CRIMINAL JUSTICE USER AGREEMENT (2)0 COPY
CRIMINAL JUSTICE USER AGREEMENT
This Agreement, entered into between the Florida Department of Law Enforcement
(hereinafter referred to as FDLE), an agency of the State of Florida with headquarters at
2331 Phillips Road, Tallahassee, Florida and the Clearwater Police Department
with headquarters at 645 Pierce St Clearwater, Fl 33756
, (hereinafter referred to as the User).
This User agreement is designed for use with all Florida criminal justice agencies, if
your agency does not perform a specific function, the provisions regarding that function
will not apply to your agency.
Witnesseth that: Whereas, FDLE is authorized by law to establish and operate the
Florida Crime Information Center (hereinafter FCIC) for the exchange of information
relating to crimes, criminals and criminal activity;
Whereas, FDLE participates in the National Crime Information Center (hereinafter
NCIC, a service of the United States Department of Justice, the Interstate Identification
Index (hereinafter III), and the National Law Enforcement Telecommunication System
(hereinafter NLETS) and serves as Florida's Control Terminal Agency for the interstate
transmission of criminal justice information to and from agencies in Florida and
agencies in the continental United States, Alaska, Hawaii, Canada and Puerto Rico;
Whereas, the User requires access to intrastate and interstate criminal justice
information systems provided by FDLE through the Florida Criminal Justice Network
(hereinafter CJNet) in order to effectively discharge its public duties;
Whereas, FDLE will facilitate local law enforcement and other criminal justice agencies
requests to participate in the information services provided on CJNet, provided the User
agrees to abide by applicable federal and state laws; administrative code, and all
policies, procedures and regulations related to these systems. FDLE retains full control
over the management and operation of CJNet and FCIC.
Therefore, in consideration of the mutual benefits to be derived from this Agreement,
the FDLE and User do hereby agree as follows:
SECTION I FCIC/NCIC FDLE
FDLE is duly authorized and agrees to ensure access to the information services
provided on CJNet and adhere to the following:
1. Serve as the Control Terminal Agency for the State of Florida and provide the User
with access to criminal justice information as is available in the FCIC/NCIC
systems and NLETS through CJNet, and to serve as the means of exchanging
criminal justice information between the User and other criminal justice agencies
on CJNet.
2. Provide the opportunity for FCIC certification/re-certification training.
3. Upon request, assist User with orientation concerning privacy and security
requirements imposed by state and federal laws, rules and regulations.
4. Provide state criminal history record check services for non-criminal justice
purposes as provided by law.
5. Act as the central state repository; provide identification, record keeping, and
exchange of criminal history record information services.
SECTION II FCIC/NCIC USER REQUIREMENTS
By accepting access as set forth above, User agrees to adhere to the following to
ensure continuation of access:
1. USE OF THE SYSTEM: Information obtained from the FCIC/NCIC files, or
• computer interfaces to other state or federal systems, by means of access granted
through CJNet can only be used for criminal justice purposes in compliance with
FCIC/NCIC and III rules, regulations and operating manuals, state and federal law.
It is the responsibility of the agency to insure access to CJNet is for authorized
criminal justice purposes only, and to regulate proper use of the network and
information at all times. Agencies accessing the FCIC/NCIC systems must
establish appropriate written standards, which may be incorporated with existing
codes of conduct, for disciplining violators of FCIC and NCIC policy.
Agencies that interface between FDLE and other criminal justice agencies must
abide by all of the provisions of this agreement. Agencies that access FDLE
systems by interfacing through other agencies must, likewise, abide by all
provisions of this agreement.
a. MESSAGES: Send only law enforcement and other criminal justice
messages over and through the CJNet. All messages will be treated as
privileged unless otherwise indicated. User should make prudent use of
regional and statewide broadcast message requests. All messages must use
plain text in the message.
b. COMPLIANCE: Operate the workstation in strict compliance with applicable
FCIC, NCIC and NLETS policies including, but not limited to, policies,
practices and procedures relating to:
i) TIMELINESS: FCIC/NCIC records must be entered, modified, cleared,
and canceled promptly in order to ensure system effectiveness.
