Data privacy compliance is getting harder

FERPA. COPPA. State privacy laws. AI tools handling student data. We help you stay compliant without paralysis.

Talk to an expert

The compliance landscape

Private schools face a growing web of privacy regulations. FERPA requires "reasonable methods" to protect education records. COPPA demands verifiable parental consent for services used by children under 13. Missouri's Student Data Accessibility Act adds state-level requirements.

Then there's AI. Every new AI tool your teachers want to use potentially touches student data. Does it comply with FERPA? Is it appropriate under COPPA? What happens to the data? Most vendors can't answer these questions clearly - and most schools don't know to ask.

The consequences of getting this wrong are real. COPPA violations can result in penalties of over $50,000 per child. FERPA violations can affect federal funding eligibility. And beyond legal risk, there's reputation risk - parents trust you with their children's information.

Regulations you need to know

FERPA

The Family Educational Rights and Privacy Act protects student education records. Schools must use "reasonable methods" to ensure only authorized parties access records.

Key question: When you share student data with a vendor, are they a "school official" with a "legitimate educational interest"?

COPPA

The Children's Online Privacy Protection Act requires verifiable parental consent before collecting personal information from children under 13.

Key question: For elementary students, do you have proper consent mechanisms for every digital tool you use?

State laws

Missouri's Student Data Accessibility, Transparency & Accountability Act (2014) adds requirements for data security, breach notification, and vendor contracts.

Key question: Are your vendor contracts compliant with state requirements for data protection clauses?

How we help

Data privacy audit

We review your current data practices, vendor relationships, and consent mechanisms to identify compliance gaps.

Vendor agreement review

We analyze your vendor contracts for required data protection clauses and help you negotiate stronger terms where needed.

AI tool vetting framework

A process for evaluating new AI tools against FERPA/COPPA requirements before they're deployed with students.

Consent management setup

Help establishing proper consent collection and documentation, especially for under-13 students.

Documentation and record-keeping

Systems for maintaining the records you need to demonstrate compliance during an audit.

Pricing

Compliance work is typically included in our ongoing retainer engagements. For standalone compliance audits, pricing starts at $5,000 depending on scope.

View pricing Get started