WHO WE SERVE · EDUCATION · K-12 DISTRICT TECHNOLOGY
Independent technology program governance for K-12 districts navigating SIS migrations after the PowerSchool breach, edtech app sprawl that no district can govern alone, AI-in-classroom decisions that arrived faster than policy, and a state-by-state student data privacy patchwork that did not exist a decade ago.
THE K-12 REALITY
K-12 districts operate at an operational tempo most consultancies do not understand. The bell rings; attendance is taken; grade entries flow; edtech apps launch; parents communicate. A SIS outage at 7:55 AM is a different kind of crisis from a corporate ERP outage at 7:55 AM. Sentinel governs district technology programs because the operational tempo is not a side concern, it is the design constraint.
13K+
public school districts in the United States operating roughly 98,000 public schools and serving 49 million students
1.5K+
distinct edtech apps in active use at a typical mid-size district, most with no formal governance
30
states with explicit student data privacy statutes layered on the federal FERPA / COPPA floor
100+
confirmed K-12 ransomware incidents annually since 2022
CHALLENGE
Most K-12 technology consultancies are organized around a single SIS vendor or a single edtech category. After the PowerSchool 2025 breach affecting millions of students at thousands of districts, the question districts face is no longer which platform features to choose. It is whether the district has the documentation discipline to survive a state attorney general inquiry, a parent class action, or the next breach. Generic consulting does not produce that documentation. Vendor-aligned consulting cannot produce it without conflict. Sentinel was built for it.
THE PRESSURES
These are the structural pressures we hear from district CTOs, superintendents, and board technology committees across small rural districts, mid-size suburban districts, and the largest urban districts. Sentinel’s role is to help your district navigate them with documentation that survives state regulator, parent advocacy, and board scrutiny.
The January 2025 breach affected millions of students at thousands of districts, with state attorneys general opening investigations, parent class actions filed in multiple states, and competing SIS vendors actively pursuing the migration window. Districts that wait for the dust to settle are watching the migration economics shift against them.
Mid-size districts now have 1,000 to 3,000 distinct edtech apps in active use, most without formal vendor data agreements or FERPA review. The post-COVID acceleration produced a footprint that no district CTO can govern alone. The first state attorney general to file an enforcement action over uncurated edtech vendors will reshape the discipline overnight.
ChatGPT, Khanmigo, MagicSchool, and dozens of AI tools entered classrooms in 2023-2024 before most districts had drafted their first AI use policy. Parent advocacy groups are demanding transparency on AI tool data practices. State legislatures are introducing AI-in-education bills with varying maturity. Districts that wait for federal guidance are operating in a regulatory vacuum.
Many districts have lost coverage entirely or face premium hikes of 200 to 400 percent. Underwriters increasingly require evidence of MFA, EDR, segmented backup, and tabletop exercises. The insurance posture has become an effective enforcement layer that federal and state policy have not driven directly.
Los Angeles Unified, Minneapolis Public Schools, Clark County, Albuquerque, Buffalo, and dozens of mid-size districts. The pattern is consistent: ransom-payment urgency creates leverage, recovery costs run multi-million, and downstream FERPA breach notification obligations multiply the regulatory exposure across every state where students live.
Roughly 30 states have explicit statutes layered on the federal floor, with more in active legislative consideration. Multi-state vendors and districts with multi-state student populations face compliance complexity comparable to multi-state HIPAA. The patchwork is not getting simpler.
OUR APPROACH
Sentinel's K-12 approach is built on four principles. Each reflects the operational reality that district technology programs are not corporate IT programs. They are bell-to-bell programs serving students, staff, parents, board, and state regulators simultaneously, on budgets and headcounts that corporate environments do not face.
Sentinel does not resell SIS platforms, LMS platforms, or edtech apps. We do not partner with them for implementation revenue. We help you select, govern the implementation, and document the program. The implementation partner you choose is the implementation partner. Independence between governance and implementation protects the district.
The artifacts we produce are structured under the assumption that a state attorney general inquiry, a parent class action, or a board challenge could review them. Decision records, vendor risk reviews, and program governance memos are all retained at investigation-grade. Cross-domain documentation pedigree from CJIS, HIPAA, and DIB compliance work transfers cleanly into student data privacy.
Sentinel does not resell GRC platforms, security tools, edtech apps, or SIS platforms. We do not partner with them. We do not take referral fees. The recommendation you get is the recommendation we would make if it were our own district.
Our governance work documents what we find and surfaces evidence. It does not become a party to disputes between districts and vendors, between districts and state regulators, between districts and parent advocacy groups. Sentinel documents, never litigates.
CORE CAPABILITIES
Every engagement is anchored in six disciplines that protect districts from bad implementations, weak documentation, and the regulatory exposure that follows breach or compliance gaps.
