Built for District Procurement Approval

Sped.AI is designed for FERPA compliance. Assessment data entered into the tool is processed for the sole purpose of generating psychoeducational report narratives. Raw input data is not retained after report generation.

FERPA protects "education records" — documents directly related to a student that contain personally identifiable information (PII). Sped.AI's architecture is built to stay outside that definition: the tool accepts numerical assessment scores, not student records. No student names, IDs, or identifying information is required to generate a report.

The following table summarizes how different categories of data are handled in Sped.AI:

• No permanent PII storage. Assessment scores are processed in-session to generate the narrative report. Raw score inputs are not retained server-side after the session ends.
• HTTPS / TLS 1.2+ everywhere. All data in transit is encrypted. HTTP connections are automatically redirected to HTTPS. There is no unencrypted path to Sped.AI.
• Data never shared or sold. Sped.AI does not sell, license, or disclose any student or user data to third parties for any purpose.
• Scores used for narrative generation only. Assessment scores sent to the AI model are used exclusively to produce the narrative text. They are never shared, aggregated across students, or used to train AI models.
• No student behavioral profiling. Sped.AI does not create student profiles or aggregate assessment data across users or districts.

This is the question district IT teams ask most. Here is a direct answer:

• Score-only input. Only numerical assessment scores — and optionally student initials and age — are included in the AI prompt. No names, student IDs, school identifiers, or other PII are transmitted to the AI model. The examiner controls what they enter; the tool never requires identifying information.
• Stateless API calls. Each report generation is an independent, stateless call to the AI API. The AI model does not retain memory of prior submissions. There is no cross-session or cross-district data accumulation.
• No AI training on customer data. Sped.AI uses Anthropic's API under terms that explicitly prohibit using customer data for model training. Assessment inputs are processed and discarded — they are never used to improve AI models.
• Processing ends at report generation. Once the narrative is generated and returned to your browser, the AI interaction is complete. No scores or prompts are logged or retained by the AI provider.
• No behavioral profiling. Sped.AI does not aggregate student scores across users, districts, or time periods to create profiles or benchmarks of any kind.

Sped.AI is a web-based tool designed to pass standard district network and device reviews with minimal configuration.

• Web-based — no installation required. Sped.AI runs entirely in the browser. No software, plugins, or browser extensions need to be installed on district devices.
• Compatible with district network filters. The tool communicates only with sped.ai and standard CDN domains (Google Fonts). No unusual outbound domains. Safe for standard content filtering and firewall policies.
• No student device access needed. Sped.AI is a psychologist-only tool. Students never interact with the platform. No student-facing device access, account creation, or permissions are required.
• Single-sign-on ready. Current authentication uses email and password. District SSO / SAML integration is on our roadmap for enterprise deployments.
• No third-party trackers or pixels. Sped.AI does not load Facebook Pixel, Google Analytics, or other third-party behavioral tracking tags. No data leaves the application to advertising networks.
• Standard HTTPS traffic only. All connections use port 443 (HTTPS). No non-standard ports or protocols are required.

Sped.AI applies a strict data minimization policy. We retain only what is necessary to provide the service.

• Assessment inputs: session-based processing only. Score data entered to generate a report is processed server-side to produce the narrative and is not stored after the session ends. We do not retain raw assessment inputs in our database.
• Generated reports: practitioner-controlled. The completed narrative report is saved to the authenticated examiner's account. The examiner can download (PDF or Word) or delete their reports at any time from the dashboard.
• No server-side storage of assessment inputs post-session. After the report is generated, the underlying score inputs are not saved. The only persistent artifact is the generated report text, tied to the examiner's account.
• Account data retained until deletion. Examiner account information (email, hashed password, report history) is retained while the account is active. Practitioners may request full account deletion by contacting admin@sped.ai.
• Audit trail for district records. Report generation events are logged with timestamps and examiner account IDs (not student IDs) for audit purposes. These logs do not contain student PII.

Questions about FERPA compliance?

District IT teams, compliance officers, and procurement staff are welcome to reach out. We respond to compliance inquiries within one business day and can provide written documentation for district procurement processes.

Or email directly: admin@sped.ai