Electronic John Hancock
October 20, 2011 8:02 AM Subscribe
What's the best way to handle an electronic signature on a website-hosted submission form?
You're not my lawyer or programmer, but I need help wrapping my head around an online form that submits to secure database that must include a digital signature, as requested by the client. (If it has any legal ramifications, my company and our client are both located in Mississippi.)
We have to program two secure forms: credit review/application and employment application. Both will be SSL protected and will be stored in online databases, not sent over email. The client is asking that both feature online signatures, but will not explain why, what they need, etc. Their only reasoning is that "we ask for signatures on the printed forms since Day 1, why should the website be any different?".
With that said, what must the forms contain to be legally binding and/or serve as proof that the submitter read/understands/validates their own info? A simple checkbox or yes/no? Enter in name? Type in initials? Sign a piece of paper and upload JPG scan?
You're not my lawyer or programmer, but I need help wrapping my head around an online form that submits to secure database that must include a digital signature, as requested by the client. (If it has any legal ramifications, my company and our client are both located in Mississippi.)
We have to program two secure forms: credit review/application and employment application. Both will be SSL protected and will be stored in online databases, not sent over email. The client is asking that both feature online signatures, but will not explain why, what they need, etc. Their only reasoning is that "we ask for signatures on the printed forms since Day 1, why should the website be any different?".
With that said, what must the forms contain to be legally binding and/or serve as proof that the submitter read/understands/validates their own info? A simple checkbox or yes/no? Enter in name? Type in initials? Sign a piece of paper and upload JPG scan?
I've programmed online systems that comply with the Federal Electronic Signatures in Global and National Commerce (E-SIGN) Act. While you may not be required to follow its guidance for your particular system, you couldn't go wrong doing so.
It isn't as onerous as it may seem. The key points are that you are reasonably sure the person completing the form is who they say they are (login credentials), they are given alternatives to sign in the traditional way and you have a record of the signing act (usually denoted in your database).
Your lawyer will likely feel comfortable with this approach and your programmer shouldn't find it too difficult if your application has authentication and database tables already.
posted by dgran at 8:34 AM on October 20, 2011
It isn't as onerous as it may seem. The key points are that you are reasonably sure the person completing the form is who they say they are (login credentials), they are given alternatives to sign in the traditional way and you have a record of the signing act (usually denoted in your database).
Your lawyer will likely feel comfortable with this approach and your programmer shouldn't find it too difficult if your application has authentication and database tables already.
posted by dgran at 8:34 AM on October 20, 2011
This thread is closed to new comments.
I would have the user type in their name or initials into a form field that says something to the effect of "By typing in my name I agree that I have read the blah blah blah and agree to the blah blah blah".
posted by Jairus at 8:18 AM on October 20, 2011