ScholarChip

ScholarChip’s Privacy & Data Security

Privacy is Paramount

ScholarChip takes privacy very seriously

At ScholarChip we understand that our clients are increasingly concerned about protecting the privacy of the data they collect. In providing Software as a Service, we acknowledge that we have a serious responsibility to help our clients protect the confidentiality of all student, staff and community data that resides in our systems. Significant overlap exists between the concepts of data security and data privacy; thus our approach to compliance has always been aimed at providing both, through multiple layers of controls designed to support our clients’ policies.

Coordination with Data Controllers

In order to meet privacy regulation requirements, cooperation with our clients (the data controllers) is essential.

 

Only you, our clients, can:

  • define your business needs
  • communicate them directly to the individuals whose data you are collecting
  • obtain consent if necessary
  • define the conditions under which the data is no longer needed and should be purged

 

We then provide the technical means to:

  • process the data securely
  • protect the data while it is in our custody
  • securely remove it when it is no longer needed
  • provide awareness training to ensure that our employees know how to handle the data properly

 

Data Protection by Design and by Default

ScholarChip’s comprehensive security program is based on the widely-recognized NIST CyberSecurity Framework.

 

We ensure data security through:

  • network architecture
  • software design
  • policies
  • other critical protective measures

 

ScholarChip systems are fully compliant with several comprehensive industry-recognized security standards.

Through a rigorous annual audit process, regular testing and constant monitoring, ScholarChip systems are certified to meet the latest required standards governing the security of sensitive and confidential information.

Data Security

ScholarChip Data Security

ScholarChip provides centralized data and application services (cloud infrastructure) and is committed to data protection and business continuity. Focused on all three major objectives of data security –

 

Confidentiality, Integrity, and Availability

– ScholarChip’s full-time risk and compliance team takes the necessary steps to certify that our systems are available continuously and that your data is fully protected.

Confidentiality

Keeping students safe also means keeping student data safe. Aligned with industry best practices, ScholarChip’s multiple layers of resources and application access control measures ensure that only authorized users and support staff can access the sensitive information you have entrusted to us.

Integrity

The effectiveness of the ScholarChip platform relies on a solid foundation of high-quality data. Through carefully monitored automated processes, ScholarChip ensures that data consistency is maintained so that school administrators have the accurate and timely information they need to keep schools operating safely and efficiently.

Availability

As ScholarChip becomes part of your school’s everyday operations, reliability is key. Our data center is designed, monitored, tested, and maintained by a team of technical professionals to support continuous operations of the systems you depend on.

As one of its core values, ScholarChip makes a strong commitment to data security and privacy. ScholarChip has implemented a comprehensive set of data protection controls aligned with industry-recognized best practices. Our controls are based on rigorous standards including:

Payment Card Industry Data Security Standard (PCI-DSS)
National Institute of Standards and Technology (NIST) CyberSecurity Framework, SP800-53 (commonly referred to as the FISMA standard), and SP800-171
AICPA Trust Services Criteria (known as the SOC2 standard)

By meeting these comprehensive standards, ScholarChip ensures data security through network architecture, software design, policies, procedures and other critical protective measures.