Training & Awareness
How our personnel are trained to protect student data.
Technology alone cannot protect student data — our people are the first line of defense. Every Impact Suite employee and contractor completes privacy and security training, with role-based content and regular reinforcement.
Schedule
- Onboarding — training completed on day one, before access to systems containing student data.
- Annual recertification — required for all personnel.
- Triggered training — when responsibilities change, new systems deploy, or an incident reveals a gap.
Coverage
- FERPA — education records, the “school official” role, consent/disclosure, parent and student rights.
- COPPA — requirements for children under 13 and restrictions on data collection and use.
- HIPAA — Protected Health Information, minimum-necessary standard, Business Associate obligations, and Security/Privacy Rule requirements.
- State laws — applicable state student-data-privacy requirements.
- Security awareness — phishing and social-engineering recognition, password and device security, and secure data handling.
Engineering, support, sales, and administrative staff receive additional role-specific instruction.
Tracking
Training completion is tracked on our compliance platform and records are retained per policy, available for review as part of a security assessment.