J-1 Program
Management System
The only purpose-built platform for J-1 Exchange Visitor sponsors — fully compliant with 22 CFR Part 62 and CSIET Advisory List requirements. One Program Manager can efficiently oversee the entire program — students, host families, coordinators, agencies, and schools — all from a single unified dashboard with real-time compliance monitoring.
runs the entire operation
22 CFR 62 Complete Mapping + 1-Click Audit ZIP
No other platform — not Exlink, not Hanover — maps all 6 CFR audit categories with real-time compliance scoring. One button generates a structured Department of State audit package per student. What takes days of manual assembly takes 1 minute here.
- 6 audit categories scored in real-time — gaps flagged before auditors find them
- Auto-assembled ZIP: applications, agreements, CBC results, insurance, monitoring reports, SEVIS records
- CSIET Advisory List annual reporting — compliance evidence pre-packaged
Structural Lock-in — Built Into Federal Law
22 CFR 62 mandates 5-year record retention for every student file. Once a sponsor adopts J1Path, switching means migrating years of compliance-critical records — a risk no program director will take during active oversight.
- 22 CFR 62 → 5-year mandatory record retention per student
- Each program year adds students → data accumulates → switching cost grows
- Natural tier upgrades as student count grows — revenue compounds without sales effort
- This is not convenience lock-in. This is federal regulation lock-in.
AI Document Processing — DS-2019 & Insurance OCR
Two features that eliminate the most error-prone manual data entry in J-1 program management. No other platform offers either.
- DS-2019 Auto-Parse: Upload the PDF → SEVIS ID, program dates, category code extracted instantly
- Insurance Card OCR: Snap a photo or upload scan → provider, policy number, coverage dates auto-filled
- 6 insurance providers supported: UHC, IMG, BCBS, Cigna, Aetna, ISI
- Image upscaling + contrast enhancement for low-quality scans
Dedicated Server — Complete Data Isolation
J1Path deploys each customer on a dedicated, isolated server instance — not a shared multi-tenant database. For organizations handling minors' personal data, this isn't a luxury. It's a necessity.
- Protected data: Passport scans, CBC results, SEVIS IDs, health insurance, minor PII
- FERPA & COPPA compliance — no commingled data across organizations
- Independent PostgreSQL database, SSL encryption, automated hourly backups
- "Dedicated server" is a powerful trust signal during DoS audits and parent inquiries
1 Program Manager Replaces a Team of 5
Every stakeholder has a self-service portal. The Program Manager's dashboard aggregates all pending actions across all roles into one real-time Action Required list. The math is simple:
Self-Service
Self-Service
Self-Service
Automation
- Students complete their own applications, upload documents, sign agreements digitally
- Host Families complete vetting steps, submit references, sign consent forms
- LCs get auto-generated report drafts with staged email reminders
- Agencies manage their own pipeline — recruitment to placement
- Traditional staffing: 3-5 people → J1Path: 1 Program Manager
Security That Survives an Audit
Not a checkbox feature list — a hardened architecture built for organizations handling sensitive minor data under federal oversight.
- PBKDF2-SHA256 password hashing (600K iterations) — exceeds NIST SP 800-132
- Rate limiting: 10 login attempts / 5 min per IP — brute force blocked
- HSTS, X-Frame-Options, X-Content-Type-Options, X-XSS-Protection headers
- Secure session cookies: HttpOnly, Secure, SameSite=Lax
- SQL injection prevention with parameterized queries + column whitelist
- Open redirect prevention on all authentication flows
- Automated hourly database backups with retention policy
| Capability | Traditional / Competitors | J1Path |
|---|---|---|
| 22 CFR 62 Compliance Scoring | ✕ Manual tracking | ✓ Real-time 6-category score |
| 1-Click Audit ZIP Package | ✕ Days of manual assembly | ✓ Instant DoS-ready ZIP |
| DS-2019 Auto-Parse | ✕ Manual data entry | ✓ PDF upload → auto-extract |
| Insurance Card OCR | ✕ Manual data entry | ✓ Photo → 6 providers supported |
| Application Pipeline Tracker | △ Spreadsheets | ✓ Real-time visual pipeline |
| Digital Signatures | △ DocuSign ($$$) | ✓ Built-in, no extra cost |
| Self-Service Portals | △ Email + shared drives | ✓ 6 role-based portals |
| Data Isolation | ✕ Shared multi-tenant DB | ✓ Dedicated server per customer |
| LC Report Automation | ✕ Manual follow-ups | ✓ Auto-create + staged reminders |
| Staffing Requirement | 3-5 staff | 1 Program Manager |
| Payment Processing | △ Separate invoicing | ✓ Stripe + Square built-in |
| Record Retention (5-Year) | △ File cabinets / drives | ✓ Automatic — regulatory lock-in |
Student Lifecycle
Track each J-1 student from application through program completion — selection, orientation, insurance, SEVIS/DS-2019, placement, and monthly monitoring. Every step generates compliance documentation per 22 CFR 62.25, eliminating manual paperwork entirely.
Host Family Vetting
Structured 6-step HF onboarding mandated by 22 CFR 62.25(j): application, personal references, criminal background checks for all adults, LC home visit, signed agreement, and welcome package. Each step auto-generates a branded PDF for audit readiness.
One-Click Audit Package
The only system that auto-generates all 6 CFR Part 62 audit categories into a structured ZIP file per student — ready for Department of State or CSIET audit submission. What used to take hours of manual assembly now takes one click.
Automated LC Reporting
Monthly, semester, and meeting reports from Local Coordinators — auto-created on schedule with staged email reminders. Reports feed directly into each student's compliance audit file per 22 CFR 62.25(g), ensuring no monitoring gaps.
