May 13, 2020

What To Know About eSignatures For Government Agencies

In this article, we explore the key differences between digital signatures and eSignatures, and how to choose which is right for your agency.
Posted by Megan Wells
An image of someone signing paperwork.

If you work in the public sector, and your department or agency is evaluating electronic signature (eSignature) or digital signature solution, there are a lot of things to consider: technical specifications, compliance standards, internal processes and personnel behavior.

The good news is that the acceptance of and preference for eSignatures within government settings continues to grow. As standards and security improve, agencies can reap the benefits of digital technology without the challenges that previously hampered adoption.

[Read More: This article is part of our series on What are online government services?]

For example, the Vermont Department of Information and Innovation (DII) says switching to eSignatures has, in some cases, shortened its contract approval process to within two business days.

In this article, we cover some of the basics of eSignatures and digital signatures, their legality, the compliance standards that guide them, and what benefits they can have for a government agency. We’ve also spoken to a number of government employees in a range of different departments to share their key takeaways when implementing an eSignature system.

What’s the Difference Between eSignatures and Digital Signatures?

Though it sounds like eSignatures and digital signatures are synonymous terms, there are a few key differences that set these two apart. 

eSignature defined

The U.S. Federal ESIGN Act, which passed in 2000, defines an electronic signature as an “electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.” 

In short, an electronic signature is a legal concept as long as you’re able to verify a signer’s identity and “intent” to sign a document.

Examples of forms where eSignatures are ideal include Special Events Permits, Business Licenses and internal forms like Purchase Orders.

[See some examples of Business License Forms that require signatures.]

Digital signature defined

A digital signature is more complex. Specifically, it’s security measures are more far-reaching. A digital signature contains an algorithm that encrypts a signature and generates a unique digital certificate to verify the authenticity of a signed record.

StateScoop, in it’s recap of California Assembly Bill 2296 (more on that later in this article) offers a succinct definition of how the two differ: 

“Though the two terms may seem interchangeable, they actually represent two very different methods of electronic identity verification — an electronic signature consists of a symbol signifying that a person is agreeing to sign a document, while a digital signature joins that symbol together with a secure certificate verifying the identity of the signer.”

Many municipalities use a combination of these signature types. Joe Battinelli, Business & Location Innovative Services Supervisor at Cabarrus County North Carolina, says they use almost every signature option available. “For some forms, eSignatures are sufficient – a person can type in their name and it transforms it into a nice cursive signature and you just hit submit. Other forms require the added level of security and encryption, so we have used Adobe Sign digital signature that uses a certificate based digital ID so they can submit. And in the case of federal forms we have a signature pad that can be brought to the signer.”

An image that explains the difference between eSignatures and Digital Signatures, via SeamlessDocs.

Are eSignatures Legitimate and Secure?

When it comes to choosing which signature type is right for your agency, know that both are legally binding. Electronic signatures are easier to implement, but digital signatures provide an added layer of security. Both are enforceable, but there is less enforcement risk with a digital signature.

Agencies we spoke with tackle which to use on a form-by-form basis. Shirlene Larsen, an accountant for Box Elder county, said her agency doesn’t use eSignatures for contracts that represent an obligation between two parties. “Instead, we mostly use it for application submittals–like a request for tax exemption, employee requests for travel, job applications, purchasing supplier justification forms, grant applications, property tax appeal forms etc. None of these are contracts where I think we would have any compliance issues from both parties being legally obligated.”

Mrudul Sadanandan, IT Manager for the City of Sacramento, remembers that when his department initially ventured into the eSignature possibilities, there was a lot of confusion around what constitutes a legally binding signature. “As technology has evolved and people within our organization see the benefit of eSignatures, more people have become open to the idea that we don’t need digital signatures, with the highest level of security, for every form.”

Batinelli says his agency is about a 70/30 split—online vs. actual signatures—and among the digital options they employ, they rely most on eSignatures.

Compliance Legislation for Electronic Signatures

There are electronic signature compliance standards your agency should consider when vetting software. Some municipalities may already have a list of approved vendors to choose from. The City of Charlotte for example has approved two eSignature vendors.

In agencies where this work has not already been done, it’s important to know what compliance standards are at play. These include:

  • The U.S. Federal ESIGN Act – Passed in 2000, this is the federal law that lays out the guidelines for interstate commerce. The ESIGN Act was the first to state explicitly that a contract or signature “may not be denied legal effect, validity, or enforceability solely because it is in electronic form.”
  • Uniform Electronic Transactions Act (UETA) – Most states have adopted this uniform act that aligns state laws around the validity of electronic signatures.
  • California Assembly Bill 2296 – Approved in 2016, this legislation set clear standards around how state and local agencies can use both electronic and digital signatures. It also made it much easier for CA agencies to get online signature systems up and running.

As with any new software provider you’re considering, it’s always best practice to ask them to provide proper documentation first and ensure that they check the boxes you need them to. Nyota Brown, Compliance Manager for the City of Charlotte, says she asked the city’s eSignature software vendor (Kofile GovOS) to provide complete eSignature security documentation in the final contract terms.

