PROCEDURE FOR CAPTURING, RECORDING AND USING ELECTRONIC SIGNATURES. Procedures for capturing, recording and using electronic signatures.



Similar documents
DATA RETENTION POLICY

Disposal Schedule for Functional records of the Electricity Supply Industry Expert Panel

Sajan, Inc. and Its Subsidiaries. Audit Committee Charter. As of August 1, 2014

Records Management Policy

Going Home Staying Home

ITEM NO: 4. Date: 23 March Pam Williams Borough Treasurer Wendy Poole Head of Risk Management Audit Services. Reporting Officers:

Disposal Schedule for Functional records of Retirement Benefits Fund. Disposal Authorisation No. 2416

Records Disposal Schedule Anti-Discrimination Services Northern Territory Anti-Discrimination Commission

Appraisal Report for Accident Compensation Corporation Claim Information Retention and Disposal Schedule

Collection Acquisitions Policy

Gladstone Ports Corporation Limited

University of Limerick Data Protection Compliance Regulations June 2015

Part 3D - Officers' Employment Procedure Rules 1

Opal Refund and Balance Transfer Policy. Electronic Ticketing System Version 4.1

POLICY MANAGEMENT FRAMEWORK

X NSW/ACT X NT X QLD X SA X TAS X VIC X WA

Fund Restructure Request

Accreditation of qualifications for registration as an oral health practitioner

Basic Records Management Practices for Saskatchewan Government*

Requirements made under the Intermediaries Byelaw

Introduction Continuing Competence Framework Components Glossary of Terms. ANMC Continuing Competence Framework

Powers of Attorney in New South Wales. This fact sheet also contains the forms to make a general power of attorney or an enduring power of attorney.

How To Use A Corporate Credit Card

Opal Refund and Balance Transfer Policy. Electronic Ticketing System Version 4.3

Application Form for Assessment of Senior Management Skills for Migration

Records Management Policy

SYNACOR, INC. AMENDED AND RESTATED AUDIT COMMITTEE CHARTER. As adopted by the Board of Directors on November 16, 2011

STATUTORY INSTRUMENTS 2012 No. _

Zinc Recruitment Pty Ltd Privacy Policy

Records and Information Management. General Manager Corporate Services

Records and Document Management

DRAFT Advisory Circular

Human Services Quality Framework. User Guide

Scotland s Commissioner for Children and Young People Records Management Policy

LORD CHANCELLOR S CODE OF PRACTICE ON THE MANAGEMENT OF RECORDS UNDER

REGULATIONS ON THE GENERAL MEETING OF SHAREHOLDERS. of OJSC Oil Company Rosneft

POLICY STATEMENT 5.17

QUANTUM MATERIALS CORP. AUDIT COMMITTEE CHARTER

Massachusetts Statewide Records Retention Schedule August 2014 Supplement

SPORT CLUBS COMMITTEE ROLES AND RESPONSIBILITIES Last Modified: May 2016

ASPEN AUSTRALIA BRANCH PRIVACY POLICY

SUMMARY OF FILING REQUIREMENTS DURING THE LIFECYCLE OF A QFC LIMITED LIABILITY COMPANY (LLC) AND BRANCHES OF A NON-QFC COMPANY (BRANCH)

Impartiality must be maintained in selecting suppliers to fulfil Council s requirements.

Motor Vehicle Insurance. and. Repair Industry. Code of Conduct

Records Management - Department of Health

IFRS FOUNDATION DOCUMENT RETENTION AND DESTRUCTION POLICY

Practitioner Indemnity Insurance Policy Application Form

PERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE

A BILL for AN ACT. Serial 270 Volatile Substance Abuse Prevention Bill 2004 Ms Scrymgour

Forms and Templates. Recognition of Prior Learning Initiative CHC30113

CHEVRON CORPORATION AUDIT COMMITTEE CHARTER

Records Management - Council Policy Version 2-28 April Council Policy. Records Management. Table of Contents. Table of Contents... 1 Policy...

Witness Protection Act 1995 No 87

CORPORATE VOLUNTARY DIRECT DEBIT APPLICATION

Regulations on the General Meeting of Shareholders of Open Joint Stock Company Gazprom Neft (New version)

NATIONAL WORKFORCE DEVELOPMENT FUND TRI-PARTY DEED

APES 310 Dealing with Client Monies

National Guidelines for Higher Education Approval Processes

BT Classic Investment Funds Additional and Regular Investments Request

Public Procurement Authority Electronic Public Procurement Platform E-Procurement: Legal Framework

Air Traffic Service Providers Entry Control Procedures Manual 2. Approval Procedures for ATS Providers

European Treaty Series - No. 116 EUROPEAN CONVENTION ON THE COMPENSATION OF VICTIMS OF VIOLENT CRIMES

Document Management Policy

Proposal Form. BusinessGuard Accountants Professional Liability Insurance

Audit Committee Charter Altria Group, Inc. In the furtherance of this purpose, the Committee shall have the following authority and responsibilities:

1.1 An initial request to enter into a contractual arrangement may be initiated by either Massey University or another party (Other Party).

