Digitising Paper Based Training Records and HR Data – Digital Signatures

Posted by

Good Morning all

We are in the process of uploading all of our HR and training data into SharePoint but it is a labourious process which we will undertake.

Ideally, going forward into the future, we are looking to digitise all of the process’s using O365 suite of products from forms to power apps / flow for contract renewal, induction, training documents etc etc.

Can we legitamately use digital signatures using power apps own inbuilt signature system or do we need a 3rd party application?

Our current paper process for training is that the staff are trained to perform tasks / work on machines through 4 stages of compentence, each stage is signed off by the individual and the trainer on the process – we are wanting to roll this out using digital signatures if possible and will stand up in court etc.

If the above was ok, would this tie into a resticted sharepoint list or better in another place considering the compentence will change over time

Many Thanks

Richard: I would suggest speaking to your agency’s attorney as this is a legal matter should anything be challenged in court. It is probably easier to use the O365 signature if it meets the needs of your agency and can only be used via security procedures by a specific person. It is also critical that if the person transfers or leaves your employment all security features be removed within 24 hours. This can also be done via automation.

Finally, your attorney should know or be given most if not all of the type of documents to be signed as State laws differ throughout the US id law suits. should occur. I would be just as concerned about Sharepoint and how easy it is to use video and document management functions for entry and retrieval.

Robert L. Morrison, Principal, Creative Technology and Management Services

——————————
Creative Technology and Management Services
——————————

It sort of depends upon what degree of assurance you need to produce. For instance, FDA requires explicit authentication at the time of approval for some (most) approvals. So whether their Office 365 login ins sufficient is something you’ll have to evaluate in the broader context of regulatory requirements.

I’d caution you that you want to make sure that you’re making an explicit effort to retain audit information. If not explicitly maintained much of the details that you’ll need are swept away over time.

I’ve got some posts on my blog about using the built in SharePoint approvals workflows lose their audit information over time — and what to do about it in an on-premises environment.

————————–
Thor Projects LLC
——————————

I agree with Robert that you should definitely review with legal authority anything you want to use digital signing for and get their official blessing. In terms of using PowerApps for capturing that, I would be reticent at this point in time as I don’t think PowerApps has gone through any legal challenges yest in that area. Also not sure if PowerApps meets the –FIPS DSS (Digital Signatures Standard). I would definitely look more towards acquiring one of the proven products like Docusign that HAS met the all the standards.

As far as using PowerApps and Flow and the other products from the 365 suite, I would definitely say go for that where it makes sense! HOWEVER, unless you are truly prepared to take on the “technical debt” of doing all the development and testing and deployment and owning the responsibility for that going forward, I would strongly urge looking to see if there are already existing 3rd party/ISV solutions that could meet your needs. Why? Because then THEY have the responsibility of ensuring their functionality stays current with the forever-ongoing, rapid change pace of O365. And, today, there is a VERY large ecosystem of 3rd party/ISV providers out there that can meet damned near any need you might be able to think up. Also, if you try to develop in-house, there is an obviously significant time lag before the functionality can made available to your users in production versus significantly less with a purchased, ready-to-configure-and-go product.

There are some pretty well-proven solutions around the items you mentioned like contract creation and management, learning management systems, HR management (though not so much on the ATS – Applicant Tracking System – aspect), and on and on are all available and many have proven themselves in day to day use at quite a few organizations.

If you would like to have a discussion one on one about these, I can give you some suggestions based upon my 10+ years working and learning in the SharePoint space. Let me know.

 

i also agree with the other ‘bloggers’, but i would put it more straightforward. DON”T DO IT UNTIL YOU GET FULL APPROVAL FROM COUNSEL ON:

1. WHAT YOU PLAN TO DO
2. HOW YOU WILL SECURE THE PII
3. HOW YOU WILL ENSURE NO ONE HAS ACCESS TO ACTUAL DATA, EVEN SUPPORT RESOURCES
4. DEFINE WHAT THE OFFICIAL RECORD IS, AND HAVE 1 MASTER….DON”T HAVE COPIES FLOATING AROUND,,,,,

and until you get clear guidance/directions from counsel, don’t make any changes and work closely with counsel to get these answers ASAP.

in other words,,,this is not recommended for sensitive information !!!!!!!!!!!!!!!

Good Afternoon All,

Thank you for coming back to me. (I have sent the question to our lawyers also)

Maybe I should provide some context, we are a under 100 employee company based in the UK looking to digitise and workflow as many of our administrative processes as possible.

We see office 365 suite as a potential route for this although lack the corporate oversight on topics such as this from the legal perspective.

Many Thanks

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.