The Certification Process

Understand the process and what vendors get from the subscription.

Step one

Assessment


After both parties sign the NDA, vendors provide our privacy assessors with access to the product and send documentation such as our data questionnaire, privacy policies, sample contract, and test logins. These materials are used to complete the manual assessment.

We then use a series of proxy and web traffic analysis tools to complete the technical assessment, depending on the environment, to reveal the third parties receiving data from the product.

Based on the findings of the manual and technical assessment, our privacy assessors will work with you to resolve any emergent privacy or security gaps to bring your product into compliance.

The initial assessment process can usually be completed within a month.

1
Assessment
Step two

Certification


Once any relevant revisions to the policies or product are completed, vendors are awarded their chosen Privacy Badges to signify their compliance with relevant laws and regulations.

iKeepSafe will work reflexively with your team to create and distribute a Product Profile that summarizes and communicates how your product protects student data privacy & security, as well as a Press Release to communicate your compliance.

The communication plan can usually be completed in 1-3 weeks, depending on the vendor’s availability.

2
Certification
Step three

Subscription


iKeepSafe is dedicated to helping vendors achieve and remain in compliance year-round in the constantly evolving edtech landscape.

Every month, we conduct reviews of your product to stay up to date with any updates and prepare you for recertification. Our newsletter will share privacy & security news as well as new state and federal legislation.

Subscriptions start 4 months after the initial assessment, and provide year-round support as well as your annual recertification.

3
Subscription
Step four

Training


As part of your subscription, vendors receive the required annual compliance training.

Training is delivered by nationally recognized data privacy experts with over 20 years’ experience in online technology, child safety, and privacy. All are CIPP certified with unique experiences in large, global consumer practices. They work with vendors to bring them into compliance with iKeepSafe’s guidelines, covering:

  • Overview of the Federal and State-specific Privacy Laws
  • Understanding and Identifying Non-personal vs. Personal Information vs. Directory information
  • Acceptable Data Usage, Sharing, Protection and Deletion
  • Information Security & Data Breach Best Practices
4
Training

Subscribe to our monthly
Privacy & Security newsletter.

© 2017 iKeepSafe. All rights reserved.