In this article: Background, How to make, How to Design, Request Approval, More info
Background
This article describes electronic signatures at Skagit Valley College. Our Policy is available on the College Website.
This article includes both instructions for making an electronic signature and guidance on how to design a work flow using electronic signatures.
How to make electronic signatures
These three situations use electronic signatures:
- You are the author, and you want to sign the document. For this situation, you have two options:
- Use your phone to photograph your signature, and put that image into your document.
- Convert your document into a PDF, and use Adobe Reader (or Adobe Pro if you have it) to electronically sign the document.
- You are the author, but you want someone else to sign it. For this situation, Skagit Valley College provides SignNow, a specialized signature software. Contact the IT Helpdesk for a license and training so you can create documents and send them to others to sign.
- You need to sign someone else's document. For this situation you have two options:
- Use the tools provided to you by the author. For example, documents from SVC come with a link to SignNow. You need neither a license nor training to sign a document created in SignNow.
- Convert your document into a PDF, and use Adobe Reader (or Adobe Pro if you have it) to electronically sign the document.
How to design a work flow using electronic signatures
Signatures are an important part of administrative work. Use these two steps to convert a paper-based process into an electronic process or to create a new process.
- Design your process based on the requirements and risks. Continue reading below.
- Get approval from the Vice President for Admin Services. After you have reviewed the information below, use the Request Form to get approval for your process.
Overview
An electronic signature is a sound, symbol, or process attached or associated with an electronic record and executed or adopted by a person with the intent to sign the record.
Signatures are used when:
- required by law and/or,
- the significance of a transaction needs to be emphasized, and/or,
- the transaction needs to be bound to a person.
Signatures emphasize one or more of the following four parts:
- the identification and authentication of the signer,
- the intent to sign,
- the association of the signature to the record,
- the authenticity and integrity of the record preserved over time.
Examples of electronic signatures include:
- Click Through or Click Wrap: In this approach, a signer is asked to affirm his or her intent or agreement by clicking a button. The Click Through or Click Wrap approach is commonly used for low risk, low value consumer transactions.
- Personal Identification Number (PIN) or password: When using a PIN or password for an e- signature, a person is required to enter identifying information, which may include an identification number, the person’s name and a "shared secret" such as a PIN and/or password. The system checks that the PIN and/or password is in fact associated with the person accessing the system and "authenticates" the person.
- Digitized Signature: A digitized signature is a graphical image of a handwritten signature. This approach may use specialized hardware or software for additional security.
- Digital Signatures: A "digital signature", is created when the signer uses a private signing key to create a unique mark (called a "signed hash") on an electronic document. The recipient of the document uses the signer's public key to validate the authenticity of the private key and to verify that the document was not altered after signing. • Hybrid Approaches: Hybrid electronic signature solutions are available by combining techniques from various approaches to provide increased security, authentication, record integrity and non-repudiation.
Design steps:
To seek approval for an electronic signature in a transaction, please answer the following 9 questions.
- The new electronic signature: (circle one)
- replaces an existing electronic signature
- replaces an existing hardcopy signature
- establishes a new electronic signature
- Name of Transaction (or name of form):
- Description of transaction (or form)
- Who will be signing, and who will be receiving the signature?
- Why do you need a signature?
- Is a signature required by law? Y or N If yes, give reference.
- Is the signature used to emphasize the significance of the transaction? Y or N
- Is the signature used to bind a person to a transaction? Y or N
- Is the signature used to establish or verify the integrity of information? Y or N
- Is the signature used to ensure that a person cannot later deny the information? Y or N
- If there are other needs for a signature, please list them.
- What is the overall risk of adverse effect for this transaction? (use the worksheet available in the right sidebar 'Files' .) Very low • Low • Moderate • High • Very high
- How will you establish the signature?
- What sound, symbol, or process will be used as a signature on the electronic record?
- How will the process identify and authenticate of the signer?
- How does the process establish the intent to sign?
- How does the process maintain the association of the signature to the record?
- How does the process maintain the authenticity and integrity of the record over time (including consistency with existing document management requirements).
- How will the process provide for printing, downloading, and hardcopy alternatives.
- List the groups of people who will be able to use this process. Describe opt-out procedures and accessible alternatives for people with disabilities.
- Please describe the impact to privacy and consistency with existing policy.
Specific methods for electronic signatures must be approved on a case by case basis by the VP for Administrative Services in consultation with the Director of Information Technology (I.T.) A list of transactions so approved will be kept in the College SharePoint site, under the I.T. Department. Transactions may be approved for electronic signatures based on the following five factors:
- An analysis of the need for signatures.
- An analysis of the risks inherent in the process.
- A description of the processes and methods proposed.
- A list of specific groups or people that can or cannot use the process and alternative opt-out procedures.
- A description of the impact to privacy and consistency with existing privacy policy.
Related services
If you need assistance with this topic, please call or write to Andy Heiser at andy.heiser@skagit.edu