(1) Where a security procedure has been applied to an electronic record at a specific point in time, the record is deemed to be a secure electronic record during the period when the security procedure was applied.

(2) An unauthorized alteration of the security procedure renders the record invalid.

(3) An alteration is unauthorized if it is done by a person without the lawful authority of the person who originally applied the security procedure.