Applicability: All Employees Effective Date: December 6, 2005; revised January 27, 2009 Source(s):

Data Security Policy

DATA RETENTION, STORAGE & DISPOSAL POLICY

Short title 1. This Act may be cited as the Accountants Act. Interpretation 2. In this Act, unless the context otherwise requires "accounting

AUDIT COMMITTEE CHARTER OF THE BOARD OF DIRECTORS I. PURPOSE

A GUIDE TO THE OCCUPATIONAL RETIREMENT SCHEMES ORDINANCE

Diplomas Academic Progress Procedure

Charter of the Audit Committee of the Board of Directors of Novo Nordisk A/S

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN better health cover shouldn t hurt

PRIVATE HEALTH INSURANCE INTERMEDIARIES PRACTICE CODES JUNE 2015 VERSION 2

Newcastle University Information Security Procedures Version 3

Records Management Policy.doc

Scanning of Physical Documentation Policy

injury management practices

Estonian Health Insurance Fund Act

Information Circular

COUPONS.COM INCORPORATED CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

ACCReDITATION COuNCIL OF TRINIDAD AND TOBAGO ACT

Business System Recordkeeping Assessment - Digital Recordkeeping Compliance

APES 310 Dealing with Client Monies

P&F INDUSTRIES, INC. AUDIT COMMITTEE CHARTER

Professional Indemnity Insurance. Proposal Form for Property Consultants

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF INTERCONTINENTAL EXCHANGE, INC.

CLAIM FOR COMPENSATION FOR A WORK-RELATED DEATH

Transcription:

PROCEDURE FOR CAPTURING, RECORDING AND USING ELECTRONIC SIGNATURES Date of publication: July 2015 Record Number: HP15/7091 File Number: 14/269 Version: Summary: Applies to: Author: Review July 2015V1 Procedures for capturing, recording and using electronic signatures. HPCA staff Members Corporate Governance/ Administration Related legislation, C Records Management Policy Awards, Policy and P Electronic Transactions Act 2000 (NSW) Agreements: NSW Health Code of Conduct (PD2012_018) Review date: July 2017 INTRODUCTION The use of electronic signatures (e-signatures) provides efficiencies in the sign off of decisions and approvals, primarily when the required signatories are not readily available. This is generally the case for Council members and hearing members, especially those who are located outside the metropolitan area. The application of e-signatures of HPCA staff also enables efficiencies in the sign-off of form letters and other documents. Prior approval for the use of an individual s electronic signature must be obtained and may be either approval for a specific or one-off purpose or general approval to apply to a class of documents or type of information. These procedures have been developed to satisfy the requirements of the Electronic Transactions Act 2000 (NSW) and to facilitate the approval and sign off of decisions and other Council related business. BACKGROUND The use of e-signatures is becoming common practice as we transition to a paperless organisation. Under the Act the basic elements an electronic signature method must satisfy are: (a) a method is used to identify the person and to indicate the person s intention in respect of the information communicated, and (b) the method used was either: (i) as reliable as appropriate for the purpose for which the electronic communication was generated or communicated, in the light of all the circumstances, including any relevant agreement, or (ii) proven in fact to have fulfilled the functions described in paragraph (a), by itself or together with further evidence, and (c) the person to whom the signature is required to be given consents to that requirement being met by way of the use of the method mentioned in paragraph (a). The Act provides that any information that is to be given in writing can be given by electronic means. For the purposes of the HPCA and Councils the giving of information includes (but is not limited to) giving, sending or serving a notification; lodging a return; making a request; making a declaration; lodging or issuing a certificate; making, varying or cancelling an election; or giving a statement of reasons.

