Electronic Contract Management System (e-Sign)

Hippocrates SignTrust® Electronic Contract shifts the signing method from offline to online, replacing paper-based signatures with electronic signatures. This avoids the slow speed and low efficiency caused by the offline transmission of paper documents. Users can complete instant sending and signing of various documents via mobile devices, significantly enhancing the efficiency of remote work. Currently, it has been applied in a number of pharmaceutical enterprises, CRO companies, and national drug research institutions, and its legal validity has been confirmed by large law firms.

I. About Qiantai® SignTrust®

SignTrust® Electronic Signature Solution aims to eliminate paper-based signature processes through CA certification, mobile technology, and blockchain technology. It meets industry compliance requirements, improves efficiency, reduces costs and errors, thereby enhancing industrial value.

SignTrust® enables users to electronically sign any document anytime, anywhere, and on any device. It largely eliminates the need for paper and document-related facilities, reducing unnecessary costs, and facilitates a mechanism of integrity among collaborative entities.

The electronic contract protection solution provided by SignTrust® is fully compliant with the regulatory requirements of supervisory authorities. Its visualization, accessibility, and traceability are perfectly suitable for every link in document circulation, helping enterprises achieve paperless operations and digital transformation.

II. Compliance and Security

SignTrust® is committed to protecting customer data security to meet the requirements of regulatory changes. It controls the permissions for editing, approving, and publishing specific content to maintain compliance at all times. It adheres to global security and privacy standards to protect the security of customer data.

• Network SecurityISO 27001 Information Security CertificationEmergency Security Response CenterPhysical isolation between development and production environments360-degree comprehensive monitoring and situation awarenessBastion host operation and maintenance auditing & database auditingWAF (Web Application Firewall)
• User Identity SecurityPersonal identity authentication systemState Administration for Market Regulation Enterprise Information SystemMinistry of Public Security National Citizen Network Identity Recognition System (eID)Anti-counterfeiting CA digital certificateLive face recognition and verification
• Data SecurityEncrypted storage of sensitive data on disksBlockchain-based distributed evidence storageUp to 9 copies stored on Alibaba Cloud and Tencent CloudSame-city active-active and remote disaster recoveryEnd-to-end encryption with DigiCert SSL/TLSDDoS attack resistanceEncryption certificate
  

1. Protect Your Data SignTrust® provides encrypted digital certificates to protect your data (transactions, documents and files, and important emails sent to partners) through encryption.
2. Data Encryption and Decryption SignTrust® allows users to encrypt files for one or more recipients to prevent unauthorized access to the encrypted data. Only the intended recipients can decrypt the encrypted information. Data is encrypted via robust algorithms, and the application provides a user-friendly interface for signature and encryption operations.

III. CA Certificate

SignTrust® incorporates CA digital certificates to protect the confidentiality and integrity of user information, ensure the authenticity of identity verification and authorization, enhance non-repudiation, and safeguard the legitimate rights and interests of users. The CA certificate serves as the only legal electronic identifier for users within the system.

IV. Timestamp Service

SignTrust® uses "timestamps" when issuing documents and electronic signatures. These "timestamps" are generated through data encryption. SignTrust® provides an application for decrypting such "timestamps," which users can access via a web browser.

V. Electronic Seals

SignTrust® offers an integrated electronic seal solution combining "electronic signing + data evidence storage + physical seal management and control + anti-counterfeiting printing." Through the electronic seal module, all types of seals within an organization can be managed in a centralized and unified manner. The use, maintenance, and authorization of seals are carried out in accordance with the personnel permissions of the organization, ensuring that the organization's seals are used safely and efficiently in line with established management systems, and improving the efficiency and legal compliance of the organization's seal usage.

Application Fields of Electronic Seals:

Electronic invoices, official documents and regulations, electronic documents and contracts, notarized documents

Explanation on Validity

Q: Which national laws and policies explicitly confirm the legal validity of electronic signatures? Can they be used in all industries?
A: Currently, led by the State Council, more than 20 national authorities including the Ministry of Public Security, the Ministry of Justice, the Ministry of Industry and Information Technology, the Ministry of Transport, the Ministry of Housing and Urban-Rural Development, and the Ministry of Finance have issued policies to promote electronic signing. These include:

• Draft Amendment to the Electronic Signature Law: "Electronic documents are permitted for use in the transfer registration of land, housing, and other assets," further expanding the scope of electronic signature application.
• Key Task Division Plan for the National TV and Telephone Conference on Deepening the "Streamline Administration, Delegate Power, Improve Regulation, and Optimize Services" Reform and Optimizing the Business Environment: Advocates accelerating the promotion and application of "electronic seals" to further advance the streamlining of administration and delegation of powers, and enhance government service capabilities.
• Decision of the Supreme People's Court on Amending the Provisions on Several Issues Concerning Evidence in Civil Litigation: Supplements and improves the provisions on the scope of electronic data, and clarifies the rules for the examination and determination of electronic data.
• Order No. 17 of 2019 of the Ministry of Transport: Actively encourages road freight transport operators to adopt information technologies such as electronic contracts and electronic waybills to improve transport management.
• Interim Measures for the Administration of the Business Activities of Online Lending Information Intermediary Institutions: Clearly specifies the use of electronic signatures by both lenders and borrowers.

Compliance

(1) By separating the privacy rules for Personally Identifiable Information (PII) and Protected Health Information (PHI), it fully meets the privacy protection requirements of China, the US HIPAA (Health Insurance Portability and Accountability Act), and the EU GDPR (General Data Protection Regulation).
(2) It has a comprehensive audit trail that stores complete information about the entire sending and signing process.
(3) It ensures authenticity, integrity, confidentiality, and tamper-proofing.
(4) Signature links are sent by the users themselves, preventing the signing of forged documents.
(5) Strict user permission control:
Controls identified by codes and passwords are used to authenticate access to the system and serial signatures. The Hippocrates's identity is verified before signing.

Qualification Certifications

(1) Signature CA Certification
(2) ISO 9001 and ISO 27001 Certifications
(3) Compliance with FDA 21 CFR Part 11 Regulations
(4) Compliance with ISPE GAMP 5 Computer System Validation Requirements

Document Verification

Whether an electronic contract is authentic and reliable is a primary concern for users when using electronic contract signing software. SignTrust® supports online verification of electronic contracts.

You can upload the contract document to be verified online via the  SignTrust® desktop terminal. The SignTrust® platform will then quickly provide you with information about the signed contract, such as the signing time and the signer's account. The contract verification function supports queries for contracts signed through the platform's official website. You can check whether the contract was signed via the SignTrust® platform, whether the document's signature is valid, and whether the document has been tampered with after signing.