Data Privacy & Cybersecurity

Our Privacy Pledge

As we live in a more digital society, student data privacy and safety continues to be a top priority in Northwest ISD. We want our stakeholders to feel secure in knowing how student and staff information is being used.

How does NISD protect student data?

Northwest ISD utilizes password protection resources for all data. NISD staff uses multi-factor authentication to help protect resources and maintain security. All data is housed domestically in order to ensure United States data privacy guidelines are utilized.

Some specific strategies utilized by Northwest ISD are as follows:

External vendors must sign our Data Privacy Agreement.
All data uses SSL encryption in transit meaning that all data is encrypted while being transferred via the internet. This is a standard security protocol and ensures that all data transmitted between the web server and browser remains encrypted.
Email data utilizes Transport Layer Security (TLS) preferred encryption for inbound and outbound messaging order to provide privacy and data integrity during communication.
The district is currently utilizing the Trusted Learning Environment framework for data policies and practices.

Current NISD DPA Agreements

What data do we collect and why?

	Measuring Student Progress and Performance and Meeting Individual Needs We collect data such as attendance, grades, and participation in school-sponsored extra-curricular activities to enable students to succeed. We also collect data from surveys and other feedback to improve teaching and learning and address other issues important to students and their families.
	School Operations We collect data such as addresses, phone numbers, and age to ensure student safety and accurate reporting to help run our school operations efficiently.
	Improving The Education Program We collect results from local, state, and national assessments to provide teachers, administrators and parents with important information about students, programs, and school performance. This data helps us improve the educational programs we offer and provide experiences specific to our student needs.
	Responsible Stewardship and Financial Integrity We collect program and financial data to provide assurance that our operations and resources are used in a responsible manner. In addition, we want to make sure the resources and operations we employ lead to student success. We strive to maintain high ethical standards and demonstrate integrity, honesty, and trustworthiness as a district.

Laws and Standards

Children's Internet Protection Act (CIPA)

The Children's Internet Protection Act (CIPA) was enacted by Congress in 2000 to address concerns about children's access to obscene or harmful content over the Internet.

Family Educational Rights and Privacy Act (FERPA)

The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records.

Children's Online Privacy Protection Rule (COPPA)

The Children's Online Privacy Protection Rule (COPPA) imposes certain requirements on operators of websites or online services directed to children under 13 years of age.

Protection of Pupil Rights Amendment (PPRA)

The Protection of Pupil Rights Amendment (PPRA) applies to the programs and activities of a state education agency (SEA), local education agency (LEA), or other recipient of funds under any program funded by the U.S. Department of Education.

Google Privacy Policy

Google takes security seriously, with industry-leading safeguards and privacy policies that put you in control of your school’s data. Here’s how you know that students and educators are protected.

Learn more about Google's Privacy Policy

Common Sense Media: Privacy Risks and Harms Report

The Common Sense Privacy Risks and Harms report identifies risks to children and students as they engage online and identifies ways for parents and educators to choose the products that best protect our youngest consumers from privacy intrusions and manipulation by third parties that could have long-term implications.

Internet Safety Plan