In the interest of privacy, we are trying to tie whether a record is visible to a field that contains whether we have permission to display the image. So if that field is yes, we want the record to display, and if it’s no, we don’t want it to display. I think I can envision how that would work. We could create a .csv file for the initial upload that contained cells that would reflect that information, and then manually change the public/private setting if we received new consent forms.
However, we also we want some records to be available only to graduates of our institution. Would there be a way to create a third level of access between public and private that would require a login? I'm sure it could be done, but it might be beyond my php skills.
Another thought I had was to have records display, but not the image if the image has not been approved. So in the item record, we could have an if/then conditional statement based on the approval field that would determine whether the picture would display. Also this conditional statement could check to see if the user is logged in. We could even display a message instead of the picture, saying the image needs approval or have a link to get a username and password. Would this be possible?