- +32 9 242 87 30
- hello@docbyte.com
- Kortrijksesteenweg 1144 B 9051 Gent
Digital records often need to remain trustworthy long after the systems, certificates and formats around them have changed. Qualified Electronic Archiving helps organisations preserve electronic records with controlled integrity, proof of origin, auditability and long-term usability under the eIDAS trust-services framework.
Docbyte Vault provides the governed archive and preservation layer for organisations that need more than storage: defensible electronic records, verifiable evidence chains and controlled access over long retention periods.
For regulated environments, QeA helps bridge daily archive operations with the evidence expectations of auditors, regulators, courts and internal risk teams.
gekwalificeerde elektronische archivering (QeA), is the eIDAS trust-service approach for preserving electronic data and documents so their integrity, proof of origin, governance and long-term usability can be demonstrated. It is for organisations that need records to remain trustworthy over years or decades, not only stored in a repository.
Docbyte approaches QeA through Docbyte Vault: a governed archive and preservation platform that combines controlled ingest, preservation packaging, evidence handling, retention governance, audit trails and secure access.
Many organisations start with a practical archive requirement: store electronic documents, keep them searchable and retrieve them when needed. That is electronic archiving.
Qualified Electronic Archiving goes further. It is designed for records that may need to be defended years later, when the original business application has changed, certificates have expired, cryptographic algorithms have evolved or the organisation must prove that a record was preserved under controlled conditions.
In those cases, the archive is not only a storage location. It becomes part of the evidence chain. The service must preserve integrity, proof of origin, governance, access history and long-term usability in a way that can be verified.
QeA bevindt zich op het snijvlak van de EU-wetgeving voor trustdiensten, Europese en internationale normen en sectorspecifieke regelgeving.
Regulation (EU) No 910/2014 established the EU framework for trust services. The eIDAS framework has since been amended by Regulation (EU) 2024/1183, which introduced electronic archiving and qualified electronic archiving as trust-service categories. Article 45j sets out requirements for qualified electronic archiving services, including durability, legibility, integrity, confidentiality and proof of origin throughout the preservation period.
Qualified preservation remains relevant for qualified electronic signatures and seals. In Docbyte Vault, QPres focuses on preserving validation evidence, timestamps and evidence records so signed or sealed records can remain verifiable over long retention periods.
QeA and QPres are related, but not identical. QeA concerns the qualified electronic archive service. QPres is especially relevant when archived records include qualified electronic signatures or seals whose validation evidence must remain trustworthy over time.
ETSI TS 119 511 defines policy and security requirements for trust service providers providing long-term preservation of digital signatures and related evidence. ETSI TS 119 512 covers the technical protocols for preservation service interactions.
For records with electronic signatures or seals, Docbyte Vault can preserve the signature evidence and validation report stored alongside the record in the archive.
CEN TS 18170 is the European technical specification providing requirements and guidance for electronic archiving systems. It addresses the functional, technical and organisational requirements for systems designed to preserve electronic records with evidential and compliance value over time. It is directly relevant to procurement and assessment of electronic archiving solutions in regulated European environments.
ISO 14721 (OAIS) is het referentiemodel voor digitale bewaring systemen, het definiëren van SIP/AIP/DIP-pakketten, preserveringsplanning en het concept van de aangewezen gemeenschap. ISO 16363 (TRAC) biedt het auditraamwerk voor formele certificering van repositories. ISO 14641 bevat praktische vereisten voor systemen voor documentbewaring. ISO 15489 definieert de records management principes die ten grondslag liggen aan elk compliant archiveringsprogramma.
Most organisations already store documents digitally. The problem is that storage does not equal preservation of evidential value. For many organisations, the real risk appears years after a record was created. The document still exists, but the original system is gone, the signature can no longer be validated, the context is missing or the audit trail is incomplete. QeA is designed to prevent that loss of defensibility.
Digitally signed records may become unverifiable without preserved proof. Without evidence records and renewed timestamps, the chain of trust breaks. For this use case, see bewaring van digitale handtekeningen en zegels.
