We all know that PEC (Certified Electronic Mail) is the IT “replacement” of the expensive registered mail with return receipt and for this reason it certainly generates significant savings in time and costs.
When PEC is used by an individual professional or citizen, everything is quite simple and the advantages of its use are clear. It's a different story when PEC is used within an organization .
Most organizations delegate the use of certified email to their own administration and/or secretariat and very often management is unaware of the risks that such management entails… except when sanctions opportunities are !
Only in these cases, and often in emergencies, does management begin to pay attention to the issue, discovering that the correct management of certified email communications in organizations constitutes a real challenge and that to face and overcome it, it is necessary to equip oneself with adequate tools and an appropriate reorganization that will allow, by resolving the issue, also a rather rapid return on investment .
Let's dig deeper. When an organization receives a certified email (PEC) in one of its managed mailboxes, the correct recipient of the message will be one of the dozens (or hundreds) of people who work in that organization.
That message reaches the people responsible for managing certified emails, who, of course, have many other tasks in that organization.
These people should specifically:
- Pay attention to that message that often gets confused among dozens and dozens of other email messages
- understand what it is and forward it to the correct recipient who will have to follow up with the necessary processing
- take care of understanding whether the recipient has received and is carrying out the requested actions within the expected timeframe (PECs often impose deadlines which, if not respected, certainly create problems)
- remember to follow up
- close the process by providing the correct response to the sender
What are the chances that, especially when faced with not one but dozens and dozens of messages a day, something will go " wrong" and an important message will be followed up by a failure to process and respond? Experience shows that the chances are very high .
It is clear that if the message were " captured" by a tool capable of guaranteeing all those steps while also automatically monitoring times and escalations, we would have increased effectiveness and obtained a reduction in risks as well as an improvement in efficiency .
Even with this simple example, which illustrates just one of over 20 typical scenarios for the use of certified email in an organization, it is clear how the return on investment is achieved through a mix of effectiveness, efficiency, and risk reduction, in addition to compliance and integration requirements that a topic such as managing certified email in an organization requires.
We have attempted to classify a series of “typical features” offered by a PEC Manager specifically with respect to the parameters indicated above.
Anyone who is faced with the decision of whether to invest in introducing a tool of this type into their organization may find the table below useful:
| EFFECTIVENESS |
|
| RISK REDUCTION |
|
| EFFICIENCY |
|
| COMPLIANCE |
|
| INTEGRATION |
|
To complete the overview, and to help those who need to make a decision , there's another factor to consider: the type of tool. Not all certified email managers are the same. Some are little more than a email client
Others are actual frameworks that allow you to decouple certified email inboxes from the individuals who manage them, allowing certified email inboxes to become a resource for the organization and its IT systems.
Some of these frameworks have integrability and customization features that make them suitable for enterprise-class applications.
As always, there is no one tool better than another; you simply have to look at your needs and choose which option allows you to achieve your goal.
How a document archive outsourcer can derive value from a no-code approach
Specializing in document management , Pròdeo SpA was founded in 1985 to meet the ever-growing need for correct management of both paper and digital document assets.
Pròdeo SpA is able to manage the entire document archive management life cycle in its main steps:
Collection, transfer, and storage of materials in dedicated archival storage facilities, adequately equipped, in complete safety, and in compliance with current privacy legislation;
Computerized reorganization and cataloguing;
Search and delivery of the original/digital document, according to the timing and needs dictated by the client;
Discarding, destroying, and eliminating both analog and digital documentation no longer subject to archiving requirements.
Over the years, it has become a point of reference for companies and public administration, particularly healthcare companies , and has always paid attention to two types of issues: the secure storage of the information in its possession and the evolution of data , which over the years has transformed from physical data (paper documents) to digital data (documents in electronic format). It supports administrations in the process of digitizing paper documents and making them available to digital archives in accordance with AgID guidelines.
Steps 1–4 required specific procedures and resources. Step 3, for example, involved an email from a representative at the client organization requesting access to the paper or digital document and its delivery to the requester via secure means (courier or certified email, respectively). This delivery was successful if the requested document was actually on file, a check performed on the database created in step 2 using a dedicated solution. Otherwise, the requester was notified that the document was not on file.
