To ensure that teachers in an organization can only view and access users who are assigned to specific groups, you must first disable 'Root level access' for teacher accounts. This can either be done at the teacher group level or on individual teacher accounts.
Limit access for all Teachers
Hover over the 'Teachers' group in the group menu on the left of the organization console, then click on the 3 dot ellipsis that appears.
Choose 'Set Permissions'
On the 'Set user type permissions' dialog expand 'Organization Console Permissions'
Change the 'Root level access' permission to 'Deny'
Now, all teachers in your organization account will only be able to access users who belong to groups for which they have been explicitly assigned as administrators. To grant teachers access to a group, follow the next step:
or
Make a teacher an administrator of an existing group
If you only want to limit the access of individual teachers, you can change the permissions on each user as follows:
Limit access for individual Teachers
Browse through the groups to find the teacher account whose permissions you want to modify. Once you locate the account, select it and click on the 'Security' icon.
Note: Teacher accounts that have not yet accepted their invitation to join your organization account will appear in the 'Pending invitations' section.
Click on the 'Detailed permissions' tab
Click on 'Organization Console Permissions' to expand the section
Change the 'Root level access' permission to 'Deny'
This teacher will now only be able to view and access users in groups for which they have been explicitly assigned as an administrator. To grant the teacher access to a group, follow the next step:
or
Make a teacher an administrator of an existing group