arrow_circle_left Back to All Policies

Electronic Signature Policy

TBR Guideline Reference: B-095

Approved by: Allana Hamilton

Original Date Effective: 2018-08-10

PURPOSE

This policy establishes when an electronic signature may be used to replace a written signature and when an electronic record may be used to replace a paper document in official business of the College, and establishes procedures for using electronic signatures.

POLICY

Electronic signatures may replace written signatures and electronic records may replace paper documents in official business of Jackson State Community College unless law specifically requires written signatures or paper documents. This policy provides guidance on electronic signature use and the acceptance of electronic signatures via such methods as electronic authentication, signature certificates, facsimile, email, and scanned signatures. The use of an electronic means of authentication/signature provides the institution, vendors, staff, and students with secure and practical methods to submit approvals electronically. The acceptance and use of electronic signatures should focus on security, convenience, and reasonable methods of verification based on the transaction being conducted.

Definitions

Electronic Signature - An electronic signature/approval (e-signature) must be attributable (or traceable) to a person who has the intent to sign the record with the use of adequate security and authentication measures (e.g., use of personal identification number or personal log-in identification username and password). and the recipient of the transaction must be able to permanently retain. an electronic record of the transaction at the time of receipt.

Electronic Record - Any record created, generated, scanned, sent, communicated, received or stored by electronic means.

Electronic Transaction - A transaction that supports a business function or process conducted or performed, in whole or in part, by electronic means or electronic records.

Authentication - Verification of the identity of a person providing an electronic signature.

SCOPE

I. To facilitate the use of paperless transaction a process for verifiable electronic signatures must exist. Electronic signatures may be implemented using various methodologies depending on the risks associated with the transaction.

Examples of transaction risks include: fraud, nonrepudiation, and financial loss. The quality and security of the electronic signature method should be commensurate with the risk and needed assurance of the authenticity of the signer. Authentication is a way to ensure that the user who attempts to perform the function of an electronic signature is the correct individual and is authorized to "sign".

An electronic signature may be accepted in all situations if requirement of a signature/approval is stated or implied. This policy does not supersede situations where laws specifically require a written signature. This policy cannot limit the right or option to conduct the transaction on paper or in non-electronic form and the right to have documents provided or made available on paper at no charge. The e-signature must be protected by reasonable security measures as applicable to established computer functions of the institution.

Establishing and Use of an Official Electronic Signature

  1. Identify the risks associated with using an electronic signature process and determine if the risks are manageable including impact on other processes.
  2. Develop procedures that include the following:
    1. Establish mutual agreement to use electronic signatures between the parties.
      1. Whether the parties agreed to conduct a transaction by electronic means is determined from the context and surrounding circumstances, including the parties' conduct.
    2. Determine and document that the signature method conforms to TBR and institutional guidelines and federal and state law.
      1. When policy requires that a record have the signature of an authorized person or a written signature on a document, these requirements are met when the electronic record has an electronic signature that used an approved electronic signature method.
      2. When there is a legal requirement, that a record has the signature of an authorized person or requires a written signature on a document, that signature is met when the electronic record has associated with it an electronic signature that used an approved electronic signature method, which complies with TBR/JSCC policy and state and federal law.
    3. Appropriate procedures must be used to confirm that the person signing the record has the appropriate authority and intent to sign the record.
    4. Ensure procedures are in place to preserve and maintain the integrity and security of electronic records and approvals for both the sender and the recipient.

Approval of Electronic Signature Methods by the Approval Authority

All acceptable electronic signature methods must be in accordance to this guideline and applicable state and federal laws, and which specifies the form of the electronic signature, the systems and procedures used with the electronic signature, and the significance of the use of the electronic signature.

  1. A. Emailed and Scanned Signatures

    The electronic process expedites obtaining required contractual information. A scanned or emailed signature shall be considered just as valid as an original written signature except when state or federal law requires an actual original signature; when the scanned or emailed signature cannot be verified; or when the other party desires original signatures. In order to accept a scanned or emailed signature in lieu of an original written signature, the authenticity of such scanned or emailed signature must be verified by the receiving party. Such means of verification shall include:
    1. The receipt of a scanned or emailed signature from an email address verified as belonging to the party that did so sign and transmit the document. Email access being based on _unique credentials (username/password) will be accepted as the electronic record for the email and associated attachments from student/vendor. Electronic signature will be the scanned document containing the authorized written signature from the student/vendor/contractor.
    2. Furthermore, in order for a faxed, scanned, or emailed signature to be considered valid, both parties must agree that a faxed, scanned, or emailed signature or a copy of the same (including an electronic copy) may be used for all purposes for which the original signature may have been used.
  2. Online Approvals or Requests
    1. Online approval expedites obtaining required approvals for internal processes and can be established by contract with other parties.
    2. Online requests expedites processing and provides more effective and efficient service to the student.
    3. Online approvals/requests shall be accepted as valid when the online process requires authentication such as user name and password.

As appropriate, online approval systems should implement technologies in alignment with industry best practices including secure data transmission standards, password expiration and complexity policies, etc.