Guide Topic
When sensitive information is disseminated, such as student-level data that identifies an individual student, the data should be encrypted in some way. Sensitive Finance, Financial Aid, or Legal information may also need to be encrypted before sending the documents. The easiest way to protect Personally Identifiable Information (PII) is to password-protect the file prior to sending.
The protected file and the password for the file should always be separate. Never send the two together in the same email. Send the protected file in one email and then another email with the password for the protected file.
Microsoft Word will most likely be the file format used to send large amounts of information that need encrypting, i.e. password protecting.
Instructions
- Open the Word document you wish to password-protect. (example file below)
2. Click on File in upper left-hand corner.
3. In the File menu, click on Info.
4. In the Info section, click on the Protect Document tile.
5. Then click on Encrypt with Password.
6. Then an Encrypt Contents of This File pop-up dialog will appear. This box provides instructions for creating a password to protect the document.
7. Once you enter a password, a second pop up dialog box will appear asking for password confirmation. Reenter the password created in Step 6.
8. Your document is now password-protected. To test this, close the document and then reopen it. The screen below should appear.
9. Enter the password you created in step 6. Click OK. The file will open.
IMPORTANT: Make note of the file password because only you know the password you created. The file cannot be recovered if you forget the password that opens the file.
REMEMBER: When sending a password-protected Word document within TCC, send the protected file in one email and the password for the protected file in another email.
Personal Data that is sent to a third party, such as Fort Worth ISD, is done under a restrictive legal agreement. Data transfer utilizes Secure File Transfer Protocol (SFTP) which is a protected and encrypted portal.
Individual employees should rarely or never send student-level data to an outside agency or individual. To do so could be a FERPA violation and possibly a criminal violation without the proper authorization or authority.