PSNI never markets to anyone and data is never sold or shared, including de-identified or aggregated data. We also don’t engage in targeted marketing, and we won’t allow our partners and affiliates to market to your families, either.
FERPA AND HIPAA COMPLIANCE
We use comprehensive security standards to safeguard student data, and we’re transparent about how this information is handled. We maintain full FERPA and HIPAA compliance, ensuring that data remain secure and protected at all times. Access to data within SNAP Health Center is controlled by customized logins, specialized PINs, a user access log, and a behind-the-scenes audit trail.
We also have an onsite Information Security Officer and provide annual HIPAA and FERPA security training for our entire staff to make sure they follow industry best practices.
STUDENT PRIVACY PLEDGE
PSNI was the first school health software provider to sign the national Student Privacy Pledge, which promises that student data will be used for educational purposes only. Led by the Future of Privacy Forum (FPF) and the Software & Information Industry Association, the pledge is designed to enhance the trust between families, schools, and software providers.
By signing the pledge, we have vowed that we will:
- Never sell student information or target ads based on student behavior
- Use student data only for authorized educational purposes
- Not change our data privacy policies without giving stakeholders notice and choice
- Enforce strict limits on the retention of student data
- Allow parents to access, and correct errors in, their children’s information
- Maintain comprehensive data security standards
- Be transparent about how we collect and use student data
SOC 2 Type 2 Examination
PSNI has successfully completed the SOC® 2 Type 2 examination to demonstrate our commitment to protecting sensitive student data for its customers in the US and 21 different countries.
A SOC 2 Type 2 examination is an intense voluntary review which ensures compliance with the leading industry standard for managing enterprise data. It validates PSNI’s security practices and controls meet the Trust Services Principles and Criteria for security, availability, and privacy over an extended period of time.
Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 examination is a technical auditing process conducted by independent auditors who measure the availability, security, and integrity of an organization’s unique data processing systems, and ultimately determine whether effective safeguards and controls are in place. SOC 2 reports are recognized globally and affirm that a company’s infrastructure, software, people, data, policies, procedures and operations have been formally reviewed.
School districts must have confidence in their software partners' abilities to protect sensitive information and PSNI's repeated SOC examinations allow agencies to use these reports to know we meet essential requirements, including security, availability, and privacy among others over an extended period of time.
Professional Software for Nurses, Inc. (PSNI) today announced that it has received the MSPAlliance® Cyber Verify™ Risk Assurance AAA Rating for Managed Services and Cloud Providers. Cyber Verify is designed to provide consumers greater transparency and assurance when it comes to the cyber security practices of those providers. Cyber Verify is based on the Unified Certification StandardTM (UCS) for Cloud and Managed Service Providers and governed by the International Association of Cloud and Managed Service Providers.
Less than 1% of the global MSP community has achieved a AAA Cyber Verify rating, placing Professional Software for Nurses, Inc. in a very elite group of managed service and cloud providers world-wide.
The Cyber Verify evaluates many different aspects of a company’s service delivery, paying particular attention to security. Cyber Verify evaluates internal service delivery security practices, business continuity of the provider, cyber insurance usage, and many other characteristics which are important in the evaluation process of customers seeking out professional and secure providers.
Cyber Verify applies the following rating system:
- AAA - evaluates the provider’s cyber security practices on a 3-12 month period of review
- AA - evaluates the provider’s cyber security practices on a particular day
- A - evaluates the provider’s cyber security practices based on a thorough and in-depth self-attestation examination.
Very few K12 providers have achieved this rating demonstrating PSNI's continued commitment to the security and privacy of our customers' information.