§ 25-18-702 - Standards and policies.

25-18-702. Standards and policies.

(a) (1) The Director of the Department of Information Systems shall establish standards and polices governing the use, management, retention, privacy, and security of electronic records of state agencies.

(b) The standards and policies shall address:

(1) The manner and format in which the electronic records must be created, generated, sent, communicated, received, and stored and the systems established for those purposes;

(2) Differing levels of criteria from which state agencies may choose in implementing the most appropriate standard for a particular application;

(3) The use of electronic signatures, including without limitation the type of electronic signature required, the manner and format in which the electronic signature must be affixed to the electronic record, the identification of the author of an electronic record, and the verification or authentication of the signature of the author of an electronic record;

(4) Control processes and procedures as appropriate to ensure adequate preservation, disposition, integrity, security, confidentiality, and auditability of electronic records; and

(5) Any other required attributes for electronic records that are reasonably necessary under the circumstances.

(c) The Director of the Department of Information Systems shall make a monthly report to the Joint Committee on Advanced Communications and Information Technology regarding the status of the development of the standards and policies described in this section.