90-Day Implementation Playbook

Establishing Appropriate Limits on Staff–Student Electronic Communication

Scope of This Playbook

This playbook addresses one specific requirement of California Education Code § 32100, as amended by SB 848:

Establishing appropriate limits on electronic contact between pupils and school employees, volunteers, and contractors.

In scope

• Electronic communication (texting, messaging apps, social platforms, internet-based tools)
• Governance, oversight, and enforceability of limits on contact

Out of scope

• Mandated reporting
• Training requirements unrelated to communication
• Physical campus safety
• Title IX or broader SafeSport compliance

This playbook is about implementation, not legal interpretation.

What “Done” Looks Like (Before You Start)

Before beginning a rollout, leadership should align on what it means to have this requirement operationally implemented, not just documented.

At a minimum, the school or school system should be able to demonstrate:

• Clear limits on one-to-one electronic communication
• Institutional visibility into staff–student communications
• Reliable record retention and review
• Governance of private or “side” communication channels
• Timely access to records if concerns arise

(See: SB 848 Compliance Failure Matrix for common breakdowns.)

Phase 1: Governance Decisions (Days 1–15)

Objective: Make the decisions that everything else depends on.

Decisions to Finalize

Leadership (with counsel if appropriate) should explicitly decide:

1. What communication channels are permitted
   • What tools are approved
   • What tools are prohibited
   • What “off-platform” means in practice
2. How one-on-one communication is limited
   • When, if ever, private messaging is allowed
   • How exceptions are defined and governed
3. What level of institutional visibility is required
   • Who can access communication records
   • Under what circumstances
   • Within what timeframe
4. How “shadow channels” are handled
   • Friending/following features
   • Role-based exceptions (e.g., admins, coaches)
   • Secondary or adjacent private messaging paths

Pay close attention:

Many platforms restrict one-to-one messaging in one context (e.g., within a team) but allow private communication elsewhere. These paths should be explicitly acknowledged and governed.

Deliverables

• Written governance standards (internal)
• List of approved and disallowed communication practices
• Identified executive owner (this cannot be delegated away)

Phase 2: Policy Alignment & System Standards (Days 16–30)

Objective: Align written policy and operational standards.

Actions

• Update or adopt written policy language that reflects the governance decisions above
• Ensure policy language describes:
  • Limits on electronic contact
  • Approved channels
  • Consequences for bypassing controls
• Define what qualifies as an “approved system” in governance terms, not product names
  • Visibility
  • Retention
  • Access
  • Enforceability

(See: What’s Required vs. What’s Assumed for common policy gaps.)

Deliverables

• Board-ready or governing-body-ready policy language
• Documented system standards (what a tool must be able to do)
• Exception handling framework

Phase 3: Operational Rollout (Days 31–60)

Objective: Move from policy to daily behavior.

Actions

• Roll out expectations to site leaders, athletic directors, and department heads first
• Communicate:
  • What has changed
  • What is now expected
  • What is no longer permitted
• Ensure staff know:
  • Where communication should occur
  • What to do if a tool or workflow does not support policy
  • Who to contact with questions

Pay close attention:

Training alone does not create compliance. Defaults, controls, and clarity do.

Deliverables

• Role-specific guidance (leaders vs. staff)
• Clear escalation path for questions or edge cases
• Confirmation that approved systems are actually in use

Phase 4: Enforcement & Audit Readiness (Days 61–90)

Objective: Verify that the approach works in practice.

Actions

Conduct a mock audit or readiness drill:

• Select a realistic scenario (e.g., a complaint involving electronic communication)
• Attempt to:
  • Identify all relevant communications
  • Determine who had access
  • Review how limits were applied
  • Measure how long retrieval took
• Document gaps discovered

This should be treated as a learning exercise, not a disciplinary one.

Deliverables

• Audit readiness notes
• Identified gaps and remediation plan
• Leadership sign-off that the system is functioning as intended

(See: Compliance Failure Matrix for typical failure patterns.)

Ongoing Oversight (After Day 90)

Implementation is not a one-time event.

Leadership should plan for:

• Periodic review of communication practices
• Reassessment when tools or platforms change
• Updates when staff roles or usage patterns evolve

Governance should remain centralized, even if communication is distributed.

Key Takeaways for School Leadership

• § 32100 does not ban communication; it requires meaningful limits and oversight
• Most failures occur through unintended side channels, not primary tools
• Policies must be enforceable through systems and practices
• Schools do not need a perfect solution—but they do need a defensible one

‍