Booktower, Photo by Lysander Yuen on Unsplash

Document Control Documentation

Revision: 2021-02-05


Documentation


Installing the add-on

You can install Document Control for Confluence Cloud from the Atlassian Marketplace. Click the "Try it free" button to get started.

Configuration and settings

Once the add-on is installed, expand the Document Control for Confluence Cloud add-on in the Universal Plugin Manager and click "Configure".

The Universal Plugin Manager view of the add-on

The "Get started" page helps you with considering the configuration options.

The add-on "Get started" page.

The configuration page provides these settings:

The add-on configuration page.

Regulatory compliance

Authentication requires users to authenticate using their Confluence login before signing a page. (If your intent is to comply with 21 CFR 11, you should enable this setting.) If your approval flow is lightweight, you can disable this setting and allow users to review/approve a document with a click.

Signature settings

Signature settings groups settings related to signature meanings.
The Meanings settings allow the configuration of meanings associated with each signature added to a control document. You can customize the available Meaning options (the default options are based on the language of 21 CFR §11.50), or disable Meanings entirely. Optionally you can define a custom signature meaning type.

Reviewer settings

Notification: The Email notification setting will trigger automatic emails to reviewers whenever they are added to a page.

Restrictions: The restrictions settings allows to restrict editing, signing, and changing reviewers on a page. Restrictions will only be applied to a page after reviewers are updated.

  1. Restrict page edits to reviewers, and give reviewers edit rights. This allows only reviewers to edit a page. When this setting is selected, a new reviewer automatically gets edit rights on the document. The final edit permission also depends on the group permissions of the reviewer.
  2. Restrict signatures to reviewers allows only reviewers to sign a page.
  3. Restrict changing reviewers to document editors allows only users with document edit rights to change the reviewers. As a document editor, you can add reviewers. These reviewers can sign documents, even if they have no edit rights.

Search: Document Control by default searches the groups "confluence-users", "site-admins", and "administrators" when adding reviewers. You can opt to search all user groups in Confluence when adding a reviewer. Searching all user groups will slow down adding reviewers.

Creating a controlled document

A controlled document can be a page in a space. When you create a new controlled document in a restricted space or document, make sure the user "Electronic Signing for Confluence Cloud" has permissions on the new page. If you are creating a new page from scratch, the best practice is to choose the "Controlled document" template from the Create dialog:

Choosing the Controlled Document template.

This template sets up the page with everything needed for use with the Document Control add-on.

If you want to use a different template, or if you want to take an existing page and convert it to a controlled document, it's a simple two-step process:

1. Add the "Document Control" macro somewhere in the body of the page (typically at the bottom):

Inserting the Document Control macro.Inserting the Document Control macro.

2. Add the "controlled-document" label to the page:

Adding the Document Control label.Adding the Document Control label.

Assigning reviewers

There are two ways to add reviewers to a page:

1. Click the Document Control byline on the page (the link under the page title)
2. From the page menu (the three-dot icon with links to Move, Copy, Delete, etc.), click "Manage Reviewers".

Once the "Manage Reviewers" dialog is open, you can add a reviewer to a page by searching by name.

Adding a reviewer.Adding a reviewer.

You can also use this dialog to remove a reviewer by clicking the small "x" next to each reviewer's name.

If you have the Email notification setting enabled, the new reviewer will receive an email inviting them to review the page:

Email notification for new reviewer.

The page's document control status will change to Needs Review until all reviewers have added a signature to the page.

Signing a page

From the page menu, click "Add Signature":

Opening the Add Signature dialog.

Fill out the form and click Submit to sign the page.

If the Authentication setting is enabled, the user is required to enter their email and a secure token, and both must match the presently logged in Confluence user. A user needs to generate a secure token once. The token is unique to each user. If the email and the secure token do not match, the email and token fields are highlighted in red to indicate a problem:

Signing a page.

Document control status

All pages set up for document control will have one of three statuses:

  1. Not reviewed - No reviewers have been added to this page.
  2. Needs review - One or more reviewers have been added to this page, but not all reviewers have signed the most recent version of the page.
  3. Reviewed - All reviewers have signed the most recent version of the page.

