Electronic Signature Policy

Effective Date:	November 2, 2021
Supersedes:	Electronic Signature Policy, effective date October 7, 2009
Policy Review Date:	3 years from Effective Date
Issuing Authority:	Research Foundation President
Responsible Party:	Chief Compliance Officer
Contact Information:	518.434.7145 RFCompliance@rfsuny.org

Reason for Policy

Federal (The Electronic Signatures in Global and National Commerce Act) and state law (Electronic Signatures and Records Act) recognizes that an Electronic Signature has legal effect and is enforceable. To increase the efficiency of transactions that require approval or authorization by signature, the Research Foundation supports the use of Electronic Signatures, so long as their use meets legal and security requirements.

Policy

Electronic Signatures may be used to conduct Research Foundation business as provided for by this policy. Electronic Signatures may not be used when an applicable law, regulation, or University policy or process specifically requires a handwritten signature. To the fullest extent allowed by law, the Research Foundation accepts Electronic Signatures as legally binding, unless the individual does not have the Signature Authority to sign the Record or approve the transaction in accordance with the Delegation of Authority Policy.

The Research Foundation supports the use of Electronic Signatures and may, in some instances require Electronic Signatures when conducting Research Foundation Business. However, this policy does not require Electronic Signatures in all instances and does not require Electronic Signature to be adopted.

Electronic Signatures are acceptable in place of a handwritten signature in all Research Foundation transaction where a signature is required except:

in instances in which a non-RF party will not accept an Electronic Signature; or
where applicable law, regulation, policy or process requires a handwritten signature or otherwise does not allow an Electronic Signature.

Types of Electronic Signature and Authentication

All Electronic Signatures must employ a recognized Authentication method at the time of signature. The presence of an Electronic Signature does not mean that the signatory was authorized to sign or approve on behalf of the Research Foundation. As with handwritten signatures, appropriate procedures confirming that the person signing the record has the appropriate authority must be implemented in the same manner as if the signature were handwritten. Methods of Authentication change as technology is modernized and enhanced, so efforts to utilize an up to date method of Authentication are critical to ensuring confidentiality, authenticity, integrity, security, and accessibility of the underlying Document or Record.

It is a violation of this policy:

for an individual to affix a signature of another individual, unless he or she has been granted specific, written or electronic authority by that individual; or
to falsify an Electronic Signature.

Violators of this policy are subject to the RF’s Progressive Discipline Policy

Definitions

Electronic Signature - an electronic sound, symbol, or process, attached to or logically associated with a record or document and executed or adopted by a person with the intent to sign the record or document. Used to authorize or approve the record or document which indicates that a person adopts or agrees to the meaning or content of the record or document or that the individual has the intent to affix a signature to approve the record or document.

Authentication - the assurance that an electronic signature is that of the individual purporting to sign a record or otherwise approving an electronic transaction.

Record or Document - a record created, generated, sent, communicated, received, or stored and signed or approved by electronic means.

Signature Authority - permission given or delegated to an individual to sign a record (electronically or by hand), access specific Research Foundation services, and/or perform certain Research Foundation operations, including executing agreements that bind the Research Foundation, consistent with the Delegation of Authority Policy.

Related Information

Electronic Signature Guideline

Acceptable Use and Security of RF Data and Information Technology Policy

Confidential Information Policy

Electronic Records Management Policy

Guidelines for Protecting Research Foundation Data

New York State Office of Information Technology Services

Federal Electronic Signatures in Global and National Commerce Act

Delegation of Authority Policy

Progressive Discipline Policy

Forms

None.

Change History

Date	Change History
November 2, 2021	Condensed and rewritten to focus on the general principles underlying the policy; specific best practices were moved to a new guideline document.
May 13, 2011	Updated policy executor and responsible party to Mike Bartoletti.
October 7, 2009	New Policy.