Home /

Use of Third-Party Technology Services

What Are Third-Party Technology Services?

Third-party technology services are applications, software, or other web-based technologies not created by the manufacturer of your device or operating system. They are often accessed online for free or at low cost. Some examples include Grammarly, ChatGPT, Evernote, Slack, and Dropbox. While these services can be beneficial, it is important to ensure that UC Santa Cruz data is appropriately protected before using them.

Most third-party services are non-UC technology services, which means that no agreement exists between UC Santa Cruz and the service provider. Therefore, non-UC technology services may not have the appropriate security protections in place that are required for university data.

Using a Non-UC Technology Service

Before using a non-UC technology service, it is important to:

  • Know your data and resource. If it is P3-P4 data and it is connecting to a P3-P4 resource, you must use a UC-approved service.
  • Know the terms and conditions of use. A third-party service provider can hold you to what you agree to, even if it is just a “click-to-accept” agreement. Note that ownership of data must remain with UC Santa Cruz.
  • Review the service’s privacy and security policies to ensure that they align with UC Santa Cruz's policies. Check with your Unit Information Security Lead (UISL) or Unit Head for risk-based decisions before moving forward.
  • Ensure accessibility. If use of an application or service will be required, you must make sure that it is accessible to users with disabilities. Ask the service provider whether their product is Section 508 compliant, and test it to make sure that it is.

privacy-criteria-1.png

(Click to Enlarge)

security-criteria-2.png

(Click to Enlarge)

data-ownership_-service-levels-legal_contract-criteria.png

(Click to Enlarge)

Get Help

For assistance with privacy considerations, contact Privacy & Information Practices at privacy@ucsc.edu.

For assistance with security considerations, contact ITS Information Security at ispolicy@ucsc.edu.

For assistance with the terms and conditions of third-party service agreements, contact Real Estate & Contract Services at businesscontracts@ucsc.edu.

For more information about web accessibility and testing websites for accessibility, see the ITS Web Accessibility website.