Data Security Best Practices

Modified on Wed, 21 Jun, 2023 at 5:49 AM

Below are some best practices around Personal Identifying Information (PII) and data security that may help mitigate risk concerns when interacting with students: 


  • Utilize office-level permissions. Permission managers can assign office-level permissions to all users, allowing them access to only their content. This would apply to texting, live chat, and chatbot transcripts, as well as live chat and texting conversations.


  • Consider adding a sentence to the welcome message to not enter PII information unless requested.

For integrated questions, Ocelot has specific events that trigger the redaction of PII. We have to know when PII will occur to trigger these events which is not possible in live chat and texting interactions.

Live Chat

  • Consider using Live Chat SSO authentication. This will eliminate the need to validate identity and stop inquiries for student PII, especially if implemented campus-wide. 


  • We recommend including a short message in the introductory texting campaign to not respond with PII.

Note: Data is encrypted both in transit and when stored at rest. However, it is not encrypted when it is emailed to the school

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article