Exciting enhancements are coming soon to eCode360! Learn more 🡪
City of St. Robert, MO
Pulaski County
By using eCode360 you agree to be legally bound by the Terms of Use. If you do not agree to the Terms of Use, please do not use eCode360.
Table of Contents
Table of Contents
Code
New Laws (0) Index
[Ord. No. 2891 §§1 — 3, 4-5-2016]
The purpose of this policy is to establish requirements for using electronic records and electronic signatures in the transaction of official City business.
[Ord. No. 2891 §§1 — 3, 4-5-2016]
This policy applies to all City employees and governs use of electronic records, signatures and seals used to conduct official City business. Such business shall include, but not be limited to: electronic communications, transactions and other official purposes.
[Ord. No. 2891 §§1 — 3, 4-5-2016]
A. 
The following Federal and State laws give electronic records and signatures the same legal status as paper records and signatures:
1. 
Uniform Electronic Transactions Act (UETA) in Missouri (Sections 432.200 to 432.295, RSMo.) in 2003.
2. 
Electronic Signatures and Global National Commerce Act (E-SIGN) of 2000.
3. 
The State and Local Records Law (Sections 109.200 to 109.310 RSMo.).
4. 
Missouri Sunshine Law (Sections 610.010 to 610.310 RSMo.).
5. 
Missouri Code of State Regulations, Title 20 — Department of Insurance, Financial Institutions, and Professional Registration (20 CSR 2030-3.060. Licensee's Seal).
[Ord. No. 2891 §§1 — 3, 4-5-2016]
A. 
It is the City of St. Robert's policy to:
1. 
Use electronic records and electronic signatures as allowed by law, except where written records or signatures are expressly required; exceptions include:
a. 
Contracts involving the City;
b. 
Court notices and court orders;
c. 
Official court documents, including briefs, pleadings and other writings requiring execution and connection with court proceedings;
d. 
Termination or cancellation of utility services;
e. 
Termination or cancellation of health insurance or life insurance benefits;
f. 
Documents dealing with default, acceleration, repossession, foreclosure, or eviction;
g. 
Negotiable instruments and secured transactions;
h. 
Wills, codicils, and testamentary trusts;
i. 
Product recalls or material product failures that risk endangering health or safety; and
j. 
Documents required by law to accompany transportation or handling of hazardous materials, pesticides, or other toxic or dangerous materials.
2. 
Use electronic seals as allowed by law, as long as they provide the ability to authenticate the document, originator and to verify that it is unaltered.
3. 
Provide reasonable assurance that electronic records, electronic signatures and associated metadata will remain accessible for the full retention.
4. 
Recognize that there is no agreement and no contract in a contractual setting unless all parties agree that an electronic format is acceptable.
5. 
Insurer an electronic transaction occurs in the manner specified by law and contains any specified elements required by law.
[Ord. No. 2891 §§1 — 3, 4-5-2016]
BIOMETRIC SIGNATURE
The automatic identification of a person based on their physical characteristics, such as a thumbprint or retina scan.
BIORHYTHMIC SIGNATURE
The comparison of physical signature characteristics, typically speed and pressure of the signature, to a previously provided and stored sample.
CERTIFICATE
An electronic document attached to a public key by a trusted certificate authority, which provides proof that the public key belongs to a legitimate subscriber and has not been compromised.
CERTIFICATE AUTHORITY (CA)
An entity that issues digital certificates to certify the ownership of a public key by the named subject of the certificate.
COMMON ELECTRONIC SIGNATURES
Any signature method that does not use a specific technology to increase the security, authenticity, or evidentiary value of a signature.
DIGITAL CERTIFICATE
A digital certificate, also known as a public key certificate, can be used to verify that a public key belongs to an individual. It is an electronic document that uses a digital signature to bind together a public key with an identity-information such as the name of a person or an organization, their address, etc.
DIGITAL SIGNATURE
A specific type of electronic signature that employs signer verification and encryption technology to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.
ELECTRONIC
Relates to technology having electrical, digital, magnetic, wireless, optical, electromagnetic or similar capabilities.
ELECTRONIC RECORD
Any information that is recorded in a form that only a computer can process and that satisfies the operative definition of "record."
ELECTRONIC SIGNATURE
Any electronic method of signing a computer-processible record.
HOLOGRAPHIC SIGNATURE
A physical likeness of an individual signature applied electronically and bound to the content via cryptographic technology.
INTEGRITY
The integrity of a record refers to its being complete and unaltered.
METADATA
Data about the data; the description of the data resources, its characteristics, location, usage, etc. Metadata is used to identify, describe and define user data.
