Company Updates

Raising the Bar for Data Security in Student Transportation

We’re excited to announce that HopSkipDrive has achieved Service Organization Control (SOC) 2 Type II compliance following an independent third-party audit. This milestone reinforces our unwavering commitment to protecting the data and privacy of the students, school districts, and CareDrivers we serve — and we are proud to set a new standard in student transportation in achieving this important security attestation.

What Is SOC 2 Type II and Why Does It Matter?

In practical terms, receiving a SOC 2 Type II attestation report means our security practices have been rigorously tested and verified by independent auditors over time, not just in a single moment. Established by the American Institute of Certified Public Accountants (AICPA), this attestation confirms that our security systems meet strict industry standards for protecting sensitive information. 

Unlike a Type I attestation, which is a one-time snapshot of security controls, Type II evaluates these controls over an extended period, ensuring our security measures are consistently effective and reliable.  Having previously achieved SOC 2 Type I compliance, this Type II attestation represents a significant advancement in our security program.

Protecting What Matters Most

At HopSkipDrive, we understand that when our district partners arrange transportation, they’re entrusting us with both student safety and sensitive information. With the majority of riders under the age of 18, we approach this responsibility with extraordinary care. School districts need confidence that their students’ data and privacy are protected throughout the entire transportation process, and we strive to earn that confidence every day. This same level of care extends to CareDrivers, whose personal and professional information — from background verification documents to payment information — requires equally robust protection. 

Our comprehensive security approach includes:

  • Alignment with the NIST Cybersecurity Framework (NCSF)

  • Multiple layers of administrative, technical and physical safeguards

  • Strict data access controls between riders and drivers

  • Encryption in transit and at rest that protects user privacy and confidentiality

“Achieving SOC 2 Type II compliance reflects the safety-first mindset we’ve built into HopSkipDrive’s DNA since the very beginning,” said Corey McMahon, Chief Product & Technology Officer at HopSkipDrive. “This rigorous compliance process validates what we’ve always prioritized — creating a secure platform that school districts, families, and CareDrivers can trust before, during, and after the ride. Our engineering and information security teams have worked tirelessly to implement robust safeguards that go beyond standard industry practices, ensuring we deliver both peace of mind and exceptional service to our partners.” 

Our Ongoing Commitment

Security isn’t a one-time achievement; it’s an ongoing process of continuous improvement that all school districts should expect from their transportation partners. We remain dedicated to maturing our practices and ensuring your data stays safe and secure, now and in the future. 

For families, school districts, and CareDrivers who look to HopSkipDrive for their student transportation needs or flexible earning opportunities, this attestation validates that our cybersecurity safeguards continue to raise the bar in the student transportation industry. 

View more related articles

VIEW ALL

Raising the Bar for Data Security in Student Transportation

Read more

HopSkipDrive Announces Expansion to Virginia Beach

Read more

Meet HopSkipDrive CareDriver Pablo F.

Read more

Interested in learning more about how your organization, school, or district can partner with HopSkipDrive?

GET IN TOUCH
Two team members wearing bright orange HopSkipDrive t-shirts with heart logo standing in front of a car, one wearing a white hat

Subscribe to our newsletter