What Data Privacy and Security Practices are Followed?

What Data Privacy and Security Practices are Followed?

Data Privacy

Veracity adheres to the EU-U.S. Data Privacy Framework to help satisfy GDPR requirements and maintain an annual certification. Please review our online privacy policy (https://veracity.it/privacy-policy) for more information about what is covered, what information we collect, and your rights to access and transfer your personal data. You can view our certification for the Privacy Shield Principles and Program here: https://www.dataprivacyframework.gov/list.  

Information Security Practices

The LRS is currently available in an approved FEDRAMP environment and has been granted an Authority to Operate (ATO) in several other DoD environments. The Veracity team has several staff members that maintain a Security+ certification and follow a Written Information Security Program (WISP). We also employ 3rd party annual vulnerability pen testing.

Security and compliance is a shared responsibility between Veracity and the cloud service providers used for Veracity Learning. AWS manages the security of the cloud, MongoDB Atlas manages the security of the database, and Veracity manages Veracity Learning’s application security. The AWS cloud infrastructure that hosts the Veracity Learning SaaS product and the MongoDB Atlas cloud infrastructure that hosts the databases are both conformant with many security frameworks. 

In order to protect against unforeseen service outages, data that is lost or stolen, and other potential security incidents, Veracity carries Errors & Omissions and Cyber Liability insurance. The E&O coverage applies to professional services and the Cyber Liability applies to a wrongful act or data breach occurring under a data privacy or network security incident.

Veracity’s security artifacts can be provided to customers upon request.


    • Related Articles

    • What are Different Ways xAPI Data Can Flow from an LMS to an LRS?

      Client Side This is the most common case. This is usually the approach taken if you create your content in a commercial authoring tool and export the content to xAPI/TinCan. The content package sends xAPI data directly to the LRS. The content package ...

    • How Do I Send xAPI Data to an LRS?

      How do I send xAPI data to an LRS? If you want to send xAPI to an LRS, then you'll need to give your content or application the proper credentials to store the data in the LRS. You'll need the following: The xAPI Endpoint for the LRS. LRS Credentials ...

    • What xAPI Data is Generated by Articulate Storyline and Rise?

      Veracity customers often ask questions like: “What xAPI data does my authoring tool send to the LRS?” and “What metrics can I track with my authoring tool?" Articulate has two courseware products that emit xAPI statements: Storyline and Rise. Both ...

    • What Types of Metrics and Dashboards Can I Create with Articulate Storyline and Rise xAPI Data?

      What features do Articulate Storyline and Rise offer that make good use cases for the Veracity Learning LRS dashboard to help analyze learning performance metrics? In this article, the star ratings show the degree to which Articulate offers xAPI to ...

    • What Are the Reasons to Use More Than One LRS Instance?

      The Veracity Learning system features a multi-tenancy architecture, which allows users to create more than one LRS database instance. Users can create up to a certain number of separate LRS tenants depending on their plan and account tier. For more ...