Wet Signature Working Group

Wet Signature Working Group

Background

The aim of this working group was to identify local authority services that include a handwritten signature or seal to endorse a document or contract (a ‘wet signature’) and provide the information needed to acquire and operate an e-signature solution, which meets a set of requirements and is fit for purpose and cost effective.

Over a three-month period, officers from diverse backgrounds and perspectives committed up to two hours of their time per week to help identify opportunities, agree activities, and deliver a set of authority agnostic recommendations.

The group had contribution by officers from: 

  • Bridgend
  • Cardiff
  • Carmarthenshire
  • Conwy
  • Flintshire
  • Monmouthshire 
  • Pembrokeshire
  • Rhondda Cynon Taff
  • Vale of Glamorgan

Activities

The group started by each officer communicating how they imagined the services they operate improving in the future because of positive change resulting from the outputs of the working group.

They considered and categorised each contribution into one of four similar themed ‘problem-to-solve’ bucket. Each problem was converted into a question which if answered would go towards addressing the problem. The problem questions were: 

  1. How can we explore what services need wet signatures and understand/document their requirements, including an indication of scale of use?​
  2. How can we be certain that the person on the keyboard accessing our services digitally is the person they say they are and be able to prove that fact so that it could be legally backed-up?​
  3. How can we best share ideas and solutions for moving away from wet signatures, and then discover a sufficient and secure platform for all to use which legally complies to all regulations?​
  4. How can we develop a standardised and efficient method of achieving “suitable authorisation” that does not require staff to travel into the office to print and post paper documents?

Following discussion, the group decided to focus on problem question one.

Serendipitously Carmarthenshire was already looking into opportunities to reduce the number of wet signatures and the progress it had already made proved to be immensely helpful in moving the working group discussions forward. 

Next the group mapped out the steps required to answer the question. This started with identifying the key players effected, ranging from service users (with high and low technical capabilities) to operation managers and potential solution vendors. 

The working group ended with the desired outcome, which for this group was an understanding of what services need wet signatures and the associated requirements, including for each the scale of use.

The contributors went away to discover what services within their authority used wet signatures, and through subsequent discussion, distilled the findings into categories (e.g., housing, legal, and procurement) to provide a more manageable indicator of which services would best benefit from a reduction in wet signature dependency.

Marketplace

The working group identified two clear incumbent e-signature vendors: Adobe Sign and DocuSign, with HelloSign and Onespan Sign seen as a credible alternates.

Recommendation

  • Establish an e-signatures Community of Practice, with representation from each of the 22 authorities (also useful for gaining an understanding of what solutions are already in place and how they are used).

Recommended process to acquire and operate an e-signature solution

  • Consult other local authorities with experience of e-signatures.
  • Carry out internal research into what services need wet signatures and ascertain if there are any legal risks for replacing with e-signatures.
  • Gain a good understanding for each service under consideration and the scale of use i.e., the number of required wet signatures per month or year.
  • Get to a better understanding of the potential issues of adopting e-signatures by piloting with a couple of internal teams using at least two potential e-signature solutions.
  • Get agreement from all stakeholders on which services are within the initial scope.
  • Look into joint procurement opportunities i.e., work with other local authorities seeking a similar reduction in wet signatures.

Recommendations requiring centralised funding

To be carried out by a suitably skilled Business Analyst and shared with all the local authorities:

  • Develop a set of solution agnostic e-signature user story maps. See example format in Appendix I.
  • Develop a set of solution agnostic e-signature functional and non-functional requirements that cover most of the likely e-signature service needs to help improve the quality of any procurement undertaking. See example in Appendix II.
  • Seek out economies of scale opportunities where Welsh Government procure an e-signature license and support for each authority with each LA chipping in on a pro rata basis.
  • Have a recommended e-signature solution to introduce a consistency of approach across LAs. 

Contributors

A special thanks to the working group contributors: 

Cheryl Canham, Duncan Betteley, Ellie Hughes, Jade Powell, Jason Snead, Kyle Brown, Rob Brookes, Simon Williams, Stephanie Harris, and Victoria Davidson.

Appendices

Appendix I User Story Map

User Story Grid
As a …I want to …So that I can …Must/Should/Could

Appendix II System Requirements Specification (EXAMPLE)

Application Requirements Essential or Desirable
1To meet all statutory requirements including Welsh language and Data protection legislation  
1.1The platform must be fully compliant with GDPR 2018 requirements including functionality that enables citizens to exercise the ‘right to be forgotten’, erasure of records and partners to easily comply with the request.  
1.2For all customer facing elements to be fully bilingual, including the ability to request a language preference and be fully compliant with Welsh Language Standards.  
1.3The application must have the ability to apply retention policies to all data to allow compliance with GDPR.
 
 
1.4The mobile application must be compliant with SRS ICT security policies 
2Basic Person Information (BPI)  
2.1The application will record key Basic Person Information (BPI) such as unique person identifier, name, address etc 
2.2It must be easy to tailor the BPI record and add additional fields as required. There must be the ability to apply validation and mandatory fields.
 
 
2.3Ability to use multiple fields to easily search and find a user on the system.
 
 
2.4Controlled read, write, and edit permissions against each user must be easy to set by systems administration.
 
 
2.5Ability to find duplicate records and merge into one.
 
 
3Auditing  
3.1To be able to identify any aspect of a record that has been modified internally e.g., where details have been added/amended or deleted. Need to be able to have a full audit trail and be able to pinpoint what has been changed internally 
3.2Standard Application Audit reports are available and configurable to provide information about all aspects of system usage during a set period.
 
 
4Access Rights and Permissions  
4.1It is essential that we can assign different access rights to users based on the information they need to see, and the functionality required. A simple screen so systems administration can change permissions and rights is essential.
 
 
5System Administration   
5.1Ability for system administrators to add, amend and delete system users.
 
 
5.2Ability for authorised users to add, amend and delete users.
 
 
5.3Ability for system administrators to add, amend and delete teams, clusters, and groups.
 
 
5.4The ability to customise content including reports, design, colours, menus, menu options and fields, link, categories, and tabs within the application.
 
 
6Training   
6.1The Supplier will provide a set number of application training days.
 
 
6.2The Supplier must be explicit about the cost, type, and number of training days to be provided as part of their formal tender submission.
 
 
6.3Training will take place locally using training rooms throughout the County.
 
 
6.4The Supplier will provide all staff with support materials including application documentation at the training session.
 
 
6.5The application documentation will vary according to the type of training and staff attending.