01
Verificatieregels moeten mee evolueren met algoritmes en trust anchors.
02
Wat vandaag leesbaar is, is dat niet vanzelf over 10 tot 20 jaar.
03
Zonder gecontroleerde ingest en metadatabeheer wordt uitleg en reconstructie moeilijk.
04
Exports, kopiën en systeemmigraties kunnen integriteit en audit trails aantasten.
05
A qualified archive must make the evidence chain visible. The organisation should be able to explain what entered the archive, where it came from, which controls were applied, who accessed it, what changed around it and why the record can still be trusted.
Bron, kanaal en systeem worden bij ingest vastgelegd. Tijdstip van ontvangst, completeness checks, formaat- en handtekeningherkenning. Herkomstinformatie bewaard als deel van het dossier, met immutable ingest audit log.
Fixity checks via checksums bij ingest en op schema. Tamper-detection en integriteitsmonitoring van opslag. Immutable audit logs voor alle lifecycle events.
Dit is de kern van QPres (Gekwalificeerde bewaring van elektronische handtekeningen en elektronische zegels).Evidence records leggen de validatiestatus van handtekeningen en zegels vast op een bekend moment, vóór certificaatverlopen of algoritmewijzigingen toekomstige validatie onzeker maken. Gekwalificeerde timestamps van geaccrediteerde TSP's op de EU Trust Service List. Evidence renewal: proactieve vernieuwing vóór expiry om de keten van vertrouwen ononderbroken te houden.
Policy-based retentie consistent toegepast per dossiertype. Legal holds laten toe verwijdering op te schorten wanneer dossiers onderwerp zijn van onderzoek, geschil of audit, met volledige traceerbaarheid. Verdedigbare vernietiging: auditbaar bewijs van wat vernietigd is, wanneer, door wie, onder welk beleid en met welke goedkeuringen.
Doel- en tijdgebonden toegang voor operationele gebruikers, auditors en inspecteurs. Separation of duties. Volledige traceerbaarheid van toegang, exports en lifecycle acties. Externe audit-toegang zonder operationele systemen bloot te stellen.
Formatvalidatie en risicobewaking via PRONOM/DROID of equivalent. Gecontroleerd migratieprogramma voor risicoformaten. Designated community documentatie (OAIS): wie de dossiers nu en in de toekomst moet kunnen begrijpen. Evidence renewal op schema afgestemd op cryptografische algoritme-lifecycles.
As Europe’s first Qualified Trust Service Provider that offer Electronic Archiving, Docbyte positions QeA as an operational trust service, not just a theoretical compliance topic.
Docbyte Vault is the product layer that operationalises qualified electronic archiving. It is not a passive storage bucket. It manages archive packages, metadata, integrity evidence, access rights, audit trails, retention rules and preservation actions across the record lifecycle.
This allows organisations to connect operational systems, document intake flows and business archives to a governed preservation layer without depending on the original source application forever.
Inname uit DMS, e-mail, portals, scanners, business apps en externe platformen. Completeness checks en structuurvalidatie, formaat- en handtekeningidentificatie, metadata-extractie en -validatie bij ingest. Records verwerkt als SIP's naar AIP's voor beschermde langetermijnbewaring, gebundeld met integriteitsbewijzen en toegangsrechten. DIP's voor gecontroleerde raadpleging met traceerbare herkomst vanuit de AIP.
Fixity checks en integriteitsmonitoring op schema. Evidence records en timestamps, inclusief gekwalificeerde bewijsmechanismen waar toepasselijk. Proactieve evidence renewal voor elektronisch ondertekende of verzegelde records (QPres) vóór expiry. Audit trails voor ingest, toegang, retentie en vernietiging.
Configureerbare metadatamodellen en file plans. Retentieschema's en legal holds met GDPR-conforme ondersteuning voor vernietiging. Attribuutgebaseerde toegangscontrole en separation of duties. Read-only raadpleging met audit log en doel- en tijdgebonden externe toegang.