This brief description highlights a series of critical process issues
- fragmentation of activities with significant operational inefficiencies
- use of specific, fragmented solutions for archival storage management, computer cataloging, digital document repositories, etc.
- Email-based communication tools with problematic user identity management, security and privacy
- difficult tracking and monitoring of activities with potential disputes with the client on project SLAs
The solution to these problems was to build a single BPM application on the Jamio Openwork . The entire application platform operates according to the guidelines of the Italian Digital Agenda, i.e., in cloud mode, with services provided in SaaS mode.
end-to-end order management activities , structuring the client organization's document archive management, managed by Pròdeo, in a single cloud environment, along with the back office activities performed by the company's employees and the processing of requests from registered and authorized users by the client organization, enabling document sharing and process management in a structured and secure manner.
On the application front, this solution includes the following innovative features:
- implements document management models aimed at simplifying internal processes within the client organization and Pròdeo, based on digital procedural workflows to improve internal efficiency and the effective use of resources;
- the flows are digitalized;
- the system operates in a proactive, non-reactive mode: all actors involved are guided through the activities to be performed;
- process information and documents are made available to authenticated users according to the relevant visibility policies;
- provides rule-based security policies that allow you to condition/control/limit access to data and functionality based on the user profile and role held in the organizational context;
- the activities are tracked and the data collected in order to present a timely progress report of the work and the definition of KPIs functional to the service improvement analyses shared with the client organisation.
- It is compliant with the management of the privacy of sensitive data according to the provisions of the European Regulation on Privacy, 679/2016. In particular, within the GDPR, the Platform is configured as an enabling platform for compliance with national or international legislation, providing a series of native tools, functionalities, technical and organizational measures that effectively respond to the principles of Data protection by design and by default [Art. 25 GDPR] or to more specific protection requirements.
All the advantages described translate into tangible benefits such as:
- efficiency improvement of operational activities with an estimated 15% improvement in performance;
- Reduce solution delivery times to a few weeks with Jamio's no-code approach
- satisfaction of the client organization's representatives, always connected with any browser and always updated on the status of their requests
All this can be achieved in many different ways using a variety of approaches, methods, and tools.
We then asked Piero Cosoli , Chief Operating Officer of Pròdeo: why did you choose Jamio ?
“Aside from the no-code , or the ability to grow the solution in a co-creation made possible by the fact that we literally shared the “designs” of the solution as it was being created, the thing that most interested us was the concept of extended organization that Jamio implements, enabling collaboration between multiple organizations : that of Pròdeo , the outsourcer, and that of all its customers. These organizations no longer find themselves passively involved with messages, but active participants in the processes, obtaining an advantage both for Pròdeo , which has been able to outsource several activities otherwise handled by its back office, and for the customer, who, as an actor, can monitor the progress of the processes that concern them at any moment in real time, avoiding unnecessary and cumbersome information gathering activities and being able to easily monitor the SLA.”
University of Turin: No-code takes center stage at the itAIS Conference from October 13th to 14th.
Accelerating digital transformation: the key role of “no code” and AI in management processes is the title of the itAIS 2023 Conference to which Openwork contributes with the speech New frontiers to bridge business and IT: Citizen Developer and no-code application development.
These are the scheduled interventions:
Prof. Silvana Secinaro – Full Professor of Business Administration and Accounting, University of Turin
Introduction
Prof. Guido Boella – Full Professor of Informatics, University of Turin
Presentation of the University of Turin public engagement project (AI Aware)
Prof. Davide Calandra – Assistant Professor of Business Administration and Accounting, University of Turin
How AI and no-code can support the preparation of sustainability reports
Dr. Philip Vitale – Head of Learning Academy, Openwork srl
New frontiers to unite business and IT: Citizen Developer and no-code application development.
