Ensuring Digital Signature Lawfulness for Life Sciences in Australia

  • Quick to start
  • Easy-to-use
  • 24/7 support

Forward-thinking companies around the world trust airSlate SignNow

walmart logo
exonMobil logo
apple logo
comcast logo
facebook logo
FedEx logo

Your complete how-to guide - digital signature lawfulness for life sciences in australia

Self-sign documents and request signatures anywhere and anytime: get convenience, flexibility, and compliance.

How to Utilize airSlate SignNow for Efficient Document Signing

When dealing with the digital signature lawfulness for Life Sciences in Australia, airSlate SignNow provides a secure and compliant solution for signing important documents. By following the steps below, you can streamline your document workflow while ensuring legal compliance.

Steps to Utilize airSlate SignNow:

  • Launch the airSlate SignNow web page in your browser.
  • Sign up for a free trial or log in.
  • Upload a document you want to sign or send for signing.
  • If you're going to reuse your document later, turn it into a template.
  • Open your file and make edits: add fillable fields or insert information.
  • Sign your document and add signature fields for the recipients.
  • Click Continue to set up and send an eSignature invite.

airSlate SignNow empowers businesses to streamline their document signing process with a user-friendly and affordable solution. With great ROI, ease of use, tailored scalability for SMBs and Mid-Market, transparent pricing, and superior 24/7 support, airSlate SignNow stands out as a reliable choice for all document management needs.

Experience the benefits of airSlate SignNow today and revolutionize your document workflow!

How it works

Open up a PDF file in the editor
Draw your signature using your finger
Download, print, or email your form

Rate your experience

4.6
1647 votes
Thanks! You've rated this eSignature
Collect signatures
24x
faster
Reduce costs by
$30
per document
Save up to
40h
per employee / month

Award-winning eSignature solution

be ready to get more

Get legally-binding signatures now!

  • Best ROI. Our customers achieve an average 7x ROI within the first six months.
  • Scales with your use cases. From SMBs to mid-market, airSlate SignNow delivers results for businesses of all sizes.
  • Intuitive UI and API. Sign and send documents from your apps in minutes.

FAQs

Here is a list of the most common customer questions. If you can’t find an answer to your question, please don’t hesitate to reach out to us.

Need help? Contact support

Related searches to digital signature lawfulness for life sciences in australia

digital signatures on contracts
accepting digital signatures
electronic signature protocol
federal law electronic signatures
electronic signature requirements
federal court electronic signatures
electronic signature guide
consent for electronic signature
be ready to get more

Join over 28 million airSlate SignNow users

How to eSign a document: digital signature lawfulness for Life Sciences in Australia

