LTI Questions
1. What data is to be transmitted and stored. Is personal information included (note: that student email addresses are considered to be personal information).
2. Where does this company store the data that’s uploaded? (If it’s outside of Canada, Sec. 30.1 of Canada's FIPPA act will apply. In practical terms, this most often means that informed consent is required from the student or employees.)
3. Who owns that data?
4. What are their privacy policies?
5. What kind of data security precautions are in place? In other words how capable are they of monitoring and safeguarding the integrity of the data? Do they run periodic audits? Are their servers secure? What kind of ‘firewalls’ do they have to prevent hacking?