Dr. Roberto Bianchi – IT Partner, KPMG
Dr. Alberto Marocchino – Senior Manager, KPMG
KPMG's digitalization strategy: between AI and No Code
Dr. Fabio Schena – Head of Studies, Innovation API Torino and Digital Innovation Hub Confapi
API strategies to support the digitalization of SMEs
University of Turin
Corso Unione Sovietica 220 Turin 10134 13 October 2023 09:00
Naica:
Testimonies from Fabio D'Alessano and Lorenzo Quarta
Naica is a non-profit cooperative, governed by the principles of mutuality, volunteerism, welfare, and social solidarity. Founded in 2006 by a group of young students and graduates from the University of Lecce (now the University of Salento), who, by combining their diverse academic and professional knowledge and experience, created an environment of integration between skills and knowledge in diverse sectors, with the aim of offering high-value services to public and private stakeholders at both the national and international levels.
From certified email to email inbox (REM): Openwork is working to extend its clients' digital processes beyond Italy.
In today's increasingly connected and digitalized world, certified email (PEC) has become an essential part of our working lives, contributing enormously to the digitization of business processes.
However, the dear PEC , now almost twenty years old, is rather advanced in age, in an IT context that is rapidly evolving with respect to new and more stringent European standards.
In fact, the European Commission, through Regulation EU910/2014 EIDAS, has defined new standards for European electronic transactions to promote greater interoperability, and the Italian certified email (PEC) does not comply with them.
Therefore, our ancient PEC will be replaced, or rather, will evolve, into the younger, more secure and European REM (Registered Electronic Mail).
This shouldn't alarm us; on the contrary, it's an opportunity. For Italian certified email users, everything will remain unchanged, except for a few precautions that need to be implemented. This is thanks to the meticulous work of industry operators, such as providers, who are studying and adopting procedures to comply, and certified email management service providers, such as Jamio , who, in step with the providers, are adapting to their procedures.
What is REM?
REM, Registered Electronic Mail, is an advanced form of email, a new European standard ( ETSI EN 319 532-4 ), aimed at defining an interoperability model for PEC within Europe.
In addition to what certified email (PEC) already provides in Italy, such as timestamping of message sending and receipt integrity , REM offers the certain identification of the parties involved in message transmission (sender and recipient) and a more secure communication exchange with the rest of Europe, through reliable and shared authentication mechanisms. Compared to certified email (PEC) , REM provides for the adoption of additional levels of control and specific authorizations for access and service management, with the definition of two-factor identification , or Strong Authentication.
When will REM be operational and how will it work?
The transition from certified email (PEC) to email (REM) is expected in 2024. The implementation phases of the process are still awaiting the regulatory Prime Ministerial Decree, as the European Union has not yet set an official migration date for certified email (PEC) managers.
Regarding its operation, Italian providers will guarantee the transition from the old PEC to the new REM is painless and without any change in contact details.
Specifically, those using a certified email inbox through a certified email management solution, such as those created with the Jamio platform, or an email client such as Thunderbird, will need to perform the following simple tasks:
- Certify your identity with the provider to guarantee the sender's identity with certainty (with SPID, digital signature, digital ID card, health card, or through an operator);
- Request a token from the provider that will expire (typically 2 or 3 months) to use as a password in the solution itself to perform two-factor authentication. This procedure must be repeated periodically before the token expires.
Each Italian provider will implement its own procedure for requesting the token, referring to what is reported in the document drawn up in 2019 by the Working Group on the technical rules to be adopted in Italy to comply with the REM regulation .
What is Openwork doing?
While awaiting the issuance of the Prime Ministerial Decree that will make the REM mandatory, Openwork, in line with the providers that have already defined an adaptation procedure, is testing its integration in order to:
- Ensure service continuity for existing solutions whose certified email inboxes will be converted to REM;
- Enable the creation of REM solutions compliant with the IT policies defined at European level.
In any case, it will always be possible to use the old certified email inboxes.
With the growing concern for privacy and data security, the REM offers a reliable way to ensure that certified emails are delivered securely and that communications are legally valid throughout Europe. Therefore, there is plenty of room to expand our digital flows beyond Italy.