2
•
Agencies that perform FCIC/NCIC updates for other agencies must
comply with timeliness requirements for the records entered for other
agencies as well.
ii) HOT FILE ENTRIES: User agencies that do maintain a 24-hour,
seven-day a week operation will be allowed to make entries into the
FCIC/NCIC Hot Files.
(a) Agencies making entries for another law enforcement agency must
execute an Interagency Agreement outlining each agency's
responsibilities.
(b) Hot File entries are subject to placement on the Internet, unless
explicitly flagged by the entering agency for exclusion.
(c) Agencies making entries into the FCIC/NCIC Hot Files must
designate a Point of Contact for potential tips resulting from the
posting of records on the Internet who will be responsible for any
follow up activities deemed appropriate by the agency.
iii) QUALITY ASSURANCE: Appropriate and reasonable quality
assurance procedures must be in place to ensure all entries in
• FCIC/NCIC are complete, accurate, and valid.
iv) VALIDATION: The User must validate all records that the agency has
entered into the system for accuracy and retention. To be in
compliance with FCIC/NCIC and III rules, regulations and operating
manuals, the User must ensure each record is modified to confirm the
successful validation of each record on file in FCIC/NCIC. Each
agency responsible for entries in FCIC/NCIC Hot Files is responsible
for maintaining written validation procedures.
V) HIT CONFIRMATION: User must comply with FCIC/NCIC rules,
regulations and operating procedures by responding to the hit
confirmations in a timely manner (within ten minutes or one-hour
depending on priority).
vi) DISSEMINATION: Information obtained from the FCIC files, or
obtained through computer interfaces to other state or federal systems,
by means of access granted pursuant to Section 943.0525, F.S., can
only be used for criminal justice purposes. The information available in
this way through the services of FCIC is restricted to law enforcement
and other criminal justice agencies for official use only. Information
retrieved from FCIC by direct access is not to be made available under
provisions of public records law (Chapter 119 F.S.). Compliance with
Chapter 119, F.S., is accomplished by directing record requests to
• FDLE per Chapter 11C-6, F.A.C., and section 943.053(3), F.S. It is the
responsibility of the authorized agency to ensure that access to the
3
CJNet is for authorized criminal justice purposes only, and to regulate
proper use of the network and information at all times.
Disseminate criminal history record information derived from federal
records or systems only to criminal justice agencies and only for
criminal justice purposes. Criminal justice purposes include criminal
justice employment screening.
vii) RETENTION: III records, which are maintained, must be kept in a
secure records environment. Copies of III data obtained from
FCIC/NCIC must be secured to prevent any unauthorized access to or
use of the data.
(a) Retention of III records for extended periods should only be
considered when the time sensitivity of the specific record is
important.
(b) When retention of III records is no longer required, final disposition
will be accomplished in a secure manner in compliance with state
law, FCIC/NCIC and III rules, regulations and operating manuals to
preclude unauthorized access.
viii) III TRANSMISSION: Any electronic device that uses wireless or radio
technology to transmit data may be used for the transmission of III
records only when an officer determines there is an immediate need
for this information to further an investigation or there is a situation
affecting the safety of an officer or the general public.
A facsimile machine may be used to transmit III between criminal
justice agencies, provided both agencies have an NCIC Originating
Agency Identifier (ORI) and are authorized to receive criminal history
information. Appropriate measures must be taken to prevent
unauthorized viewing or receipt by unauthorized persons.
ix) LOGGING: Each interface agency accessing FCIC/NCIC Hot File and
III systems shall ensure that an automated log is maintained. The Hot
File portion of this log must be maintained for a minimum of six
months, and the III portion must be maintained for a minimum of four
years.
(a) Automated logging is a feature included in the application
software provided by FDLE and local agencies are encouraged to
retain these logs for future reference. Agencies purchasing or
developing an interface to FCIC must ensure logging is an
included feature.
