Overview
EngagedMD eSign is powered by DocuSign, the global leader in electronic form completion and signing. EngagedMD has integrated the DocuSign tool into the EngagedMD platform and customized and configured DocuSign for use in the fertility setting. EngagedMD’s eSign tool is fully HIPAA- and PIPEDA-compliant and complies with the United States Electronic Signatures in Global and National Commerce (ESIGN) Act, and the Uniform Electronic Transactions Act (UETA).
Authentication Options
Data security and form validity are of paramount importance to EngagedMD, and we offer several authentication options to choose from, so you can select the level of security that best fits your needs. Note, these authentication options are flexible and can be added to forms on a case-by-case basis as needed. For instance, some practices that we work with opt to use baseline email authentication on most of their documents but then add on SMS or ID verification on only their more sensitive documents.
- Email Authentication: Our baseline authentication method is email authentication. Through this measure, the recipient’s email addresses will be input by the practice, and the recipients will each be required to log into their email accounts to access their assigned documents. This is the security measure that most of our partner clinics use for the majority of their documents.
- Text Message (SMS) Authentication: In addition to email authentication, you may also enable text message authentication. This method requires that the recipient receive an SMS text message at a specified phone number. The text message contains an access code, which the recipient must enter in order to view your documents. The recipient has three chances to enter the code correctly.
- ID Verification: In addition to email authentication, you may also enable ID verification. This method requires that the recipient upload a photo of their government-issued driver’s license or passport and verifies that ID before allowing the recipient to access their documents. The ID verification process confirms the following information:
- The ID is not expired
- The name exactly matches the envelope as specified by the sender
- The MRZs (machine readable zones), such as the barcode, decode to information that is consistent with the rest of the ID
- Visual features/holograms are consistent with what that ID type should look like
- There is no evidence of tampering in terms of fonts, letter spacing, holes in the ID, etc.
Additional Security Measures
Regardless of which authentication option is selected, EngagedMD also follows the below protocols, in accordance with the ESIGN Act, to further ensure form security:
- Completed forms are sent to all signers
- DocuSign Certificate of Completion is added to all forms, detailing the full form history and audit trail for each document, including details such as:
- Date & time sent, viewed, & signed by each signer
- IP Address for each signer
- Form signed by the patient
- Form signed by the partner
- Form reviewed and approved by the clinical reviewer
Instituting a clinical review step allows a member of your team to review the documents for accuracy and completeness before the forms are finalized. In the event that any errors are identified, the clinical reviewer is able to digitally mark up the document and electronically send it back to the patient and partner for amendment.