Global Education Privacy & Security Standard (GEPS/GESS)

The Data Privacy Agreements (DPAs) are the first step in getting common expectations around safeguarding student privacy – but only the first step.  What if you could automatically communicate between end users and vendors?

The Global Education Privacy Standard (GEPS)

The Global Education Security Standard (GESS)

The Student Data Privacy Consortium (SDPC) has been extremely successful in bringing the educational technology (EdTech) marketplace and school districts together in addressing student data privacy obligations.  As the SDPC continues to expand, the ability to audit and/or certify that providers, and schools, are meeting their security obligations to safeguard data is critical. Currently, there are very few mandated requirements for providers to adhere to specific security benchmarks. Some states have legislated their own set of security requirements.  In the absence of any framework or identified benchmarks to audit providers against, it is impossible to certify any application is meeting privacy and security obligations.


The new Global Education Security Standard (GESS) Project Team has been working diligently to develop a matrix/crosswalk of all existing security frameworks and identify a core set of controls applicable to PK-20 data. The group is at a point now that they would like to share this work with industry experts to obtain feedback to further guide their work.

Unity Enabling Privacy Expectations

The POD is a machine readable “meta-data” document that contains detailed contract expectations.  Enable its transport by utilizing the newest ‘Unity’ SIF Specification, developed by the A4L Community

FIND OUT MORE about the Unity Specification >>

GEPS is currently a part of the Massachusetts Data Hub Pilot Project – so much more to come!