Home»Security, Compliance & Accessibility Statement
  • Printer Friendly Version
  • Decrease Text SizeIncrease Text Size

Security, Compliance & Accessibility Statement

HECVAT Version 4 Alignment & Accessibility Conformance

We are committed to maintaining rigorous standards for information security, data protection, and digital accessibility in alignment with the expectations of higher education institutions, government entities, and regulated organizations.

Our organization supports institutional due diligence and procurement processes by aligning with the Higher Education Community Vendor Assessment Toolkit (HECVAT), Version 4, and by maintaining documentation related to accessibility conformance through a Voluntary Product Accessibility Template (VPAT) and corresponding Accessibility Conformance Report (ACR).

HECVAT Version 4 Compliance Alignment

We maintain administrative, technical, and physical safeguards consistent with the control domains evaluated within HECVAT Version 4. Upon request, we will provide a completed HECVAT questionnaire to support institutional risk assessment and vendor review processes.

Security and Compliance Coverage Includes:
Data Protection & Encryption
Encryption of data in transit using industry-standard protocols (e.g., TLS 1.2+)
Encryption of data at rest where applicable
Secure key management practices
Identity & Access Management
Role-based access control (RBAC)
Authentication and authorization controls
Least-privilege access principles
Application & Infrastructure Security
Secure development lifecycle practices
Vulnerability management and remediation processes
Infrastructure hardening and monitoring
Incident Response & Breach Notification
Documented incident response procedures
Defined escalation and notification protocols
Alignment with applicable breach notification requirements
Data Governance & Privacy
Data classification and handling policies
Data retention and disposal procedures
Support for institutional data governance requirements
Third-Party Risk Management
Evaluation and oversight of subprocessors and vendors
Contractual and operational safeguards
Compliance & Risk Management
Alignment with recognized industry frameworks and best practices
Support for audits, assessments, and customer due diligence

We recognize that HECVAT serves as a standardized mechanism for evaluating vendor risk within higher education and are committed to transparency and completeness in our responses.

Accessibility Conformance (VPAT / ACR)

We are committed to providing digital products and services that are accessible to all users, including individuals with disabilities, in accordance with applicable laws and recognized standards.

We will provide a Voluntary Product Accessibility Template (VPAT) and associated Accessibility Conformance Report (ACR) upon request, detailing the degree of conformance of our platform.

Standards Addressed:
Web Content Accessibility Guidelines (WCAG) 2.1 / 2.2 (Level A and AA)
Section 508 of the Rehabilitation Act (29 U.S.C. § 794d)
EN 301 549 (European Union Accessibility Requirements)
Accessibility Features and Functional Capabilities

Our platform is designed and evaluated with accessibility considerations incorporated into core functionality.

User Interface & Visual Accessibility
Conformance with color contrast requirements
Support for scalable text and responsive layouts
Visual clarity and consistent interface presentation
Keyboard Accessibility
Full operability via keyboard navigation
Logical focus order and visible focus indicators
Accessible navigation structures
Assistive Technology Compatibility
Semantic markup supporting screen reader interpretation
Implementation of ARIA attributes where appropriate
Compatibility with commonly used assistive technologies (e.g., JAWS, NVDA, VoiceOver)
Forms and Input Controls
Programmatically associated labels and instructions
Accessible error identification and messaging
Predictable and consistent form interactions
Media Accessibility
Support for captions, transcripts, and alternative text
Accessible handling of embedded and uploaded content
Cognitive and Usability Considerations
Consistent navigation and interaction patterns
Clear labeling and instructional content
Reduction of unnecessary complexity in workflows
Ongoing Compliance and Accessibility Program

We maintain an ongoing program to support continuous improvement in both security and accessibility.

This includes:

Periodic internal reviews and testing
Integration of accessibility and security into development processes
Monitoring of evolving regulatory and standards requirements
Remediation of identified issues within reasonable timeframes
Support for customer-led audits and compliance validation efforts

Accessibility and security are treated as continuous obligations and are incorporated into our product lifecycle.

Regulatory and Institutional Importance
Institutional Compliance Support

Our alignment with HECVAT and accessibility standards supports:

Institutional compliance with ADA, Section 508, and related regulations
Standardized vendor risk assessment and procurement workflows
Reduced administrative burden during security and accessibility reviews
User Impact

Our approach ensures:

Equitable access to digital services
Improved usability across diverse user populations
Inclusive design that benefits all users
Documentation Availability

Upon request, we will provide:

Completed HECVAT Version 4 Questionnaire
Voluntary Product Accessibility Template (VPAT)
Accessibility Conformance Report (ACR)
Supporting documentation related to security, privacy, and compliance practices

To request documentation or initiate a compliance review, please contact us directly.