KEY DEFINITIONS Electronic signature (e-signature) is a scanned or copied image of a person s signature. Members includes any member of a health professional Council, a Council committee or an associated regulatory body and is inclusive of all membership categories and positions held. It also includes Section 150 Inquiry delegates, hearing members, interviewers, panellists, assessors, experts and other ad hoc participants in Council activities. Gatekeeper means the staff member with access to the e-signature in TRIM and the authority to apply the e-signature once its use is approved by the signatory. Gatekeepers are usually a Council executive officer, an executive assistant or other authorised staff members such as Corporate Governance staff. POLICY STATEMENT The use of e-signatures supports efficient business processes, particularly where signatories are remote and not readily accessible in the workplace. Documented consent and authorisation of the purpose and use of e-signatures must be obtained prior to the e-signature being used.. The signatory s authorisation must be retained on TRIM (Pitt Street file 14/269 & Gladesville file FF11/020-09) and access to the e-signature limited by security settings to the gatekeeper. Each e-signature must be assigned a gatekeeper. Purpose and use of electronic signatures E-signatures can be requested or provided for a specific purpose i.e. for one-off use to sign off specific decisions while a member is overseas, or for general ongoing use e.g. covering letter for a survey. Authorisation The signatory must provide clear written permission for the use of their e-signature, for either a specific or generic purpose, and identify any limitations on its use (for example, for particular decisions or consult papers). The purpose and use of the signature must be confirmed at the time of collection and the signatory s consent recorded. Consent may be in the form of a completed Authorisation for Use of Electronic Signature form, an email or another form of documentary record. Further consent must be sought if the e-signature is to be used for another purpose to that for which authorisation has been given. Members e-signatures Staff may request members e-signatures either for a specific document or process; or with agreement of the member for use for agreed generic purposes. The purpose for which the e-signature is collected must be clearly documented and the member s agreement for its use recorded in TRIM with the e- signature. (This includes when an e-signature is recorded in TRIM and consent is required for each use.) Sign off of annual financial statements One specific purpose for which e-signatures are used is for sign-off of the Council s annual financial statements. The Annual Reports (Statutory Bodies) Act 1984 requires two members to sign the Statement by Members of the Council. There is a very short turnaround for the signatures to be obtained following completion of the audit and submission of the annual report to the Minister. In June each year Councils are requested to approve the collection of e-signatures from up to three members specifically for the purpose of approval and sign-off of the financial statements. The Executive Officer collects the nominees e-signatures for the current annual report and provides them to the Manager, Corporate Governance. The Manager, Corporate Governance is responsible for the retention, security and use of these e-signatures and for seeking the individual signatory s approval to apply the e-signature to the financial statements once the audit has been completed. 2

Staff e-signatures The e-signatures of staff may be used for designated purposes such as form letters. The same procedures must be used for the capture, storage and security of staff e-signatures. PROCEDURES Capturing and storing an electronic signature The Authorisation for use of Electronic Signature form (attached) should be sent to the member/staff when requesting provision of an electronic signature. The request should make clear the purpose for which the signature is being sought, the gatekeeper and the titles of staff who will have access to the e-signature. Members may provide their e-signature by email and should also make clear when the signature may be used and any limitations on its use, as outlined on the form. (Once saved the email must be deleted from Outlook.) 1. All Completed authority forms and emails with e-signatures and authority of use must be saved in the TRIM file folder. At Pitt St in 14/269 as a HP Document (HP Prefix) At Gladesville in FF11/020-09 as a Document 2. The document title should be: Authorisation - from <LAST NAME, First Name of Member> to <Council name> - e-signature approval for <one-off or recurring use> - SIGNED - date signed 3. Open the document and snip the signature from the penned signature box. Save the snipped signature in JPEG format and capture it as a Child Document to the Authorisation document in TRIM. 4. The document title should be: Record - <Council name> - e-signature of <LAST NAME, First Name> - Date signature provided Once the completed Authorisation Form hardcopy has been saved in TRIM it must be discarded in the appropriate secure destruction bin. Using an electronic signature When required to use an e-signature: 1. Confirm if the e-signature is on file and that the specific purpose of use has been approved by the signatory. 2. If pre-approval for the specific instance of use has not been obtained, contact the officer/member by email with a copy of the document requiring the e-signature, or an explanation of the purpose to which the signature will be put if the document is not available. 3. On receipt of consent (via email or a signed Authorisation form) the staff member requesting the e-signature must contact the designated Gatekeeper with a copy of the consent and link to the document which requires the signature. The consent to apply the signature in the particular instance is to be captured as a child document of the original Authorisation. 4. The Gatekeeper will apply the e-signature, print the document, and return to staff member in PDF format. Destroying electronic signatures The gatekeeper of electronic signatures is responsible for securely destroying e-signatures when: A member s term expires A member resigns from the Council, Committee or Panel A member retracts their approval. 3

An email is to be sent to the author of the e-signature informing them that their signature has been removed from the recordkeeping system (indicate date and time) and that it is no longer available for use. Security and access Section 4.5.3 of the NSW Health Code of Conduct, outlines the requirements for maintaining the security of confidential and/or sensitive information, including that stored on communication devices. An electronic TRIM file (Pitt St: 14/269; Gladesville: FF11/020-09) has been created for the storage of the e-signatures, and a Gatekeeper Strategy has been adopted for their security and accountability. ATTACHMENTS Authorisation for Use of Electronic Signature 4

HP14/6337 Authorisation for use of Electronic Signature I approve the use of my electronic signature by the Health Professional Councils Authority (HPCA) for the following business purpose and conditions Approval granted for: One off use Recurring use Purpose of use: Limitations of use: I understand the HPCA will hold my electronic signature securely and that access is available only to authorised officers, as required by the NSW Health Code of Conduct, section 4.5.3. I may retract approval at any time in writing. I understand that the HPCA will destroy my e-signature on my term expiry or resignation. Please sign inside box with a black pen: Name <print> Date: Please return this form to the relevant Council Executive Officer July 2014

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information