Verdedigbare retentie en vernietiging met duidelijke beleidscontrole. Standaarden-gebaseerde aanpak (OAIS, ISO 14641, E-ARK) uitlegbaar aan auditors. Minder ad-hoc exports en manuele correcties.
Herhaalbare controles in lijn met eIDAS, ETSI en sectorale regelgeving. Sterkere audit readiness: controles zijn gedocumenteerd en verifieerbaar. Minder blootstelling bij geschillen, inspecties en toezichtsbevindingen.
ALCOA+-conforme dossierbeheersing voor GxP-omgevingen. Inspection readiness met gecontroleerde toegang voor externe auditors.
QeA is an eIDAS trust-service concept for preserving electronic records so their integrity, proof of origin, governance and usability can be demonstrated over long periods. Regulation (EU) 2024/1183 introduced qualified electronic archiving as a trust-service category, with Article 45j setting requirements for qualified electronic archiving services. Related standards such as ETSI TS 119 511/512 and CEN TS 18170 support the technical and organisational control framework.
CEN TS 18170 is de Europese technische specificatie die eisen en richtlijnen biedt voor elektronische archiveringssystemen. Het behandelt de functionele, technische en organisatorische vereisten voor systemen die elektronische archiefdocumenten met bewijskracht en nalevingswaarde bewaren, en biedt een gemeenschappelijke Europese basis voor aanschaf en beoordeling naast het eIDAS trust services framework.
Electronic archiving focuses on storing, retrieving and managing electronic records. Qualified Electronic Archiving adds the eIDAS trust-service layer: controlled ingest, integrity protection, proof of origin, auditability, retention governance and long-term preservation controls. It is designed for records that may need to be defended in audits, inspections, disputes or regulated retention processes.
Qualified Preservation (QPres) is the approach used when you need long-term certainty specifically for records carrying electronic signatures or electronic seals. QeA provides the qualified archiving framework. QPres preserves validation evidence, timestamps and evidence records so signed or sealed records can remain verifiable across the full retention period.
Zonder de juiste bewijslast kan validatie falen. Een QeA-aanpak bewaart en vernieuwt de nodige bewijsinformatie zodat verificatie mogelijk blijft.
The primary framework is eIDAS, as amended by Regulation (EU) 2024/1183 for electronic archiving and qualified electronic archiving. Article 45j sets requirements for qualified electronic archiving services. Article 34 remains relevant for qualified preservation of qualified electronic signatures and seals. ETSI TS 119 511 and ETSI TS 119 512 cover preservation service requirements and protocols. CEN TS 18170 provides European electronic archiving system requirements. OAIS (ISO 14721), ISO 14641 and ISO 16363 support the preservation architecture. Sector regulations such as MiFID II, ICH E6, FDA 21 CFR Part 11 and GDPR add use-case-specific requirements.
No archive provider should make absolute admissibility guarantees. QeA is designed to support a stronger evidential position by preserving integrity, proof of origin, audit trails and governance controls. The legal effect in a specific case depends on jurisdiction, the record type, implementation, procedural context and how the evidence is assessed.
Retentieregels zijn policy-based en worden consistent toegepast. Legal holds laten toe de verwijdering op te schorten wanneer dossiers onderwerp zijn van onderzoek, geschil of audit, met volledige traceerbaarheid.
Een gekwalificeerd archief biedt gecontroleerde, read-only toegang met rechteninstelling, doelbinding, tijdgebonden toegang waar nodig, en volledige audit logs.
No. Digitaal behoud focuses on keeping digital information readable, usable and understandable over time. Qualified Electronic Archiving includes preservation concerns, but adds the trust-service and governance layer required under eIDAS for qualified electronic archive services. In practice, the two should work together: preservation keeps records usable, while QeA strengthens integrity, proof of origin and evidential controls.
Wil u toetsen of uw huidige archief 'defensible' is en welke rol QeA en QPres daarin spelen? Neem contact op met Docbyte voor een korte assessment of demo, afgestemd op uw use case.
U kunt ook digitale archiveringsoplossing, archivering op lange termijn, preservation of signatures and seals en de QeA and QPres FAQ.
Dutch 
English 