Zero Paper Process
Digital applications, e-signatures, automated email notifications, and branded PDF exports replace every paper form. Customizable templates for every event type — report reminders, CBC status, submission confirmations — all configurable without code.
1 Program Manager = Full Operation
The system is designed so a single Program Manager can efficiently run the entire J-1 program. Self-service portals for Students, Host Families, LCs, and Agencies handle their own applications and reports. The PM's unified dashboard surfaces every Action Required item in real-time — missing documents, pending approvals, compliance gaps — so nothing falls through the cracks. What traditionally requires a team of 3-5 staff can now be managed by one person.
Application Form
Complete digital application capturing personal info, academic background, host family preferences, essay, and photo. Auto-generates a branded PDF for the Selection audit category. Replaces manual paper applications — students or agencies submit online from any device.
English Assessment
Admin/PM-administered language proficiency assessment required by 22 CFR 62.25(b). Interview method, score, and evaluator recorded digitally with handwritten signature. Results feed directly into the Selection audit category — critical for CSIET Advisory List compliance verification.
School AR Record
Academic record uploaded and linked to school placement for 22 CFR 62.25(a) compliance. Stored per student with performance notes and included in the Selection audit category ZIP.
Student Agreement
Program terms agreement with handwritten digital signature via canvas pad, date, and acknowledgment fields. Satisfies 22 CFR 62.10 orientation requirements. Signature image is stored and embedded in the auto-generated PDF for the Orientation audit category.
Health Insurance
Insurance provider, policy number, coverage dates, and insurance card image upload. Ensures full compliance with 22 CFR 62.14 health insurance requirements. The compliance dashboard flags any student with missing or expired coverage in real-time.
SEVIS / DS-2019
SEVIS ID, program dates, sponsor code, DS-2019 issue date, and document file upload. DS-2019 PDF upload triggers auto-parsing — SEVIS ID and program dates are extracted automatically, eliminating manual data entry. Supports SEVIS batch upload preparation for 22 CFR 62.13 compliance.
Structured Vetting Workflow — CSIET Advisory List Ready
Every host family moves through a standardized 6-step process mandated by 22 CFR 62.25(j): Application → Agreement → References → Criminal Background Check (all adult household members) → Welcome Package → Home Visit. Each step generates a compliance-ready PDF with your organization's branding and CFR citation. The compliance dashboard shows exactly which HF vetting steps are complete or missing in real-time — so you never face an audit with gaps.
1. HF Application Form
Comprehensive household questionnaire submitted digitally through the HF portal: family composition, home details, host parents' employment, lifestyle, and student hosting preferences. Replaces paper applications — families complete it online from any device, and the branded PDF is auto-generated for the HF Vetting audit category.
2. HF Agreement
Signed hosting agreement covering responsibilities, program expectations, and house rules. Host families sign via the handwritten digital signature pad — no printing, scanning, or mailing required. Signature is timestamped and embedded in the auto-generated PDF for the HF Vetting audit category.
3. Personal References
Two reference checks required per 22 CFR 62.25(j). References can be requested via email (form link) or completed by phone with manual upload. Results are stored and auto-generate a branded PDF for the audit package. The system tracks completion status so admin can see which families still need references at a glance.
4. Criminal Background Check
CBC decision records for all adult household members as required by 22 CFR 62.25(j) — status, date, admin notes, and decision tracked with auto-generated PDF summary. CBC consent forms use digital handwritten signatures. The compliance dashboard flags any household with incomplete CBC checks in real-time.
5. Welcome Package
Orientation materials sent before host family visit. Send date, checklist, and HF acknowledgment tracked per student placement. Ensures the host family pre-arrival orientation requirement under 22 CFR 62.25(j) is documented and audit-ready.
6. Home Visit
LC-conducted home inspection checklist per 22 CFR 62.25(j) covering bedroom, safety, and living environment. Photos and notes captured digitally through the LC portal, visit date recorded. Auto-generates a branded PDF report for the HF Vetting audit category.
LC Profile
Contact info, certification status, service area, and all assigned students — active and completed placements. CBC and reference status tracked per LC to ensure your field coordinators meet 22 CFR 62.25(g) requirements before they begin work.
Monthly Reports
LC submits a monthly report per assigned student covering academic progress, wellbeing, host family interaction, and any issues — required by 22 CFR 62.25(g). Reports are auto-created on schedule and staged email reminders ensure no deadlines are missed. Each report feeds directly into the Monitoring audit category. Saves hours vs. manual tracking of which LCs have submitted.
Semester Activity Reports (2x/year)
Two semester activity reports per year: Fall semester due December 15 and Spring semester due May 15. Covers program activities, student academic performance, meeting notes, and photos. Auto-reminder emails sent to LCs with outstanding reports. Required for CSIET Advisory List annual reporting.
LC CBC Decision
Criminal background check for the LC themselves, required for initial certification and renewal under 22 CFR 62.25(g). Stored with decision date, notes, and auto-generated PDF. The Action Required system flags any LC with expired or missing CBC status on their portal dashboard.
LC References
Professional and personal references collected via a dedicated LC reference portal — no phone calls or paper forms needed. Two references required for LC approval. Each generates a branded PDF stored with the LC profile for audit documentation.
