Links
About
GoReact is reshaping education by humanizing and accelerating skills-based learning. More than 650 colleges and universities worldwide use GoReact to facilitate scalable video observation, coaching, and assessment for rapid skill development. With simple, interactive tools for collaborative learning and personalized feedback, GoReact helps all learners demonstrate skill competency with greater human connection and engagement. Learn more at www.goreact.com.
Video Assessment For Skill Development & Feedback | GoReact
Accessibility
GoReact.com is designed to comply with applicable software accessibility requirements of Section 508 of the U.S. Rehabilitation Act. The system is designed to work with native accessibility tools within Windows and Mac operating systems as well as the enhanced functions included in modern web browsers. This includes screen readers like JAWS®
For details related to our Section 508 compliance, please see our Voluntary Product Assessment Template (VPAT).
GoReact.com is also designed to comply with the Web Content Accessibility Guidelines (WCAG) version 2.1, levels A and AA.
For more about WCAG 2.1 compliance, see: Web Content Accessibility Guidelines (WCAG) 2.1
Security
| HECVAT status |
Complete |
| Data encryption |
All GoReact authentication and page requests are passed to and from the user's browser via TLS/SSL, and all GoReact-stored data is encrypted both in transit and at rest in the database. |
| Countries of data storage |
Amazon AWS US East, N. Virginia. |
| Data storage method |
Cloud |
| Data retention policy |
AWS adheres to DoD and NIST standards for data destruction and media reuse. These standards cover, among other things, the proper application of clearing/overwriting, purging/degaussing and multiple methods of destruction, depending on need for reuse and media types. When a storage device has reached the end of its useful life, AWS procedures include a decommissioning process that is designed to prevent customer data from being exposed to unauthorized individuals. AWS uses the techniques detailed in DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process. All decommissioned magnetic storage devices are degaussed and physically destroyed in accordance with industry-standard practices. |
| Incident management program, policy, and testing |
The incident response plan takes into consideration all legal requirements, notification requirements, and remediation obligations. |
| Disaster recovery and business continuity plan and testing |
Our Business continuity encapsulates steps to recover systems, infrastructure, and data needed to restore full service functionality. The BCP also accounts for complete loss of our primary cloud vendor by utilizing infrastructure as code allowing restoration within another vendors cloud. |
| Security Standard Certificates |
PCI DSS, IMS Global Self Certification |
| Third party testing and security controls practices |
Third party providers are regularly reviewed to ensure that they are adhering to industry best practices, standards, availability and compliance. Data Privacy Agreements are also implemented to ensure customer data is safeguarded. |
Privacy
| Privacy policy link |
https://help.goreact.com/hc/en-us/articles/115000273226 |
| COPPA policy link |
https://help.goreact.com/hc/en-us/articles/115000273226#COPPA_Compliance |
| Privacy department/officer contact: |
Aaron Gibson |
| Types of data collected |
LTI Parameters |
| Personally identifiable or personal data collected |
Name, Email Address, and other identification parameters permitted through LTI |
| Data Deletion Request Process |
Requests can be made through goreact.com/support |
| Third Party Data Sharing & Opt-out |
The U.S. Family Educational Rights and Privacy Act (FERPA) is designed to protect student identity and academic information from unauthorized disclosure to third parties. GoReact complies with all relevant provisions as follows:
- Student account information is private in the system, viewable only by authorized instructors and IT administrators. Such permissions must be explicitly granted within GoReact.
- Student grading information is viewable only to authorized instructors, reviewers, IT administrators, and to the individual student themselves.
- Authorized GoReact staff may access the account information solely for the purpose of providing service and support to the instructor and students. Such access is limited to authorized service and support staff only. Consent for this limited use of their account information is granted by each student user upon signup with required acceptance of the User Terms.
|
| Cookies or Tracking Technologies used |
Cookies |
| Analytics performed on Customer Data |
None |
| Data correlation practices |
Self serviced Course and Rubric reports available |
| Privacy Certifications or Seals |
PCI Security Certificate |
| Targeted Advertising using user data |
None |
| Privacy or data protection impact assessments |
Our DRP aligns with our BCP around restoring backups and enlisting new services through automation. Customer data is backed up daily via AWS RDS snapshots as WARM availability, and offsite for protection around disaster recovery planning in a COLD format. |
| Privacy Law Compliance |
SOC and SSAE, PCI, FERPA, HIPPA, COPPA, CCPA, EU Privacy Shield and GDPR Compliant |
Integration Instructions
LMS specific administrator setup instructions
