Highlighted

What's the best practice approach using Adobe Sign to sign documents containing PII?

New Here ,
Mar 20, 2020

Copy link to clipboard

Copied

We face the following data security issue with using AdobeSign:

Our Company needs to send out several employment contracts containing sensitive Data (PII) for signature.

After both parties have signed the document, the contracts are sent unencrypted as an e-mail attachment to all involved parties. This process does not meet the GDPR requirements.

We found the possibility to protect the documents with passwords. But since it is necessary to enter these passwords every time you want to open the saved document afterward, this option is not practicable for us. We would have to store extensive lists with all these passwords for the employment contracts.

Under “Global Settings” I have the option to choose that no PDF copies are sent to the involved parties after signing. This sounds good at a first glimpse, but after trying this option, I noticed that the e-mail that informs the parties that signing is completed, contains a link to the document. Clicking on this link, the unencrypted signed document is fully visible to anyone who gets access to this e-mail and the link.

Therefore, this option does not work for our purposes to use AdobeSign for the signature of documents containing PII.

Is there any idea what’s the best practice approach using AdobeSign and still meeting the GPDR requirements? Maybe it is possible to password protect the link to the PDF instead of the PDF itself?

Topics

Manage security and compliance

Views

354

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

What's the best practice approach using Adobe Sign to sign documents containing PII?

New Here ,
Mar 20, 2020

Copy link to clipboard

Copied

We face the following data security issue with using AdobeSign:

Our Company needs to send out several employment contracts containing sensitive Data (PII) for signature.

After both parties have signed the document, the contracts are sent unencrypted as an e-mail attachment to all involved parties. This process does not meet the GDPR requirements.

We found the possibility to protect the documents with passwords. But since it is necessary to enter these passwords every time you want to open the saved document afterward, this option is not practicable for us. We would have to store extensive lists with all these passwords for the employment contracts.

Under “Global Settings” I have the option to choose that no PDF copies are sent to the involved parties after signing. This sounds good at a first glimpse, but after trying this option, I noticed that the e-mail that informs the parties that signing is completed, contains a link to the document. Clicking on this link, the unencrypted signed document is fully visible to anyone who gets access to this e-mail and the link.

Therefore, this option does not work for our purposes to use AdobeSign for the signature of documents containing PII.

Is there any idea what’s the best practice approach using AdobeSign and still meeting the GPDR requirements? Maybe it is possible to password protect the link to the PDF instead of the PDF itself?

Topics

Manage security and compliance

Views

355

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Have something to add?

Join the conversation