One-Click Audit-Ready ZIP Package — Industry First
For each student, the system auto-generates a structured ZIP file containing all 6 compliance categories as separate branded PDFs — ready for Department of State or CSIET audit submission with zero manual assembly. Folder structure mirrors the CFR Part 62 categories exactly: 1_Selection / 2_Orientation / 3_Insurance / 4_Documentation / 5_Monitoring / 6_HF_Vetting. What previously took staff hours of manual document gathering and formatting is now a single click. Each PDF uses the same branded header configured in Settings → Audit Template.
| # | Category | Documents Included | CFR Reference |
|---|---|---|---|
| 1 | Selection | 22 CFR 62.25(a)(b) | |
| 2 | Orientation | 22 CFR 62.10 | |
| 3 | Health Insurance | 22 CFR 62.14 | |
| 4 | Documentation | 22 CFR 62.13 | |
| 5 | Monitoring | 22 CFR 62.25(g) | |
| 6 | HF Vetting | 22 CFR 62.25(j) |
Per-Document Preview
Each document on the compliance detail page has a View PDF button — verify the exact branded PDF before downloading the full ZIP package. Auditors can see exactly what they will receive, building confidence in your compliance documentation.
Full ZIP Download
One click downloads all compliance documents in a structured ZIP: 1_Selection / 2_Orientation / … / 6_HF_Vetting. Saves hours of manual document assembly per student — multiply that across your entire program and the time savings are transformational.
Real-Time Compliance Dashboard
Overview of all students with color-coded completion status across all 6 audit categories — instantly see every missing document across your entire program. Filter by program year, export to Excel. This real-time monitoring catches every compliance gap before an auditor does, functioning like an AI assistant that never sleeps.
One Screen, Complete Visibility
The Application Pipeline replaces spreadsheets and manual status tracking. Every Student and Host Family progresses through defined stages — No Application → Draft → Submitted → Approved → Decision — and the pipeline shows exactly where each person stands right now. Program Managers can instantly identify who is stuck, who needs a nudge, and who is ready for the next step.
Summary Dashboard
Six stat cards at the top show real-time counts — total Students vs Host Families, how many have no application, drafts in progress, submissions awaiting review, approved applications, and final decisions made. Spot bottlenecks at a glance without scrolling through tables.
Smart Filtering
Filter by role (Students only, Host Families only, or All), application stage, program year, and free-text name/email search. Combine filters to drill down instantly — e.g. "Host Families with no application in 2025-2026." Pagination supports 20, 50, or 100 records per page.
Inactivity Alerts
A "Days" column tracks how long since each person signed up. Entries idle for more than 7 days in No Application or Draft stage are flagged red; 3+ days flagged yellow. Quickly identify participants who need follow-up before they fall through the cracks.
Stage Tracking
Each row shows color-coded status badges for Application, Agreement, CBC (Host Families), and Decision columns. Stages include Draft, Submitted, Approved, Need Fix, Accept, Deny, and Defer — all at a glance in one unified table for both Students and Host Families.
Agency Visibility
Each pipeline row shows the associated recruitment agency, making it easy to track agency performance and identify which agencies have participants stalled in early stages. Filter and sort to compare agency conversion rates.
One-Click Detail Access
Every row links directly to the participant's full detail page. Review a flagged entry in the pipeline, click through to the detail, take action, and return — no context switching between different screens or menus.
Monthly LC Reports
LCs submit a monthly report per assigned student via their portal — required by 22 CFR 62.25(g) for ongoing monitoring. Admin receives instant email notification on submission. Reports feed directly into each student's Monitoring audit category (Section 5), building the compliance record automatically. No more chasing LCs with spreadsheets — the system handles it.
Semester Activity Reports
End-of-semester report from each LC covering academic and cultural exchange activities, program outcomes, and overall student progress. Supports CSIET Advisory List annual reporting requirements. Auto-reminders sent only to LCs with outstanding reports — no blanket emails to those who already submitted.
Report Automation
System auto-creates report drafts and sends staged email reminders (initial, follow-up, final) to LCs before due dates. Fully configurable timing and recipients per report type from Settings → Report Automation. Eliminates the manual process of tracking which LCs have submitted and sending individual follow-ups.
Program Assignments
Admin assigns each student to a program year, LC, school, and host family. Bulk update supported for efficient program setup. Drives all downstream report generation, compliance tracking, and audit package assembly — change an assignment and every related report updates automatically.
Analytics Dashboard
Recruitment funnel, lead source analysis, conversion rates, and campaign performance for program planning.
Support Tickets
Users can submit support requests from their portals. Admin manages tickets with status tracking, response, and resolution notes.
One Program Manager Runs the Entire Operation
The system is architecturally designed for maximum operational efficiency. Each stakeholder (Student, Host Family, LC, Agency, School) has a self-service portal where they complete their own applications, upload documents, submit reports, and sign agreements — without any manual coordination from staff. The Program Manager's unified dashboard aggregates every pending action across all roles into a single real-time Action Required list with 22 CFR compliance gap detection. What traditionally requires a team of 3-5 staff — tracking applications, chasing missing documents, scheduling CBC checks, monitoring monthly reports — can now be efficiently managed by one person.
Configurable Portal Access — No Code Changes
Toggle visibility of any menu for each role from Settings → Portal Menu Access. Every portal includes Action Required banners that guide users through their next steps automatically.
Student Portal
Personal dashboard for enrolled J-1 students — view status, complete forms, sign agreements digitally
- View placement & school info
- Submit application form
- Sign program agreement
- Check insurance status
- View SEVIS / DS-2019
- Submit support request
Host Family Portal
Dashboard for host families — complete vetting steps, sign agreements, track student placement
- Complete HF application
- Sign HF agreement
- Upload consent forms
- View assigned student
- Submit reference contacts
- Access welcome package
LC Portal
Dashboard for Local Coordinators — submit reports, conduct visits, manage assigned students
- View all assigned students
- Submit monthly reports
- Submit semester reports
- Record LC meetings
- Submit HF home visits
- Refer new host families
Agency Portal
Dashboard for partner agencies — submit students, track placements, download documents
- Submit new students
- Track student status
- View placement details
- Download documents
- Refer host families
Campaigns
Create marketing campaigns with unique tracking URLs. Monitor lead volume, source attribution, and conversion rates per campaign. Know exactly which recruitment channels deliver qualified host families and students — optimize your budget based on real data, not guesswork.