•
4
r?
u
(b) The automated transaction log must identify: the operator on III
transactions, the agency authorizing all transactions, the
requester and secondary recipient. This information can be
captured at log-on and can be a name, badge number, serial
number, or other unique number.
(c) The User must maintain a record of any dissemination of state or
federal criminal history information. This record will reflect as a
minimum: (1) date of release; (2) to whom the information
relates; (3) to whom the information was released; (4) the State
Identification (SID) and/or the FBI number(s); and (5) the purpose
for which the information was requested.
X) INFORMATION ACCESS: Allow only law enforcement and other
criminal justice agency personnel who have been properly screened to
have access to information contained within the FCIC/NCIC system or
other state criminal justice information system files. The user will also
provide assistance to other law enforcement or criminal justice
agencies not equipped with an FCIC workstation in compliance with
FCIC/NCIC and III rules, regulations and operating manuals, but only
to the extent that such assistance is not otherwise prohibited.
Interagency User Agreements are required when access to CJNet is
• provided to another agency.
xi) WORKSTATION: FDLE is not responsible for the workstation
acquisition, maintenance, operation, repair, supplies or workstation
operation personnel costs. The user must notify FDLE immediately,
should the workstation malfunction or become inoperable. All costs
associated with returning the workstation to operation, other than
CJNet costs, will be the User's responsibility. FDLE will assist with
executing trouble-shooting procedures.
xii) OPERATOR RECORDS: Maintain records of certified FCIC operators
and require employees to successfully complete FCIC Certification.
User agrees to remove from FCIC access any employee who fails to
achieve required certification standards, whose certification has
expired, whose certificate is otherwise rescinded or as directed by
FDLE.
2. AUDITS: All agencies having access to CJNet, FCIC/NCIC and the III data shall
permit an FDLE appointed inspection team to conduct inquiries with regard to any
allegations or potential security violations, as well as routine audits.
FDLE conducts biennial compliance and technical security audits of every agency
to ensure network security, conformity with state law, FCIC/NCIC and III rules,
regulations, and operating manuals. Compliance and technical security audits
• may be conducted on a more frequent basis if, for example, an agency fails to
meet established standards, or a potential security concern is identified.
5
•
3. TRAINING: Each agency is responsible for complying with training requirements
established in FCIC/NCIC and III rules, regulations and operating manuals. FDLE
provides this training for local agencies' FCIC instructors throughout the state.
Each agency is responsible for remaining current in the applications, procedures,
and policies and ensuring personnel attend these training sessions.
a. Only operators who have successfully completed FCIC/NCIC certification
testing shall be allowed to have unsupervised access to the FCIC/NCIC
system.
b. FCIC/NCIC operators who are in their initial six months of assignment may be
permitted supervised access to FCIC. Operators must become certified
within six-months.
4. RELOCATION: The user must provide FDLE written notice 90 days in
advance, should User desire to relocate the data circuit(s) and FDLE
equipment connected to Users' workstation. All costs associated with the
relocation of the equipment and the data circuit(s), including delays in work order
dates, will be borne by User unless FDLE has funding to make changes without
charge. The repair and cost of any damages resulting from such relocation will be
• the User's responsibility. The User must also provide 90 days advance notice
when requesting additional access to the CJNet.
5. LIABILITY: User understands that the FDLE, its officers, and employees shall not
be liable in any claim, demand, action, suit, or proceeding, including, but not
limited to, any suit in law or in equity, for damages by reason of, or arising out of,
any false arrest or imprisonment or for any loss, cost, expense or damages
resulting from or arising out of the acts, omissions, or detrimental reliance of the
personnel of the User in entering, removing, or relying upon information in the
FCIC/NCIC and NLETS information systems.
6. CRIMINAL HISTORY RECORDS: FDLE is authorized to establish an intrastate
automated fingerprint identification systems (IAFIS) and identification and
intrastate systems for the communication of vital statistics and information relating
to crimes, criminals and criminal activity.
