FERPA Compliance
Our FERPA compliance ensures that organizations can deploy solutions aligned with their governance requirements.

Platform Integration | |
The YuJa Enterprise Video Platform (EVP) can be accessed as a standalone platform, embedded into a Learning Management System (LMS), or integrated into an enterprise’s Single Sign On (SSO) systems. | |
Standalone Mode |
Use Case: Deployments within corporate training, professional development, and department-level integrations within K-12 and higher-ed. YuJa provides:
|
Learning Management System Mode |
Use Case: Deployments in higher-ed and K-12 enterprises where an LMS is the central course management and workflow system-of-record. YuJa provides:
|
Non-LMS Single Sign On (SSO) Mode |
Use Case: Deployments in corporations, higher-ed, and K-12 where institutions prefer to have users utilize their SSO credentials to login to YuJa directly instead of through their LMS. YuJa provides:
|
Platform Security | |
YuJa’s Enterprise Video Platform (EVP) offers institutions industry-leading security measures to ensure continuous availability and enterprise security. | |
System Security |
Data Security — All sensitive user data is transmitted through an encrypted SSL channel which uses 256 bit encryption. Data Center Security — We use Amazon Web Services (AWS) as our key data center. To learn more about AWS’s physical and environmental procedures, please review this document. At-Rest Data Security — All sensitive user data is either transmitted or stored via encryption or using industry-standard salting and/or hashing. User Security — Access to YuJa systems that utilize data stored in our data centers is restricted to authorized full-time YuJa employees. We do not use external contractors or temp agencies. |
Transfer Protocols |
The Enterprise Video Platform (EVP) runs entirely on HTTPS. This covers all suites and also includes our user authentication, media streaming, user management, data accesses, and platform administration. |
Monitoring & Upgrades |
We use external, multi-continent monitoring tools, as well as, internal customdesigned internal monitoring and alert tools across our systems. YuJa’s Solutions and Product Team are responsible for providing testing guidelines that use Vulnerability Mapping to identify potential vulnerabilities and attack vectors with the systems. |
Network Availability |
YuJa validates that all Enterprise Video Platform (EVP) sub-systems are accessible using our external, multi-continent 24×7 monitoring system. Up Time: YuJa’s Enterprise Video Platform has an up-time of nearly 100%, with a cumulative system total of 99.9%. Server Response Value: Our network and systems are optimized to provide a response value within approximately 200-400ms. |
Data Centers |
YuJa’s primary data center is hosted by Amazon Web Services (AWS). We currently use the Virginia and Oregon data center locations (availability zones). |
Disaster Planning | RTO (“the recovery time”) in a catastrophic production system event where our onsite read replicas are intact is one calendar day with an RPO (“maximum data loss”) of zero across both the cloud storage and relational databases. In the event of a catastrophic production system event where our onsite read replicas are destroyed across all availability zones, the relational databases would have an RTO (“the recovery time”) of one calendar day with a RPO (“maximum data loss”) of at most one calendar week of database updates. |
Legal and Compliance | |
YuJa Inc. believes we comply with all known regulations, policies, and laws in the jurisdictions and sectors that we operate in. Given an ever-changing compliance landscape, we constantly review changes to ensure we continue to remain in compliance with both the spirit and letter of applicable regulations. | |
Data Disclosure and FERPA |
YuJa Inc. does not disclose, release or sell any customer data to external entities. With specific regard to FERPA, we comply with all requirements regarding maintenance and disclosure of student data. |
Privacy Policies |
YuJa maintains up-to-date compliance documentation of all state-level privacy policies, including California. Detailed questions on specific state privacy policy laws may be directed to our corporate counsel at Goodwin Proctor LLP or your designated Business Lead. |
508 / VPAT Assessment |
YuJa extensively tests our platforms to ensure that the system is usable by a broad cross-section of users. We provide our Section 508 VPAT review for download and review by all institutions. While there are no known gaps identified during Section 508 review, we constantly evaluate new features and systems for conformance with these specifications. |
Liability and Security Insurance Coverage |
YuJa Inc. and its employees are insured by General Liability Commercial Insurance, Worker’s Compensation Insurance, and Professional Liability Insurance (Errors & Omissions), including Privacy and Security Liability |