Lead Management
Capture and track interested families, students, and LCs with a structured pipeline: New → Contacted → Qualified → Applied. Notes and follow-up tracking ensure no prospect falls through the cracks. Leads convert directly into full profiles when ready, preserving all history.
HF Referral System
LCs, agencies, and existing host families submit referrals directly from their portals — leveraging your existing network for organic growth. Admin reviews and converts to a full HF profile with one click to begin the structured vetting workflow. Referral source is tracked for attribution reporting.
Unified Branded Format — All 14+ Document Types, Zero Design Work
All compliance PDFs, HF decision letters, reference check PDFs, CBC decisions, and LC reports use the same professional branded template. Organization logo, name, and primary color are set once in Settings → Audit Document Template and applied consistently across every exported document. Your entire compliance package looks professional and consistent — no Word templates, no formatting issues, no manual branding. Configurable without code.
Branded Header
Every PDF shows your organization logo, document title, entity name, generation timestamp, and status badge. Primary color and logo are configured once in Settings and applied to all 14+ document types automatically — no design skills, no code changes, no Word template management.
Document ID Badge
Each compliance PDF displays a blue Doc ID badge (e.g., "1.1 — Student Application Form") for easy identification in audit packages.
Print to PDF
All student-facing and HF-facing documents have a browser print view optimized for PDF saving — A4 format, print-specific CSS, auto-print option.
Handwritten Digital Signature — Zero Paper, Full Legal Compliance
All forms requiring a signature — HF Agreement, LC Agreement, Student Agreement, CBC Consent, Authorization Forms — support a touch or mouse-drawn handwritten signature directly on the signature pad. No printing, scanning, mailing, or faxing required. The signature image is stored in the database with timestamp and automatically embedded when generating compliance PDF documents. This eliminates the biggest bottleneck in J-1 program operations: collecting wet signatures from stakeholders across multiple locations.
Touch & Mouse Signature
Supports both mobile touchscreen and desktop mouse input. Draw directly on the signature pad just like signing on paper. A Clear button allows re-signing at any time.
Saved to DB & Embedded in PDF
Signature image (PNG) is stored in the database and automatically embedded in the signature field when generating PDF documents.
Supported Forms
HF Agreement · LC Agreement · Student Agreement · CBC Consent · HF Criminal BG · Student Auth to HF · Student Placement
Automated so LCs never miss a deadline — 22 CFR 62.25(g) guaranteed
On a configured date each month, the system automatically creates report drafts for each LC and sends staged email reminders (initial, follow-up, final warning) until the report is submitted. This ensures the ongoing monitoring required by 22 CFR 62.25(g) is never missed — even with dozens of LCs across multiple states. Admins configure the schedule and recipients at Settings → Report Automation. What used to require a staff member tracking spreadsheets and sending individual emails is now fully automated.
Monthly Report Automation
On the configured create date (~15th), report drafts are auto-generated per student per LC. An initial email is sent, followed by Follow-up and Final reminders for any outstanding submissions.
Semester Activity Report Automation
Reminder emails are automatically sent to LCs before the semester activity report deadline. Only LCs with outstanding reports receive the reminder.
How to Configure
Set Create Day, Deadline Day, and email timing at Admin → Settings → Report Automation. The system runs a server-side cron job once daily to execute the schedule.
Upload the DS-2019 — data fills in automatically (SEVIS Integration Ready)
When a DS-2019 PDF is uploaded on the student page, the system automatically parses the document text and extracts the SEVIS ID, program start/end dates, and DS-2019 issue date — saving them to the database instantly. No manual data entry required. This eliminates one of the most error-prone steps in J-1 program administration and ensures SEVIS data per 22 CFR 62.13 is captured accurately for every student. Supports batch upload preparation for SEVIS reporting.
Auto-Extracted Fields
The following fields are automatically parsed from the DS-2019 PDF:
Instant Save
Parsed data is applied to the SEVIS record immediately on upload. If parsing fails, the file is still saved and fields can be filled in manually.
Where to Find It
Go to Student → Documents tab → DS-2019 Upload. After upload, verify the auto-filled data in the SEVIS tab.
Zero Manual Data Entry — Just Upload the Card
The insurance card parser uses Tesseract OCR for images and pypdf text extraction for PDFs to automatically detect the insurance provider, extract the policy number, and find the customer service phone number. Upload a card photo or scan → fields are auto-filled instantly → form auto-submits. What used to require manual transcription of every card now takes one click. If OCR fails, the system provides progressive guidance: retry with a clearer image, or enter manually.
6 Providers Supported
Auto-detects UnitedHealthcare (StudentResources), IMG (International Medical Group), BlueCross BlueShield, Cigna, Aetna, and ISI. Each provider has specialized extraction patterns for policy numbers, member IDs, and certificate numbers optimized for J-1 student insurance cards.
Instant AJAX Processing
Card is uploaded via AJAX — no page reload. A loading overlay keeps the user on the page while OCR runs server-side. On success, provider/phone/policy fields are auto-filled and the form auto-submits within 800ms. The uploaded card appears immediately in the right-side preview panel.