FDLE has received funding from the United States Department of Justice and is
subject to and must demand intrastate Users of its criminal history record services
adhere to US Code (28 U.S.C. section 534, State Statute (Chapter 943 F.S.),
Code of Federal Regulations (28 C.F.R. Part 20), Florida Administrative Code
(Chapter 11C-6, F.A.C.), FCIC/NCIC and III rules, regulations and operating
manuals which this agreement incorporates both present and future. Additionally,
the User will:
• a. Provide for inclusion in criminal history records information systems, adult and
juvenile criminal fingerprint cards or automated fingerprints on all felony
6
•
arrests, adult criminal fingerprint impressions on all misdemeanors and
comparable ordinance violation arrests, and juvenile fingerprint cards or
automated fingerprints on misdemeanor arrests specified at Section 943.051,
F.S. The submission of other juvenile misdemeanor arrest fingerprint cards is
optional.
b. Establish a mechanism to collect and submit disposition data of criminal
arrests to FDLE for inclusion in the centralized criminal history record
information system as required by law.
c. Provide security for criminal history record information and systems. Train
personnel who receive, handle or have access to criminal history record
information.
d. Screen all personnel who will have direct access to criminal history record
information and reject for employment personnel who have violated or appear
unwilling or incapable of abiding by the requirements outlined in this
agreement.
e. Defer to FDLE on any determination as to what purposes qualify for criminal
justice versus non-criminal justice designation.
• f. Pursuant to a signed interagency agreement as authorized by Florida
Statutes and/or federal regulations, the User may share state criminal history
record information. Dissemination of information requires compliance with all
applicable statutes, FCIC, rules, regulations, and procedures. Agencies must
maintain confidentiality of such record information that is otherwise exempt
from Section 11 9.07(l), F.S., as provided by law.
SECTION III SECURITY REQUIREMENTS
Each agency must ensure compliance with FCIC/NCIC, III and NLETS rules,
regulations, procedures and security policies, which include but are not limited to
System Security, Personnel Security, Physical Security, User Authorization, Technical
Security, Dissemination of Information Obtained from the Systems, and Destruction of
Records. By accepting access as set forth above, the agency agrees to adhere to the
following NCIC policies in order to ensure continuation of that access:
1. PERSONNEL BACKGROUND SCREENING and POLICY FOR DISCIPLINE: The
User is required to conduct a background investigation on all terminal operators,
programmers, consultants, other persons employed or utilized to effectuate access
to or initiate transmission of FCIC/NCIC information, and custodial, support, and/or
contractor personnel accessing terminal areas unescorted by authorized
personnel. Good management practices dictate the investigation should be
completed prior to employment, but must, at a minimum, be conducted within the
• first 30 days of employment or assignment. Before the background is completed
the following requirements must be met:
7
•
a. The User must conduct an on-line criminal justice employment check.
b. The User must submit fingerprint cards for positive fingerprint comparison
against the state and national criminal history and hot files.
c. If a record of any kind is found, during the first two steps, the User will not
permit the operator to have access to FCIC/NCIC access. The User will
formally notify FDLE indicating access will be delayed pending review of the
criminal history.
d. When identification of the applicant has been established by fingerprint
comparison and the applicant appears to be a fugitive, have pending criminal
charges, or have an arrest history for a felony or serious misdemeanor, the
user will notify FDLE. If the applicant is found to be a fugitive from justice or
to have been convicted of a felony or serious misdemeanor, the matter will be
referred to FDLE for review.
e. Applicants who are found to have a felony conviction will generally be denied
access to FCIC/NCIC. If a determination is made by FDLE that FCIC/NCIC
access by the applicant would not be in the public interest, such access will
be denied and the user agency will be notified in writing of the access denial.
• f. Each agency must have a written policy for discipline of personnel who
access these systems for purposes that are not authorized, disclose
information to unauthorized individuals, or violate FCIC/NCIC and III rules,
regulations or procedures.
