Bb in the Cloud - Data Security and Intellectual Property

Blackboard in the Cloud

Data Security and Intellectual Property

Beginning with Summer 2016 classes, courses taught in UMS’s Blackboard have been on computer servers and storage hosted by Blackboard in their data center, through a contracted service relationship between the UMS and Blackboard. This document will explain in lay terms the protections for data stored in those systems.

The UMS Role and Responsibility for Data Protection

The UMS has a responsibility to its faculty, staff, and students to keep their data and information safe and secure. We do that by building systems intended to be secure from external penetration by hackers, by having robust backup systems to keep data safe in the event of a system failure and by policy and guidelines for personnel to follow for the best results.

Our responsibility is no less when we contract with external vendors who host our data - Google and Blackboard are 2 widely used examples. In those contracts, the UMS is the legal entity in the contract and its responsibility is to ensure adequate protections are in place for data owned by the UMS and its constituents.

Data Ownership

All rights to the ownership of data remain with the UMS. The contract states specifically, “... Customer Property is and shall remain the sole and exclusive property of Customer.”

This does not supersede any contract or other relationship between the UMS and its constituents. Specifically, language regarding Intellectual Property in the AFUM contract is in no way superseded by this clause in a contract between UMS and Blackboard. In fact, it is essential to have this clause in the Blackboard contract to ensure the agreement between AFUM and UMS is not controverted.

Data Use

Customer hereby grants to Blackboard an unrestricted, non-transferable, non-exclusive, worldwide license to use the Customer Property during the Term, for the sole purpose of performing its obligations hereunder.

The contract grants Blackboard limited rights to use the data only to provide the service we contracted for - to host our servers and storage and keep the UMS Blackboard system running smoothly. They can make copies of the data, for instance, but only to ensure data safety (backup), resiliency (being able to bring up another system if the primary data center goes down), and to assist us with test instances and upgrades. They cannot expose the data to third parties or use it in any way outside providing the service to us.

FERPA Protected Data

Our contract has a clause specifically regarding FERPA protected data. The contract reads, “Blackboard shall maintain the confidentiality of such information in accordance with the provisions of FERPA but in no event shall Blackboard have any responsibility for breaches caused by the acts or omissions of Customer or Customer's users relating to such information.

Terms of Use on the website

The website has a variety of offerings such as demonstration of new products and versions, a community forum and other ways to participate with others using Blackboard products as well as the company itself.

None of the offerings on that website are covered by the contract we have, but there is a separate Terms of Use that you can view by going to the bottom of the page and finding the link there. Those Terms of Use do not supersede our contract. It states on the web site, “...nothing in these Terms supersedes or limits your rights under (1) the terms and conditions of any written agreement you have entered into with Blackboard regarding the use of Products…