Skip to main content

5 Sales Secrets Every K-12 Admin Should Know

Read Chapter 1 free below. Get the complete book on Amazon for all 5 secrets.

5 Essential secrets for better buying decisions

By Royce Leon

This book is dedicated to Rich Dell, whose kindness and generosity planted the seed in me on how to be in the world of business and why effective communication is at the root of the symptoms in organizational health. While you will never get to read this book, know that I carry your legacy to the next generation.

PART ONE: Building the Right Mindset

01

Security, Service, and Seek

In today's digital age, schools are relying more and more on technology for instruction, communication, and operations. From student information systems and learning management platforms to apps that track attendance or behavior, vendors now handle a great deal of sensitive data. And with that comes a heavy responsibility—protecting the privacy of the students, staff, and families your school serves.

As a school leader, part of your job is ensuring that any product or service you bring into your school or district meets the highest standards of data privacy and security. It's not enough for a vendor to have a shiny demo or a smooth sales pitch. You need to be sure they can be trusted with your community's most sensitive information.

Let's break down how to prioritize data privacy and gather reliable references before making a purchase.

Understanding Data Privacy Regulations Relevant to K–12 Institutions

Before you even start asking vendors about their privacy policies, it's important to understand the legal frameworks that protect students' data. These laws form the baseline for what vendors should be doing.

Here are a few of the major regulations that impact K–12 schools:

  1. FERPA (Family Educational Rights and Privacy Act): Protects the privacy of student education records. Schools must have written permission from parents or eligible students before releasing information.
  2. COPPA (Children's Online Privacy Protection Act): Applies to services used by children under 13. It limits how companies can collect personal data from young users and requires parental consent.
  3. State Laws: Many states have additional privacy laws that apply to educational technology vendors, especially in terms of data sharing and storage.

As an administrator, you don't need to be a lawyer—but you do need to know enough to ask the right questions. And you need to hold vendors accountable for following these laws.

Evaluating a Vendor's Data Security Measures and Compliance

Once you understand what's expected legally, the next step is assessing how well a vendor is doing in practice. Don't be shy about asking detailed questions. You're not being difficult—you're doing your job.

Here are key areas to evaluate:

1. Data Storage:

Where is the data stored? Is it stored locally or in the cloud?

If in the cloud, is it in a secured and trusted region (e.g., within your country)?

2. Access Control:

Who has access to the data on the vendor's team and within your school?

Can you set permissions by role?

3. Encryption:

Is student data encrypted both during transmission and while stored?

4. Data Ownership:

Who owns the data? (It should always remain with the school or district—not the vendor.)

5. Breach Protocols:

If there's a data breach, how quickly will the vendor notify you?

Do they have a response plan in place?

6. Third-Party Sharing:

Does the vendor share any information with third-party partners?

If yes, for what purpose?

If a vendor avoids these questions or gives vague answers, take that as a red flag.

The Power of Peer References (The value of obtaining references from peer institutions)

While a vendor can promise the world in a brochure, nothing beats hearing directly from someone who's already using the product in a real school environment.

Reaching out to peer institutions who have used the same service gives you:

  • Honest feedback (what they liked, what they didn't)
  • A chance to hear how the implementation really went
  • Insight into how well the vendor responded to support needs or concerns
  • Assurance that you're not the first school to take the risk

When asking for references, go beyond the polished testimonials vendors provide. Ask to speak directly with a school administrator or IT staff member. Vendors who are confident in their service will gladly make those introductions.

Also, don't just look for schools that are the same size as yours. Try to find matches in student demographics, technology infrastructure, and regional regulations. A large rural school's experience might be very different from a large urban district's, even if they're using the same product.

Conducting Due Diligence

Due diligence means taking the time to dig deeper before you sign a contract—not after a problem appears. It's about doing your homework and making decisions with clarity and care.

Smart questions to ask vendors include:

  • Can you share your most recent third-party security audit?
  • How do you handle student data when a contract ends?
  • What is your up-time and how do you respond to outages?
  • Have you ever experienced a data breach? How did you respond?
  • Can I speak to a current client with a similar technology setup to ours?

Red Flags to Watch For

When you're evaluating a vendor, especially one that will handle student or staff data—your radar should be up. A polished sales pitch doesn't always mean a company is reliable behind the scenes. Below are some red flags that should make you pause, ask more questions, or even walk away:

1. Vague Answers About Compliance

If a vendor doesn't clearly explain how they comply with regulations like FERPA or COPPA, that's a serious concern.

2. No Mention of Regular Security Audits

A reliable vendor doesn't just build a product and hope for the best. They test, monitor, and upgrade their systems regularly. If a vendor avoids talking about third-party audits, penetration testing, or ongoing monitoring, it may mean they're cutting corners behind the scenes.

3. Reluctance to Provide References

Good vendors should be proud of the work they've done in other schools or districts. If they hesitate to share references, especially from schools similar to yours, take it as a warning sign.

4. Over-Promising With No Documented Policies

Everyone loves a confident pitch, but when a vendor promises too much with no real documentation to back it up, it's a recipe for disappointment. Whether it's unlimited support, a guarantee of 99.999% uptime, or full customization—make sure it's written into the agreement.

Ask for call recordings and when experiencing issues always move to using email and keeping things in writing vs phone calls. If a call happens, take notes and save them in an email thread with the vendor.

5. Unclear Contracts About Data Ownership and Usage

This one is big. Your district's data, especially student information, must be protected. The contract should clearly state:

  • Who owns the data (you should)
  • How it can be used (only for the service, not for advertising or resale)
  • What happens to the data if the contract ends

NOTE: Never assume—make sure it is written in the contract.

Final Thoughts

In a world where data breaches make headlines and privacy is a growing concern, this responsibility can feel heavy. But here's the good news: you're not powerless. By asking the right questions, demanding transparency, and learning from your peers, you can make decisions that truly protect your school.

Prioritize data privacy, seek out those who've gone before you, and never be afraid to walk away from a vendor who doesn't take your concerns seriously.

Because protecting student data is more than a legal obligation—it's an act of leadership.

Ready for All 5 Secrets?

You've just completed the first secret. Purchase the complete book on Amazon to access all 5 secrets and transform your EdTech purchasing strategy.

Buy Full Book on Amazon