How do schools protect their data and student data with the SAO?

The SAO platform collects and reports personal and sensitive data about families and students applying to schools. We take our responsibility to protect the confidential nature of this data seriously. In order to ensure data is properly protected, we regularly audit our legal compliance with respect to privacy and confidentiality, and we employ a number of active and passive measures to ensure our systems are protected against intrusion and other security breaches. 

The data relationship between EMA and member schools is protected by a member services agreement, which all members sign electronically. The data relationship between EMA and students/families is protected by a parent agreement, which all parents sign electronically. Both agreements are in compliance with current industry best practice and reviewed on a yearly basis. 

EMA collects and transmits personally identifiable parent and student information, including credit card numbers, using strong SSL encryption. This data is stored in our systems in encrypted format using strong encryption techniques. At no time are social security numbers collected or stored in any of our service transactions. Our networks and services are actively scanned for vulnerabilities and intrusion detection, and all access to back-end systems is monitored and logged. 

End user access to our Family and Member Portals are secured via username and passwords. Passwords are stored in one-way encrypted format and cannot be recovered. Instead, we provide tools for end-users to reset their password in the case they are lost.  

Regarding the security of the teacher recommendations, families and students assign teacher recommendation forms online. During this process the family must electronically sign a waiver relinquishing their right to view and access the confidential teacher recommendation forms. These confidential teacher recommendations are provided only to schools where the student applies. 

While the SAO is a common application format, it allows schools to choose from the common application components to create their own school-specific SAO requirements. For example, a school may choose not to require an English teacher recommendation, only a math teacher recommendation. The components not required are not delivered to the school, even though they may be available on the student’s SAO account/file for application to another school. The school only has access to their own applicants and does not see to which other schools a student has applied.

Was this helpful?
How can we improve?
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.