The document control status is reflected in the byline (the link under the page title) of each page. It's also reflected in the Document Control macro. For example, in the following screenshot, Jason Wright and Lucille Bluth have been assigned as reviewers, but only Lucille Bluth has signed:

Page that needs review.

Once Jason Wright signs the page, the page looks like this:

Page that has been fully reviewed.

If the page is edited, all reviewers will need to sign the page again to maintain the "Reviewed" status; see Page versioning for more details.

Using the space-level macro

To see the document control status of all pages in a space at a glance, you can use the "Space View" setting of the Document Control macro. Typically, you might want to add the macro to the top-level page in a space. To do this, start editing a page. Then choose from the menu "+" and "View more" to insert the Document Control macro. Choose the "Space View" setting:

Insert the Space View macro.

You can't use the shortcut "/dccc" to insert the Document control macro. Below you can see an example of the macro in "Space View" setting.

Example of the Space View macro.

Troubleshooting


Page/space restrictions

If you have view/edit restrictions enforced either on a space or a page and wish to use the Document Control add-on, you'll need to ensure that the add-on user has both view and edit privileges (the add-on user is "Electronic Signing for Confluence Cloud"). For example, click "Restrictions" from the page menu:

Opening the Restrictions dialog.

Add the "Electronic Signing for Confluence Cloud" user:

Giving privileges to the add-on user.

Page versioning

The Document Control add-on uses Confluence's built-in versioning system to ensure that signatures are linked to a specific version of a page. For example, if a page has been signed by all reviewers, but is then edited, the Document Control macro will show that those signatures were for previous versions of the page:

Signatures for a previous version of the page.

You can click the link in the macro to see the full version history of the page:

Viewing a page's version history.

Note: Restoring a page to a previous version does not resolve the need to re-sign the page. This is because Confluence actually creates a new version that duplicates the restored version.

Signature visibility

As an option you can restrict signature visibility to show only signatures for the current document version. In order to apply this setting you need to edit the document (and thus create a new document version in this process). To change the setting you need to edit the Document Control Macro and check the checkbox "Show signatures applied to the most recent document version only."

Viewing all signatures.

After checking the checkbox, only the most recent signatures are visible:

Viewing current document version signatures only.

If you later to decide to unchecked the checkbox, the earlier signatures will be visible again. Please note that this change also creates a new document version.

Page copying

The Document Control add-on stores information in each page's content properties. This is essentially a form of metadata stored in the page without being directly visible in the page's body.

The way Confluence handles content properties:

  • When a page is moved, content properties are preserved.
  • When a page is copied, content properties are not preserved. UPDATE November 2020: Confluence started copying content properties when a page is copied in some instances, but not in others. Atlassian is aware of the problem.

As a result, copies of controlled documents will not preserve signatures or reviewers. You should make sure to keep the original page intact and move it around your Confluence instance instead of making copies.

SAML/SSO

If you use SAML single sign-on to authenticate with Confluence, it's highly likely that the Authentication setting will not work. Your users need to have an Atlassian account and password for the add-on's authentication process to work.

Data security statement


Overview

The Document Control add-on helps with review and 21 CFR 11 compliant document signing on Confluence Cloud, including the ability to ensure that all signatures are authenticated at the time of signature. All transactions with Confluence Cloud are secured using Atlassian Connect Express / JWT. Data transport is secured using TLS (Transport Layer Security).

Data storage

The add-on server stores only your configuration settings. It does not store any data from your Confluence instance, including users, pages, reviewers, signatures, or anything else. All of the data generated by the add-on is stored in your Confluence instance, not the add-on server.

Certification

The add-on is not certified by any authority. 21 CFR 11 compliance is a complex process, and this add-on is merely a small part. Full compliance will depend on Confluence settings, user management, and other operational processes.

Backups

The add-on server, which only stores your configuration settings, is automatically backed up by Heroku. In addition we keep offsite backups for disaster recovery.

Privacy

All transactions are secured using HTTPS/JWT. Because no user data is stored, there is no long-term privacy risk to using this add-on.