Independent oversight of multi-quarter or multi-year SIS, LMS, and identity programs. Phase gates aligned to academic year, fiscal year, and federal aid cycle simultaneously. Decision records that survive change of superintendent, change of CTO, and the multi-year arc.
Documented adequacy review for the SIS, the LMS, the edtech catalog, the identity layer, the cybersecurity stack, and every other technology decision a district program requires. We do not resell any of them. The district’s voice in vendor-side meetings.
The documentation grade comes from CJIS, HIPAA, NIST 800-171, and state-government environments where every decision becomes a public record. The pedigree maps directly into FERPA, state student data privacy, and multi-jurisdictional breach response readiness.
Translating SIS / LMS / SSO architectural intent into platform configuration. The team that owns is-this-how-the-data-classification-should-actually-behave decisions when the platform vendor and the district CISO are not aligned.
Body-of-evidence preparation for state attorney general inquiry, parent class action, board challenge, or cyber insurance renewal. Documentation that survives every audience.
Documenting whether the implemented systems are operating as designed in the months after go-live. Findings advisory and non-binding. Critical for the long arc of district technology programs and the defensive posture against breach exposure.
Most K-12 technology consultancies organize around a single platform vendor and a single category. Sentinel positions around the district as a whole, with the four practices as the load-bearing structure that holds across SIS migrations, LMS rollouts, edtech rationalization, and the next regulatory inflection nobody has named yet.
The bell rings every day. The systems have to be ready every day.
Each addresses a specific decision a district board needs to make under the post-PowerSchool reality. All are governed by the SVA standard: findings advisory, non-binding, structured for documentation that survives state attorney general inquiry, parent class action, or board challenge.
A 60-to-90-day fixed-fee engagement re-evaluating the district’s SIS vendor relationship in the post-PowerSchool reality. Includes data exposure scope review, DPA term analysis, breach response coverage assessment, alternative vendor evaluation, migration cost and risk modeling, and a defensible district board recommendation. Independent of every SIS vendor. No incentive to push toward one alternative.
A multi-quarter retainer engagement inventorying district edtech app usage, evaluating against vendor data agreements, FERPA exposure, COPPA compliance, state student data privacy compliance, and instructional value. Produces a curated catalog with retain / deprecate / replace recommendations. Includes parent-transparency documentation. Addresses the post-COVID 1,000 to 3,000 app sprawl that no district CTO can govern alone.
A targeted engagement producing a defensible AI use policy framework for the district. Covers AI tool vendor data governance, FERPA mapping for AI tools that ingest student work, parent transparency requirements, teacher AI literacy guidelines, student AI use policies, and ethics. Includes mapping of common tools (ChatGPT, Khanmigo, MagicSchool, Magic Student) against the framework. Operationalizes what most policy templates only sketch.
OUR PRACTICES
Every Sentinel engagement draws on the practices that match the program’s stage. We bring them in proportionally; we never sell the whole stack when only part of it earns its keep.
PROGRAM MANAGEMENT
How we govern your program.
Program execution discipline for K-12 technology modernization across multi-year capital programs. Phase gates that survive Superintendent and CTO turnover, board composition changes, and bond-cycle budget shifts. Decision logs that survive state auditor reviews, FERPA inquiries, and parent class actions.
Learn More →CHANGE MANAGEMENT
How we prepare your operators.
Operator readiness for new K-12 technology fielding across districts. SIS migration cutover training, LMS rollouts, edtech app onboarding, and classroom AI-tool adoption protocols. The change rhythms that determine whether the new system actually works the morning the bell rings on day one.
Learn More →CONFIGURATION AUTHORITY
How we own the configuration.
Configuration authority for the K-12 technology stack. Translating district-specific operational realities into platform configuration. The team that owns “is this how the gradebook should behave when a student transfers mid-quarter?” decisions across SIS, LMS, identity, and edtech systems.
Learn More →VALUE ASSURANCE
How we prove the mission outcome.
Independent governance documenting whether the district’s technology investments are delivering operational outcomes: instructional time recovered, system availability during testing windows, FERPA and state-privacy compliance posture, and audit readiness. Findings advisory and non-binding. Critical for board updates, state oversight, and parent transparency.
Learn More →After engagement closes, Sentinel Sustain keeps the practice active across the life of the investment. Three tiers: Core, Active, and Strategic.
Learn more →DEEP EXPERTISE
Sentinel’s K-12 bench is rooted in cross-domain compliance fluency, audit-grade documentation discipline, and the multi-system program governance experience that bridges SIS, LMS, edtech, and identity environments. The K-12-specific advisor bench is in flight; the firm-level governance discipline is operational today.
WE KNOW THE TRICKS
The K-12 technology vendor playbook is well-known to anyone who has spent enough time on district board procurement committees. Here is what we look for, before the contract is signed.