PUBLIC KEY INFRASTRUCTURE (PKI)
PKI supports the application of digital signature technology. It is a set of hardware, software, people, policies and procedures needed to create, manage, distribute, use, store and revoke digital certificates.
RECORD
Any document, book, paper, photograph, map, sound recording or other material, regardless of physical form or characteristics, made or received pursuant to law or in connection with the transaction of official business (Section 109.210.5 RSMo.).
RECORDS RETENTION SCHEDULE
A listing and description of the record series maintained by all or part of an organization, prescribing the period of time that each series is to be maintained after no longer needed for current business.
RETENTION PERIOD
The length of time a record series is to be kept after no longer needed for current business.
TRANSACTION
An action or set of actions occurring between two (2) or more persons relating to the conduct of business, commercial or governmental affairs.
[Ord. No. 2891 §§1 — 3, 4-5-2016]
A. 
Any person or entity using electronic records and signatures to conduct official City business shall:
1. 
Only use electronic signatures for appropriate business purposes;
2. 
Adhere to requirements set forth by the City of St. Robert;
3. 
Protect and not disclose or make available their digital signature, private key or password to other persons;
4. 
Comply with requirements of professional governing boards with regards to electronic signatures, electronic seals and electronic notarizations; and
5. 
Report any suspected or fraudulent use of signatures immediately.
B. 
The Department of Information Technologies (IT) is responsible for establishing and managing a Public Key Infrastructure (PKI) and corresponding procedures.
A. 
The following electronic signature technologies are recognized by the City of St. Robert:
1. 
Common electronic signatures such as:
a. 
A digital image of a handwritten signature.
b. 
A password or PIN (Personal Identification Number).
c. 
A click-through signature method accepting what is being stated onscreen.
d. 
A mark or symbol indicating intent to sign, such as /s/, indicating intent to sign.
2. 
Secure Electronic Signatures, such as:
a. 
Cryptography.
b. 
Biorhythmic signature.
c. 
Biometric signature.
d. 
Holographic signature.
3. 
Digital signatures, which provide additional assurances and security and linking an electronic document with the sign or through the use of a PKI.
B. 
How to choose an electronic signature:
1. 
Be familiar with the City's policy and procedures for using electronic signatures, including the Electronic Records and Signature Policy.
2. 
Understand when electronic signatures cannot be used (see Section 155.040(A)(1) for a complete list of exceptions).
3. 
Do a cost-benefit analysis to evaluate current business processes to determine if electronic signature technology is required.
4. 
Do a risk assessment to help decide whether electronic signatures are feasible and, if so, what type of electronic signature is needed.
a. 
Select the appropriate assurance level based on the confidence level that is required to validate the asserted identity of the electronic signature.
b. 
Determine the level of metadata required to validate the electronic signature.
5. 
Consult with the IT Department for technical questions and for assistance in choosing the right PKI digital signature technology, if needed.
6. 
Always protect and do not disclose or make available a digital signature private key or password to others.
7. 
Notify the IT Department when individual or entities are no longer authorized to conduct electronic business so that IT can maintain accurate revocation information.
8. 
Document electronic signature processes and coordinate them with Records and Information Management (RIM) and IT Department policies and procedures.
C. 
Retain electronically signed records and associated metadata according to approved records retention schedules.
1. 
Electronically signed records must contain the following minimum information so the entire record and associated metadata can be reproduced in an arrangement that permits the person viewing or printing it to verify:
a. 
Document type (for example, MS Word 2010);
b. 
The contents of the electronic record;
c. 
The method used to sign the electronic record, if applicable;
d. 
The person(s) signing the electronic record; and
e. 
The date when the signature was executed.
2. 
The IT Department shall maintain the following PKI metadata and a separate database;
a. 
Certificate revocation information; and
b. 
All versions of the certification practices statements.
[Ord. No. 2891 §§1 — 3, 4-5-2016]
A. 
Missouri Records Retention Policy.
B. 
Uniform Electronic Transactions Act (UETA) in Missouri (Sections 432.200 to 432.295 RSMo.) in 2003.
C. 
Electronic Signatures and Global National Commerce Act (E-SIGN) of 2000.
D. 
The State and Local Records Law (Sections 109.200 to 109.310 RSMo.).
E. 
Missouri Sunshine Law (Sections 610.010 to 610.310 RSMo.).
F. 
Missouri Code of State Regulations, Title 20 - Department Of Insurance, Financial Institutions, and Professional Registration (20 CSR 2030-3.060. Licensee's Seal).
[Ord. No. 2891 §§1 — 3, 4-5-2016]
A. 
This policy is approved for use as indicated by the approval of the Board of Aldermen and the signature of the Interim City Administrator below.
B. 
Once approved for use, this policy is effective as of 12:01 a.m. on the date signed (4-12-2016).