Hello everyone! Thank you for your patience you for your patience and welcome to the Webinar titled: “Implementing Digital Signatures in an FDA Regulated Environment” presented by Perficient’s Michelle Engler, who is a senior solution architect in Life Sciences practice. We also have Tina Howard, head of QA, and Sally Miranker, head of computer system validation, with us today and they’ll both participate in the Q&A session. My name is Eugene Sefanov and I’m the marketing manager for Perficient’s Life Sciences practice. Before I turn it over to Michelle, I’d like to cover some basic housekeeping items and also provide a brief overview of Perficient. So, all participants on this call will be in a listen-only mode (this means that everyone is on mute). You can submit questions to the speakers at any time today by typing them in the chat feature, which is located on the left side of your screen. Please do make sure you state your questions clearly, and keep in mind that other webinar participants will not see your questions or comments. However, your questions to the speaker will be anonymously addressed as time allows during the end of the presentation. If you do still have unanswered questions after the webinar or would like to request information about our services, feel free to use the contact information that we’ll provide in the presentation. And you can also fill out the contact forms found on Perficient’s website. Please note that this webinar is being recorded and the recording will be sent to you within several days, along with a link to the PDF version. Now that we’ve covered some logistics, let’s move on to a quick overview of Perficient. So, Perficient is an IT consulting company that offers a whole host of IT solutions for a variety of industries, including of course Life Sciences. We have employees and offices all over the world, including the locations you see on this slide. And as many of you expect, many of our clients are based in North America and Europe. This slide right here contains a bunch of facts  I’ll point out a few of them. We were founded in 1997. We are a publicly traded company on the NASDAQ and, lastly, at the moment we have a little over 2,000 employees. So, Perficient offers to its clients many different types of business and technology solutions (from Business Process Management and Information Management to Content Management systems and Portals). We also have a broad portfolio of solutions that we work with. The services we provide are what you would typically expect from an IT consulting company and we work with implementations and upgrades, cloud hosting, applications support, project management and so on. When it comes to Life Sciences specific IT applications, we cover the Data Management and EDC space, Safety and Pharmacovigilance, Clinical Trial Management, Data Warehousing and Analytics. And, finally, Perficient has many different Software partners, including of course ARX, which is the maker of CoSign, and this is the application that we’ll be discussing today. As mentioned earlier, we have Michelle Engler, who is the senior solutions architect and who will present to you, guys, today. And during the Q&A portion, Sally Miranker and Tina Howard will join us. So, now that I’ve covered the housekeeping items, I’d like to pass it over to Michelle! Thank you, Eugene. So, I am Michelle Engler, the senior solutions architect at Perficient Life Sciences. I have to mention that I live in Northern California and right now we have a big storm coming over ahead, so there is a possibility that I could potentially lose connection. If that does happen during this webinar, Tina and Sally will come on and take over for me. So, if that happens and we lose connection, just bare with us while we’re getting reorganized and we’ll continue on. So I’m going to share my screen in just a moment here...Okay…Eugene, can you confirm that you can see my presentation right now? Yes, I can see it! Great! Thank you! Okay, so today I’m gonna go over digital solution and that process for bringing a digital solution in-house at Perficient Life Sciences. I’ll go over the digital signature technology, the requirements that we had for digital solutions; look at the available signature solutions that we evaluated along with comparing the solutions with 21 CFR Part 11 Compliance. We’ll talk about implementing and validating and releasing digital signature solution and our future plans for digital signatures in Life Sciences. And then we’ll do a demonstration and then take questions. So, as an overview and to provide the background for digital signatures, you often hear talk about electronic signatures and digital signatures and it’s important to recognize that they’re related but they are different things. Electronic signature, it means an electronic sound, symbol, or a process attached to or logically associated with the contract or other record and executed or adopted by a person with the intent to sign the record. A digital signature is an electronic signature, but it’s based upon cryptographic methods of originator authentication, and it’s computed using a set of rules and parameters such that the identity of the signer and the integrity of the data can be verified. So the message here is that digital signatures are electronic signatures, but that they provide the highest level of security when executing digital signatures and they have universal acceptance. They’re based on Public Key infrastructure technology and they guarantee the signer identity and intent, data integrity and non-repudiation of signed documents. So, what is a digital signature? A digital signature is taking the concept of a paper-based signing and turns it into some electronic “fingerprint”. This electronic “fingerprint” is unique to both the document and the signer and binds them together. The interesting thing about a digital signature is, once a document is signed, that signature is actually embedded in the document and that lives throughout the lifespan of the document. Regardless of whether the system used to execute the digital signature is there or not, that document will be with its signature as long as the document is relevant. A digital signature ensures the authenticity of the signer. Obviously, this is very important in terms of maintain compliance in a regulated industry. It also will invalidate: in the case hat a document was signed and then some of the information that was signed or the document itself was tampered with or changed after the signature was made, the