Security & Compliance

Built to meet the standards K–12 requires.

Data residency, encryption, compliance certifications, and data ownership — for IT directors, technology coordinators, and procurement teams.

∗ Compliance & standards

The standards that govern how Sibme handles instructional data.

Full compliance documentation is available to districts on request.

Certified & integrated
FERPA
Student educational records
All submitted evidence is treated as district-controlled data. Sibme does not share student data with third parties. Districts maintain full export and deletion rights.
COPPA
Students under 13
For artifacts involving students under 13, the district controls consent and data access. Sibme never directly collects personal information from students.
ISO 27001
Information security
Sibme's security posture is aligned to ISO 27001 standards, covering data residency, encryption, access controls, and incident response.
TX-RAMP Level 2
Texas state authorization
TX-RAMP Level 2 confirms Sibme meets the security standards required for Texas state and local government entities and school districts.
ISO 9001
Quality management systems
ISO 9001 certifies that Sibme's processes and service delivery consistently meet customer and regulatory requirements — a structured framework for continuous improvement across operations and product delivery.
Data ownership
Full export and deletion rights
The district owns its data. Always. Sibme does not use district data to train AI models. Full export available. No lock-in on your evidence.

Sibme and Texas TIA

Texas TIA requires documented evidence of teacher practice tied to compensation. Sibme's human-review requirement, citation-backed reports, and longitudinal evidence records are designed to meet the documentation standards TIA requires. Contact us for a TIA-specific briefing.

∗ Infrastructure

Hosted on AWS. Secured by design.

Amazon AWS hosting

All customer data resides on AWS infrastructure with state-of-the-art data centers, 24×7 security, multi-factor access controls, and least-privilege authorization. AWS holds ISO 27001 and PCI DSS Level 1 certifications.

Encryption and access

All requests are transmitted via TLS/SSL. Authentication supports email/password, Google SSO, and organizational SSO (Microsoft Azure/AD, Canvas). Sibme maintains robust audit logs for compliance review.

Data breach notification

Sibme maintains a formal Data Breach Notification Policy covering rapid incident recovery, systematic response procedures, and notification obligations to minimize disruption and data loss.

Video and resource privacy

All videos uploaded to Sibme are private by default. Users control exactly who can view recordings and resources. No video is accessible without explicit permission.

Talk to the team or request full documentation.

We provide detailed security documentation to districts undergoing procurement review. Contact us directly for DPAs, sub-processor lists, or a security briefing.

Certified & integrated
Canvas Integrated, TX-RAMP Certified, ISO 9001, ISO 27001
© 2026 Sibme · “See what’s working.”