Home
Why ion?
Behavior and PBISChronic AbsenteeismStrategic Planning
How It Works
insightsReportingMTSSCase Management
Success Stories
MediaPiper Kansas City Schools - KSLebanon Public SchoolsSeneca Family of Agencies
Links
Loginfusion
Book A Demo
Home
Why ion?
Behavior and PBISChronic AbsenteeismStrategic Planning
How It Works
insightsReportingMTSSCase Management
Success Stories
MediaPiper Kansas City Schools - KSLebanon Public SchoolsSeneca Family of Agencies
Links
Loginfusion
Book A Demo

FERPA Compliance Policy

(ION Software Group LLC)

1. Purpose

ION Software Group LLC (“ION”) provides data management, analytics, and reporting services to K–12 educational institutions. This policy outlines ION’s compliance with the Family Educational Rights and Privacy Act (FERPA) as a school official/service provider operating under the control of our district partners.

2. Scope

This policy applies to all ION employees, contractors, vendors, and partners who may have access to student data entrusted to ION by school districts. It covers all data in electronic or paper form that qualifies as an education record under FERPA.

3. Definitions

  • Education Records: Any information directly related to a student and maintained by an educational agency or its authorized agents (including ION).
  • Personally Identifiable Information (PII): Student data such as name, address, student ID, test results, attendance, or any data element that could identify an individual student.
  • Directory Information: Limited information that schools may disclose publicly (e.g., student name, grade level), unless parents have opted out.
  • School Official Exception: FERPA allows districts to share PII with contractors, consultants, and vendors like ION if they perform services the district would otherwise use its own employees to perform, are under the district’s direct control, and use the data only for authorized purposes.

4. Compliance Principles

4.1 District Control

  • ION acts only at the direction of the school district (the data owner).
  • ION does not determine what data is collected, how it is categorized, or how long it is retained. Those decisions rest with the district.

4.2 Data Use

  • Student PII is used solely for the purposes of providing contracted services (e.g., data integration, dashboards, reporting, analytics).
  • Data will never be sold, used for marketing, or disclosed for unauthorized purposes.

4.3 Data Access

  • Access to student data is limited to authorized ION personnel with a legitimate business need.
  • Role-based permissions and audit logs are maintained to track access.

4.4 Data Disclosure

  • ION does not disclose student data to third parties except: As directed by the district; To authorized subcontractors bound by FERPA-compliant agreements; When required by law (e.g., court order, subpoena), with notice to the district where legally permissible.

4.5 Data Security

  • Student data is encrypted in transit and at rest.
  • Secure authentication and access controls protect all systems.
  • Paper records (if any) are stored in locked facilities and securely destroyed when no longer needed.

4.6 Training and Accountability

  • All employees must complete annual FERPA and data privacy training.
  • Breaches of this policy are subject to disciplinary action, up to and including termination.
  • A designated Data Protection Officer ensures FERPA compliance and serves as the point of contact for districts.

5. Record Retention and Destruction

  • ION retains student records only as long as required to fulfill contractual obligations.
  • Upon termination of a district contract, all student data will be returned to the district or securely destroyed, consistent with district instructions.

6. Incident Response

  • Any suspected or confirmed data breach must be reported immediately to ION’s Data Protection Officer.
  • ION will notify the affected district promptly and cooperate fully with its investigation and response.
  • Affected parties will be notified by the district in accordance with FERPA and state laws.

7. Review and Updates

This policy is reviewed annually and updated to reflect changes in law, district requirements, or industry best practices.