Policy Search
University Operations – Administrative
| EWU Policy 201-05 | Authority: EWU Board of Trustees |
| Effective: February 20, 2026 | Proponent: Vice President for Business & Strategy |
Purpose: This policy identifies requirements and standards for the use of electronic signatures in conducting Eastern Washington University business. operations.
History: This policy supersedes the previous version dated Mary 12, 2017. It was adopted by the Board of Trustees on February 20, 2026.
Applicability: This policy applies to all uses of electronic signatures for Eastern Washington University business, including administrative, teaching, research, and service operations.
Chapter 1 – General
1.1 Purpose
This policy is intended to promote efficiency, save resources and provide parameters on the use of e-signatures in university transactions.
This policy describes the process for departments to request the use of e-signatures and outlines security measures regarding the use of e-signatures and associated record storage. This policy does not supersede any University information security policies.
1.2 Definitions
“Agreement” is a negotiated and legally binding arrangement between parties as to a course of action.
“Electronic signature (e-signature)” is an electronic sound, symbol, or process attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.
“Electronic Record” is information captured through electronic means, which may or may not have a paper record to back it up.
1.3 E-signatures Authorized
Consistent with Uniform Electronic Transactions Act, electronic signatures are a permissible method of collecting signatures via an electronic document. An electronic signature may be used with the same force and effect as the use of a signature affixed by hand, as long as the electronic signature and the writing conform to the definition in this policy. An e-signature used that is not authorized per the requirements of this policy or is used outside of its limitations may be considered invalid by the University.
Employees must have delegated signature authority in order to execute contracts on behalf of the University.
Chapter 2 – When E-Signatures May Be Used
The University encourages the use of electronic signatures. The type of electronic signature that may be used or accepted by a university department depends on the risk and benefits of such use. When implementing an electronic signature process, departments must identify:
(a) the manner and format in which the electronic records will be created, generated, sent, communicated, received, and stored and the systems established for these purposes;
(b) the type of electronic signature required and the method in which the electronic signature will be affixed to the electronic record (see section 3);
(c) the means for authenticating the identity of a third party;
(d) control processes and procedures to ensure adequate preservation, disposition, integrity, security, confidentiality, and auditability of the electronic records; and,
(e) any other required attributes that are reasonably necessary under the circumstances.
Chapter 3- Authorized E-Signature Methods
3.1 Process for Approving E-signature Methods
There are different methods of e-signatures. Before a department is permitted to use e-signatures, the particular e-signature method must be approved for use by the Risk Manager in consultation with the Chief Information Officer. Before approving an e-signature method, the Risk Manager must assess whether it meets the following criteria:
(a) Identification and Authentication of the Signer: A signature must be the act of the specific person identified in the agreement. If the alleged signer later denies signing, the signature could be unenforceable unless there is proof the alleged signer actually signed the record. The parties relying on the terms of a signed transaction must determine the type of electronic signature that best meets the university’s needs to identify and authenticate a signature based on level of business impact or loss if the alleged signer denies their involvement in the transaction. The signer must also consent, implicitly or explicitly, to use of an electronic signature.
(b) Intent to Sign: The signing process should clearly identify the reason for signing and specify the actions to be taken by the signer to signify intent. To avoid confusion regarding a signer’s intent, any method used must give the signer an opportunity to review the entire document, ensure it contains the same signature elements as it would if it were a paper record, require the signer to indicate assent to the document by clicking an accept or reject button, and record and retain a copy of the date, time and the signer’s indicated intent.
(c) Association of Signature to the Record: The e-signature must be attached to, or associated with the electronic record being signed. The data comprising the e-signature must be saved. It is recommended that the following data be affixed with the e-signature:
- Identify of the signer
- Date and time of the signature, and,
- Method used to sign the record.
Whichever method is used to associate the signature with the document, it is imperative that the university obtain and maintain proof that a specific e-signature was applied to or used in connection with a specific electronic record.
(d) Integrity of the Signed Record: The integrity of the document relies on the ability of the storage process used to protect it from unauthorized persons and natural disasters. Steps must be taken to preserve the accuracy and completeness of the electronic information. Further measures should be taken to ensure no unauthorized alterations are made to the document. This protection is possible through the system that manages the electronic record. This system must ensure that a record, its signature, any associated data or links cannot be tampered with or modified.
3.2 Approved E-signature Methods
The approval of an e-signature method can limit the use of that method to particular electronic records, particular classes of electronic records, or particular university departments or activities.
Some common e-signature methods include:
(a) Click Through or Click Wrap: This method has a signer affirm their intent by clicking a button. Some versions require signers to type their name, some personal identifier or type “I agree” before clicking a button. These types of e-signature should only be used for low-risk, low-value transactions.
(b) Click Through Combined with SSO Authentication: This method requires SSO login to access/complete the agreement. This method is considered adequately secure for agreements where the signing party has an EWU account.
(c) Digitized Signature: This method is an image of a handwritten signature. It is most effective if applied at the time of signing and can be compared to copies of digitized signatures on file. If special software judges the two images comparable, the signature is deemed valid.
(d) Digital Signature Software: this method is created when the signer uses his or her private signing key to create a unique mark on an electronic document through a software application specifically designed for such authentications, such as Docusign or Adobe Acrobat Sign. These methods can be used for external parties who do have an EWU SSO account.
Chapter 4- Preserving Electronic Agreements and Signatures
Records must be adequately stored to protect them from unauthorized access and natural disasters. Departments are responsible for storing e-signature records using methods that adequately protect records from unauthorized access or loss.