Print-Ready Insurance Card
Every student's insurance information generates a professional A4 print page matching the compliance document format — with company logo header, insurance details table, uploaded card image, and footer. One-click print or Save as PDF for school enrollment and emergency use.
Smart Image Enhancement
Small or low-quality card photos are automatically upscaled, contrast-enhanced, and sharpened before OCR. Multiple Tesseract PSM modes are tried and the best result is used. Re-upload overwrites the previous file (no orphaned files). Progressive error messages guide users to retry or enter manually.
Auto Trigger
When a student submits their application, an "Interview Pending" record is auto-created. Admin/PM sees it on the dashboard Action Required and on the dedicated English Interviews page.
Interview Form + Signature
Admin/PM selects the interview method (in-person, video, or phone), enters the assessment result (Pass/Fail), and signs with a digital canvas signature. Timestamp and IP address are auto-captured on submit.
Audit Ready (Doc 1.2)
Interview records are automatically included in the Selection audit category as Doc 1.2. Missing interview method or signature will fail the Selection check — the admin dashboard flags it immediately.
See what needs to be done the moment you log in — nothing falls through the cracks
When any stakeholder (Student, Host Family, LC, Agency) logs into their portal, the dashboard automatically analyzes their compliance status and shows a prioritized list of incomplete tasks at the top. One click takes them directly to the relevant form. This real-time monitoring functions like an AI assistant — continuously scanning for missing documents, unsigned agreements, overdue reports, and incomplete vetting steps. No more email follow-ups asking "did you submit X?" — the system guides every user through their next steps automatically.
Student
Student portal action items
- Application revision requested
- Incomplete application forms
- Payment not yet submitted
Host Family
HF portal action items
- Application revision requested
- Application not submitted
- CBC Consent not submitted
- Agreement not signed
- Criminal BG not confirmed
Local Coordinator
LC portal action items
- Application revision requested
- New leads need follow-up
- Monthly reports not submitted
- Semester reports not submitted
- CBC / Agreement incomplete
Agency
Agency portal action items
- Student application revision requested
- Incomplete document guidance
Built-in help desk — no external tool or additional cost needed
Any portal user (Student, Host Family, LC, Agency) can submit a support ticket directly from their dashboard — no separate help desk software required. Admin receives an instant email notification, reviews the ticket, and replies within the platform. The user is notified of the reply and can view the full conversation thread. Everything stays in one system, creating a complete communication record per stakeholder.
Submit a Ticket
Users submit a ticket from My Portal → Get Help. They select a category (Bug / Feature Request / Question / General), enter a subject and description, and submit. An email is immediately sent to the admin team.
Ticket Categories
Tickets are tagged by category to help prioritize and route.
Status Tracking
Each ticket has a status that updates as it progresses. Users can see the current status on their support page at any time.
Reply Thread
Admin and user can exchange multiple messages within a single ticket. All replies are timestamped and displayed in a conversation thread. Admin replies trigger an email notification to the user, marked as unread until viewed.
Admin Management
Admins manage all tickets at Admin → Support. Unread tickets show a badge count in the sidebar. Tickets can be marked as In Progress or Resolved, and can be deleted when no longer needed.
Plug & Play — No Code Deployment
Every third-party integration is configured entirely through the admin panel at Settings → Integrations. Paste your API keys, click Save, and the integration is live immediately across all pages. No server restarts, no code changes, no developer needed. Switch providers or update keys anytime.
Google Analytics
Paste your GA4 Measurement ID (G-XXXXXXXXXX) and tracking code is automatically injected into every page — public site, dashboard, portals, and platform guide. Real-time visitor data, traffic sources, and user behavior analytics. Find your ID at Analytics → Admin → Data Streams.
Google reCAPTCHA v2
Protect signup and contact forms from spam bots. Enter your Site Key (public) and Secret Key (private) from the reCAPTCHA Admin Console. The "I'm not a robot" checkbox appears automatically on registration and contact pages.
Ready for More
The integration framework is designed to easily add new services — Mailchimp, Twilio SMS, Slack notifications, Zapier webhooks, and more. Each integration follows the same pattern: add keys in settings, system reads from DB, zero downtime.
Zero Payment Friction
The system supports both Stripe and Square payment gateways — the customer chooses their preferred provider in Settings. Students see a beautiful, branded payment form with a secure card input. Payment processes in real-time via the selected gateway API, with an instant success screen upon completion. A confirmation email is sent automatically to both the student and the admin, ensuring everyone has a receipt and transaction record without any manual follow-up.
Gateway Selection
Admin selects Stripe or Square from Settings → Payment Gateway. Production and Sandbox credentials are stored separately, allowing safe testing before going live.
Real-Time Processing
Student enters card details → tokenized client-side for security → server charges via API → instant success screen. No page reload required — the entire flow is seamless and fast.
Automatic Notifications
Student receives a payment confirmation email with transaction ID. Admin receives a notification with student info and amount. Admin is BCC'd on all payment emails for complete audit trail.
Application Fee ($150)
Student pays via Stripe or Square card payment at application time. Real-time processing with instant success screen. Admin dashboard with stats, search, year filter, and verify/reject controls.
Program Fee (Wire/Check)
Student or agency submits bank transfer receipt with amount, date, sender info, and receipt file upload. Admin verifies from a dedicated management page. Separate from application fee — different amount, timing, and payment method.
Auto Email Notifications
Receipt submitted → Admin/PM notified. Status changed to Verified → Student + Agency receive confirmation email. Rejected → Student + Agency receive rejection with reason. All automated.
Program Year Filter
Both Application Fee and Program Fee pages support year-based filtering (default: current year). Stats cards update dynamically. Search by student name/email with status filter.
