Who we are

In the early 2000s, lifelong friends and business partners, Rick Smith and Rich Dilts, embarked on a quest to create a web-based Student Record System for K-12 school districts in New Jersey. Previously involved in creating, installing, and supporting multiple student record programs (SAMS, Scholars, and STARS), and having worked with and for major computer manufacturers, the two assembled a team of New Jersey based computer professionals to work with them to create the Genesis Student Information System.

After installing Genesis in 12 initial districts, Rick and Rich expanded the support and marketing of the program by hiring a seasoned and highly experienced staff of professionals from all walks of the New Jersey educational community. With the addition of a fully staffed Help Desk, Implementation Team, and Systems Support Department, Genesis continued to grow.

The company’s dedication to support and its commitment to meeting the on-going requirements of the State of New Jersey resulted in Genesis becoming the leading provider of student record software in the State. The Genesis Student Information System is now being used in over 280 school districts in New Jersey.

Having successfully fulfilled their dream with the Genesis Student Information System, Rick and Rich began to search for their next endeavor. Wanting to grow the business while remaining dedicated solely to New Jersey school districts, they decided to develop web-based software for school business offices.

The Genesis SchoolFi System was created through close collaboration with School Business Administrators, HR Directors, and Payroll Administrators. Like the Genesis Student Information System, SchoolFi is geared towards the requirements of New Jersey and has a fully staffed Help Desk and Implementation Team. The program is comprised of Human Resources, Staff Evaluations, Payroll, and Budgetary Accounting.

Committed to providing a complete solution to the administrative software needs of New Jersey School Districts, the company continues to enhance and develop its suite of products, while increasing staff to better support the growing customer base.

Sadly, founder and senior partner, Rick Smith passed in 2023; a devastating loss felt by staff and clients alike. Though Rick will never be replaced, his commitment to the Genesis clients he cherished continues. Rich and the Genesis staff remain committed to ensuring that the products remain current, friendly and efficient, and that service and support continue to be a top priority.

Our Privacy Policy

At Genesis, we value and respect your privacy. Accordingly, we have developed this policy in order for you to understand how we collect, use, communicate, protect and make use of personal information.

Genesis Educational Services does not own any of the student data or district-related data within its products. This data is property of, and under the control of the local educational agency (LEA). The collection, input, use, retention, disposal and disclosure of any information in our software applications are controlled solely by the LEAs with which we license our products.

Genesis will not collect, maintain, use or share personal student information beyond the needs of LEA purposes. We will collect and use personal information solely with the objective of fulfilling those purposes.

In addition:

  • Genesis will not sell student personal information

  • We will not use or disclose student information collected through any educational/school service (whether personal information or otherwise) for behavioral targeting of advertisements to students.

  • We will not build a personal profile of a student other than for supporting authorized educational/school purposes or as authorized by the parent/student.

  • We will only retain personal information as long as necessary for the fulfillment of those purposes.

  • We will protect personal information by reasonable security, safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.

Our Services comply with all applicable provisions of the Children’s Online Privacy Protection Act (COPPA) (15 USC 6501 et seq.) To the extent COPPA applies to information we collect, we process such information for educational purposes only, at the direction of the partnering LEA and on the basis of educational institution consent. For additional information on COPPA and educational institution consent, please refer to the Federal Trade Commission’s Complying with COPPA: Frequently Asked Questions.

Our System Policy

The purpose of this policy is to maintain a comprehensive level of security to protect data and information systems from unauthorized access. This policy defines the rules necessary to achieve this protection and to ensure the secure and reliable operation of Genesis Information Systems.

  • This policy affects all employees of Genesis Educational Services. Employees who deliberately violate this policy will be subjected to disciplinary action up to an including termination.

Only authorized Genesis Employees are granted access to Genesis systems. System access control is to be achieved via unique user IDs and MFA (multi factor authentication) which are to provide individual accountability.

  1. All employees must be screened prior to hire.

  2. Employees are required to attend informational security awareness training.

  3. Policies in place require HR to immediately notify IT of terminations and transfers.

  4. All Genesis employee system actions will be logged and stored indefinitely.

  5. Genesis does not allow ANY 3rd party vendor ASP/hosted system access.

  6. Procedures for access to mission critical systems and sensitive data include user authorization and authentication protected by MFA (multi factor authentication).

Internet Security

  • Internet accessible systems are tested for vulnerabilities prior to being placed in production.

  • Only services that are required by a specific business need and that have been assessed for their impact on security are enabled.

  • All essential protocols are securely configured, and non-essential protocols are disabled.

  • Firewall(s) are configured to ensure source(s), destination(s), and protocol(s) are as specific as possible.

  • No internal systems containing client information or in the same network are exposed directly to the internet.

  • Customer data is restricted based on the principle of least privilege (PoLP). Role-based access controls (RBAC) are strictly enforced.

Internal System Security

  • Applications on internal web servers run in non-privileged mode.

  • Server performance metrics (CPU, disk, memory, hardware, etc.) are monitored.

  • Genesis cloud network (housed in AWS) protected by an application firewall with DDOS protection, anti-virus, and intrusion detection/prevention systems (IDS/IPS) in place to monitor and mitigate threats.

  • AWS CloudTrail and AWS CloudWatch log security-relevant events and are audited regularly.

Secure Development Practices

  • All application code undergoes internal security reviews and vulnerability assessments before deployment

  • Testing for web applications includes checking for session management weaknesses, cross-site scripting, SQL injection and other common vulnerabilities.

Encryption

  • Public/private keys are used for the encryption of sensitive information during transmission.

  • Encryption keys are securely controlled.

  • SSL TLSv1.2 or greater is required for data transferred over public networks.

  • Passwords are stored using a hash salt encryption algorithm.

  • Full disk encryption is used for locally stored materials (e.g. on laptops, workstations, etc.).

Disaster and Incident Recovery

  • Systems are backed up regularly and stored securely in multiple, geographically separate locations.

  • A formal incident response plan is in place, ensuring timely identification, containment, and recovery from security incidents.

  • A disaster recovery plan is in place, ensuring minimal disruption in case of an outage or security breach.

Genesis Cloud and Data Backup Service is housed in an Amazon Web Services (AWS) us-east Data Center which maintains strict access controls. Some specific controls listed below are in place. Additional information can be found at: https://aws.amazon.com/compliance/data-center/controls/

  • AWS Identity and Access Management (IAM)

  • AWS Key Management Services (KMS)

Compliance with security frameworks such as CIS, ISO, SOC, PCI-DSS, and NIST is supported.

This policy is reviewed and updated periodically to address emerging security threats and changes in regulatory requirements.