Current through Register Vol. 35, No. 18, September 24, 2024
For purposes of this part, all terms defined in the Uniform
Electronic Transactions Act, Section
14-16-1 et seq. NMSA 1978 have the
meaning set forth in statute. Additionally, the following terms shall have the
following meanings:
A.
Definitions beginning with the letter "A":
(1)
"Agency" means the state of
New Mexico or any of its branches, agencies, departments, boards,
instrumentalities, or institutions.
(2)
"Agency head" means the
individual, or their proper designee, statutorily authorized to bind the
state.
(3)
"Award
process" means when the final individual or their proper designee signs
a document that statutorily binds the entity including the state or local
public body to any contract, amendment or change order when performing
procurements subject to the Procurement Code.
(4)
"Authenticate" refer to
Electronic Authentication of Documents Act, Subsection A of Section
14-15-3
NMSA 1978.
B.
Definitions beginning with the letter "B": [RESERVED].
C.
Definitions beginning with the
letter "C":
(1)
"Contract"
means any agreement for the procurement of items of tangible personal
property, services or construction.
(2)
"Contractor" as defined in
Section
13-1-43
NMSA 1978 means any business having a contract with a state agency.
(3)
"CRS number" means the New
Mexico tax identification number issued by the New Mexico taxation and revenue
department that is used for reporting gross receipts, compensating, and
withholding tax.
(4)
"Cyber
Threat" means a potential circumstance, entity or event capable of
exploiting vulnerability and causing harm. Threats can come from natural
causes, human actions, or environmental conditions. A threat does not present a
risk when there is no vulnerability. Vulnerability is a weakness that can be
accidentally triggered or intentionally exploited.
D.
Definitions beginning with the
letter "D":
(1)
"Department" means the general services department.
(2)
"Digital signature" means
any electronic signature that can be used to authenticate the identity of the
sender of or signer of a document, and may also ensure that the content of the
sent document is unaltered.
(3)
"Digitized signature" means a graphical image of a handwritten
signature.
(4)
"Document" means an identifiable collection of words, letters or
graphical knowledge representations, regardless of the mode of representation.
For purposes of this rule, "document" may include, but is not limited to
correspondence, agreements, contracts, amendments, change orders, invoices,
reports, certifications, maps, drawings and images in both electronic and hard
copy.
E.
Definitions beginning with the letter "E":
(1)
"Electronic" includes
electric, digital, magnetic, optical, electronic or similar medium.
(2)
"Electronic authentication"
means the electronic signing of a document that establishes a verifiable link
between the originator of a document and the document by means of optical,
electrical, digital, magnetic, electromagnetic, wireless, telephonic,
biological, a public key and private key system or other technology providing
similar capabilities.
(3)
"Electronic record" means a record created, generated, sent,
communicated, received or stored by electronic means.
(4)
"Electronic signature" means
an electronic sound, symbol or process attached to or logically associated with
a record and executed or adopted by a person with the intent to sign the
record. Refer to Uniform Electronic Transactions Act, Paragraph (8) of Section
14-16-2
NMSA 1978.
F.
Definitions beginning with the letter "F": [RESERVED].
G.
Definitions beginning with the
letter "G":
"Governmental agency" means an executive,
legislative or judicial agency, department, board, commission, authority,
institution or instrumentality of the federal government or of a state or of a
county, municipality or other political subdivision of a state.
H.
Definitions beginning with the
letter "H": [RESERVED].
I.
Definitions beginning with the letter "I":
(1)
"Identification" means the
process of verifying and associating attributes with a particular person
designated by an identifier for needed levels of signature authority.
(2)
"Identity" means the unique
name of an individual person, and any associated attributes; the set of the
properties of a person that allows the person to be distinguished from other
persons.
(3)
"Information"
means data, text, images, sounds, codes, computer programs, software,
databases or the like.
(4)
"Integrity" means a state in which information has remained unaltered
from the point it was produced by a source, during transmission, storage and
eventual receipt by the destination.
(5)
"Intent to sign" means the
intent of a person that a sound, symbol or process is applied to a record in
order to have a legally binding effect.
J.
Definitions beginning with the
letter "J": [RESERVED].
K.
Definitions beginning with the letter "K": [RESERVED].
L.
Definitions beginning with the
letter "L":
"Level of assurance" means the level of
authentication assurance that describes the degree of certainty that a user has
presented an identifier that refers to her identity.
M.
Definitions beginning with the
letter "M":
"Method" means a particular way of doing
something, a means, process or manner of procedure, especially a regular and
systematic way of accomplishing something and an orderly arrangement of steps
to accomplish an end.
N.
Definitions beginning with the letter "N": [RESERVED].
O
Definitions beginning with the letter
"O""Originator" means the person who signs a document
electronically .
P.
