Compliancy FAQ

xyzmo’s products enable compliancy with the following laws and standards

1.    ESIGN Act (US)The Electronic Signatures in Global and National Commerce Act is a United States federal law passed by the U.S. Congress to facilitate the use of electronic records and signatures used in interstate and foreign commerce by ensuring the validity and legality of contracts signed electronically. The primary purpose of the ESIGN Act is to affirm that a signed electronic document is equivalent to a paper document from a legal standpoint.

2.    Uniform Electronic Transactions Act (US)The Uniform Electronic Transitions Act (UETA), proposed by the National Conference of Commissioners on Uniform State Laws, assigns electronic signatures the same validity as manual signatures on paper.  Forty-six U.S. states, the District of Columbia, and the U.S. Virgin Islands have adopted this act into their own laws.  xyzmo’s technology offers advanced digital signature technology that complies with all regulations and guidelines stated within the UETA.

3.    FIPS 140-2 (US & Canada) The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. government computer security standard used to accredit cryptographic modules. The Cryptographic Module Validation Program (CMVP) is operated jointly by the United States Government’s National Institute of Standards and Technology (NIST) Computer Security Division and the Communications Security Establishment (CSE) of the Government of Canada. xyzmo is currently in the process of validating our products via the Technical Inspection Authority (TUEV) in Germany in order to obtain certification.  The TUEV is an accredited validation laboratory under the supervision of the Cryptographic Module Validation Program (CMVP).  

4.    21 CFR Part 11 (US & accepted worldwide in the pharmaceutical industry)Title 21 CFR Part 11 of the Code of Federal Regulations deals with the FDA guidelines on electronic records and electronic signatures in the United States. Part 11, as it is commonly called, defines the criteria under which electronic records and electronic signatures are considered to be trustworthy, reliable and equivalent to paper records. xyzmo is currently in the process of auditing our products via a third party expert in order to obtain a certificate that maintains xyzmo’s technology can be used to meet the requirements of 21 CFR Part 11. 

5.    Government Paperwork Elimination Act (US) The Government Paperwork Elimination Act (GPEA) states that whenever possible, Federal agencies use electronic forms, electronic filing, and electronic signatures to conduct official business with the public.   The GPEA seeks to “preclude agencies or courts from systematically treating electronic documents and signatures less favorably than their paper counterparts”. xyzmo offers digital or ‘electronic’ signatures which conform to the GPEA, presenting a secure and cost effective approach to conducting business on a Federal level.

6.    Electronic Signatures and Records Act  – New York StateThe Electronic Signatures and Records Act (ESRA) states that ‘signatures’ created via electronic means are legally equivalent to signed paper documents.  ESRA also provides guidelines which give government officials the authority to create and retain electronic records.  This act does not mandate the use of electronic signatures and records; it simply assures their validity. xyzmo’s technology offers advanced digital signature technology that complies with all regulations and guidelines stated within the Electronic Signatures and Records Act. Please reference the following link for more information:

7.    Sarbanes-Oxley Act or SOX (US – accepted worldwide)Companies obliged to adhere to the provisions of the Sarbanes-Oxley Act (SOX) must maintain a comprehensive set of controls over their financial reporting.  Thus, the authenticity of a financial document’s originator as well as the integrity of the document itself are substantial requirements. For electronic documents, these requirements can only be satisfied by applying an advanced electronic signature.  xyzmo’s technology is able to apply advanced, secure digital signatures to any kind of electronic document; therefore xyzmo’s technology will enable an electronic workflow compliant with SOX.

8.    PIPED Act (Canada)Similar to the ESIGN Act in the United States, the Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian law relating to data privacy.  In Part 2 of the PIPED Act it states that electronic documents require the use of “secure electronic signatures” whenever the law requires an original document.xyzmo’s technology has the ability to apply secure electronic signatures to any kind of electronic document. Therefore, xyzmo’s technology will render electronic documents legally equivalent to their original paper counterparts.

9.    Provincial and Territorial Electronic Commerce or Electronic Transaction Acts (Canada)The Alberta, Ontario and Quebec Acts all contain restrictions regarding the electronic capturing of biometric information of a handwritten signature.xyzmo’s technology optionally captures and stores biometric data of a handwritten signature in addition to the electronic handwritten signature image. In order to comply with the restrictions regarding capturing biometric data, the customer needs to be informed that biometric data of the handwritten signature will be captured. xyzmo’s technology is able to display a warning message signifying this circumstance before the actual act of signing.

10.  EU Directive & Local European Laws (EU)The European Union Directive 1999/93/EC regulates the basics of using electronic signatures in the European Union.  This directive is implemented by the local laws of the European Parliament’s member countries.xyzmo‘s technology is compliant with most local laws of the European Union’s members (e.g. a “manufacturer’s declaration” was issued according to German signature law).


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: