What is Privacy Shield?

Privacy Shield is a protection feature that helps districts safeguard sensitive database information. Privacy Shield in School Passport ensures that sensitive information is masked from the data before it is accessed by your application. It allows you to define PII rules for specific attributes, ensuring that only districts can see the original data while concealing it from others. Privacy Shield provides an additional layer of security by dynamically altering the district data presented to your application, based on their permissions.

Why use Privacy Shield

School Passport’s Privacy shield offers all the benefits of using PII data while mitigating most of the cost and risk.

  • Privacy compliance: It takes an army of lawyers to track all the privacy legislation.
  • Complex standards: Complying with SOC2 or ISO 27001 isn’t easy.
  • Security audits: Penetration testing and vulnerability assessments are costly.
  • Costs: All the lawyers, standards, and audits add up quickly.

How Privacy Shield works

  1. Vendor creates PII rules. These rules define what user data (attributes) will be masked.
  2. Vendor creates and sends a data sharing request with enabled Privacy Shield to a district.
  3. District reviews and approves the request.
  4. System syncs data with masked attributes.
  5. Marked data is replaced with a mask.

Limitations

Privacy Shield can be enabled for the Last Name, First Name, and Email attributes of user entities such as students, teachers, contacts, and administrators.