How NMFTA collects, uses, and protects the information you share through the Threat Report Portal.
When you submit an incident report, we collect the details you provide in the form including incident descriptions, methods, locations, and any uploaded artifacts. We also collect your name and company as the reporter, along with your account information (name, email, organization) when you register for the service.
Your identity as a reporter is never disclosed to other subscribers or the public. When incidents are shared with the registered community, your name and company are stripped from the report. Only NMFTA administrators can see who submitted a report, and only for the purpose of moderation and follow-up.
Submitted incidents are reviewed by the NMFTA cybersecurity and operations team. Approved reports are distributed as anonymized alerts to registered subscribers, helping the transportation industry stay informed of active threats. Incident data may also be used in aggregate for research and trend analysis.
You may request removal of your personal data at any time. When a removal request is processed, your registration information is deactivated and your identity is permanently disassociated from any incidents you submitted. The anonymized incident data remains available to the community, as it contains no personally identifiable information.
All data is stored in encrypted databases hosted on Microsoft Azure. Access to reporter identity information is restricted to authorized NMFTA administrators. The portal uses OKTA for secure authentication, and all communications are encrypted in transit via HTTPS.
NMFTA does not proactively share your information or reports with law enforcement agencies. We are not a law enforcement body. If you believe a crime requires immediate law enforcement attention, please contact your local authorities directly.
Questions about your data? Contact us at nmfta.org/support.
Back to Home