Feedback
Section 725 - Use of Electronic Signatures and Submission

Section 725 - Use of Electronic Signatures and Submission


This policy is designed to provide reasonable assurance for the integrity, authenticity, and nonrepudiation of electronic documents when electronic signatures and submissions are used and accepted; and to promote the use of electronic signatures and submissions throughout Lower Columbia College (LCC).

This policy and its procedures apply to all LCC employees participating in the approval, selection, acquisition, and implementation of an electronic signature solution.

 

725.1 Background

The use of electronic records and electronic signatures can significantly reduce costs, simplify transactions and speed up transaction time. Lower Columbia College (LCC) intends to promote electronic transactions and remove barriers that might prevent electronic transactions throughout the college. Changes to Washington law make it clear that organizations are allowed and encouraged to use and accept electronic signatures to authenticate electronic transactions. Unless otherwise specified by law, electronic signatures have the same force and effect as that of a handwritten signature.

State agencies must meet the following requirements in order to use and accept electronic signatures or electronic submissions:

State agencies are required to put in place by policy or rule, the methods and process for using or accepting electronic submissions or electronic signatures.

Electronic records and signatures must be consistent with policy, standards and guidelines provided by the state's chief information officer.

To the fullest extent allowed by law, Lower Columbia College (LCC) encourages electronic transactions and recognizes electronic records and signatures. The use and acceptance of electronic signatures and electronic submissions/records shall be consistent with the guidance and requirements put in place by the Office of the Chief Information Officer (OCIO).

The Vice President of Administrative Services in consultation with the Director of IT Services and the Finance Director shall approve specific methods and processes for electronic signatures and submissions. These approval authorities may be delegated at the discretion of the VP of Administrative Services.

The approval of solutions shall be coordinated through the IT Services department. The VP of Administrative Services shall determine a suitable review and approval process to be used when determining which solution(s) are suitable for a particular type of record or transaction. Where appropriate, a team approach shall be used.

Approved solutions shall be listed in the related procedures.

This policy and changes to this policy shall be made available on the OCIO website and the DES Laws, Rules, and Policies website.

 

725.2 Definitions

Electronic Signature

An electronic signature is a sound, symbol, or process attached or associated with an electronic record and executed or adopted by a person with the intent to sign the record. The integrity and authenticity of a record with an electronic signatures needs to be preserved over time. Signatures are used when:

  • required by law, or
  • the significance of a transaction needs to be emphasized, or
  • the transaction needs to be bound to a person

In practice, electronic signatures emphasize one or more of the following four parts:

  • the identification and authentication of the signer, or
  • the intent to sign, or
  • the association of the signature to the record, or
  • the authenticity and integrity of the record

Authentication

The assurance that an electronic signature is that of the person purporting to sign a record or otherwise conducting an electronic transaction.

Authorization

When an individual has both verified permission and the requisite authority to sign a record, access specific college services, or perform certain operations, including executing binding agreements.

Electronic Record

A record created, generated, communicated, sent, received, or stored by electronic means.

Nonrepudiation

Nonrepudiation is the assurance that someone cannot deny something. Typically, nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated.

Record Integrity

Integrity refers to the assurance that a record is preserved without any alteration that would impair its use as an authentic record. Both accuracy and the completeness of the electronic record must be preserved.

Click Through or Click Wrap

In this type of electronic signature, a signer is asked to affirm his or her intent or agreement by checking a box or clicking a button. The Click Through/Click Wrap approach is commonly used for low risk, low value consumer transactions.

Password or Personal Identification Number (PIN)

When using a password or PIN for an e-signature, a person is required to enter identifying information, which may include an identification number, the person's name and a "shared secret" such as a PIN or password. A password/PIN is more secure than the click through/click wrap method.

Digitized Signature

A digitized signature is a graphical image of a handwritten signature. This approach may use specialized hardware or software for additional security. A digitized signature is more secure than the password/PIN method.

Digital Signatures

A "digital signature" is created when the signer uses a private signing key to create a unique mark (called a "signed hash") on an electronic document. The recipient of the document uses the signer's public key to validate the authenticity of the private key and to verify that the document was not altered after signing. A digital signature is more secure than the digitized signature method.

Hybrid Approaches

Hybrid electronic signature solutions are available by combining techniques from various approaches to provide increased security, authentication, record integrity and non-repudiation.

 

Historic Information:

  • Reviewed by the Cabinet - November 2017
  • Reviewed by Governance Council - December 6, 2017
    • ( Recommended taking to UMCC and Operations Council, then proceed with campus review)
  • Reviewed by Operations Council - December 11, 2017
  • Reviewed by UMCC - January 16, 2018
  • Campus Review - January 18 - February 2, 2018
  • Governance Council Review - February 7, 2018
  • Approved by the Executive Leadership Team - February 7, 2018

 

Resource/Reference/Procedure Title Unit Responsibility
Procedure 725.1A Use of Electronic Signatures and Submission Procedures VP Administration and Director of Information Technology Services
Electronic Signatures in Global and National Commerce Act E-Sign Act  
Title IV of the Higher Education Act of 1965 Higher Education Act  
Standards for Electronic Signatures in Electronic Student Loan Transactions US Dept. of Education  
Washington DES Laws, Rules, and Policies website    
Washington OCIO Electronic Signature Guidelines    
Washington OCIO Links to Agency Electronic Signature or Record Policies website    
Washington RCW Title 19, Chapter 19.360    
Copyright 2018 Lower Columbia College | All Rights Reserved.