Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    • Environmental Topics
    • Air
    • Bed Bugs
    • Chemicals and Toxics
    • Climate Change
    • Emergency Response
    • Environmental Information by Location
    • Environmental Justice
    • Greener Living
    • Health
    • Land, Waste, and Cleanup
    • Lead
    • Mold
    • Pesticides
    • Radon
    • Science Topics
    • Water Topics
    • A-Z Topic Index
    • Laws & Regulations
    • By Business Sector
    • By Topic
    • Compliance
    • Enforcement
    • Guidance
    • Laws and Executive Orders
    • Regulations
    • Report a Violation
    • Environmental Violations
    • Fraud, Waste or Abuse
    • About EPA
    • EPA Administrator
    • Organization Chart
    • Staff Directory
    • Planning, Budget, and Results
    • Jobs and Internships
    • Headquarters Offices
    • Regional Offices
    • Lab and Research Centers
Cross-Media Electronic Reporting Rule
Contact Us

Lesson 5: Standards for an Acceptable Electronic Document Receiving System

Back | Next

CROMERR requires that all acceptable electronic document receiving systems are able to generate legally-defensible data to prove document integrity according to the five standards below.

Review each standard for a full explanation.

The e-document is not alterable without detection

The system must be able to prove that its electronic documents cannot be altered without detection during transmission or at any time after receipt. This is a basic data integrity requirement that ensures what was sent is what was received.

Alterations to the e-document are documented by the system

The system must provide a record of any alterations to the electronic document during transmission or after receipt.

The e-document can only be submitted intentionally

The system must be designed so that the electronic document can only be submitted knowingly, and with intent, and not by accident.

Submitters and signatories can review the COR of the e-document

Submitters and signatories must have: (1) the opportunity to review the Copy of Record (COR) in a human-readable format that clearly and accurately associates the electronic document information with descriptions; and (2) the opportunity to repudiate the electronic document based on this review.

COR refers to a true and correct copy of an electronic document received by an electronic document receiving system, which can be viewed in a human-readable format that clearly and accurately associates all the information provided in the electronic document with descriptions or labeling of the information. A COR includes:

  1. All electronic signatures contained in or logically associated with that document;
  2. The date and time of receipt; and
  3. Any other information used to record the meaning of the document or the circumstances of its receipt.

For example, if the COR is maintained as an XML file, then the COR should include the XSL style sheet used in conjunction with the file to present it back to the signer.

If an e-signature is required, then the e-document meets e-signature requirements

If an e-document requires an e-signature, then it must meet the following requirements:

  • E-signatures must be valid at the time of signing.
  • E-documents cannot be altered without detection after signing.
  • Each signatory must have an opportunity to:
    • Review the e-document content, in human-readable format, before signing; and
    • Review the required certification statement, which includes criminal penalty implications of false certification, at the time of signing.
  • Signatories must sign either an electronic signature agreement or subscriber agreement for the e-signature device used to create his or her e-signature.
  • The system must automatically respond to the receipt of an e-document with an acknowledgement identifying the e-document received, the signatory, and the date and time of receipt. It must also be sent to at least one address that does not share the same access controls as the account used to make the electronic submission.
  • For each e-signature device, the identity of its unique user and the users' relationship to the entity for which he or she is signing has been determined by the state, tribe, or local government.

Back | Next

  • CROMERR Home
  • Learn about the Cross-Media Electronic Reporting Rule (CROMERR)
  • Overview for State, Tribal, and Local Governments
  • Overview for EPA Programs and Regions
  • CROMERR 101 Training
    • Lesson 1: Overview of the Final Rule
    • Lesson 2: Quick Tour of the Final Rule
    • Lesson 3: Application Requirements
    • Lesson 4: The EPA Review and Approval Process under Part 3
    • Lesson 5: CROMERR-Compliant Electronic Reporting
      • Lesson 5: Overview of CROMERR Requirements for Electronic Reporting
      • Lesson 5: Requirements for Authorized Program e-Reporting
      • Lesson 5: Standards for an Acceptable Electronic Document Receiving System
      • Lesson 5: Defining "Valid Electronic Signatures"
      • Lesson 5: System Requirements for Receiving e-Signatures
      • Lesson 5: Priority vs. Non-Priority Reports
      • Lesson 5: Title: Enforceability Provisions
      • Lesson 5: Title: End of Lesson
    • Lesson 6: Using the Checklist to Work through System Requirements
    • Lesson 7: From Requirements to Solutions
    • Lesson 8: Four Critical Roadmap Items
  • Program Announcements & Initiatives
  • Status of CROMERR Applications from States
  • CROMERR Federal Register Notices
  • Application Tools & Templates
  • Sample Applications & Checklists
  • Glossary
  • Frequently Asked Questions
  • Help Desk
Contact Us to ask a question, provide feedback, or report a problem.
United States Environmental Protection Agency

Discover.

  • Accessibility
  • Budget & Performance
  • Contracting
  • EPA www Web Snapshot
  • Grants
  • No FEAR Act Data
  • Plain Writing
  • Privacy
  • Privacy and Security Notice

Connect.

  • Data.gov
  • Inspector General
  • Jobs
  • Newsroom
  • Open Government
  • Regulations.gov
  • Subscribe
  • USA.gov
  • White House

Ask.

  • Contact EPA
  • EPA Disclaimers
  • Hotlines
  • FOIA Requests
  • Frequent Questions

Follow.

Last updated on April 23, 2021