2. PHYSICAL SECURITY: Each agency must have a written policy that ensures and
implements security measures, which secures the FCIC/NCIC workstation and
prevents unauthorized use or viewing of information on the workstation. The use
of screen blanking software with password protection is recommended for Mobile
Data Computers or for computers when the operator may leave the computer
unsupervised. FDLE reserves the right to object to equipment location, security
measures, qualifications and number of personnel who will be accessing FCIC and
to suspend or withhold service until such matters are corrected to its reasonable
satisfaction.
3. ADMINISTRATIVE SECURITY: Each agency utilizing information services
provided through CJNet must designate individual agency contacts who will assist
the agency and FDLE with the information services covered by this agreement.
Training for these positions is provided by FDLE, and the User must ensure that its
designee is keenly aware of the duties and responsibilities of each respective
position. The User is required to provide FDLE with up-to-date contact
information.
• a. TERMINAL AGENCY COORDINATOR: Agencies accessing the FCIC/NCIC
system must designate a Terminal Agency Coordinator (TAC) to ensure
8
•
compliance with FCIC/NCIC and III rules, regulations and procedures, and to
facilitate communication between FDLE and the agency. The TAC must
maintain a current FCIC Certification.
b. SECURITY OFFICER: Agencies accessing the FCIC/NCIC system and/or
the Florida Criminal Justice Network (CJNet), must designate a security
officer to ensure security of the FCIC/NCIC workstations, the connection to
CJNet, and any access to the information services provided on CJNet to or by
the User.
c. CJNet POINT OF CONTACT: Agencies accessing applications using Public
Key Infrastructure (PKI) security certificates on CJNet must designate a Point
of Contact (POC). The POC will receive and approve the issuance and
revocation of PKI certificates for agency members.
4. TECHNICAL SECURITY
a. DIAL-UP SERVICES: Establishing dial-up services to FCIC/NCIC and CJNet
will be permitted provided the User establishes appropriate security measures
to ensure compliance with all rules, regulations, procedures, and the CJIS
Security Policy.
is b. ENCRYPTION: The use of encryption is required for methods of
transmission, and must comply with all rules regulations, procedures, and
standards established in the CJIS Security Policy.
c. DOCUMENTATION OF NETWORK CONFIGURATION: User must complete
and be able to provide upon request a diagram of devices, and networks that
are connected to the CJNet, as well as a list of entities attached to the
networks. Identification of security devices, methods and types of encryption
deployed, Internet connections, connections to other networks, dial-up
services and any other connection that may provide access to CJNet must be
included in the network diagram. This documentation must be routinely
updated and provided when a compliance and technical security audit is
conducted or when requested by FDLE.
5. SECURITY AUTHORITY: All policies, procedures and operating instructions
presently contained in current CJIS Security Policy, NCIC and NLETS documents,
operating manuals and technical memoranda, are hereby incorporated into and
made a part of this agreement, except to the extent that they are inconsistent
herewith or legally superseded by higher authority.
6. WORKSTATION SOFTWARE LICENSE: The FCIC II Workstation Software
license from Datamaxx is provided with the Linxx202O software documentation in
the Supplemental Documents section, and may also be found on CJNet in the
FCIC II website. The FCIC II Workstation Software license is made a part of and
• incorporated by reference into this User Agreement and shall be binding on the
User upon acceptance of the software.
9
C]
SECTION III MISCELLANEOUS REQUIREMENTS
PENALTIES AND LIABILITIES: Any non-compliance with the terms of this
Agreement concerning the use and dissemination of criminal history information
may subject the User's officers or employees to a fine not to exceed $10,000 as
provided for in the Code of Federal Regulations, Title 28, Section 20.25, and/or
discontinuance of service. Moreover, certain offenses against system security and
the information contained therein are crimes under Florida Statutes and can result
in criminal prosecution.