Definitions beginning with the letter "P":
(1)
"Password" means a secret
word or string of characters that is used for authentication, to prove identity
or to gain access to a record or resource. Passwords are typically character
strings.
(2)
"PDF" or
"portable document format" refers to a file format used to present documents in
a manner independent of application software, hardware, and operating systems.
A PDF file encapsulates a complete description of a fixed-layout flat document,
including the text, fonts, graphics, and other information needed to display
it.
(3)
"Person" means
an individual, corporation, business trust, estate, trust, partnership, limited
liability company, association, joint venture, governmental agency, public
corporation or any other legal or commercial entity.
(4)
"Personal identification number
(PIN) means a shared secret a person accessing a government
organization's electronic application is requested to enter, such as a password
or PIN. The system checks that password or PIN against data in a database to
ensure its correctness and thereby "authenticates" the user.
(5)
"Private key" means the code
or alphanumeric sequence used to encode an electronic authentication and which
is known only to its owner. The private key is the part of a key pair used to
create an electronic authentication.
(6)
"Public key" means the code
or alphanumeric sequence used to decode an electronic authentication. The
public key is the part of a key pair used to verify an electronic
authentication.
(7)
"Public/private key system" means the hardware, software, and
firmware that are provided by a vendor for:
(a) the generation of public/private key
pairs;
(b) the record abstraction
by means of a secure hash code;
(c)
the encoding of the signature block and the record abstraction or the entire
record;
(d) the decoding of the
signature block and the record abstraction or the entire record; and
(e) the verification of the integrity of the
received record.
Q.
Definitions beginning with the
letter "Q": [RESERVED].
R.
Definitions beginning with the letter "R":
(1)
"Reason for signing" means
the purpose statement of a person with regard to a document or electronic
record that is affirmed by signing the document or record. The reason for
signing should be distinguished from the intent to sign.
(2)
"Record" means information
that is inscribed on a tangible medium or that is stored in an electronic or
other medium and is retrievable in a perceivable form.
(3)
"Record abstraction" means a
condensed representation of a document, which condensation is prepared by use
of a secure hash code; it is also known as a message digest.
(4)
"Regulation" as defined by
Section
13-1-80
NMSA 1978 means any rule, order, or statement of policy, including amendments
thereto and repeals thereof, issued by a state agency or a local public body to
affects persons not members or employees of the issuer.
(5)
"Repudiate" and
"non-repudiation" refer to the acts of denying or proving the
origin of a document from its sender, and to the acts of denying or proving the
receipt of a document by its recipient. The burden of proof is with the person
challenging the authenticity of the signature.
S.
Definitions beginning with the
letter "S":
(1)
"Secretary" means the secretary of the general services
department.
(2)
"Security" shall mean either low, moderate or high risk
transaction for any electronic form of signature, as defined in
1.12.7.15
NMAC. The level of security (low, moderate and high) is determined by the
analysis of the likelihood of a successful challenge to the enforceability of a
signature and the analysis of the cost or impact of an unenforceable
signature.
(3)
"Security
procedure" means a procedure employed for the purpose of verifying that
an electronic signature, record or performance is that of a specific person or
for detecting changes or errors in the information in an electronic record. The
term includes a procedure that requires the use of algorithms or other codes,
identifying words or numbers, encryption, callback or other acknowledgment
procedures.
(4)
"Signed" and "signature" means the manual or
electronic signature of an individual or officer who is authorized, delegated,
or required to legally bind a party.
(5)
"Signature block" means the
portion of a document, encoded by the private key, which contains the identity
of the originator and the date and time of the records creation, submittal or
approval.
(6)
"Signing
requirements" means the requirements that must be satisfied to create a
valid and enforceable electronic signature.
(7)
"Sole source" means tangible
personal property, services or construction for which there is only one source
and that source is unique and no other similar items of tangible personal
property, services or construction can meet the intended purpose of the
procurement.
(8)
"State
agency" means any department, agency, commission, council, board,
advisory board, committee, or institution of the state of New Mexico, and does
not include local public bodies.
(9)
"State purchasing agent"
means the director of the purchasing division of the general services
department.
T.
Definitions beginning with the letter "T":
(1)
"Tax and revenue" shall mean
the taxation and revenue department.
(2)
"Transaction" means an
action or set of actions occurring between two or more persons relating to the
conduct of business, commercial affairs or governmental affairs.
(3)
"Transferable record" means
an electronic record that would:
(a) be a note
under Chapter 55, Article 3 NMSA 1978 or a document under Chapter 55, Article 7
NMSA 1978 if the electronic record were in writing; and
(b) the issuer of the electronic record
expressly has agreed is a transferable record.
(4)
"Trusted entity" means an
independent, unbiased third party that contributes to, or provides, important
security assurances that enhance the admissibility, enforceability and
reliability of information in electronic form. In a public/private key system,
a trusted entity registers a digitally signed data structure that binds an
entity's name (or identity) with its public key.