signature will be invalidated and there will be a clear delineation that that has happened. So, you’re sure that what was signed with a valid signature has the correct content. Is a digital signature legally enforceable? It is! In 1999, the EU passed the “EU Directive for Electronic Signatures” and on June 30, 2000, President Clinton signed the Electronic Signatures in Global and National Commerce Act (ESIGN), and this made signing electronic contract and documents as legally binding as a paper-based contract. Today digital signatures solutions are carrying legal significance. We’re seeing them in the financial industry… we’re seeing them with the government using digital signatures…So there’s more and more acceptance and more and more use happening every day. In terms of Perficient Life Sciences, when we were BioPharm  that’s when we started this project  we had a group of about 78 employees and contractors and what we wanted to do was find out what would bringing a digital signature solution in-house look like for us. We wanted to do just a general survey to get information about how much time were we spending with making paper-based signatures and what would the time savings be and whether it be worth it for us to bring in a solution and validate it and do all the training associated with it. Was there enough of the business case there? So, we created a survey in Survey Monkey and just wanted to assess the business needs, and we were able to get responses from 53 of our employees and contractors. So, based on that, we processed approximately 856 signatures per month. Then we made a metric to determine how long actually does it take to print, sign scan and upload these scanned documents and mail the original document to headquarters for each signing and each signatory. Actually, this is important, because we often have multiple signatories on a document and this metric is for typically that one single signature and we’re assuming it’s taking about 20 min./signature (or maybe less or maybe more, depending on various factors: where people live, other technologies working and those kinds of things). We factored it all out and determined that we’re spending about 420h/month simply signing documents and getting paper and routing paper to the right place and then scanning these kinds of things. And then we estimated that it would take about 5 min. or so to do a digital signature and then determined, “Okay, if we were to only have 5 min. per signature, that would be 105h/month approximately. And that would give us approximately 75% or 214h/month time savings.” We didn’t account for variables such as where the signer is located in terms of mailing, equipment limitations, cost of materials (like paper and printer ink), and also the management of the hard copies of the document was actually a significant task, but we didn’t include that in our metric. You can see that bringing digital signature solution in was definitely gonna save us some time and aside from that increased morale, because printed, signing , scanning, and uploading it’s not the best part of the job. I mean, it’s one of the things that has to happen if we need to pass signatures on, but it would be nice to alleviate some of those pain points for our employees and contractors. So, considering all of that, we decided to start on a quest of what we were gonna do for digital signatures. What were we gonna do in terms of bringing a digital signature solution and also we wanted to find out which departments in a Life Science business unit are most impacted with signing documents? And so this was no surprise that it turned out that QA and validation signed the most documents. It was a surprise to me, anyway, that our CEO and President was signing 100docs/month and also that It was signing so many documents. So, there were some surprises around this, but what it’s showing is that by bringing in a digital signature solution we were gonna increase efficiency, especially in the QA and the validation realms of our business, and definitely in IT, as well. Then we looked at what types of documents are we signing. There are many, many validation documents that are produced, but there are key ones that we’re signing over and over and over again. And these come into validation documents including GxP assessments, risk assessments, plans, quality procedures, testing documents. So, all of the documentation required to do business in the Life Sciences realm, there are documents we’re signing. So, after doing the survey, we determined that it would be a good idea to pursuit researching what types of solutions are out there, but, before we could do that, we had to come up with some requirements, so, we listed out a few important requirements. First of all, the solution had to support definitely PDF, but also we thought it would be helpful to have it support Microsoft Word and Excel. And this was more in the realm of the idea that we could possibly use a solution to take our paper-based testing methodology and make that all electronic  we’ll talk more about that as we get further in the presentation. We needed the solution to allow for multiple signatures per document  nearly any document we sign has more than one (at least three) signatures on it, so that was an absolute requirement. And then this concept of sectional signing in Microsoft Word, this again was along the lines of trying to have a solution to run test cases electronically, as opposed to doing it with a paper-based solution  and I’ll show that actually live! And then also it obviously has audit trail and secured time stamps. We wanted to allow for some workflow (whether it’s a sequential workflow or a parallel signing workflow) and we wanted an alert to be sent when someone signed. The system that we use is the Alfresco, EDMS (Document Management System) and, ideally, we wanted a solution that would integrate with that system. Certainly, we had to be compliant with 21 CFR Part 11 and then we wanted the username and password be managed through active directory. That seemed to be the most logical choice in terms of handling and authenticating signers. The company that has provided a solution to us to have some form of email support, in case there were issues or questions, and then that the system would be easy and intuitive to use without requiring a larger burden on the implementation team in terms of training and answering questions; we wanted the system to be easy enough. Then having that system with a trial period always helps, because we can sort of