Welcome Guest! The IOSH forums are a free resource to both members and non-members. Login or register to use them

Postings made by forum users are personal opinions. IOSH is not responsible for the content or accuracy of any of the information contained in forum postings. Please carefully consider any advice you receive.

Notification

Icon
Error
Digital Signatures on RAMS - Digital Signatures on RAMS
Options
Go to last post Go to first unread
Previous Topic Next Topic
Chid  
#1 Posted : 31 May 2018 08:34:15(UTC)
Rank: New forum user
Chid

I have been having a disagreement with a client over digital signature on Risk Assessments on Method Statements.

I do not like to use them because of the possibility of them being copied and pasted onto sub standard RAMS generated by untrained people.  However, the client is refusing to issue a permit to work without a signature on it.  However, we always ensure that all RAMS are hand signed by the author and taken to site before the works start.

What is the HSE's policy on the use of digital signatures in this case?  Any help would be much appreciated.

Back to top
boblewis  
#2 Posted : 31 May 2018 08:45:40(UTC)
Rank: Super forum user
boblewis

There is absolutely nothing against this in principle  and there are a number of secure methods around.  The courts accept digital evidence and signatures provided the audit trail to the author can be demonstrated as secure.  The ability to copy a digital signature means that the system is not secure however

Back to top
Hsquared14  
#3 Posted : 31 May 2018 08:52:25(UTC)
Rank: Super forum user
Hsquared14

I don't think there is a policy on digital signatures for RAMS.  The HSE don't even state a requirement for hand written signatures on risk assessments.  I think you may be getting a little paranoid here.

Back to top
thanks 1 user thanked Hsquared14 for this useful post.
webstar on 31/05/2018(UTC)
chris42  
#4 Posted : 31 May 2018 09:39:58(UTC)
Rank: Super forum user
chris42

Can’t you hand sign the RAMs and scan it in PDF format then send them that. That way they have an electronic copy and you have a traceable delivery (of what exactly they were given to prevent monkey business).

Most things which are static on screen (so not YouTube) you can just hit the print screen button on your keyboard and then open in paint, then copy and paste what you want. But if you are going to forge something there is nothing stopping someone scanning an original signed copy in and doing the same. Nothing is that safe, and it seems most of the risk would be from your own employees.

I suspect the client wants to see your RAMS before you get to site (to see if your work impinges on their work) and does not want to verify it against the signed one at a later date (ie do the job twice). Can’t blame them.
Back to top
A Kurdziel  
#5 Posted : 31 May 2018 10:18:06(UTC)
Rank: Super forum user
A Kurdziel

Two points: as HSquared said there is no legal requirement for a signature of any sort on a risk assessment  but it might be a good idea if  you just a bit paranoid and want to make certain that  a piece of paper has been read and  the person signing has agreed to the actions described on it. Secondly, you are not talking about digital signature- you are just talking about a copy of a signature. This means nothing; just as a photocopy of a £5 note is not actually worth five pounds!

A digital signature is something that links the user to the document directly. If the document only exists electronically an electronic signature could consist of   a requirement to add an agreed password known only to the signer or  a scan of their thumb print or a signature taken directly onto the device ( like when you sign for delivery)  etc. All these options are quite hi-tech but they are genuine electronic signatures. You have to decide whether you really need one and what form it should take.

Edited by user 31 May 2018 10:18:37(UTC)  | Reason: words

Back to top
Roundtuit  
#6 Posted : 31 May 2018 11:22:55(UTC)
Rank: Super forum user
Roundtuit

Personally we generate documents using word editor or spreadsheet etc.

When complete and deemed necessary we insert an "electronic" signature image and save the file as a pdf document. The image is then removed from the editable version.

This fixed pdf document is the one communicated externally (although as others have pointed out with the intent and means anything can be altered)

Regarding your client look at it the other way they are trying to get permits arranged BEFORE your employees get to site and the alternative is that your staff sit around waiting for the documents being prepared

And as with all such matters the one controlling the purse strngs gets to set the rules 
Back to top
Roundtuit  
#7 Posted : 31 May 2018 11:22:55(UTC)
Rank: Super forum user
Roundtuit

Personally we generate documents using word editor or spreadsheet etc.

When complete and deemed necessary we insert an "electronic" signature image and save the file as a pdf document. The image is then removed from the editable version.