Agency Portal Integration
Agencies can submit program fee receipts on behalf of students. Student selector dropdown with auto-reload. Agency sees only their assigned students. Receipts tracked per student.
Unified Finance Dashboard
Admin sidebar Finance section: Application Fee + Program Fee — two separate pages for two different payment types. Total/Pending/Verified/Rejected stats at a glance for each.
Parent Email Signing
Student submits travel request with parent email. System auto-sends a branded signing link — parent clicks, reviews trip details, and signs digitally from any device. No login required, token-based secure access.
Host Family Approval
HF sees pending travel releases in their Action Required list. Reviews trip details, chaperone info, and signs with canvas digital signature. Approval status auto-updates across all dashboards.
PM Final Approval
Program Manager reviews parent + HF signatures, adds notes, and gives final approval with their own digital signature. Complete 3-party approval chain documented with timestamps.
PDF with All Signatures
One-click PDF export includes trip details, chaperone info, permissions, and all three signatures (Parent, HF, PM) with dates — audit-ready documentation for every student trip.
Dashboard Tracking
Admin dashboard shows individual pending travel releases in Action Required. Student detail page shows Travel Release table with Parent Signed and HF Signed columns — status at a glance.
Role-Based Access
Students submit requests. Parents sign via email. HF approves + signs. LC views read-only. Admin/PM gives final approval. Each role sees only what they need — clean, secure workflow.
Every Email is Configurable
All system emails — welcome, application submitted, payment confirmed, reference check, CBC notification, monthly report reminders — use templates stored in the database, editable from Settings → Email Templates. Variables like {name}, {email}, {payment_id} are auto-replaced at send time, so admins can customize messaging without touching any code.
Per-Role Templates
Separate templates for Student, Host Family, LC, and Agency. Each role gets contextually relevant emails tailored to their workflow and responsibilities.
Notification Recipients
Configure who receives each notification type from Settings → Notification Email Settings. Toggle student, agency, and LC notifications per event for granular control.
SMTP Configuration
Customer configures their own SMTP server (Gmail, SendGrid, etc.) from Settings → SMTP. Built-in connection test verifies credentials before enabling automation.
Branded HTML Emails
Every email uses a consistent branded template with company logo, colors, and footer. Configured once in settings, applied everywhere — professional communication on every send.
Role-Based Recipients
Select recipients by role — All Users, Students, Host Families, Local Coordinators, Agencies, or Schools. Real-time count updates as you toggle roles. Each recipient receives an individual branded email.
Live Preview + Templates
See exactly what recipients will receive as you type. Quick templates for common messages like profile completion requests. Choose header accent color from preset swatches to match your brand.
Branded HTML Delivery
Every broadcast uses the organization's branded email template — logo, company name, contact info, and footer. No plain-text bulk emails. Professional communication to every stakeholder.
Geo-Location Tracking
Every visit is mapped to country, US state, and city using IP-based geolocation. Country distribution chart and US state breakdown show where your program participants and prospects are located.
Referrer & Traffic Sources
Auto-classifies inbound traffic into Direct, Search Engine, Social Media, and External referrals. Full referrer URL log with visitor location, timestamp, and landing page — see exactly where your traffic comes from.
User Activity Log
Tracks logged-in user activity by role — page views, last visit, and first visit per user. Identify inactive participants, monitor LC engagement, and verify host family portal usage for compliance.
Device & Browser Stats
Device type breakdown (Desktop, Mobile, Tablet) and browser distribution. Useful for ensuring the portal works well on the devices your participants actually use.
Daily Trend & Top Pages
Daily visit trend chart with configurable period (today, week, month, year, custom range). Top 15 most visited pages show which features get the most usage.
Privacy-First Design
No third-party tracking scripts, no cookies for analytics, no external data sharing. IP addresses are hashed (SHA-256) before storage. All data stays on your dedicated server — fully FERPA/COPPA compatible.
Zero Data Loss Risk
A cron job runs pg_dump every hour, creating a gzip-compressed backup. The latest 5 backups are retained; older files are auto-deleted to conserve storage. Admins can trigger a one-click manual backup from the admin panel and download any backup file for off-site storage. A restore command is provided in documentation for disaster recovery scenarios.
Automatic Hourly Backup
pg_dump runs every hour via cron. Each backup is gzip compressed for efficient storage. The latest 5 backups are retained automatically, with older files cleaned up.
One-Click Manual
Admin can trigger an immediate backup from Settings → Database Backup. Download any backup file directly from the admin panel for off-site archival.
Demo Mode Reset
For demo instances, the database resets to a clean snapshot daily at midnight. Toggle demo mode on or off from settings to control this behavior.
DOS & CSIET Audit-Ready in One Click
Every compliance PDF — student files, HF vetting records, LC reports, placement history — uses the same professionally branded template. Configure your organization logo, name, program number, and primary color once in Settings → Audit Document Template, and it's automatically applied to every exported document. No design work, no Word templates, no inconsistencies. When the Department of State or CSIET requests your audit package, every document looks like it came from a professional compliance team.
Branded Header & Footer
Every PDF shows your organization logo, document title, program sponsor number, and generation timestamp. Primary color theme is configurable — match your brand identity across all documents.
6 Compliance Categories
Auto-generated per-student audit package covers all 22 CFR 62 categories: Student Selection, Orientation, Insurance, DS-2019/SEVIS, Program Monitoring, and Host Family Vetting. Each section cites the relevant CFR section.
Instant Changes
Update your template settings and every future PDF export immediately reflects the changes. No need to regenerate existing documents — the template is applied at export time.
