Software Evaluations and Privacy Impact Assessments
Whether you’re looking to invest in new software or replacing a current product, all software being considered for use at RRC requires a Software Evaluation and/or Privacy Impact Assessment.
Having software evaluated by the Centre for Learning and Program Excellence (CLPE) and Information Protection and Compliance will provide valuable information when deciding on what tools to invest in, including:
- Academic Requirements: Is the software a good fit for the College’s academic learning environment?
- Redundancy: Is there software already in use in the College that can provide the same solution?
Request a Software Evaluation
Prior to committing to purchase or use software, please complete the form below to request a software evaluation from the CLPE. All software used within the College requires an evaluation to ensure it is suitable for the purpose, meets data security requirements, and is compatible with our teaching and learning spaces.
Please consult the list of completed software evaluations.
It is important to submit unapproved technology, either prospective or currently used, for approval by the CLPE and ITS Information Protection & Compliance department.
What are Software Evaluations and Privacy Impact Assessments?
Red River College’s Information Protection and Compliance department conducts two types of software reviews as part of ITS governance:
- Software Evaluations
- Privacy Impact Assessments
Other departments such as the CLPE may be consulted on assessments if necessary.
Typically, this type of evaluation is for software that will not interact with other College systems, and the user base is a specific department or group. If the evaluation flags any security or privacy concerns, it may be referred to Legal Services for review.
Privacy Impact Assessments
The Privacy Impact Assessment is a process that RRC uses to identify and address potential privacy risks when contemplating the purchase of a new system or service that will be used by a broad range of staff or students. The PIA process examines potential impacts to privacy and considers reasonable measures to lessen these impacts if concerns are identified. As a public body, the College is currently using the PIA tools that have been provided for use by the Manitoba Ombudsman. This assessment assists RRC in identifying potential privacy risks, and as a result, allow us to address those risks early on.
Purchasing Policy and Legal Agreements
Please remember to follow all of the procedures outlined in the RRC Purchasing Policy and ensure that software agreements are reviewed by Legal Services.
The Risks of Free Software
It’s tempting to download free software and although it does not have a monetary cost, it can come at a price in the form of malicious viruses, spyware, adware, or browser hijacking. They can be innocuous and annoying, or they could send your private data to a third party and steal your passwords.
Not all free software is free; your personal data could be the price.