Created May 29, 2020
Table of Contents
This Electronic Signatures Policy (“Policy”) identifies the requirements for the use of electronic signatures related to University business.
An “electronic signature” means an electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record. This includes, but is not limited to, typing one’s name, clicking that they agree, indicating by reply email (while logged in with an eID, for example) their intent.
An “authentication” means assurance that an electronic signature is that of the individual purporting to sign a record or otherwise approving an electronic transaction.
“Signature authority” means that permission has been given or delegated to an individual to sign a record executing agreements that bind the University. For the University, delegated signature authorities are set out in the President’s letter linked at PPM 3070, University Contracts.
“Approved electronic signature method” includes the following:
- A current student or employee at Kansas State University may provide their electronic signature while signed in with their eID. Students may use electronic signatures to authorize all designated internal records and transactions, as may be allowed by University policies and/or procedures. Employees may use electronic signatures to authorize all designated internal University records, including but not limited to employment-related documents, as may be allowed by University policies and/or procedures;
- Applicants for employment at the University may provide an electronic signature during the application process and for any hiring documents after logging in with the email/username and password they create to start the application process;
- Prospective students/applicants may provide an electronic signature during the application process and any registration processes as directed within the applicable process;
- Any person conducting business with or on behalf of the University may provide an electronic signature through a method which allows for authentication of the identity of the signatory; and
- Any person conducting business with or on behalf of the University may provide an electronic signature by applying a scanned or other electronic identical replica of their handwritten signature.
- To the fullest extent permitted by law, the University accepts electronic signatures as legally binding.
- The University supports and may require the use of electronic signatures when conducting University business. The University may, at its sole discretion, elect to not conduct business electronically with any party or in any transaction.
- By providing an electronic signature, the person providing the electronic signature (and/or the entity which they represent) agrees to conduct the contract or other transaction by electronic means and/or with electronic signature(s).
- All electronic signatures must utilize an approved electronic signature method. The University accepts electronic signatures as binding signatures in University transactions, except:
- in instances in which the other contracting party expressly will not accept an electronic signature;
- where applicable law, regulation, or University policy or process requires a handwritten signature or otherwise does not allow an electronic signature;
- if the University has elected not to conduct the transaction with electronic signatures, as permitted above; or
- the University, through its CIO or CISO has disqualified electronic signatures for a particular purpose or based on a particular method.
- An electronic signature binding the University may be voided by the University (and/or may lack legal validity) if:
- applicable law, regulation, or University policy or process requires a handwritten signature;
- the electronic signature is not provided in accordance with this Policy; or
- the individual does not have signature authority to sign the record to approve the transaction.
- Use of electronic signatures and/or records is subject to all University Information Technology policies concerning information and access control processes and Information Technology security procedures for adequate preservation, disposition, integrity, secure transmissions, and confidentiality pertaining to University electronic records.
- All signature collection methods must provide a means by which the signature, and if not an identical replica of their handwritten signature then also corresponding tracking to the individual and/or entity, is retrievable in the future, in accordance with Retention of Records Policy, PPM 3090.
- Only University employees with signature authority (i.e., authorized representatives) delegated in accordance with the University Contracts, PPM 3070 policy may sign contracts on behalf of the University, whether in hard copy or electronically.
It is a violation of this Policy:
- for an individual to affix a signature of another individual, unless he or she has been granted specific, written authority by that individual;
- to falsify an electronic signature; or
- to otherwise fail to adhere to the terms in this Policy.
Violations of this Policy will result in consequences commensurate with the offense, up to and including termination of employment, appointment, student status, or other relationships with the University. Individuals may also be subject to criminal prosecution under applicable federal and state laws, as applicable.
If an individual acting on behalf of the University needs assistance in setting up an electronic please contact the K-State Helpdesk at firstname.lastname@example.org. If an individual acting on behalf of the University has questions about whether the use of an electronic signature is appropriate and secure given the circumstances, the individual should consult with the Chief Information Security Officer or designee. Other questions concerning this policy should be addressed to Chief Information Security Officer, the Associate Vice President for Financial Services, or the Office of General Counsel, as applicable.