Remote Online Notarization Helps Protect the Privacy and Security of Signers’ Personal Information

During a notarial act, signers often disclose personal or private information such as addresses, account numbers, and financial details. One of the duties of a notary public is to respect the privacy of each signer by not using or sharing their personal or proprietary information. Notaries must also take appropriate steps to ensure privacy, and prevent any possible breaches of this information. Among its many benefits, remote online notarization (RON) can help notaries fulfill this duty more effectively than traditional in-person notarizations, with additional security protocols including data backup and breach notification requirements.

RON laws typically require additional signer-identity verification measures

With more states enacting RON laws and the signer’s physical presence no longer being required, state RON laws often require additional signer identity verification measures. For example, RON providers may be required to:

• Verify signer identity data (name, address, date of birth, etc.), images of the signer's government-issued photo ID and third-party validation of such identity and image data
• Present questions, and validate answers regarding the signer's personal and financial history to further verify the signer's identity
• Create, and often maintain, evidence of the notarial transaction including the audio-visual recording and electronic journal  

For this reason, it's important to use a RON platform operated by a trusted partner that recognizes the importance of, and securely maintains the signer’s non-public personal information (NPI) and personally identifiable information (PII).

How to assess privacy and security protections for different RON providers

To determine whether a RON provider adequately addresses privacy protections for personal information, organizations should start by reviewing the provider's privacy policy—specifically, whether the policy addresses the uses of personal information permitted under state law. Organizations should also consider whether the RON provider has heightened privacy protections that transparently set out its data handling rules, such as via Binding Corporate Rules (BCR’s), that bind the provider and its subsidiaries to rigorous and consistent privacy governance processes.

Assessing security protections can prove more challenging, as this may require specialized knowledge. Organizations, however, can consider the following criteria to determine whether a RON provider likely has sufficient safeguards in place.

Experience and reputation: Experience managing personal information, and well established privacy, trust, and data handling policies, can help ensure sensitive information is consistently protected.

Company size: Large publicly traded companies are less likely to be acquired or go out of business (compared to smaller private companies), and pose less risk when it comes to maintaining long-term control of customer data.

Security controls: Session and document encryption with redundant backups and secure storage can help ensure adequate security is maintained throughout the transaction, and for as long as the files are stored.

Access controls: Two-factor authentication, limited permissions based on roles and responsibilities, and the ability to audit account activity can help ensure only authorized personnel access documents containing sensitive information.

Choosing a trusted RON provider can help protect the privacy and security of signers’ information

Finding a trusted RON provider is about much more than available features. It’s about being certain the provider meets the necessary privacy, security and compliance standards and can sustain those obligations over an extended period of time. When organizations use DocuSign Notary to conduct RONs, they can be sure DocuSign, a public company, has implemented policies, procedures and training to align with such privacy and security standards and will be around for years to come. Notary is built on DocuSign’s eSignature platform, which incorporates nearly two decades of experience with transformative digital technologies, information security, privacy and data center management. 

For more information on the security practices of DocuSign Notary, visit the DocuSign Trust Center or see Security for DocuSign eSignature.