The Adobe Acrobat Sign Bio-Pharma settings page is available to the enterprise and business levels of service
Overview
The Bio-Pharma Settings page exposes the critical signature elements required for companies looking to comply with Title 21 CFR Part 11:
- Enforced identity authentication - Requires signers to re-authenticate themselves every time they apply their signature
- Signing Reasons - Provides for the signer to apply a reason for their signature
Before diving into settings configuration, admins should review the Analysis of Shared Responsibilities and the Handbook for 21 CFR Part 11 and EudraLex Annex 11 to fully understand the functionality of the Acrobat Sign product within the scope of obtaining a compliant signature in the healthcare and life science domain.
How it's used
The Bio-Pharma Settings page can be configured at the account or group level.
Once the settings are configured, all subsequent agreements will enforce the defined signature requirements.
Senders do not need to alter their process, as the settings come into effect during the signature process.
Enforced identity authentication
The enforced identity authentication settings govern when the recipient is challenged to enter their authentication.
There are three options:
- Challenge when the agreement is opened - Upon opening the agreement, the recipient is challenged to authenticate (before the content is exposed)
- Challenge for each signature - Upon clicking a signature field, the recipient is challenged to authenticate
- Challenge when the agreement is finalized - Upon clicking the Click to Sign button, the recipient is challenged to authenticate
Signing Reasons
When Signing Reasons are enabled, the signer is asked to provide a reason for applying their signature immediately after they type, draw or upload their signature image.
The signature is displayed in a new panel with either:
- An open text field that can accept a custom reason from the signer.
- A drop-down list of acceptable reasons (as defined in Acrobat Sign).
If both options are enabled, then the pick-list will have a line item to allow the custom reason entry (as seen above)
Configuration options
Individual configuration options for the two feature sets are explained in detail on their own respective pages:
However, there are some general recommendations for customers looking to comply with Title 21 CFR Part 11:
Prerequisites
For Enforced identity authentication to work, the signer must be authenticating their identity with either:
- Phone authentication (SMS)
- Acrobat Sign authentication
- One-Time Password via Email (OTPvE)
The authentication method is defined on the Send Settings page in the Identity Authentication Methods section.
General recommendations
With the above prerequisites in mind, the below general Identity Authentication Methods are recommended.
These settings ensure that Enforced identity authentication is applied to all transactions and that the sending agents cannot accidentally disable the feature.
Identity Authentication Methods
- Require senders to specify one of the enabled authentication methods for recipients: Enable.
- You want to require recipient authentication.
- Enable the following identity authentication methods for recipients: Phone Authentication.
- Most external recipients can be expected to have a phone that supports SMS authentication.
- It's generally unknown if the recipient has an Acrobat Sign account to authenticate with.
- Only enable OTPvE if you intend to require a cloud-based digital signature.
- By default, use the following authentication method: Phone authentication.
- For the reasons above.
- Allow senders to change the default authentication method: Disable.
- This ensures a consistent experience for your signers.
Identity Authentication for Internal Recipients
- Enable different identity authentication methods for internal recipients: Enable (probably).
- Enable this if your internal signers have Acrobat Sign accounts or if you have your IDP configured to authenticate through Adobe.
- Enable the following identity authentication methods for recipients: Acrobat Sign authentication.
- Authenticating with the Acrobat Sign log-in is costly and has less friction than the SMS solution.
- By default, use the following method: Acrobat Sign authentication.
- Allow senders to change the default authentication method: Disable.
How to enable or disable
Access to the Bio-Pharma Settings page itself is enabled for all enterprise and business tier accounts.
All settings on the Bio-Pharma page can be enabled at the Account level by the Acrobat Sign Account Admin.
Group level settings are permitted and will override the Account level values.
To access the options, navigate to: Account Settings > Bio-Pharma Settings
Things to keep in mind...
- Signature reasons work with digital and electronic signature fields.
- Signature reasons do not apply when only a Stamp is used as a signature.
Contact Support
If you still have questions you can contact support for assistance.