Transparent Pricing, Zero Surprises
Three subscription tiers — Starter ($499/mo, 100 students), Pro ($899/mo, 300 students), and Enterprise ($1,399/mo, 500+ students) — each with a real-time usage bar showing current students vs. plan limit. Automated email alerts fire at 80%, 95%, and 100% capacity to both the admin and PM, with direct links to the subscription page and dashboard. Student limit enforcement prevents over-enrollment automatically.
One-Click Stripe Sync
Enter your Stripe Customer ID and the system auto-fetches customer name, email, subscription ID, status, plan, and billing date. Zero manual data entry — everything stays in sync with Stripe.
Real-Time Usage Monitoring
Progress bar shows current students vs. plan limit. Color-coded: green (<80%), amber (80–95%), red (95%+). Student count updates automatically as enrollments change.
Smart Email Alerts
Automated emails at 80%, 95%, and 100% capacity sent to admin + PM. Includes direct links to the subscription page and dashboard. Dedup logic prevents repeat emails at the same threshold level.
Stripe Customer Portal
One-click access to Stripe's customer portal for plan changes, payment method updates, invoice downloads, and cancellation. Full self-service — no support tickets needed.
Try Before You Buy
Demo mode enables quick-login buttons on the login page — 6 role buttons (Admin, PM, Student, HF, LC, Agency) for instant one-click access. A daily midnight database reset restores the environment to a clean demo snapshot, so prospects can freely explore without breaking anything. All demo data is preserved in the snapshot and restored automatically.
Quick Login Panel
Six role buttons on the login page: Admin, PM, Student, HF, LC, Agency. One click to log in as any role and explore the full platform. Only visible when DemoMode=true.
Daily Database Reset
Cron job at midnight restores the database to the demo snapshot. Customers can freely test without fear of breaking data. Toggle on/off from settings.
Production Toggle
Set DemoMode to false and all demo features disappear completely. No code changes needed. Customer deployments are clean from day one.
Student Flyers
Create personalized student profiles from Students > Flyer tab. Two-panel layout: edit on the left, live preview on the right. Includes personality paragraph, hobbies (with icons), favorite subjects, foods, and "afraid of" fields.
School Flyers
Build school profiles from Schools > Flyer with photo/logo upload, mission statement, academics, AP courses, sports, clubs, location info, weather, and J-1 student notes. School basic info syncs with the edit page.
Host Family Flyers
Create HF profile flyers from Host Families > Flyer tab. Family introduction, members, pets, hobbies, home type, community type, and special notes. Published flyers are visible to students in My Placement.
LC Flyers
Build Local Coordinator profiles from Coordinators > Flyer tab. Bio, experience, languages, specialties, and fun fact. Published profiles appear in students' My Placement view.
4 Student Templates
Choose from Gradient Horizon (blue), Polaroid Stack (pink), Magazine Editorial (teal), or Passport Card (navy). Click a template pill to auto-save and instantly switch the preview.
Send to Host Family
Click Send on a student flyer to open an email modal. Enter recipient name, email, and an optional personal message. The system sends a branded email with the student's public profile link.
Unified PDF Output
All flyers render to PDF via WeasyPrint with print-color-adjust: exact — gradients, background colors, and images print faithfully. The same "Print / Save PDF" button style is used across all entity types. Company logo and PM contact info appear in every flyer footer.
School Tab
Displays school card with photo, logo, address, phone, and website. Right panel shows AP courses, sports, and clubs as color-coded tags, plus location details (airport, nearby cities, weather). "View Full School Flyer" links to PDF.
Host Family Tab
Shows HF card with contact info, home type, community type, and pets. Right panel lists family members, activities, and special notes. "View Full HF Profile" button opens the PDF flyer.
Local Coordinator Tab
Displays LC card with phone, email, languages, and bio preview. Right panel shows specialties as tags and fun fact. "View Full LC Profile" button opens the PDF flyer.
Dashboard Integration
The student dashboard sidebar shows a compact My Placement card with color-coded bars (purple for HF, teal for LC, blue for School) and a "View All" link. If placement is not yet confirmed, students see a friendly "Not Assigned Yet" message.
Mandatory Handwritten Signatures
Every approval step requires a canvas handwriting signature — printed names alone are not accepted. Parent signs via a secure email link (no login required), HF and LC sign in their portal, and Admin/PM signs during final review. All signatures are stored as base64 and rendered in the PDF.
Student & HF Submit
Students and Host Families can create travel release requests. When HF submits directly, it auto-approves the HF step (status = hf_approved), skipping their own signature. Parent email receives a signing link automatically.
Parent Signature
Parent/guardian receives an email with a secure token link — no login required. They review trip details and provide a handwritten canvas signature from any device. Admin CC is notified once signed.
HF Approval (Step 1)
Host Family reviews the request and provides their handwritten signature to approve, or denies with a reason. On approval, status moves to hf_approved. Admin CC is notified; on denial, both Admin and Student are alerted.
LC Review & Sign (Step 2)
Local Coordinator reviews and provides their handwritten signature. Status advances to lc_approved. Admin CC receives "Ready for Final Review" notification. LC can also deny with a reason.
Admin Final Approval
Admin/PM reviews the complete chain (parent, HF, LC signatures), adds notes, and provides their handwritten signature for final approval. On approval, Student + HF + LC all receive confirmation emails.
Email Notification Chain
Submit: Parent link + Admin CC. Parent signs: Admin CC. HF approve: Admin CC. HF deny: Admin + Student. LC sign: Admin CC. Admin approve: Student + HF + LC. Admin deny: Student + HF.