assess it on our own . And then we wanted to have the system be available on the cloud. We kinda went full circle on whether to have a cloud or an in-house system, and I’ll speak more about that as we get a little bit further in the presentation. So, after having these requirements put together, we went out and tried to find all the digital signature solutions. At that time, we didn’t really know about the electronic signatures or digital signatures what kind of signature solutions were out there, so, we really opened up the lens of what can we bring in-house. We ended up with a number of them and tried to reduce down to five initially, and as you can see here, we have , AssureSign, Signadura, CoSign and EchoSign. We quickly ruled out EchoSign because, based on the way that we were going to use the solution, it was the most expensive solution for us. And then the Signadura was kind of our wild card…It’s built on open source software and it’s actually manufactured by a company in Spain. So, we wanted to take a look at that, but , AssureSign and CoSign were really leading contenders and were all really good options. Signadura we ended up ruling out based on us feeling that it wasn’t really ready for the prime time that we were gonna be putting it under and also because it always signs PDF, so, we wanted to be able to sign more documents than just PDF. Looking at and AssureSign and CoSign, they are all very comparable, but we ended up going with CoSign. And here is why… They have a cloud-based option, but they also offer the ability to have a pre-installed, un-configured appliance provided to us, and that would save us having to train somebody or have somebody figure out how to do an installation. We actually had an actual server sent to us that was already ready to go with the CoSign application on it. And then the solution also provided for a signing of all types of documents. This is the only one we found that could do this! So, it does PDF, it does signing of Word, Excel…This functionality is, I think, part of our future. You know, that’s the way that we envision using this tool to take it to the next level, so, having CoSign support that, was a big plus for us. They’ve already integrated CoSign with SharePoint and they’ve also integrated it with Alfresco, which is not the version of Alfresco that we’re using. And so what was done is that they evaluated instead of having an integration point which we were hoping for, they have a full web developer’s API, which means you can integrate the solution with any system. You know, any system that needs digital signature, you can use the API to access the functionality of CoSign. So, that was attractive to us, as well, because it would allow for us to develop a connector with our document management system down the road. It also provided for client software for our power users and the option of signing documents just through a web app with no footprint on the actual computer. Of course, the fact that it allows for prepping of documents for signatures was helpful for us, because what that means is that the validation compliance team can really have control over how documents are signed and where the signatures go, and they prep where those signatures should go and then send it out to the signatories to just click and sign. So, that prepping process really helps to maintain compliance and consistency in the signing of our documents. Of course, they provided adequate support: they provided a resource to help with configuration and questions that we had. They were definitely available to us through email and phone, and that was a big plus, as well. It was a cost-effective solution. It was competitive in terms of cost with the other solutions. And it was able to provide all of our employees and consultants with the ability to sign. We had talked about just identifying who needs to sign versus who doesn’t, but then having that hybrid process we just wanted to allow everybody to be able to sign. So, they were able to provide us with a cost-effective solution for that to happen. And then, finally, we came up with this idea that Perficient Life Sciences, after going into this process of bringing in additional signature solution, validating it, configuration it, figuring out how to use it in this regulated environment, that we could become an implementation expert for this solution for our clients, and have some value added to our clients. And even have all the documentation and everything ready to go! So, they gave us the opportunity to do that as well. So that was the solution we picked, but we did a due diligence. CoSign already has an evaluation of their solution against the FDA 21 CFR Part 11 regulations. We wanted to go through it and satisfy our QA people and our validation team that indeed this does meet regulation, ing to our interpretation of the regulation. So, we went through this  I’m not gonna go through this line-by-line  and I wanna point out that each of these items, when you see the check mark we identified that CoSign does provide the ability meet that regulation and when you see the N/A they were not applicable, and those particular items had to be met with procedural controls. And these are things like record retention and receival period: these things are done through procedural controls in our industry. So, I just wanted you to know that we went through each part and subpart of the regulation and satisfied ourselves that CoSign and our procedures combined were able to meet the regulations. That said, we set up to bring the solution in-house and this is what it looked like. First of all, we received the appliance and then we installed it  and what I mean “installed”, we installed it in our data center. Of course, we received an appliance that was already installed (just not configured!) and ready to simply be plugged into our data center. And then we went through the configuration process with help from ARX. And then we installed the CoSign web application in a separate web server. We had to add a couple of groups to our Active Directory (a user group and an administrator group) and then…This is actually, probably, the biggest task: determining how the system can be used for our existing documents. We had to update signature block center document templates to accommodate the digital signature. We had to, you know, really get clear where was the meaning of signature capture, you’ve got the whole name in there…How was that all being handled? So, we went through the processes of evaluating the templates