Location

  • Student "Name": Lead Details page


Users with the following permissions

  • Leads & Students: View SSN


Case:

Students SSN is shown right when a page is opened or during data export and is available for viewing for most of the users but this is not safe.


Problem:

How to make students personal data more secure?

 

Solution:

The following improvements are aimed to make students SSN more secure.


View SSN

The SSN is not shown at the initial page load now (e.g. Student "Name": Lead Details):



A user without the permission to view SSN will only see the following masked string: ***-**-****:



A user with the required permission can see the SSN by clicking the masked string:


     

 


It works the same way in the reports (e.g. Gainful Employment):


      


SSN Export

During the Excel/CSV export a user is asked to select what should be used as a Student Identifier:

  • Student ID
  • Hidden SSN
  • Last 4 Digits of SSN (only available to the users with the View SSN permission)
  • Full SSN (only available to the users with the View SSN permission):



The same happens when generating the PDF document except that there is no option to select Student ID.


These changes are made to the following pages: 

  • Leads & Students, Financial Module: Students, Education Module: Students
  • Placement Module: Placement Records
  • 1098-T Table
  • STRF - Student Eligibility Records
  • Gainful Employment

And to the following PDF documents:

  • Registration Form
  • Enrollment Agreement
  • Payment Plan 
  • Payments Agreement
  • Withdrawal Worksheet
  • Students Communications Report


Other changes

1. SSN is removed in the following cases:

  • SSN is changed to Student ID at the FA Tracking Report and the Student "Name": Financial Aid Tracking Form pages.
  • SSN is removed from the emails about duplicate students.
  • SSN is removed from the System Journal and students Comments - all records about SSN are replaced by "SSN was added", "SSN was changed", "SSN was deleted".

2. All SSN view and export actions are logged to the System Journal. They can be found using the Highly Sensitive Information item in the Part field.

3. Permissions to view, enter and edit the SSN are not assigned automatically to users with Access Type - Administrator.


Available since GEGI v4.10.0 (view release notes).