APS 2008 - Electronic Signatures and Transactions

PDF Version

Policy Profile

Policy Title: Electronic Signatures and Transactions
APS Number: 2008
Effective: July 1, 2014
Approved by: President Bruce D. Benson
Responsible University Officer: Vice President, Employee and Information Services
Responsible Office: Office of Information Security 
Policy Contact: Office of Information Security 
Supersedes: Electronic Signatures and Records, June 1, 2008
Last Reviewed/Updated: July 1, 2014
Applies to: University-wide

Policy Snapshot

Brief Description: Sets forth university requirements for electronic signatures and records.

Reason for the Policy:  This policy establishes the preference for using electronic methods for official university business transactions and parameters for use and maintenance of electronic records.

I.  Introduction

This policy establishes the preference for using electronic methods for official university business transactions and parameters for use and maintenance of electronic records.

This policy applies to all members of the University of Colorado community (such as employees, affiliate staff, associates, and students) and governs all uses of electronic signatures and electronic records used to conduct official University business.

II.  Policy Statement

  1. University administrative processes shall provide for the use of electronic transactions to conduct official university business whenever possible.  If a law prohibits a transaction from occurring electronically, the transaction must occur in the manner specified by law.
  2. Electronic Signatures and Electronic Records​
    1. Where policies, laws, regulations and rules require a signature, that requirement is met if the document contains an electronic signature.
    2. If a law requires an electronic signature to contain specific elements, the electronic signature must contain those elements.
    3. Where policies, laws, regulations and rules require a written document, that requirement is met if the document is an electronic record.
    4. Where required by law, each party to a transaction must agree to conduct the transaction electronically in order for the electronic transaction to be valid. Consent may be implied from the circumstances.
  3. Review of Electronic Transaction Processes
    1. Data owners shall:
      1. Promulgate procedures for use of electronic transactions in administrative processes.
      2. Consult with University Counsel and the appropriate IT security officer to identify requirements for assurance and trustworthiness of transactions.
      3. Submit procedures to the Office of Policy and Efficiency (www.cu.edu/ope) for publication with this policy.  Procedures shall address:
        • securing electronic transactions and documents for the required retention period
        • accessibility
        • means of attribution for individuals involved in the transaction
        • archiving, integrity, and privacy of transaction records and documents
  4. Maintenance of Electronic Records
    1. If a law requires that a record be retained or retained in its original form, an electronic record of the information is sufficient if it accurately reflects the information in the original record and remains accessible for later reference.
    2. The University shall keep official records in digital formats to ensure that electronic transaction records are retrievable throughout the required retention period (APS 2006-Retention of University Records​).

III.  Definitions

Italicized terms used in this Administrative Policy Statement are defined in the Administrative Policy Statement Glossary.

IV.  Procedures, Forms, Guidelines and Resources

  1. Policies
    1. 2006-Retention of University Records
    2. 6010-Data Governance
  2. Procedures
    1. Procedures for Electronic Signatures in Electronic Student Loan Transactions
  3. Other Resources (i.e. training, secondary contact information)
    1. Colorado Revised Statute 24-71.3-101, Uniform Electronic Transaction Act
    2. 18 U.S.C. 2510, Electronic Communications Privacy Act

V.  History

  • Initial Policy approved June 1, 2008
  • Revised on July 1, 2014 

VI. Key Words

electronic signature, electronic record, record retention