01
Vendor pitches a single comprehensive platform that promises SIS, LMS, parent portal, and edtech catalog in one. The reality is that the platform optimizes for one of those, accommodates two more, and treats the fourth as a checkbox. Six months in, the district is bolting on the missing functionality. We test the operational depth of every promised category before the contract is signed.
02
Edtech vendor offers a generous free trial to teachers, who pilot the tool informally with students. By the time the district CTO learns about the deployment, student data is in the vendor’s environment, parents have been onboarded, and switching costs are real. We map the informal-pilot-to-formal-deployment pipeline before it metastasizes.
03
Vendor marketing claims FERPA compliance as a checkbox feature. FERPA compliance is not a vendor feature; it is a district program built on top of the vendor’s data handling practices. The vendor’s DPA terms either support the district’s FERPA program or they do not. We read the actual DPA and map it against the district’s state-specific obligations.
04
Vendor sells the SIS or LMS at attractive year-one implementation pricing, with three-year recurring costs back-loaded. The district board approves the year-one number; the year-three number lands during a budget cycle when the district has no leverage. We model TCO across the full contract lifetime before the procurement decision is final.
05
Vendor commits to integrations with the district’s identity provider, the LMS, the parent portal, the state reporting system, and the SIS by some future date. The roadmap slips, the integrations land in degraded form, and the district staff manually bridges the gaps. We require the vendor to demonstrate working integrations before the contract is signed, not promise them in the roadmap.
WHO YOU ARE WORKING WITH
The people on the other side of every Sentinel K-12 engagement combine state-government technology pedigree with cross-domain compliance fluency. Where the discipline-specific advisor bench has gaps, we name them, and we name what is in flight.
Justin co-founded Sentinel after a career in state-government technology governance and emergency-response coordination. The cross-jurisdictional documentation discipline he applies to district SIS / LMS / edtech program governance is the same discipline he applied to systems where every record was discoverable the day it was created.
Jason co-founded Sentinel after sitting on every side of the technology-program table. Vendor, integrator, program office, operator. His practitioner-grade perspective on multi-system program governance is what shaped Sentinel’s vendor-neutral standard. The pedigree applies cleanly to district multi-vendor program governance.
24+ years in K-12 education administration and 15 years as Grants Manager for Bridgeport Public Schools, where she has secured more than $20M in federal, state, and private funding. Currently serves as elected Mayor of Bridgeport, Nebraska. Brings frontline governance, grant-funding, and community-leadership experience to every Sentinel education engagement.
Also Supporting Your Program
The right engagement depends on where your district is in the program lifecycle, what your existing IT bench looks like, and which K-12 pressure is creating the most friction. Each subscription has a clear scope, deliverable structure, and exit point. Subscriptions stack.
Managed Technology Subscription
End-to-end managed operations for the platforms Sentinel helped your district stand up. Sustainment, on-site systems administration, vendor coordination, version-upgrade discipline, and 24/7 incident response. The bell rings every day. The systems are still ready every day, because someone is still accountable for them.
The district needs ongoing operations of a Sentinel-deployed platform; system downtime affects instructional time; or the program runs across multiple superintendent and board cycles.
We govern the operation. We never sell the platforms.
Read more about Sustain →Retained Governance & Advisory
Ongoing retainer with quarterly governance reviews, pre-decision advisory, and an open line for board briefings, parent-community response, audit response, and vendor escalations. The district has independent counsel on the technology side of the table, every cycle.
The district has a multi-year program; the cost of a misstep is breach exposure, FERPA finding, or board-level escalation; or board, superintendent, and budget cycles are continuously in motion.
Sentinel documents. We do not litigate.
Read more about Guardian →Anchored to a Signature Practice or Defined Deliverable
Anchored to one of SDF, SRM, SDB, or SVA, or to a single defined deliverable: K-12 SIS Vendor-Risk Re-Evaluation Sprint, District Edtech Sprawl Rationalization, or AI-in-Classroom Policy and Governance Framework. Fixed scope, named practice or deliverable, defined timeline.
The district knows the discipline or deliverable needed and wants a contained, scope-bounded engagement that produces a defensible district-level record before board action.
Independent. Practitioner-led. Vendor-neutral.
See how the practices apply →Specialized Services + Practice + Sentinel Institute
A specialized service plus a signature practice plus Sentinel Institute training combined into a tailored program. Best when the IT staff needs to learn the discipline as the discipline is being applied, particularly during major modernization or post-incident rebuild.
The district is rebuilding a critical program from scratch and wants the institutional capacity to operate it themselves through the next budget cycle.
Cutting-edge. Never bleeding-edge.
See the Institute deep-dive →READY WHEN YOU ARE
Tell us where your district is. Pre-PowerSchool-migration, mid-edtech-rationalization, drafting AI policy, or planning the next phase of program governance. We will tell you honestly whether Sentinel is the right fit, or recommend someone better if we are not. The conversation costs nothing. The decision costs less when an independent voice is in the room.
