ReEntryCompass
Agency reentry operations and program reporting
About Us Request a Pilot

Security

Last updated: June 2026

ReEntry Compass is operated by Evergreen Resource Solutions, a DBA of Evergreen Supply Solutions LLC. This page summarizes current security, data access, and data handling practices for ReEntry Compass.

ReEntry Compass is currently accepting pilot partners and demo requests. This page reflects current practices and planned agency platform use. It does not claim CJIS, HIPAA, FERPA, SOC 2, or other formal certification unless separately stated in a signed agreement.

Data Ownership

Agency records, participant records, case notes, referrals, employment outcomes, reports, and other program information entered into ReEntry Compass belong to the agency or organization that provides the information.

ReEntry Compass does not claim ownership of agency-controlled records or participant-related program data.

Access Controls

Access to agency or participant-related data is intended to be limited to authorized users and necessary internal support access.

Internal access is limited to people or service providers who need access to operate, maintain, secure, troubleshoot, or support the platform.

As the platform develops, ReEntry Compass may implement additional access controls such as organization-based user access, role-based permissions, and administrative restrictions.

Encryption in Transit

ReEntry Compass is intended to use encrypted connections for data transmitted between users and the website or platform. This generally means using HTTPS for browser-based access.

Agencies should not submit sensitive information through unapproved channels such as unsecured email, personal messaging apps, or informal documents unless authorized by their own policies.

Incident Response

If ReEntry Compass becomes aware of a security incident that may affect agency or participant-related data, we will review the available information, take reasonable steps to limit further exposure, and notify affected agencies when appropriate based on the circumstances, applicable law, and any written agreement in place.

Incident response timing, reporting requirements, and notification procedures may be further defined in a pilot agreement, service agreement, data processing agreement, or other written contract.

Export and Deletion Requests

Agencies may request export or deletion of agency-controlled information by contacting ReEntry Compass.

Export and deletion requests will be reviewed and handled in a reasonable manner, subject to legal obligations, contractual requirements, security needs, backup limitations, and technical feasibility.

Agency Responsibilities

Agencies are responsible for deciding what information is appropriate to enter into ReEntry Compass and for obtaining any required participant consent, notice, authorization, or approval.

Agencies are also responsible for determining whether their use of the platform requires specific legal, compliance, procurement, security, or data protection requirements before entering sensitive information.

Compliance Review

If an agency requires a security questionnaire, data processing agreement, business associate agreement, procurement review, or specific compliance language, those requirements should be discussed before pilot or production use.

Contact

Security, export, deletion, or data handling questions may be directed to:

ReEntry Compass

Email: info at reentrycompass.com

Return to Home