This fixed pdf document is the one communicated externally (although as others have pointed out with the intent and means anything can be altered)

Regarding your client look at it the other way they are trying to get permits arranged BEFORE your employees get to site and the alternative is that your staff sit around waiting for the documents being prepared

And as with all such matters the one controlling the purse strngs gets to set the rules 
Back to top
Charlie Brown  
#8 Posted : 31 May 2018 20:30:39(UTC)
Rank: Forum user
Charlie Brown

yep, gotta agree. I have used electronic signatures on documents saved as pdf for years and there is always a trail back to the original via the email trail which I never delete. If I was the customer I would want a signature too and if they are happy with an electronic version it speeds up the process massively.

Originally Posted by: Roundtuit Go to Quoted Post

Personally we generate documents using word editor or spreadsheet etc.

When complete and deemed necessary we insert an "electronic" signature image and save the file as a pdf document. The image is then removed from the editable version.

This fixed pdf document is the one communicated externally (although as others have pointed out with the intent and means anything can be altered)

Regarding your client look at it the other way they are trying to get permits arranged BEFORE your employees get to site and the alternative is that your staff sit around waiting for the documents being prepared

And as with all such matters the one controlling the purse strngs gets to set the rules 
Back to top
firesafety101  
#9 Posted : 01 June 2018 18:38:37(UTC)
Rank: Super forum user
firesafety101
Tne HSE has published Sample risk assessments containing everything they say is needed on a risk assessment. No signatures.
Back to top
Roundtuit  
#10 Posted : 01 June 2018 19:05:26(UTC)
Rank: Super forum user
Roundtuit
But the HSE aren't the ones paying. If you work for any major contractor, network rail, London Underground etc. to get the pay you follow their rules. As far as i am aware the HSE has nothing to do with PQQ and the multitude of schemes proferring "accreditation" Then it comes down to balancing principles and ideology with food on the table and a roof over your head.
Back to top
Roundtuit  
#11 Posted : 01 June 2018 19:05:26(UTC)
Rank: Super forum user
Roundtuit
But the HSE aren't the ones paying. If you work for any major contractor, network rail, London Underground etc. to get the pay you follow their rules. As far as i am aware the HSE has nothing to do with PQQ and the multitude of schemes proferring "accreditation" Then it comes down to balancing principles and ideology with food on the table and a roof over your head.
Back to top
Terry556  
#12 Posted : 02 June 2018 08:27:28(UTC)
Rank: Super forum user
Terry556

Most of the clients and the PC do accept electronic signatures, as all RAMS get uploaded onto their systems 7 to 14 days before the work starts. 

Back to top
Jackson43278  
#13 Posted : 04 June 2018 12:40:18(UTC)
Rank: Forum user
Jackson43278

Another vote on the 'why sign it at all?' route. In 23 years I've never signed a risk assessment, paper copy or otherwise, nor seen any benefit or requirement for doing so. Always seems to be too much of an 'admin first' approach to me and doesn't add anything to the process.
Back to top
nic168  
#14 Posted : 06 June 2018 13:49:30(UTC)
Rank: Super forum user
nic168

 I am with Chid on this, I have twice come across my name on Risk Assessments that I did not write. the most recent was an a set of documents that a manager had reviewed and plonked my name on as they had been told it was always the most senior Safety rep who was responsible.

It is a bit disconcerting to see your name on something you have no recollection of writing!

Back to top
Hsquared14  
#15 Posted : 06 June 2018 14:12:03(UTC)
Rank: Super forum user
Hsquared14

Originally Posted by: firesafety101 Go to Quoted Post
Tne HSE has published Sample risk assessments containing everything they say is needed on a risk assessment. No signatures.

They don't even include the name and address of the employer - pretty poor I say!!

I am concerned though that others have had their names put on to documents they didn't write, that needs addressing by senior management - technically I think that is actually a form of fraud, personation I think, so you definitely need to beware of that one!!

Back to top
Jackson43278  
#16 Posted : 07 June 2018 09:28:14(UTC)
Rank: Forum user
Jackson43278

Like signing them, in 20-odd years I've never felt a need to put an address on a risk assessment either. 
Back to top
Users browsing this topic
Guest
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Powered by YAF.NET | YAF.NET © 2003-2025, Yet Another Forum.NET