4:018 Acceptance of Electronic Signatures
Austin Peay State University |
Acceptance of Electronic Signatures |
|||||||
POLICIES |
|
Policy Statement
The intent of this policy is to allow for e-signature use and the acceptance of system, faxed, emailed, and scanned signatures at APSU by means of methods that are practical, secure, and balance risk and cost. It is not the intent of this policy to eliminate all risk but rather to provide a process that gives parties assurance that appropriate analysis was completed prior to implementation of e-signature or the acceptance of system, faxed, emailed, and scanned signatures, and that the level of user authentication used is reasonable for the type of transaction conducted.
Purpose
To establish protocol for the conducting of paperless transactions and approvals through reliance upon verifiable electronic signatures.
Content
Definitions
-Authentication
-Credential
-Electronic Record
-Electronic Signature
-Transaction
Procedures
-General Procedures
-System/Faxed/Emailed/Scanned Signatures
-Online Approvals
Definitions
Procedures
E-signatures may be implemented using various methodologies depending on the risks associated with the transaction. Examples of transaction risks include: fraud, non-repudiation, and financial loss. The quality and security of the e-signature method should be commensurate with the risk and needed assurance of the authenticity of the signer. Authentication is a way to ensure that the user who attempts to perform the function of an electronic signature is in fact who they say they are and is authorized to "sign". An e-signature may be accepted in all situations if requirement of a signature/approval
is stated or implied. This policy does not supersede situations where laws specifically
require a written signature. This policy cannot limit the right or option to conduct
the transaction on paper or in non-electronic form and the right to have documents
provided or made available on paper at no charge. The e-signature must be protected
by reasonable security measures as applicable to established computer functions of
the University. |
|
The electronic process expedites obtaining required contractual information. A system, faxed, scanned, or emailed signature shall be considered just as valid as an original written signature except when an actual original signature is required by state or federal law; when the system, faxed, scanned, or emailed signature cannot be verified; or when the other party desires original signatures. In order to accept a system, faxed, scanned, or emailed signature in lieu of an original written signature, the authenticity of such system, faxed, scanned, or emailed signature must be verified by the receiving party. Such means of verification shall include:
Furthermore, in order for a system, faxed, scanned, or emailed signature to be considered
valid, both parties must agree that a system, faxed, scanned, or emailed signature,
or a copy of the same (including an electronic copy) may be used for any and all purposes
for which the original signature may have been used. |
|
Online approval expedites obtaining required approvals for internal processes and can be established by contract with other parties. Online approvals shall be accepted as valid when the online process requires authentication such as user name and password. As appropriate, online approval systems should implement technologies in alignment with industry best practices including secure data transmission standards, password expiration and complexity policies, etc. |
Revision Dates
APSU Policy 4:018 (previously 1:019) - Rev.: March 25, 2017
APSU Policy 4:018 – Issued: November 18, 2015
Subject Areas:
Academic | Finance | General | Human Resources |
Information Technology |
Student Affairs |
X | X |
Approved
President: signature on file