Below are some best practices around Personal Identifying Information (PII) and data security that may help mitigate risk concerns when interacting with students:
Platform
- Utilize office-level permissions. Permission managers can assign office-level permissions to all users, allowing them access to only their content. This would apply to two-way messaging, live assistant, and virtual assistant transcripts, as well as live assistant and two-way messaging conversations.
Virtual Assistant
- Consider adding a sentence to the welcome message to not enter PII information unless requested.
- For integrated questions, Ocelot has specific events that trigger the redaction of PII. We have to know when PII will occur to trigger these events which is not possible in live assistant and two-way messaging interactions.
Live Assistant
- Consider using Live Assistant SSO authentication. This will eliminate the need to validate identity and stop inquiries for student PII, especially if implemented campus-wide.
Two-Way Messaging
- We recommend including a short message in the introductory two-way messaging campaign to not respond with PII.
Note: Data is encrypted both in transit and when stored at rest. However, it is not encrypted when it is emailed to the schoolWas this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article