The add-on will request email addresses for your users if and only if you enable the "Send email notification to new reviewers" option in the add-on configuration. Email addresses are only used to send one-time notifications to those users who are added as reviewers for a page. Email address are not stored, shared, or used for any other purpose.

Logging

We keep logs in order to audit for possible security incidents and other errors.

21 CFR 11 compliance statement


Components

ComponentDescription
Confluence Cloud ("Confluence")See Atlassian documentation.
Document Control for Confluence Cloud ("Add-on")A Confluence add-on providing technical solution for document review and electronic signing.

Subpart B - Electronic Records

RequirementTopicConfluenceAdd-onOrganization
§11.10(a)Validation of systemsThe organization is responsible for validating their Confluence installation and the add-on.
§11.10(b)Record generationConfluence has the ability to export documents in PDF or Word format.The add-on's macros will appear in exported records.
§11.10(c)Protection of recordsConfluence provides the ability to backup or transfer pages.The add-on stores all data within Confluence pages.
§11.10(d)Limiting system accessConfluence provides the ability to manage users and groups, and to restrict privileges to particular users or content.
§11.10(e)Audit trailsConfluence keeps all changes in a timestamped, secure audit log. When a page is modified, the old version of the page is preserved in the audit log.The add-on links signatures to particular versions of a page, which will be reflected in the audit log. Signatures for older versions are always preserved and visible via the Document Control macro.
§11.10(f)SequencingThe add-on ensures all steps happen in the proper order.
§11.10(g)Authority checksSee Confluence Cloud data security policies.The add-on is only available to authenticated Confluence users, and can be configured to require additional authentication at time of signing.
§11.10(h)ValidityThe organization should ensure this for all devices that use Confluence/the add-on.
§11.10(i)Education and trainingThe organization should ensure that all users are properly educated, trained, and experienced.
§11.10(j)Written policiesThe organization should write and distribute policies related to electronic signatures.
§11.10(k)Controls documentationThe organization is responsible for maintaining controls documentation.
§11.50(a)Signature manifestationsThe add-on ensures that signatures include the printed name of the signer and the data and time when the signature was executed. The add-on can be configured to require that signers include a signature meaning.
§11.50(b)Signature recordsThe add-on ensures signature manifestations are part of the electronic record by storing them within the Confluence page.
§11.70Signature/record linkingThe add-on does not allow signatures to be moved between records, and copied records do not retain electronic signatures. See Page copying for more detail.

Subpart C - Electronic Signatures

RequirementSummaryConfluenceAdd-onOrganization
§11.100(a)UniquenessThe add-on ensures electronic signatures are unique to one Confluence account.The organization should ensure that Confluence accounts are unique to one individual, and that Confluence accounts shall not be resued by, or reassigned to, anyone else.
§11.100(b)Identify verificationThe organization should verify the identity of individuals before assigning a Confluence account.
§11.100(c)Agency certificationThe organization should certify their use of electronic signatures in writing as per §11.100(c), and persons within the organization should provide any additional certification or testimony as required.
§11.200(a)(1)Identification componentsThe add-on can be configured to require users to provide their email address (i.e. identification code) and a secure token before signing.The organization should enable authentication for all signatures in the add-on's configuration.
§11.200(a)(1)(i)Single sessionThe add-on can be configured to require authentication for all signatures.The organization should enable authentication for all signatures in the add-on's configuration.
§11.200(a)(1)(ii)Multiple sessionsThe add-on can be configured to require authentication for all signatures.The organization should enable authentication for all signatures in the add-on's configuration.
§11.200(a)(2)Genuine ownersThe add-on can be configured to require authentication for all signatures.The organization should ensure authentication information for Confluence accounts is only known, or can only be used, by the account's genuine owners.
§11.200(a)(3)Unauthorized attemptsThe organization should take steps to ensure that use of an individual's Confluence account by anyone other than its genuine owner requires collaboration of two or more individuals.
§11.300Controls for identification codes/passwordsThe organization is responsible for maintaining controls for Confluence authentication information.