How the SAFE Initiative and SAFEin are designed to protect student privacy under federal law.
Last updated: May 27, 2026
The Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g and 34 C.F.R. Part 99, is a federal law that protects the privacy of student education records. It applies to schools and districts that receive funding from the U.S. Department of Education. Under FERPA, schools may not disclose personally identifiable information from student education records to third parties without parental consent, with certain limited exceptions.
SAFEin was built from the start with FERPA alignment as a design requirement, not an afterthought. The core principle: no student-identifiable information enters SAFEin, period.
Educators who use SAFEin describe situations in general terms. They might write: "A student is having a hard time transitioning between classes and has a history of behavioral challenges." They do not write: "Marcus, a seventh-grader in room 212 with IEP #4823, is having a hard time."
This is policy, not technical enforcement. SAFEin does not automatically block educators from entering names. Schools that sign the SAFE Initiative participation agreement acknowledge this expectation and commit to communicating it to all staff who use the tool. It is reinforced during the mandatory staff training workshop.
SAFEin does not collect, store, or process: student names, student ID numbers, dates of birth, grades, attendance records, discipline records, IEP information, 504 plans, or any other data that would constitute an education record under FERPA (34 C.F.R. § 99.3).
FERPA's restrictions apply to the disclosure of "education records" — records that are directly related to a student and maintained by an educational agency. Because SAFEin does not receive, store, or process student-identifiable information, the data flowing through SAFEin does not constitute education records as defined under 34 C.F.R. § 99.3. Accordingly, the consent and disclosure requirements of FERPA are not triggered.
When schools do provide data to outside vendors and wish to use the "school official" exception under 34 C.F.R. § 99.31(a)(1), they must establish that the vendor performs a service the school would otherwise undertake itself and is under the school's direct control. Because SAFEin is designed so that no education records enter the system, schools need not rely on this exception for SAFEin — but district counsel may wish to document this analysis as part of their vendor review process.
SAFEin does not integrate with, query, or receive data from:
The only data flowing into SAFEin is what an educator types directly into the tool during a session.
Rhode Island's Student Online Personal Protection Act (SOPPA), R.I. Gen. Laws § 16-104, imposes obligations on operators of websites and online services used primarily for K-12 educational purposes. Brightside Behavioral Health is committed to compliance with SOPPA and will not:
Districts that require a Student Data Privacy Agreement (DPA) as part of their procurement process are encouraged to contact us. We will work with your district's privacy officer to execute an appropriate agreement prior to deployment.
Educator input is processed by an AI model provided by Anthropic, PBC. The input sent to Anthropic's API is the general-terms description the educator typed. Because educators do not enter personally identifiable student information, the text sent to Anthropic does not constitute student education record data under FERPA.
As of the date of this notice, Anthropic's enterprise API terms prohibit using submitted data to train or improve their models. Because third-party policies are subject to change, we recommend reviewing Anthropic's current terms at anthropic.com/legal/aup.
Participating schools are responsible for:
These expectations are outlined in the SAFE Initiative participation agreement and reviewed during the staff training workshop.
If your district's privacy officer or legal counsel has questions about how SAFEin handles data, we welcome the conversation. We can provide technical documentation and, where required by district policy, execute a Student Data Privacy Agreement or Data Processing Agreement prior to deployment.
Email: SAFE@bbhri.com
Phone: 401-773-2931