How is data masked with Privacy Shield?
Privacy Shield helps prevent access to sensitive data by enabling districts to specify how much sensitive data to reveal. Privacy Shield can be configured on your side to hide sensitive data in the synchronization results. With Privacy Shield, the data isn't changed. Privacy Shield is easy to use with existing applications since masking rules are applied in the query results.
The Privacy Shield feature is available for user entities only, such as student, teacher, contact, and admin.
When you use Privacy Shield, a data masking rule is applied to data at query runtime. You can use the following data masking rules:
| Attribute | Description | Original | Masked |
|---|---|---|---|
| Last Name | Exposes the first character, replacing the rest of the string with the -ggl’ and adding a unique set of 7 lowercase letters from a-z. | Davidson | D-ggl'abcdefg |
| First Name | Exposes the first character, replacing the rest of the string with the -ggf’ and adding a unique set of 7 lowercase letters from a-z. | John | J-ggf'abcdefg |
| Middle Name | Exposes the first character, replacing the rest of the string with the -ggm’ and adding a unique set of 7 lowercase letters from a-z. | Michael | M-ggm'abcdefg |
| Username | Exposes the first character, replacing the rest of the string with the -ggu’ and adding a unique set of 7 lowercase letters from a-z. | DavidsonJ | D-ggu'abcdefg |
| Email Address | Replaces the email username with a string of 16 random letters, adds the district GUID before the domain, and replaces the domain with gg4l.io. Upon activation of the application by a district, returns an empty string before data import. | jane_example.example@com | [email protected] |
| Birth Date | Exposes the year of birth and replaces day and month of birth. If a day and month less than 6 months from the current date, replaces with 01/01, or 09/01 if more than 6 months. | Birth date: February 15, 1990, current date: May 10, 2024 | 01/01/1990 |
| Phone numbers (Phone, Home Phone, Sms, Phone Number, Work Phone) | Replaces the all characters with +10000000000 | (555)123-4567 | +10000000000 |
Updated about 2 months ago