Documentation
HECVAT Full v3.0.6
Policies, Procedures, and Processes
PPPR-07

Question PPPR-07

Will you comply with the institution's IT policies with regards to user privacy and data protection?

Weight25
High RiskYes
RequiredYes
Compliant AnswerYes

Standard Guidance

EDUCAUSE provides no guidance here

Answering "NO"

Summarize why you will not comply with the institution's IT policy with regards to user privacy and data protection.

Answering "YES"

State that you have reviewed the institution's IT policies with regards to user privacy and data protection.

Reason for Question

This is a general inquiry to determine if the vendor has reviewed the institution's policies and is committed to complying with them.

Follow-Up Inquiries

If a vendor is vague in their response, follow up with direct questions about the institution's policies and ensure the expectation of compliance is clear with the vendor.

HECVAT Pro Advice

[Add expert insights and best practices]

Implementation Tips

[Add practical steps for SME SaaS vendors]

FAQ

[Add common questions related to this HECVAT item]

Resources

[Add links to relevant articles or tools]