Security Measures to Ensure Compliance

Kofile GovOS, for example takes security measures very seriously, providing users:

  • An audit trail tracking every signer action 
  • 256 bit AES encryption and TLS (Transport Layer Security) 1.2
  • Access permission control of designated signers 
  • Unique signatures created by each user
  • Geolocation on every eSignable document
  • User authentication with multilayered authentication options 
  • Timestamp logs of action in the document process 
  • An audit log of complete document history

Of course, depending on the complexity of your forms and workflows, you may run into fringe cases. Brown said, “One issue we encountered was signing multiple pages at one time so that we maintained the integrity of the signing process. We were able to overcome this by uploading the signature pages as the routing cover and requiring all signatures before being able to route the document to the next person.”

Additionally, eSignatures help to improve security. A manual process means more room for human error:

  • Lost documents
  • Errors in processing
  • Insecure storage 

Mistakes such as these can be damaging to a department. Actually, human error in data processing accounts for roughly 52% of security and data breaches, and 53% of C-suite executives and 28% of small business owners cite human error or accidental loss by an outside party as the leading causes of data breaches.

(image courtesy of consilium.europa.eu – “Making e-signatures everyday practice“)

Time Savings and Improved Efficiency

Electronic Signatures significantly streamline workflows and processes. By eliminating the manual work of physical forms which requires documents to be:

  • Printed
  • Filled in
  • Handed off for processing
  • Physically moved around internally for signatures
  • Manually filed
  • Documents need to be carbon copied  

Files may sit on someone’s desk for minutes, hours or days before they are tended to, adding extra time and cost to the processing process. If your department has adopted, or is thinking about adopting, LEAN management practices, elimination of waste due to over-processing can save costs and improve turnaround times.

By digitizing the process on forms like procurement documents, HR documents, personnel action forms, special events permits you can become much more efficient. Ellen Zoppo-Sassu, Mayor of Bristol, CT estimates the city saved “more than 1,000 hours a month in processing time—on top of added savings attributed to reduction of printing and storing printed submissions” by digitizing paper-based forms using GovOS Studio.

That time savings is then multiplied for every form that can be completed with an electronic signature. For Brown’s team in Charlotte, the biggest benefit of eSignatures was the elimination of manual routing and tracking.

“Now we can route and monitor the contract execution process online, which improves the integrity of the process and minimizes the possibility of records getting lost. Because we can track the progress of a document online, this frees up my team’s time for tackling other tasks. In the past that time would be spent walking from department to department to deliver documents, ask about the status of documents and coordinate schedules for updates.”

Mrudul in Sacramento saw similar results. “Moving the legally binding contract signatures to an electronic version reduced the time and cost of contract execution for us.” 

When implemented properly, an eSignatures system could potentially pay for itself in process improvements and error reduction.

How to Get Buy-in Across Your Organization

When it comes to implementing change, it’s not just technology and processes that you need to consider. The human element is a critical component to ensure high adoption rates. 

Jamie Klenetsky Fay, Digital Media Manager for Morris County, NJ recommends framing the case for eSignatures from the end-user perspective. “When we began talking about implementing an eSignatures feature, I asked, ‘Well, what if you had to submit this form, do you have a printer at home that you can use to print this form so you can sign it? Do you have stamps so that you can mail in the completed form?’ That helped our team empathize with the citizens who relied on these forms.”

Keep in mind, it’s not just the technology that’s changing, but also systems and processes that people have come to rely on. Perhaps the most important component to winning your team’s trust when changing to electronic signatures will be educating and empowering them so they feel comfortable with the new technology faster. 

Muhammed Umair, System Applications Specialist for the City of Bristol says no matter how ubiquitous electronic signatures become, there’s always going to be a learning curve. “Changing people’s mentality—no more paper!—it’s not easy, but it can be done. You have to teach everyone that now they just have to click a button and apply a signature, and then it will move on to the next person to get the signatures it needs.” 

How to Incorporate eSignatures into Existing Forms and Workflows

Best practices for seamlessly incorporating eSignatures into your existing workflow are:

  • Select important documents to digitize: Don’t bite off more than you can chew. Start by selecting one or two forms to add the eSignature option on and test its success. Are there lessons that you can implement as you continue to roll out the process to make it more successful? 
  • Model other rollout plans: Look to how other departments have successfully implemented their eSignatures, and replicate their blueprint. 
  • Consider cross-departmental communication: Incorporating new technology will involve many different staff members across different departments. For example, the procurement department probably can’t make any decisions about technology without considering the IT and security teams needs. Be sure to communicate change early and often to make for a seamless rollout.
  • Test Everything: Muhammed in Bristol underscores the need for testing before going live with your eSignature system. “Do a lot of testing in the beginning! Try to think through every scenario, i.e. if someone’s not there, can someone else sign it?”