Follow

GDPR - May 25, 2018

GDPR

ACS Athletics is committed to supporting our partner institutions with regards to GDPR (General Data Protection Regulation) which is a European Union regulation that goes into effect on May 25, 2018. The new law changes how companies store and process personal information for European Union citizens. As a processor of your data, we have analyzed our systems to ensure that we are:

  • Providing institutions the ability to manage their data
  • Providing institutions the ability to notify athletes at time of questionnaire submission
  • Providing a secure infrastructure and system for athlete data

Security Infrastructure

ACS operates in a highly secure AWS environment that is closely monitored. Data is backed up twice daily and is stored securely in a separate location for twenty-eight days. All data submissions and transfers are done through secure APIs, through a browser behind security certificates, or through SFTP.

Understanding Your Data in ACS

Each sport in ACS can be configured differently depending on the coach’s recruitment and athlete management needs. Some of the information stored in ACS is considered Personal Identifiable Information (PII). Due to the highly configurable nature of ACS and different institutional standards regarding Pll, we cannot determine which fields may be considered sensitive Pll. To assist you, ACS is happy to provide you a complete list of all of your fields for your review. Please submit those requests to helpdesk@acsathletics.com. If after your review you would like any fields or athletes removed, please contact us at helpdesk@acsathletics.com. with the following information:

  • Sport(s)
  • Category where the field(s) exists: Recruit, Roster, Alumni, or Contacts
  • Field(s) to remove

Please provide the exact field name(s) to be removed. When the fields are removed all of the data is deleted, so it is very important that the field names provided are correct! This data cannot be restored!

There is a feature in ACS that emails a copy of certain data submitted by an athlete through a questionnaire. If you would like to deactivate this feature, staff members can do this in ACS through Manage Users by editing his/her account.

How Data Enters ACS

There are multiple ways that data enters ACS, which are outlined below. Please note that not all avenues apply to all institutions; how coaches choose to gather athlete data varies by institution.

By Athlete (manually entered)

Each sport includes a questionnaire for each category of data (Recruit, Roster, Alumni, and Contacts). These questionnaires can be embedded into your athletic website or sent as links. When an athlete submits his or her data through a questionnaire, it goes directly into ACS.

By Coaches (manually entered)

Coaches can enter athletes into ACS directly through the web-based UI or mobile application.

By Third-Party Partner (secure API)

Coaches can select athletes and send data from third-party partners.

By Import (by ACS)

Coaches can request data be imported into ACS by providing the data in spreadsheet format to us. ACS does not validate the source of the data and imports the data per the instructions of the coach.

In order to further secure our data import process, we will be providing a new in-app upload tool for data import requests. Additional information about this tool will be available shortly.

By Admissions (SFTP)

This option applies only to those institutions who have integrated with their admissions system. All data transmitted is agreed upon by both admission and athletic staff as part of the implementation process. Once configured, the data is sent on a schedule via SFTP.

Data Management and Notification

Standard ACS functionality already provides your staff the ability to update and export data should an athlete request it.

Soon, we will deliver a privacy notification solution for sport questionnaires. Each institution will have the ability to configure its own GDPR notification language in one place and turn on the notification for all questionnaires. Once activated, ACS gathers the timestamp of the notification confirmation in case it is ever needed by your institution.

Was this article helpful?
0 out of 0 found this helpful

Comments

Powered by Zendesk