against the digital signature solution and then modifying them, so that all the regulations are met and that we have consistency and that the solution fits in nicely with the way our documents are put together. And then after that we went through the full preparation and execution of the validation of the system and that includes: the validation plan, requirements specifications, traceability metrics, protocols, installation logs, installation qualification test suite, summary reports, the PQ test suite etc. So, we have the whole gamut of documentation, and we went through this ourselves in order to validate the system. And there’s another deliverable I want to mention (and which is actually pretty important) and that was our configuration specification. You know, in addition to bringing the system in, it has to be configured in a way that’s adhering to the regulation requirements. So, with that we had to get really clear in how we’re configuring the application server, how we’re configuring the client, what is this gonna look like…we wanted the signatures to be the same between the two…So, all that process took some time of evaluating and really looking at it and then coming up with exactly how we wanted everything to be laid out. All that documentation is produced, we went through the validation pretty seamlessly and then at the end we had a validated solution. Another aspect of having a validated solution is training! We wanted to have the appropriate guidelines and guides in place, obviously, to support the application. So we made these three guides: there’s the client user guideline and there’s one just for web application users and then there’s administrator guide. And then we had to create new application roles in our and our training matrix, so, we have the super user role and the CoSign user role. And then these roles have to assess who is gonna get the super user role, who’s gonna get the user role, and then figure out who had the training and which guideline and that kind of thing. And then we created training materials. So these training materials consisted of having an overview of the system provided to all users of the system and then two separate trainings, because not all users would use the client but they would use the web app. So, we did one training on just the CoSign client and that included a presentation and a video and we did a training on the web application portion, again with a video and a presentation. Finally, we had to look at our existing procedures and they were modifications that needed to happen to those procedures, and in particular our Controlled Documents procedures needed to be updated to allow for digital signatures. And then another important part of ‘crossing our t’s and dotting our i’s’ is to send a letter of non-repudiation to the FDA to inform them of the use of our digital signatures. And then it was time to release the digital signatures solution. We had trained a group of Tier 1 support representatives, so when questions came up after releasing the solution, we’d have people available to help with those questions. We also set up an internal bug tracking system (or product) within our internal bug tracking system to just accept general issues and questions with the implementation of CoSign. If we made a mistake and something needs to be updated, we wanted a way to track those things, so that we could correct them in the future. And then, of course, we sent out the Controlled Document required training notification, and the finally provided all the supplemental training materials (the video, the live session, the presentations). And then we schedules rolling releases. Typically, when we rolling release new guidelines and we wanna give access to the system, always the time frame will be one month after we released the guidelines when we’ll give access to the system. But, just because of the added value the system would bring to our organization, we set up a rolling release schedule, which meant if users trained sooner, they would be given access sooner. So, we had rolling releases set up for two weeks after the notification was sent and then one week after that and then one week after that, and then we opened up the system and just did on-going training and release of the application to the users. We also provided subject matter experts providing installation support to any of the users that had completed training and required the CoSign Client. And then we fully released the solution in August of 2014 and it’s been a pretty seamless process in terms of using it and we’ve gotten a lot of positive feedback about this solution. So, we’re up and running and everyone seems to be happy…So, that’s all good! What are our future plans with this system? I’ve mentioned this before and this is something I’m pretty excited about…The idea of using CoSign “Sectional Signing” feature, to allow for a completion of test cases electronically and I’ll show a live demo of that as well. We also wanna develop a connector between ARX CoSign and our Alfresco community EDMS. And then we wanna be able to provide implementation and validation services  and actually hosting services should be listed as well  for our Life Sciences companies wishing to implement CoSign. So, that’s that and we’re gonna jump right into the demonstration. I’m going to start with the web application…Eugene, could you confirm you can see my screen? Yeah, looks good! Awesome! Okay, great! So, this is the login for the web application and it takes my credentials and then sign in. It’s pretty simple  if I enter my credentials correctly! There you go! So, here I am… Now, the solution does integrate with other functionality in the cloud (the Dropbox, Google Drive, box, and SkyDrive), but we have not turned these features on. We’re simply doing it right from the desktop and there’s a lot of considerations about whether to use these functionalities or not. I think that’s truly a company decision. In our case, we’re not using them! So, if I wanted to sign a document, I would simply click ‘Browse’ and then here I have a template I have already prepped with the CoSign OmniSign. As you can see, it opens up and then it simply has three sign fields. If I were to sign it, I would just click on ‘Sign’. I have to reenter my password and I click ‘Apply’…And there it is! My signature is there. If I clicked on this signature, it would give me details about when it was signed, the Perficient certificate authority, the user email and so forth. So, this document then, if I were to click ‘Done’, it comes up where I can either download a copy or send it to possibly the next person to sign via email. All that is facilitated through the application! So, the web app is actually incredibly simple and that’s the idea behind it: it should be easy, without causing much pain points for our users  and it’s actually proven to be that way! The other question here is, I have mentioned that this is prepped…this document was prepped, in terms of the signature fields were placed there. You can use this document to sign any document. Any document does not have to be prepped, but let me show you what it looks like to actually prep a document. So, now I’m in OmniSign and, again, I kinda need Eugene to jump in and let me know if my screen doesn’t show. So, this is a PDF document and I’ve opened it in OmniSign, and you can see there are these options of: ‘Sign’, ‘Place Signature Field’. So, if I were to prep this document, I would click ‘Place Digital Field’ and I would simply pull the box over to my signature field and I can change the size from there, as well. And I can then do another field. So, these signature fields…I’ve actually changed the sizes of our template boxes, so that it fits and we don’t have to use any of the handles…But, in any case, you simply drag these things in and then I can save this document and then send it to the first signatory. And they can sign it through the web app, or they can sign it through CoSign. I can also just sign the document right from here, by double-clicking on the signature field, and you can see it has ‘make graphical signature’, I click sign and again it’s going to prompt me for my password and then sign the document. If I were to save this document…I’m just going to call it “Signed” here and open it in Adobe, which I will open and I would then check my screen…So just a moment… Great! I’m going to change the screen sharing setting on just a moment! Okay, please confirm you can see my Adobe, Eugene. Yep, I can see it! Okay! So, this is actually how we would open it in any reader. So, I wanted to open it in Adobe to show you that the details of the signature are actually embedded in the document. And that means that I can sign this document outside of my company anywhere, and they can still see these signature properties. So, if I click on it, it’s telling me that the signature is valid and then here’s who signed it, when it was modified and when the signature was applied…And it’s also signed by the current user and that’s me. If I click ‘signature properties’, it goes into further detail. You can see it has the date and time and it also has the GMT listed. And then you can go into more properties: you can show the signer certificate, it’s got all sorts of details about what was used as the algorithm for applying the signature, what the trust level is… All of these details! This is the part of the cryptography for the signature, so, this is with the document and it can’t be removed from the document. You can’t modify the document without this showing that this is an invalid signature. So, that’s important to know. You can clear the signatures and resign them and things like this, but this is basically the functionality of signing with CoSign on a PDF document. And it’s pretty straightforward. Another thing I wanna show is the e-testing proof of concept. I’m gonna change my sharing settings, so there you go…Okay…Here we go. So, this is a Microsoft Word Template. I just adjusted my screen resolution pretty well here, to make sure everybody can see… I just have to shrink this a little bit. There we go! Okay… So, in here we find two concepts: one is the-- I guess more than one. There is this idea of field in Microsoft Word and wit field you can set up certain areas of the document that can be edited and certain areas that can’t. So, first of all, I can’t change the title right now even if I type, but I can enter my company name. So, I use this concept along with the review track changes to allow for users to actually complete test case results electronically. So, here we have an actual test case. If I were to go through and try to execute this test case, it would probably “A” for “as expected” and then maybe this one failed and it says, “BATCH QUEUE did not appear. Log Tier #” (I may even have a number for it…) And it could say, “Fail”. And then if I go down at the end of the test case, I can select my result as “failed” and leave a comment and say, “Batch queue not found.” I can type my log Tier and then there’s an option to sign. Now, what I want to show you  and this isn’t actually another CoSign functionality, this is actually a Word functionality  is that these results that I’m entering, all have an audit trail associated with them. And the reason why is that I actually have ‘Track changes’ turned on and it cannot be turned off, so, it’s permanently on right now. And so it keeps track of who did it, when they did it, and I know then that these test results are authentic; they were done electronically, but I have information about who did them and when each test case was executed. So, that’s pretty cool! And I made these macros where you can select to have a change highlighted by just selecting these macros. If I wanted to see everything that was changed, I would just click this button here to review the changes and then they would appear and I could put them back to black for printing or common use. In addition, right now I’ve got it locked down and you cannot change any instructions, but, you know, any of us who have done testing recognize that sometimes instructions need to be modified. So, in the test macro we’ve set up a place where you can correct the script error by simply clicking that button. It would open up the ability to say, “Script error such and such, should be x, y, z” etc. And then when I’m done, I can turn back on the lockdown of these steps. Now, that item that I added was added with ‘Track Changes’, so, when I’m reviewing, if I wanna see where scripts errors were happening, I can see where they happened and who did it. So that’s kind of another cool functionality. Now, in terms of CoSign, after this test case has been executed, now I wanna lock down the content; I don’t want anybody to change it. What you can do is actually sign the document through Microsoft Word, by just right-clicking on these preset items here. Again, you click ‘Sign’ and you’re entering your credentials, and there you go! The document is signed! So, this is exciting, but does it work? That’s really the question, right? So, what