Helping educators and parents find trusted products.
The CSPC builds on iKeepSafe’s FERPA Assessment and COPPA Safe Harbor, which help educators and parents find products that meet the expectations of federal privacy laws. This certification is recommended for operators and providers of websites and online services that are, whole or in part, intended for use in and by schools. Earning the iKeepSafe CSPC asserts that your technology company is a leader in student privacy.
The certification assesses for federal and California laws governing student data privacy, including:
Instill confidence with parents, students and schools.
An assessment from a trusted and experienced independent third party like iKeepSafe will assure schools and parents that your educational technology is one that can be trusted with handling student data.
Clearly communicate compliance with stringent student data privacy laws.
Earning and displaying the iKeepSafe certification indicates you value the privacy of your customers.
Move the complicated privacy compliance guess work out of your hands and into a professional’s.
Having iKeepSafe’s experts assess and guide you through the various elements of multiple student privacy regulations will eliminate compliance uncertainty and provide the right direction for your unique needs.
Participating companies agree to act as school officials, but schools will remain in control of personally identifiable information from education records during and after any arrangement with a participating company. Participating companies may not provide third parties with students’ personal data for advertising, marketing, or other purposes unrelated to the functioning of the product in the manner for which it is being used by the school.
Participating companies must also have a process in place to respond to requests to provide parents or eligible students with a means to review data or categories of data that have been collected and to request that the data be amended or corrected.
Participating company products should be designed to operate with minimally required collection of student data. Participating companies must clearly identify to schools what data collection is required for basic operation of the technology and what is optional.
Participating companies must take reasonable measures to maintain the confidentiality, security and integrity of data.
Participating companies must maintain a baseline level of knowledge of data privacy and security requirements and best practices through annual employee training.