Purpose
VerbalCheck supports academic integrity and learning review by pairing written submissions with short oral assessments. Because the platform handles student submissions, interview responses, transcripts, instructor review materials, and LMS-connected workflows, security and privacy are core operating requirements.
Security posture
- Role-based access separates student, instructor, admin, and system functions.
- Object-level authorization limits access to the correct student, instructor, assignment, class, or institution context.
- Sensitive submissions and audio are handled through private storage paths where configured.
- Authentication uses httpOnly cookie-based sessions with server-side session revocation.
- Production deployments use HTTPS and security headers including CSP, HSTS, Referrer Policy, and Permissions Policy.
Institutional review note
This summary is intended to support initial review. Final institutional compliance depends on customer-side policies, user provisioning, contractual terms, LMS configuration, and data governance decisions.