Documentation
HECVAT-onprem-v3.0.5
Policies, Procedures, and Processes
OPPP-05

Question OPPP-05

Will you comply with the institution's IT policies with regard to user privacy and data protection?

Weight20
High RiskNo
RequiredYes
Compliant AnswerYes

Standard Guidance

EDUCAUSE provides no guidance here

Answering "NO"

Summarize why you will not comply with the institution's IT policy with regard to user privacy and data protection.

Answering "YES"

State that you have reviewed the institution's IT policies with regard to user privacy and data protection.

Reason for Question

This is a general inquiry to determine if the vendor has reviewed the institution's policies and is committed to complying with them.

Follow-Up Inquiries

If a vendor is vague in their response, follow-up with direct questions about the institution's policies and ensure the expectation of compliance is clear with the vendor.

HECVAT Pro Advice

[Add expert insights and best practices]

Implementation Tips

[Add practical steps for SME SaaS vendors]

FAQ

[Add common questions related to this HECVAT item]

Resources

[Add links to relevant articles or tools]

OPPP-04OFID-01