Apps need to have a comprehensive privacy policy that will protect our staff and student data. The Rubric may update at any time.
This is the current version that Technical Support uses to gauge how well a privacy policy will protect our organization.
Typically, applications or extensions that earn a 4 or higher will be considered. Those earning a score of less than 4 will be denied.
Criteria
Point Value
Comments/Notes
Data Privacy - The Privacy Policy and Terms of Use Policy are both available. The dates of the policy acceptance should be noted.
0.5
Data Privacy - The Privacy Policy states that personal data is not used for commercial purposes. If the data is being used for targeted advertising, direct sales, profile building or profile sharing then the company will fail at this category.
1
Data Ownership - Does the user maintain ownership of personal data?
1
Data Deletion - Can the district and/or parents request the deletion of student data via an online form?
0.5
Data Security - When personal data is transferred over the internet, is the data transfer encrypted?
0.5
Data Security - Does the privacy policy state that personal data is protected against disaster, corruption, loss or destruction?
0.5
Data Retention - Does the privacy policy state that personal information is retained only for as long as it serves an educational (non-commerical) purpose?
0.5
Data Security - Do vendor policies state that the security policies are in place that are reasonably designed to protect personal data against risks such as unauthorized access, use, modification and/or disclosure?
0.5
Other, Non-Scored Factors
Support - Does the vendor offer available support for the product?
Support - Will the product require significant time and resources prior to use or implementation?
Support - Will the product require any integration with data or directory information prior to use or implementation?
Use - What is the primary function for the software or service?
Use - Who is the primary audience for the software or service?