Embedded Files
LTI installations are complex and can take several months. They are a multi-part process and include: 1) an initial request, 2) obtaining data from the vendor for 3) a privacy and security review, leading to 4) District Legal approval of the privacy and security review, 5) receiving the information from the vendor to install it in Canvas, and 6) testing/installation in Canvas.
Due to this complexity, advanced notice to the CTLEE and planning are needed.
Click on panels below to expand for more information on Canvas LTI Installations.
What is an LTI in Canvas?
What is an LTI in Canvas?
An LTI, or Learning Tools Interoperability, is a tool that allows coursework and learning tools to launch from within a learning management system (LMS). Examples of approved LTIs include Cengage, McGraw Hill, Pearson, Perusall, Packback, and more.
What is LTI 1.3 vs. 1.1? This is confusing!
What is LTI 1.3 vs. 1.1? This is confusing!
Your publisher might tell you they have (and want you to use) version 1.3 of their LTI. Upgraded versions are more secure and often have a deeper feature set. While some 1.3 LTIs override version 1.1 LTIs, you might have to reconnect the upgraded LTI to the grade book, redo assignments, select readings, etc.
We review each request for version 1.3 on a case-by-case basis. Publishing companies may stop supporting v 1.1 of their integrations as early as the end of 2023.
What should I do if I want to use an LTI?
What should I do if I want to use an LTI?
Please send us an email with information on the LTI. We will review your request to discuss the tool you are considering using. We will find out whether it has already been through a privacy and security review, whether other colleges are using it (i.e., a contract is in place), etc.
We will help you determine if the LTI will be installed at the PV sub-account, department, or course level. Where an LTI is installed impacts the installation timeline and the data we need to gather.
Course-level integrations without administrator assistance or an anonymous setting do not require a privacy and security review.
Why is a privacy and security review important?
Why is a privacy and security review important?
Some LTIs will require a privacy and security review (including submitting the privacy and security questionnaire or PSQS). This means we perform due diligence that the vendor properly handles our students’ data, such as confidential or personally identifiable information.
What data is collected from the vendor?
What data is collected from the vendor?
We obtain the following information, some of which is available on a vendor’s website, others we have to ask a representative for:
Terms and Conditions
Privacy Statement
FERPA Compliance Statement
VPAT
SOC2 Report
What is the Privacy and Security Questionnaire (PSQS)?
What is the Privacy and Security Questionnaire (PSQS)?
Along with the above information, we have to ask the vendor these questions:
Will the product, service, or solution of an outside party (non-MCCCD) involve the processing, review, maintenance, retention, or use of MCCCD Confidential Information by that or any other outside party? (What student data is reviewed/retained? For example, students' first and last names, usernames, or grades?)
Will the product, service, or solution involve hosting by an outside party (i.e., off-site storage or cloud-based hosting by one or more non-MCCCD parties) of MCCCD Confidential Information? (Does the vendor retain student data as listed above on their servers or hosted servers?
Will any outside party have access to servers, systems, networks, or have access to other manners of storing or displaying MCCCD Confidential Information (i.e., paper files and documentation, electronic spreadsheets, etc.)? (Will anyone have access to said data in question 1?)
Describe the purpose/function of the contract. What business need is being met by this product or service?
Specify any data elements that will be shared with or accessed by any outside party for this contract (i.e., social security numbers, credit card numbers, student names or records, addresses, etc.).
What is the privacy setting for the LTI (public, anonymous, email, name)?
Contact information (including name, email address, phone number, and mailing address of the company) to process the privacy and security contract.
The CTLEE submits these attachments and the PSQS to the contract management system so District Legal can approve faculty use of the LTI.
How long should I plan if I want to use an LTI?
How long should I plan if I want to use an LTI?
A privacy and security review can take several months from when we collect data from the vendor and enter the contract into the contract management system to when it is approved through District Legal.
After approval, the CTLEE works with the vendor to obtain the necessary consumer key and secret to install the LTI. LTIs might also require assistance from our support at the District Office.
We also will require your help with testing the tool along with the vendor to ensure it is working. We generally test LTIs in our beta (non-production) environment to ensure things work properly before we load them to production. Given multiple steps involving multiple parties, the CTLEE recommends allowing several months to use a new tool or publisher.
I already purchased the software - can I install the LTI?
I already purchased the software - can I install the LTI?
Software purchases that have been through District legal and already have a contract have undergone a different privacy and security review than is required for the LTI.
I have questions!
I have questions!
We have answers!
Please contact us. We are happy to shepherd LTI requests through this process.
ctlee@paradisevalley.edu
E125
Page updated
Report abuse