Privacy Policy

Important note regarding this privacy policy

At IEPs Made EZ, we understand that Individualized Education Programs (IEPs) contain some of the most sensitive information a family or school can share. We are committed to maintaining the highest standards of data privacy and security. This policy explains how we collect, use, and protect your information.

1. Information We Collect

To provide accurate IEP costing and consulting services, we collect the following types of information:

• Personally Identifiable Information (PII): Name, address, email, and phone number of parents or legal guardians.

• Student Data: Student name, date of birth, and grade level.

• Sensitive Educational Records: IEP documents, 504 plans, evaluation reports (psychological, speech/language, OT/PT), and behavior intervention plans.

• Financial Data: Billing information and payment details processed through our secure third-party provider.

2. How We Use Your Information

We use the data provided strictly for the following purposes:

• Costing Analysis: Calculating the fiscal impact of services, staffing, and specialized equipment outlined in the IEP.

• Service Delivery: Providing consulting, reporting, and strategy recommendations.

• Legal Compliance: Ensuring our records meet state and federal educational auditing requirements.

• Communication: Sending project updates, invoices, and relevant service notifications.

3. Compliance with Privacy Laws

We operate in strict alignment with federal and state privacy frameworks:

• FERPA: We treat all student "education records" with the same confidentiality required of school officials. We do not disclose PII without written parental consent unless permitted by law.

• HIPAA: If health-related billing data is processed, we maintain safeguards consistent with HIPAA’s Privacy and Security Rules.

• COPPA: We do not knowingly collect information directly from children under 13. All data must be submitted by a parent, guardian, or authorized school representative.

4. Data Sharing and Disclosure

We do not sell, rent, or trade your data to third parties. We only share information when:

• Service Providers: We use trusted third parties (e.g., secure cloud storage, encrypted payment processors) who are contractually bound to keep your data confidential.

• Legal Necessity: If required by a valid subpoena or court order.

• Authorized Representatives: With your explicit written consent to share findings with a school district or legal counsel.

5. Data Security Measures

We implement enterprise-grade security to protect sensitive IEP files:

• Encryption: All data is encrypted at rest and in transit using SSL/TLS protocols.

• Access Control: Access to student records is limited to authorized employees who need the data to perform their specific job functions.

• Data Minimization: We only request the specific pages or data points necessary for the costing analysis.

6. Your Rights and Choices

Depending on your jurisdiction, you may have the right to:

• Access: Request a copy of the personal data we hold about you.

• Correction: Ask us to update or correct inaccurate information.

• Deletion: Request that we delete your data once the costing project is complete (subject to legal record-keeping requirements).

• Withdraw Consent: Revoke our right to process your data at any time.