HeaderPolicies Home Home Search Help Careers News Events Contact Us
PDF

Policy 5.16
Internal Mobile App Distribution

Responsible Official: Enterprise CIO and Sr. Vice Provost for Library Services and Digital Scholarship
Administering Division/Department: LITS: Library & IT Services
Effective Date: November 17, 2014
Last Revision: July 17, 2017

Policy Sections:

Overview

 This policy sets forth the rules surrounding development of internal mobile applications (mobile apps).

Applicability

 This policy applies to anyone who develops mobile applications at Emory or on behalf of Emory.

Policy Details

 Emory requires a review of all internal mobile applications at Emory (developed at Emory or vended) prior to distribution to end users for production use. Internal mobile applications are those intended for use by Emory people and Emory affiliates only and not segments of the general public. This process is initiated by Library and Information Technology Services (LITS) in consultation with Legal Counsel and the Emory Healthcare and Emory University Compliance Officers. To begin this process, please visit https://wiki.service.emory.edu/x/7ILaB. Although internally distributed mobile applications do not have the same business and branding requirements as publicly distributed mobile apps, internal mobile applications have many of the same legal, compliance, and security implications. For this reason Emory must perform a technical review, compliance and regulatory review, and a security review for internal mobile apps. Mobile applications may be distributed internally to a limited user base for development and testing purposes prior to this review, but the reviews must be completed satisfactorily prior to distributing apps for production use.

 
Emory requires that all internal mobile applications developed at Emory, both native apps and mobile web apps, be distributed for production use using the Emory Mobile App Catalog. Mobile web apps may also be distributed by communicating a uniform resource locator (URL) or a launch web page in addition to listing them in the Emory Mobile App Catalog. This practice helps ensure that Emory can track mobile app usage, apply security policies, manage application updates, and otherwise support the applications. Some vended mobile apps may require distribution by the vendor or distribution through a public marketplace. These practices for vended applications are allowed when they do not introduce unmanageable risk to Emory.
 
Emory requires a review of all apps available in public marketplaces that are listed for download in the Emory Mobile App Catalog. The process for reviewing mobile apps endorsed by Emory and listed in the Emory Mobile App Catalog is initiated by Library and Information Technology Services in consultation with Emory Healthcare and Emory University Compliance Officers and other groups depending on the particular nature or requirements of the mobile application. To begin this process, please visit https://wiki.service.emory.edu/x/suIGBQ. These mobile apps are endorsed in some way by Emory when they appear in the Emory Mobile App Catalog and they should be reviewed and documented to indicate the nature of their review and recommended or endorsed use.

Sanctions:

  • Failure to comply with this policy may have legal consequences and may result in:
    • Suspension or termination of access;
    • Disciplinary actions (up to and including termination of employment) in accordance with applicable university policy.

Related Links

Contact Information

SubjectContactPhoneEmail
Clarification of Policy  Steve Wheat  404-727-5268  swheat@emory.edu 

Revision History

  • Version Published on: Jul 17, 2017 (Updated sanctions language)
  • Version Published on: Dec 16, 2014 (Original Publication)