2. PROVISIONS INCORPORATED: User shall be bound by applicable federal and
state laws, federal regulations and the rules of FDLE to the same extent that User
would be if such provisions were fully set out herein. Moreover, this Agreement
incorporates both present and future law, regulations and rules.
3. TERMINATION: Either party may terminate this Agreement, with or without
cause, upon providing advanced written notice of 45 days. Termination for cause
includes but is not limited to any change in the law that affects either party's ability
to substantially perform as originally provided in this Agreement. Should the
aforementioned circumstances arise, either party may terminate or modify the
• Agreement accordingly.
FDLE reserves the right to terminate service, without notice, upon presentation of
reasonable and credible evidence that User is violating this Agreement or any
pertinent federal or state law, regulation or rule.
4. MODIFICATIONS: Modifications to the provisions in this Agreement shall be valid
only through execution of a formal Agreement amendment.
5. ACCOUNTABILITY: To the extent provided by the laws of Florida, User agrees to
be responsible for the negligent acts or omissions of its personnel arising out of or
involving any information contained in, received from, entered into or through
FCIC/NCIC and NLETS.
6. ACKNOWLEDGEMENT: User hereby acknowledges the duties and
responsibilities as set out in this Agreement. User acknowledges that these duties
and responsibilities have been developed and approved by FCIC/NCIC to ensure
the reliability, confidentiality, completeness, and accuracy of all records contained
in or obtained by means of the FCIC/NCIC System. User further acknowledges
that failure to comply with these duties and responsibilities will subject its access
to various sanctions as approved by the Criminal Justice Information Services
Advisory Policy Board. These sanctions may include termination of NCIC services
to the User agency. User may appeal these sanctions through its Control
• Terminal Agency. -
10
7. TERM OF AGREEMENT: This agreement will remain in force until it is
determined by FDLE that a new agreement is required. The User Agency should
initiate the execution of a new agreement when a change of agency head occurs.
IN WITNESS HEREOF, the parties hereto have caused this agreement to be executed
by the proper officers and officials.
NAME OF USER AGENCY Clearwater Police Department
AGENCY HEAD
Sidney R. Klein TITLE Chief of Police
(PLEASE PRINT)
(SIGNATURE)
DATE May 5 2006
JWITNESS 4??? ls'" 1Z TITLE Deputy Chief
• FLORIDA DEPARTMENT OF LAW ENFORCEMENT
BY
(PLEASE PRINT)
TITLE
(SIGNATURE)
DATE
WITNESS
•
11
TITLE
•
Attachment
DESIGNATED CONTACTS: User hereby acknowledges and agrees to designate and
maintain the contacts specified in this Agreement. The contacts designated at the
signing of this Agreement are as follows:
DESIGNATED CONTACTS
Agency: Clearwater Police Department
(PLEASE PRINT)
Date: May 5, 2006
TERMINAL AGENCY COORDINATOR
Name: Vince Mohr TITLE Communications SLperyi or
(PLEASE PRINT)
• Phone: (727) 562-4217
Fax: (727) 562-4221
e-mail: Vincent. Mohr@MvClearwater, con
SECURITY OFFICER
Name: Gary Zinn TITLE Network Analyst
(PLEASE PRINT)
Phone: (727) 562-4476
Fax:
(727) 562-4324
e-mail: Gary. Zinn@MyClearwater._con
12
•
CJNet POINT of CONTACT
Name: Vince Mohr TITLE Communications Supervisor
(PLEASE PRINT)
Phone: (727) 562-4217
Fax: (727) 562-4221
e-mail: Vincent.Kohr@MyClearwater.com
FCIC Public Access System (PAS) Contact
Name: Jean Griggs TITLE Records Manager
(PLEASE PRINT)
Phone: (727) 562-4455
Fax: (727) 562-4415
e-mail: Jean.Griggs@MvClearwater.com
PAS TIP Information:
PAS TIP Phone: (727) 562-4422
PAS TIP e-mail: tips@clearwaterpolice.org
•
13