MINES’ POLICY LIBRARY
Policies and Procedures by Subject
Electronic Signature and Electronic Records Policy
Responsible Administrative Unit: Legal Services
Policy Contact: CSM-Legal@mines.edu
1.0 BACKGROUND AND PURPOSE
Use of electronic signatures increase efficiency of various internal and external transactions that require signature or authorization. This policy establishes and governs the process for using electronic signatures and authorizations for official Colorado School of Mines (“Mines”) business transactions, as well as the standards for use, maintenance, and retention of Electronic Signatures and Electronic Records.This policy applies to all members of the Mines community.
Mines permits the use of Electronic Signatures for both External and Internal Transactions to conduct the official business of Mines in accordance with the procedures set forth below.
2.1: Where Mines’ policies, or applicable laws, regulations, and rules require a signature, that requirement is met if the document contains an Electronic Signature by an Authorized Signatory.
2.2: Where Mines’ policies, or applicable laws, regulations and rules require a written document, that requirement is met if the document is an Electronic Record.
2.3: If a law or regulation prohibits a transaction from occurring electronically, the transaction must occur in the manner specified by that law or regulation.
2.4: This Policy shall be construed in a manner consistent with the Colorado Uniform Electronic Transactions Act. If there is a conflict between the law and its regulations and this policy, the law or regulation shall control.
3.1 External Transactions
3.1.1. Electronic Signatures utilized in connection with an External Transaction must be generated and received through an Approved Electronic Signature Mechanism (e.g., Mines’ Contracts and Research System (CRS)).
3.1.2. Each party to an External Transaction must agree to conduct the transaction electronically. Agreement may be implied from the circumstances.
3.1.3. Only an Authorized Signatory may execute an External Transaction on behalf of Mines.
3.1.4. The Authorized Signatory shall not allow any person other than themselves to provide an Electronic Signature to any document.
3.2 Internal Transactions
Electronic Signatures utilized in connection with an Internal Transaction must be generated and received through an Approved Electronic Signature Mechanism.
3.3 Maintenance of Electronic Records–Record Keeping
3.3.1. All Electronic Records shall be retained pursuant to the Colorado Records Retention Schedule for Higher Education and must remain accessible throughout the retention period.
3.3.2. All records associated with the official file of all External and Internal Transactions shall be saved in one format,either in an electronic format and retained as Electronic Records, or in a paper or hard copy format and retained as paper records, depending on the primary method of document retention established by the Department responsible for retaining the official file. The official file cannot be a mix of both formats, and all official files must be stored in the same format.
3.4 Identification of Approved Electronic Signature Mechanism
3.4.1. Legal Services, in consultation with CCIT, will review and authorize the use of software applications, systems, and processes to facilitate the use of Electronic Signatures in both Internal and External Transactions. Legal Services and CCIT will assist Mines’ employees and departments in identifying and implementing Approved Electronic Signature Mechanisms appropriate for accomplishing Electronic Signatures by evaluating whether a proposed mechanism meets any applicable Trustworthiness, technical and security requirements commensurate to the risks of fraud, nonrepudiation and financial loss associated with a given transaction. A list of existing Approved Electronic Signature Mechanisms is available on the Legal Services website (https://legal.mines.edu/contracts/).
3.4.2. Mines’ employees or departments may request that Legal Services and CCIT review any additional software applications, systems and processes used to generate and receive Electronic Signatures by submitting an e-mail request to CSM-Legal@mines.edu. Requests should include a full explanation of the proposed electronic signature mechanism to allow for evaluation of any applicable Trustworthiness, technical and security requirements. Upon review, Legal Services will authorize the use of the proposed electronic signature mechanism or, if possible, assist the requestor in identifying an alternative electronic signature mechanism appropriate to facilitate a given transaction.Note that Approved Electronic Signature Mechanisms requiring purchase or implementation of new software are subject to Procurement Rules, Fiscal Policies,and the CCIT project management process.
All Mines’ employees shall comply with the policy or be subject to discipline under their respective employment handbook, code of conduct, or policies.
5.0 HISTORY & REVIEW CYCLE
Issued June 1, 2017. This policy will be reviewed at least every 2 years by the Responsible Administrative Unit.
6.1 Authorized Signatory: a Mines’ employee who has been delegated, pursuant to policies promulgated by the Board of Trustees for the Colorado School of Mines, the authority to legally bind Mines to the terms of an External Transaction.
6.2 Approved Electronic Signature Mechanism: a software application, system and process approved for Electronic Signatures to ensure a level of Trustworthiness appropriate for the transaction.
6.3 Electronic Record: a record created, generated, sent, communicated, received, or stored in an electronic or computerized format.
6.4 Electronic Signature: a computer data compilation of any symbol or series of symbols, and specifically including an electronic script signature, associated with a record that is executed, adopted, or authorized by an individual and intended to be the legally binding equivalent of the individual’s handwritten signature. Scanned, copied, or facsimiles of documents containing a handwritten signature shall not be considered Electronic Signatures.
6.5 External Transaction: any legally binding agreement or contract between Mines and an individual, entity, business, or government agency.
6.6 Internal Transaction: any internal work-flow or approval process that require a signature or approval on a Mines form, document, memo, or other similar format to indicate an individual’s agreement or compliance with the language or terms contained therein.
6.7 Trustworthiness: an Electronic Record containing an Electronic Signature generated with authentication, integrity, and nonrepudiation.
Colorado Uniform Electronic Transactions Act, C.R.S. §§ 24-71.3-101 to 121
Colorado Rules Regarding Electronic Transactions by Colorado Governmental Agencies, 8 CCR 1501-9
Colorado Records Retention Schedule for Higher Education