Integration Partners

Our range of integration services are used by our Approved Integration Partners (AIPs) to allow secure  access in line with our integration terms of use. 

If you are a government department, school, academy and are seeking integration please reach our to our support team for assistance. 

Third party integrators

Compass provides AIPs with our framework to interface with Compass. Technical AIPs can integrate with confidence knowing that their products and services are supported across the Compass Platform. Our Disconnected Applications team support AIPs by providing them with all the necessary tools, documentation and environments to assist in developing and integrating  with Compass.

Step 1: Determine the type of integration that you are seeking. 

1) Single School Integration 

2) Government (Enterprise/Compass Ancestry) Integration

3) Platform Integration (Including SSO and/or Deep API Integrations)**Note: Due to regional configurations, Platform Integrations are typically reviewed on a per-state/per territory basis.

Integrations outside of our AIP

We have a range of data exports and integrations that are available without the need for our AIP. These include RSS feeds, SchoolFront news widgets, iCal integrations, SAML/SSO Integrations, Google Apps, and Office 365.

Step 2:  Confirm the data you are exporting

For example are you seeking:

1) De-identified data 

2) Personal Student Data

3) Personal Staff Data

4) Personal Parent Data

5) Wellbeing information

6) Medical information

7) Attendance information

8) School Resources (non-student) details

AIPs are required to select the minimum viable information set - inline with GDPR and the Information Privacy Principles (AU C'wth)

As part of this step, create a list of current customers that are using the platform (this will help us to prioritise the application review). 

Step 3: Provide evidence of data security compliance

We are committed to ensuring that the highest level of data protection is in place with AIPs. This ensures that we protect schools data for unauthorised disclosure or release. 

As requests must be made on a per jurisdiction basis, these requirements will need to confirm to Compass' local data security requirements (typically these are based on local jurisdiction or department requirements).

Typical evidence we may require:

• Evidence of third-party compliance or certification with a standard (this may include ISO27001 or PCIDSS [excluding self-assessment])

• Details of hosting location/s and data storage/processing (in most jurisdictions this is required to be onshore)

• Evidence of hosting location security compliance/certification (usually ISO27001)

• Confirmation of encryption approach and technology (both in transit and at rest)

• Provide details on the URL and IP address of the platform (this must be a live/production instance - not a sandpit or development environment)

Step 4:  Frequency of access

Determine the frequency of API access that is required and the timing of these requests. 

Frequent (multi-day) API requests for large data sets will not typically be permitted. 

Step 5: Express interest by emailing us

Email legal@compass.education with a summary of your request, which includes the details from steps 1, 2, 3 and 4. 

Our team will confirm receipt of your submission (typically within 5-7 days). Our team will then review the submission to determine suitability. 

Note: This process may take 3-6 months as it will typically include us engaging a third-party to undertake an assessment. We are unable to provide updates during this process, however may reach out to your for additional information or clarification.

Step 6: Once we have reviewed your request, we will get back to you with our assessment. If we approve your application we will include a pricing assessment for ongoing use and any initial setup costs along with a tailored AIP contract. 

AIPs 

All AIP access is governed by our terms of use and privacy policies in addition to the AIP agreement.