Visual Student Cards
Each student appears as a card with a gradient header (4 rotating color schemes), profile photo or initial placeholder, name, country, age, and grade. Cards respond to hover with a subtle lift animation.
Personality Preview
If a student flyer is published, the card shows the first 3 lines of the personality paragraph with CSS line-clamp, plus up to 5 hobby tags. Host families get a quick sense of each student without clicking through.
Search & Actions
Real-time search bar filters cards by name, email, or country. Each card has "View Details" (links to student detail page) and "View Profile" (links to public flyer page, if published) action buttons.
Federal Regulatory Compliance — Built Into Every Layer
J-1 exchange student data includes minors' PII (ages 15–18): passport numbers, SEVIS IDs, medical insurance, host family records, and educational transcripts. This data is governed by multiple federal regulations:
- 22 CFR 62.10(g) — Program records must be maintained for minimum 3 years after program conclusion
- 22 CFR 62.50 — SEVIS data accuracy and timely reporting to Department of State
- FERPA (20 U.S.C. § 1232g) — Protection of student education records; restricts disclosure without consent
- DHS 8 CFR 214.2(j) — J-1 visa record maintenance and reporting requirements
- NIST SP 800-171 — Recommended security controls for protecting Controlled Unclassified Information (CUI)
Our architecture addresses each requirement: TLS 1.3 encryption in transit, PBKDF2-SHA256 (600,000 iterations) for passwords, role-based access control with 6 permission levels, hourly automated backups with 3+ year retention capability, and complete audit trail for all compliance-critical actions.
TLS 1.3 / HTTPS Everywhere
All traffic encrypted with Let's Encrypt SSL/TLS certificates (auto-renewed). HTTP → HTTPS forced redirect via Nginx. HSTS header enforces secure connections for all browsers. No unencrypted data ever leaves the server.
PBKDF2-SHA256 Password Hashing
Passwords are never stored in plain text. Every password is hashed using PBKDF2 with SHA-256 and 600,000 iterations — the NIST-recommended algorithm. Even if the database is compromised, passwords remain computationally infeasible to reverse.
Security Headers
Every HTTP response includes defense-in-depth headers: X-Content-Type-Options: nosniff (MIME sniffing prevention), X-Frame-Options: SAMEORIGIN (clickjacking prevention), X-XSS-Protection (reflected XSS blocking), and Strict-Transport-Security (HTTPS enforcement).
Secure Session Management
Session cookies are configured with three critical flags: Secure (HTTPS only), HttpOnly (JavaScript cannot access), and SameSite=Lax (CSRF protection). Sessions auto-expire after inactivity. Login state is managed by Flask-Login with server-side session storage.
Brute-Force Protection
Login endpoints are rate-limited to 10 attempts per 5 minutes per IP. After exceeding the limit, further attempts are blocked with a clear cooldown message. Password requirements enforce uppercase, numbers, and special characters — minimum 8 characters.
Role-Based Access Control
Six distinct roles with granular permissions: Admin (full access), Program Manager (operations without system settings), Student/HF/LC/Agency (portal-only access). Every route is protected by role-checking decorators. Admin accounts cannot be deleted or demoted.
Encrypted Database Backups
PostgreSQL database backed up every hour via automated cron job. Backups are gzip-compressed and stored server-side with strict file permissions. Only admin accounts can download backups. 5-file retention policy prevents storage bloat.
Safe Redirect & Input Validation
Open redirect prevention: login redirects only accept relative URLs starting with /. All SQL queries use parameterized statements (no string interpolation). File uploads validate extensions and use secure_filename(). DDL operations use strict whitelisting.
Infrastructure Security
Nginx reverse proxy with UFW firewall (ports 80/443/22 only). PM2 process manager with auto-restart. Let's Encrypt certificates with automatic renewal. Server-side rendering (no client-side data exposure). Environment variables for all secrets — never in source code.
| Setting | What It Controls | Location |
|---|---|---|
| Audit Document Template | Organization name, logo, and primary color for all 14+ compliance PDFs. Changes apply to every PDF export immediately — one setting controls the branding across your entire audit package. | Settings → Audit Template |
| Report Automation | Schedule automatic email reminders for monthly and semester report due dates. Configure recipients and timing per report type. | Settings → Report Automation |
| Portal Menu Access | Toggle which sidebar items each role (HF / LC / Student / Agency / Program Manager) sees in their portal. Granular control lets you phase in features gradually or restrict access for specific roles. | Settings → Portal Access |
| Email Templates | Customize the content of notification emails for each event (submission, approval, reminder) per stakeholder role. Full HTML support — no developer required. Changes take effect immediately. | Settings → Email Templates |
| Notification Recipients | Set which email addresses receive each type of notification (CBC submitted, report submitted, etc.). | Settings → Notification Email |
| Brand Assets | Upload the organization logo used in portal pages and all PDF headers. | Settings → Brand Assets |
| SMTP Configuration | Outbound email server (host, port, credentials). Test connection from this page before enabling automation. | Settings → SMTP |
| Broadcast Email | Send a one-off email to all users in a selected role group (e.g., all LCs, all HFs). | Settings → Broadcast Email |
| Payment Gateway | Stripe or Square API keys, production and sandbox credentials. Select your preferred gateway and configure keys for live or test environments. | Settings → Payment Gateway |
| Integrations | Google Analytics ID for tracking and reCAPTCHA keys for form protection. Configure third-party service credentials in one place. | Settings → Integrations |
| Database Backup | Hourly automatic backup via cron with 5-file retention policy. One-click manual backup with download. Keep off-site copies for disaster recovery. | Settings → Database Backup |