/ECM or business applicationDesktop authoring tool vendors including Microsoft (Office Word & Excel, InfoPath), Adobe and other PDF suppliers, IBM (Lotus Forms), AutoCADElectronic Document Management system vendors including Microsoft (SharePoint), NextDocs, Laserfiche, IBM, Oracle, OpenText, etc.Workflows automation vendors including Microsoft (SharePoint), Nintex, and K2 (BlackPearl and BlackPoint)ERP, CRM, MES, LIMS and ELN systems
- eClinical Portals: CTMS and eTMF web applications where clinical sites, IRBs, labs, CROs and sponsors participating in clinical studies can sign FDA Regulatory Packet forms, agreements and other documentation. This includes sponsor or CRO hosted private clouds and leading SaaS vendors.Patient Reimbursement Portals: Hosted web portals for patient assistance and reimbursement support. In these portals, doctors that prescribe drugs, and patients seeking financial assistance to pay for the prescriptions, can digitally sign the required documents to apply for reimbursement.Electronic Medical Records: web based, HIPAA compliant EMR services enabling staff and patients to sign various medical documentation. Contract Lifecycle Management: hosted CLM clouds for various parties to sign and counter-sign contracts and agreements.