Legal Compliance - Electronic Signatures
On June 30, 2000, the Electronic Signatures In Global and National Commerce (E-SIGN) Act was signed into federal law and became effective on October 1, 2000. The E-SIGN Act implements a national uniform standard for all electronic transactions that encourages the use of electronic signatures, electronic contracts and electronic records by providing legal certainty for these instruments when signatories comply with its standards.
The E-SIGN Act includes several key provisions that address its: (1) scope; (2) application; (3) consumer consent requirements; (4) validity requirements for electronic signatures, electronic contracts and electronic records; (5) retention requirements for electronic contracts and records; (6) notarization rules; and (7) national uniform standards for the banking, insurance and stock industries.
Similarly, the Uniform Electronic Transactions Act (UETA) provides a legal framework for electronic transactions, and it gives electronic signatures and records the same validity and enforceability as manual signatures and paper-based transactions. This model act was adopted by the National Conference of Commissioners on Uniform State Laws (NCCUSL) in 1999. To see the full text of the act and additional information, see the NCCUSL website at www.nccusl.org.
AssureSign LLC guarantees full compliance with the requirements and standards of both the E-SIGN Act and UETA for all AssureSign Electronic Signature products.
Resiliency and Survivability
As a hosted, web-based, Software as a Service (SaaS) offering, AssureSign is an enterprise-class mission critical application for all users and must be available 24 hours a day, 7 days a week. AssureSign data centers are hardened, carrier-grade facilities and all network elements are designed to support 99.99% uptime. AssureSign’s main location in Altamonte Springs, FL has dual entrant services from CenturyLink and tw telecom via OC-12 and OC-48 SONET rings, respectively, ensuring network connectivity. AssureSign servers and supporting systems are in secure, limited access, firewall protected, environmentally controlled data environments. The data center and building is supported by UPS (Uninterruptible Power Supply) and diesel generators for long-term power support. An all-encompassing system monitoring process, via proactive mechanisms and SNMP reporting, guarantees that the distributed processing systems are never compromised. AssureSign also maintains a disaster recovery and failover facility in Atlanta, GA with the same infrastructure and support contingencies.
Security
An AssureSign electronic signature contains biometric and forensic elements that make it more secure than a pen and paper signature process. AssureSign captures ‘the act of signing’ and stores the biometrics of the signature executed with a mouse or stylus. Additional elements of the signature such as email address of signatories, recipients, IP addresses of signatories, dates and times are also captured and stored. AssureSign enlists numerous methods to ensure all transactions are confidential, secure and can only be accessed by authorized users. Each AssureSign user is provided with a unique user name and password that must be entered each time a user logs on. All signature and document review/retrieval transactions are conducted over Secure Socket Layer (SSL) technology. This protects your information using both server authentication and data encryption, ensuring that your data is safe, secure and available only to registered users in your organization. Your data will be completely inaccessible to any other AssureSign user organization.
AssureSign, and sister company 3PV, have completed and store over 29 million verbal and written contracts and documents for Fortune 500 companies; passing numerous security certifications and evaluations. These records and customer specific data contained therein, such as customer names, address, telephone numbers, credit card and other personal information, are encrypted using a Rijndael (AES) symmetric encryption scheme. Internally, a GUID based multi-field indexing system has been implemented to eliminate any possible random manipulation of data. Integration communication over secure channels requires a 32-bit secret authentication key which is unique across all 
AssureSign accounts. To enhance security for the enterprise and the signatory, AssureSign can also offer front-end authentication options offering email, password and third-party integration to authentication providers. AssureSign has obtained an entity-wide SAS 70 Type II certification, encompassing all aspects of the enterprise and data center.
Follow AssureSign:
