Digital protection of students and employees

Educational institutions have a legal and ethical responsibility to protect sensitive student information. As a public institution, you often already have secure IT systems in place. But we see that particularly within the school system, sensitive data continues to land outside the secure systems – typically in email inboxes or in private folders. This is problematic – both in relation to complying with privacy regulations, but also if you simply want to be responsible with the personal data you have been entrusted with.

Student data
Education data

Here are your sensitive data

Having worked with a number of educational institutions, we know that the sensitive data you hold is typically:

  • Names, dates of birth, addresses, ID numbers
  • Grade papers, test scores etc.
  • Attendance registration and disciplinary registration
  • Medical history, diagnoses and treatment plans
  • Special education information, including eligibility for special services
  • Contact details of parents and guardians and info on parental authority
  • Images of minors that reveal a student’s appearance, ethnicity, location, or activities
  • All your information on the school’s employees

How do you ensure that the teachers and office staff keep track of all the sensitive data they come across? We see that many employees have challenges with data discipline. The mistakes that are made are typically that sensitive data are not organised so you actually dont know where it is, that you send and receive sensitive data unencrypted and that you do not delete sensitive data that is no longer relevant to you.

How we can help you

Our data discovery tool, DataMapper, uses artificial intelligence to find files, emails and images with sensitive content across your data systems. You will have the opportunity to finally clean up data containing sensitive information and comply with privacy regulations. Cleaning up will be more accurate and much faster than if you had to clean up manually.

Find sensitive data about current students
Find and delete information about old students
Adjust information about teacher

Keep a record of personal data as per GDPR Article 30.

Use case

Basen Skole & Dagbehandling is a school for children and young people with special needs. The school had a desire to find the sensitive data they were storing in order to comply with GDPR. They knew they had to protect student data, but they didn’t know how much they actually had or where it was stored. For years, email had been used to collect sensitive information. The school decided to get DataMapper and within minutes they had:

A list of all sensitive data
An overview of the data’s age, type and location
A quick way to delete sensitive data
An option to control access to the sensitive data
One dashboard to monitor all sensitive data

Surrounded by personal information
As a functioning school and daycare provider, we are completely surrounded by personal information. Regardless of whether it concerns students or staff in relation to HR, everything must be processed according to the given GDPR rules. Here, DataMapper has created an overview and made us aware of various practices, created discussions regarding existing work patterns and created security around working with GDPR.

“DataMapper [have] created an overview, and made us aware of various practices, created discussions regarding (…) the work with GDPR.”

Our challenges
Like so many companies with a busy day, our challenge was to set aside time to do GDPR-related work. Basically, we exist for our children and young people, and that is where we want to spend our time. So the help DataMapper could provide worked perfectly. GDPR and the work around GDPR is so extensive that a tool that ensures correct processing in relation to legislation is incredibly welcome.

A highway when finding data
DataMapper is intuitive and a highway in terms of finding unprocessed files and data that both the individual and the administrator should keep an eye on. The best thing about DataMapper, however, is that the tool does not feel like a monitoring device, but a definite help. Users look up data from their scan themselves, and are not confronted with warnings and alarms if they do not want it.

A global solution
With the responsibility imposed on our employees and administration, we have also enthusiastically accepted DataMapper’s Global Scan, where the administrator can determine to an even greater extent whether the initiatives that have been created have an effect and we are constantly improving.

Philip Dysted Frank
IT Administrator at

Results and savings for the school


Files, emails and images found in the school’s storage.


Risk files, emails and images found in the school’s storage.


Hours of work saved per year for the school.

Student data

DataMapper is part of PrivacyHub

We want GDPR compliance to be as easy as possible so you can focus on running your business. That's why we created PrivacyHub, to simplify 3 of your most important tasks.

  1. Tracking and monitoring sensitive data
  2. Responding to data access requests (DSARS)
  3. Sharing and requesting data safely by email

Get the whole platform now to become compliant from the moment you collect personal data to the time you delete it (or return it to its owner). Or, start with one solution to tackle your most pressing compliance task first and go from there.

Do you need a safe way to share and request personal data? ShareSimple can help.