ISC Policy 14.00: Electronic and Digital Signatures
The manner and format by which electronic and digital signatures will be used in state government will be compliant with State law and compatible with industry standards and best practices.
Electronic and digital signatures are now broadly used throughout state government. The technologies to support electronic and digital signatures are integrated into a large number of the state’s information systems. While Strategic Technology Solutions (STS) provides key infrastructure necessary to support the use of electronic and digital signatures, this technology has become a standard functionality integrated within a wide variety of departmental systems.
Electronic signature – an electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record. Examples of an electronic signature are: a name at the end of an email, clicking a button or downloading content to indicate acceptance of a transaction or certain terms and conditions.
Digital signature – a specific type of electronic signature that relies on the technology of cryptography to authenticate the signer’s identity and ensure the integrity of the signed document. A digital signature is bound to the document being signed using a mathematical algorithm such that any modification of the document after it is signed can be detected. (Note: The term document as applied in this policy is used interchangeably with terms such as electronic document, record or transaction.)
Tennessee Code Annotated, Section 4-3-5501, effective May 10, 1994.
Tennessee Code Annotated, Section 47-10-118, effective April 11, 2001. Uniform Electronic Transactions Act (UETA).
OBJECTIVES:
1. Ensure the use of electronic and digital signatures meets all state and federal requirements from a legal perspective and meets the agency’s risk tolerance for the intended use.
2. Ensure the information technology used for electronic and digital signatures meets state and federal security requirements regarding the data.
This policy applies to the use of electronic and digital signatures by state departments and agencies.
Strategic Technology Solutions (STS)
1. Provide a cost-effective technology tool and infrastructure that agencies may choose to utilize for their electronic and digital signature needs.
2. Provide management and technical consulting to state agencies in planning for and utilizing electronic and digital signature technologies.
Agency
1. Establish agency policies, standards, procedures, and/or guidelines as necessary pertaining to the implementation of electronic and digital signatures to ensure compliance with state and federal legal requirements, documentation of the agency’s risk tolerance, and state and federal security requirements.
2. Educate users on the policies, standards, procedures, and/or guidelines as applicable related to the use of electronic and digital signatures.
3. Provide for agency administrative review of the policies, standards, procedures, and/or guidelines as applicable in light of technical, procedural, or statutory changes that may occur in the use of electronic and digital signatures.
Individual Users/Clients
Adhere to statewide and agency policies, standards, procedures, and/or guidelines pertaining to the implementation of electronic and digital signatures.
12/01/2022 – Approved by the Information Systems Council