Redirecting to default login... Gates Overview – Mobility Center of Excellence Team Website

Gates Overview

Learn about the various Certification Review Gates, Application Categories, Certification Classes.

Certification Review Gates

Compliance & Legal

App is reviewed by KP Legal & KP National Compliance.

  • KP Legal Review
  • Privacy Statement, Ts & Cs
  • Accessibility/WCAG 2AA
Security

App is reviewed by TRO Cyber Security Team – Application Security & Red Team.

  • TRO Review
  • HIPAA/PHI, SOX, PII, PCI
  • Penetration Testing
  • Dynamic & Static Testing
 Operations

App has a Support Plan and/or Atlas ID.

  • In-App Support Screen
  • Support Model Tiers
  • ATLAS IDs
  • Business Continuity
UX/UI & Design

App is reviewed by MCoE Designer. 

  • MCoE Design & Brand Review
  • App Icon & Name Branding
  • KP Brand & Editorial Standards
  • App Store Screenshots
Code & Architecture

App is reviewed by MCoE Developer.

  • MCoE Developer Source Code Review
  • Source Code Scanning Tools
  • Accessibility in Code
  • * N/A for 3rd Party Apps with no vendor agreement

Application Categories

Each audience – Consumer, Provider and Workforce – contains 3 categories of mobile applications that may be designed, developed, certified and/or managed by the Mobility Center of Excellence.

Application Categories Description
Custom
  • 5 Gates are applicable – Compliance & Legal, Security, Code & Architecture, UX/UI & Design, & Operations
White Label
  • 4 Gates are applicable – Compliance & Legal, Security, UX/UI & Design, & Operations
Third Party
  • 3 Gates are applicable – Legal, Security & Compliance, & Operations

Back to top

Certification Classes

Certification Class Description

Production (A)
  • All Certification Gates passed with no high or critical risks/issues.
  • Substantially new versions (major new features or back end services) must be re-certified.
  • Consult with MCoE if uncertain whether certification should be renewed.

Pilot (B)
  • Somewhat lower select Gate standards than Class A due to smaller/controlled distribution, pre-operationalization support model.
  • Class B apps to be re-evaluated if owner decides to fully scale and operationalize the app; Class A standards must be met at that time.

Proof of Concept / Incubation (C)
  • POCs are not formally certified but can be reviewed as part of an MCoE consulting engagement, laying a foundation for success.
  • Very limited, internal-facing distribution models (< 10 users).
  • C-Class POCs should progress to Class A or B within 9 months or be suspended.

Probation (P)
  • KP apps falling below 3 stars on a public-facing app store will be placed on Probation.
  • Quality issues to be investigated by MCoE. MCoE will provide app owners with a list of needed improvements.
  • App owners have nine months to bring app up to Class A standards or app will be subject to de-listing.

Back to top