Legal compliance
Propper Sign is designed to produce electronic signatures that meet global legal standards for validity and court admissibility. This page explains the laws and regulations that govern electronic signatures, how Propper Sign satisfies each requirement, and best practices for running compliant signing workflows.
The information on this page is educational and is not legal advice. For questions about the validity of electronic signatures in your specific situation, consult a qualified attorney.
Supported legal standards
| Standard | Region | What it covers |
|---|---|---|
| ESIGN Act | United States | Federal e-signature legal validity for interstate and foreign commerce |
| UETA | United States (state level) | State-level e-signature recognition (adopted by 47 states) |
| eIDAS | European Union | Electronic identification and trust services across EU member states |
Propper Sign's audit trails and evidence collection also satisfy requirements in other jurisdictions including Canada (PIPEDA), the United Kingdom (Electronic Communications Act 2000), Australia (Electronic Transactions Act 1999), and India (Information Technology Act 2000).
United States
ESIGN Act (2000)
The Electronic Signatures in Global and National Commerce Act establishes that electronic signatures are legally valid for interstate and foreign commerce. Electronic signatures carry the same legal weight as handwritten signatures.
UETA (1999)
The Uniform Electronic Transactions Act, adopted by 47 states, provides the state-level legal framework for electronic signatures and records.
European Union
eIDAS (2016)
The eIDAS Regulation establishes standards for electronic signatures across EU member states. It defines three signature levels:
| Level | Description | What Propper Sign provides |
|---|---|---|
| SES (Simple Electronic Signature) | Basic e-signature, legally recognized | Yes — Propper Sign provides SES |
| AdES (Advanced Electronic Signature) | Enhanced with stronger identification | Not currently supported |
| QES (Qualified Electronic Signature) | Highest level, requires certified hardware or a Trust Service Provider | Qualified Electronic Signatures are planned |
Compliance requirements
Electronic signatures must meet specific criteria to be legally binding. Propper Sign handles each of these automatically.
Intent to sign
Signers must demonstrate clear, affirmative intent.
How Propper Sign ensures intent:
- Signers click an explicit Sign button to apply each signature
- A review step is presented before final submission
- A confirmation screen is shown after the agreement is submitted
Consent to electronic business
Signers must agree to conduct business electronically before they can sign.
How Propper Sign captures consent:
- An electronic signature disclosure is presented to each signer before they can proceed
- Signer acceptance is recorded as a timestamped event in the audit trail
- The disclosure and acceptance are included in the completion certificate
Authentication
Signer identity must be verified.
Available authentication methods:
- Email verification (default) — a unique link delivered to the signer's email address
- Access codes — a code set by the sender that the signer must enter before accessing the agreement
See Authentication for setup instructions and guidance on matching authentication strength to document sensitivity.
Record retention
Signed documents and audit trails must be preserved for the applicable retention period.
How Propper Sign supports retention:
- Completed agreements and audit trails are stored securely
- Agreements are protected with tamper-evident audit certificates
- Documents and certificates can be downloaded and stored in your own systems at any time
The required retention period depends on document type and jurisdiction. See the retention guidance under Best practices below.
Audit trail
A complete, accurate record of the signing process is required as evidence.
Every agreement includes:
- Recipient identities (name, email, role)
- Authentication method and verification result
- Timestamps for every action
- IP addresses for access and signing events
- Document access logs
- Signature completion details
See Audit Trail for details on how records are structured and how to view them.
Tamper protection
Completed documents are sealed with a cryptographic hash to make any post-signing modification detectable.
How it works:
- The agreement reaches completed status and a cryptographic hash of the document package is generated.
- The hash is recorded in the audit trail with a timestamp.
- The hash is embedded in the completion certificate PDF.
- Any modification to the document after signing produces a different hash, making the tampering detectable.
Verification: Open the completion certificate in Adobe Acrobat to verify the document's integrity. Acrobat will indicate whether the embedded digital signature is valid.
Industry-specific considerations
Healthcare (HIPAA)
HIPAA does not specifically mandate or prohibit electronic signatures. Propper Sign supports compliant workflows through:
- Encrypted data transmission and storage
- Secure, tamper-evident audit trails
- Access controls limiting who can view agreements and evidence
- Business Associate Agreement (BAA) availability — contact support for details
Financial services
Electronic signatures are widely accepted across financial services. Propper Sign provides:
- Strong authentication options to meet identity verification requirements
- Comprehensive audit trails for regulatory review
- Tamper-evident signatures and certificates
Real estate
Electronic signatures are recognized in most US states for real estate transactions. Important considerations:
- Some states require specific disclosure language in the signing flow
- Notarization requirements are not eliminated by electronic signatures — if a document requires a notary, a notary is still required
- Remote online notarization (RON) is not currently available and is planned for a future release
- Check your state's specific requirements for recorded documents, as some jurisdictions require original signatures for recording
Best practices
Match authentication to document sensitivity
| Risk level | Example documents | Recommended method |
|---|---|---|
| Low | Internal forms, approvals | Email verification |
| Medium | Contracts, NDAs | Email verification + access code |
| High | Financial agreements, regulated documents | Access code |
Make intent clear in the document itself
Ensure your document clearly states:
- What the signer is agreeing to
- The legal effect of their signature
- Contact information for questions
Provide copies to signers
Propper Sign automatically sends each signer a copy of the completed agreement and audit certificate after signing is finalized. Ensure this notification is not disabled in your notification settings.
Follow applicable retention guidelines
Keep signed documents for the period required by applicable law or your organization's policy. Common guidance (not legal advice):
| Document type | Common retention period |
|---|---|
| Employment documents | 7 or more years |
| Contracts | Duration of contract plus 7 years |
| Financial records | 7 years |
Consult your legal or compliance team for the requirements that apply to your specific documents and jurisdiction.
Frequently asked questions
Are electronic signatures legally binding? Yes, in most countries. The ESIGN Act, UETA, eIDAS, and similar laws in other jurisdictions establish that electronic signatures have the same legal weight as handwritten signatures.
Can electronic signatures be used for any document? Most documents, yes. Some jurisdictions exclude certain document types from e-signature laws — common exceptions include wills, adoption papers, and some court documents. Check the laws in your jurisdiction for a complete list of exceptions.
What if someone disputes a signature? The audit trail provides the evidence needed to defend the signature: IP addresses, timestamps, authentication records, and device information. This evidence is court-admissible. See Evidence Collection for a full breakdown.
Do I need notarization? Only if the document itself requires notarization. Electronic signatures do not remove notarization requirements — if a document must be notarized, a notary must still be involved.
What counts as appropriate authentication? It depends on the risk level of the document and your regulatory environment. Email verification is sufficient for most standard business agreements. Higher-risk documents may benefit from access code authentication. See the Authentication guide for details.
Related topics
- Authentication — Verify signer identity
- Audit Trail — View the complete signing history
- Evidence Collection — Detailed breakdown of captured evidence
- Completion Certificate — Download the audit certificate