it’s actually signing… I can click on it and I can say, “Show signed area.” It’s only signing this test case! I have more test cases in my document, but those signatures apply only to those test cases. So, this signature applies to this test case. If I were to go in and make a change to this test case and then I wanted to validate for my signature, it would become invalidated. And so that’s how it can actually be leveraged to sign the documents. And then, in addition to that, there’s the option to change the scope of the signature meaning. So, at the end of the document, after everything is signed and reviewed and I really wanna lock it down, I can apply a signature to the entire document meaning that nothing can change…not even the signatures are allowed to change at that point. So this is the idea of how we could use the signature solution to implement electronic testing, without having to have an e-testing system be implemented. We can actually use our standard Microsoft Word format and have our documents maintain all that audit history right there for us. So that’s really what I wanted to show in terms of the demo. Possibly, there’s some questions. I have my colleagues on the line…We’ve got Sally and Tina. Sally is from computer system validation and Tina is from the validation and compliance. So, we have really great people to ask any questions about digital signature solutions in a regulated industry. Probably, there’ll be more questions about functionality here, as well. We also have subject matter experts on the line, too, and they can answer any other in-depth questions about the application. So with that, Eugene, I’ll pass it over to you and you can ask the questions! Great! Thank you! Just as a reminder, you, guys, can ask your questions in the chat feature located on the left side of your screen. We’ll kick it off with the first question, and I’ll also ask the question as it’s stated. So, the first question is: “Just curious if Alfresco has an e-sig option that you decide not to use!” There’s some signature option in Alfresco, although it didn’t quite meet our needs. We wanted to have a digital signature solution…We needed to do this prepping and where the signature can go. The signature option in Alfresco was signing the document, but it didn’t do the graphical placement of any sort of representation of the signature. So, just based on features and what we needed to actually be signed most of the time, it just wasn’t gonna meet our needs. Okay…The next question: “Have you validated or qualified the document storage on SharePoint.” This is Tina! For the Perficient Life Sciences business units we are regulated, so that we have not in our business unit validated or qualified the document storage, because we do use Alfresco as our validated EDMS. But, of course, SharePoint is completely validatable! Thank you! The next question is: “What challenges did you have to overcome, to fully implement this process?” This is Tina. From a quality insurance compliance perspective, I think one of the challenges is that we underestimated the time that it would take. It seemed like a simple process up to the new templates, making sure that all of your Controlled Documents have the meaning of signature, determining if you were gonna have signature applied through the digital signature solution itself or through your templates. For us, we decided for any regulatory document that, for sure, we would have the meaning of signature in our templates themselves, so, it’s within the documents. That was the challenge of working all that out, and then of course updating all the documents within the quality management system. All right! So, the next question is: “Have you had any problems with people cutting and pasting signatures? I’m imagining if someone did that, the credentials you showed during the Adobe overview!” That’s actually a really good question! It’s actually not possible. I mean, you can’t really copy the signature there. I suppose you can take a screenshot of it and try to superimpose it, but, if you do that, it wouldn’t have any of the certificate information behind it. So, it’s really, really difficult to be imposing as somebody else with signatures really, because of the way that this technology works in terms of the way it actually executes the signature. And then also we have to validate the signature… If you open up a document, it immediately says: “Signatures are valid,” or “Signatures are not valid,” so there’s a lot of tell-tale signs that, if something wasn’t done properly, those wouldn’t be there. And, the people that we have in our validation department are trained to look at certain items to make sure that, yes, indeed this is authentic and it was signed as appropriate. So, with that we haven’t had any trouble with this kind of cutting and pasting a signature. Another question is: “Is there any regulatory requirement to have an image of the signature, as opposed to using a signature manifest?” Tina? Um…There is not any…As long as it’s a valid solution and you can link it with the individual and you can’t falsify it, then it’s totally fine making use of either an image of the signature, or they can actually use a signature manifest. What we’ve adopted here is: either is acceptable. Whatever the signer has decided to set up their credentials with, that’s acceptable. Great! “To sign a document I must connect to CoSign with my username and password. How can I ensure that it isn’t me who signed up and not someone else with my name?” You have to have a process where, you know, your users agree to go into documentation practices and such, so, there’s nothing…I mean, people can be deceivious and steal and there’s nothing we can do about that, except for to proceduralize it and enforce it internally. I don’t know, Tina, if you wanna elaborate on that or that was sufficient… Yeah, because it is actually set up with a username and password, of course usernames and passwords need to be unique and they can only be traceable to one individual, so it’s a procedural function larger than the digital signature solution itself. It’s making sure when passwords are originally sent out for the first time that there’s a temporary password that expires and that sort of thing, to ensure that you’re mitigating every risk that password information is being shared. And then also training to ensure that the individuals know that they can’t share their information; it has to be unique. Okay! “What cryptographic was used to digitally sign the document?” That’s a good question…Let me take a look at it. You can ask the next question and we’ll come back to it, okay? Sure! The next question is: “Do you need special storage requirements for these validated documents?” That’s a good question! In some instances, if you’re signing documents with a PDF and you cannot stack those documents, meaning…let’s say you have a validation plan and you say you have a document that bore attachments. You can’t just stack those if each was signed individually, because they would invalidate the signature. So, you need to have processes in place to ensure that you can store your documents properly and that you’re conscious and cognizant about not invalidating that signature. So, that is something that does have to be, in some cases, thought through. Thank you! In terms of the encryption algorithm, it’s SAJ-1-RSA. Fantastic! All right, so the next question is: “For companies in the Pharm industry, if we are using an EDMS to sign required documents and some are signed electronically, will they be required to be tested as part of the validation?” The validation of EDMS or the doc? Can you elaborate? “…using EDMS to store or sign regulatory documents…?” I would say, to do either, you could do it together or separately. You can validate your digital signature solution, as we did, and validate your EDMS separately, which we did with Alfresco, and then use them in conjunction. If you have an interface or an integration between them, then that also would have to be validated. The next question is: “For global organizations, are there any special considerations with signing with your regulatory in addition to FDA CFR Part 11?” That’s a good question! That is a good question! More focus was on 21 CFR Part 11, you still want to take into consideration some of the EU Annex 11 requirements, but by signing by the CFR Part 11 requirements, you pretty much satisfy the EU Annex 11 requirements. Okay! So let’s go to the next question: “What do you recommend for instances where an electronically signed document is sent outside of your company? How can you be sure that that person outside the company cannot alter the document?” I can take that one! So, just based on the technology, whether the document is altered inside the company or altered outside of the company, the signature will invalidate, because it’s stored with the document and it doesn’t require any access to the server that was used to instantiate the signature. So, in that case, if I sent a document out and somebody modified the document, all the signatures would appear invalid, not only in OmniSign but also in Adobe Acrobat Reader or any other applications that have the ability to read PDFs and show digital signatures. Great! Next question: “Did you encounter any scenario during the presentation where digital signatures got corrupted and that you had to correct them? If so, how did you overcome the situation?” We didn’t see any corruption of signature. Occasionally, people set up their CoSign in a manner where it looks invalid and then we did have to do a little troubleshooting to get it sort it out, but that didn’t happen very frequently. It was never initially confirmed valid signatures, so, once it shows it’s a valid signature, it doesn’t become corrupted. Or, at least we haven’t seen that! Okay, next question is: “What about if you send the document to an agency outside of the company, will the signature credentials be lost or does that only happen if changes are made to the document?” The credentials are not lost and, again, if there is a change made to the document, then the signature will become invalid. Okay! So…By now those are the only questions that we’ve received and… I thought I saw a question about the ability to sign a document with COSign, for example, that might have been signed by another solution. So, let’s say you have a document that was signed by and the question was: “Can you also sign it by CoSign? Does that work?” And indeed it does! And the reason why it does is that signatures are embedded within the document. You know, where they are coming from, which solution is used to actually make those signatures can be any of them and they can even come together in one document. So, you also have an option of having a document be hand signed and you can have it signed by CoSign, you can have another person sign by , and all these things are going to work and play nicely together. So, that’s another important point. It is not needed to be connected to just one solution; it plays nicely with other solutions, as well. Great! And as you were asking that question, another one came up: “Does CoSign handle embedded objects in a document, such as video, audio and images?” We haven’t done testing on video and audio, but certainly on images it’s signing the whole document  like, the fingerprint of the document. So, whatever is put in that, is considered part of that document. So, using that logic, I would presume that it would work for a video as well, although I’ve not tested that out or tried it. I certainly have done it for images! So, that would be something… If there was a need, it would have to be explored a little bit further. And another one came through…”I thought that web signatures and e-sigs could not be used in the same document.” That depends on what type of document it is and the rules that are surrounding it for us. We are allowing those…A web signature is scanned and then we electronically sign on that scanned document, but there are maybe some requirements depending on the type of document that you’re signing that would prevent you from doing that. Great, thank you! So, those are all the questions and that brings us beautifully right to the hour. I’ll go ahead and close out. The slide here has contact information. You can email Michelle directly, or you can email our LifeSciencesInfo@Perficient.com for information. You can let us know your situation and your requirements and so forth, and we can talk to you about that. If you do, again, have more questions, just drop us a line or give us a call. This webinar was being recorded and you’ll receive the recording in the next few days, for you to review and share with your colleagues. We want to thank you very much for your participation and hope that the information that we provided you with today was helpful. Please check back for more upcoming webinars. We’d love for you to join! Thank you so much again… Have a great rest of the day and evening! Take care!

Read more
be ready to get more

Get legally-binding signatures now!