HomeMy Public PortalAboutDelray Beach - Interlocal Agmt for NCIC and FCIC Info.INTERLOCAL AGREEMENT
BETWEEN
CITY OF DELRAY BEACH AND
TOWN OF GULFSTREAM
WHEREAS, the Delray Beach Police Department, hereinafter referred to as
DBPD, and Gulfstream Police Department, hereinafter referred to as GPD, are bona
fide law enforcement agencies; and
WHEREAS, the DBPD presently has the benefit of the Florida Department of
Law Enforcement computer terminals which provide access to the National Crime
Information Center, hereinafter NCIC, and the Florida Crime Information Center,
hereinafter FCIC; and,
WHEREAS, GPD wishes to utilize the computer terminals for access to NCIC
and FCIC Information Systems for law enforcement purposes;
NOW THEREFORE, the parties agree as follows:
1. GPD shall be entitled to use, through agents and employees of the DBPD,
the computer server located at the DBPD for the purpose of gaining access to NCIC
and FCIC Information Systems.
2. GPD agrees to abide by all applicable local, state and federal laws, rules
and regulations, as well as the rules and regulations of NCIC and FCIC with regard to
the use of said computer terminals.
3. GPD agrees to abide by all the terms and conditions of the User
Agreement executed between the Florida Department of Law Enforcement and the
DBPD dated November 19, 2014, a copy of which is attached to this agreement.
4. GPD agrees that it shall make use of the computer terminals only for bona
fide law enforcement purposes
5. The term of this agreement shall be for one (1) year commencing on the
date the agreement is signed and from year to year hereafter unless sooner terminated
6. Either party may terminate this agreement upon thirty (30) days written
notice except that DBPD may terminate this agreement immediately and without notice
upon finding that GPD has violated the terms of this agreement.
7. Town of Gulfstream shall to the extent permitted by law at all times
hereafter indemnify, hold harmless and, at the City Attorney's option, defend or pay for
an attorney selected by the City Attorney to defend the City of Delray Beach, its officers,
agents, servants, and employees from and against any and all causes of action,
demands, claims, losses, liabilities and expenditures of any kind, including attorney
I
fees, court costs, and expenses, caused or alleged to be caused by any intentional,
negligent, or reckless act of, or omission of, Town of Gulfstream, its employees, agents,
servants, or officers, or accruing, resulting from, or related to the subject matter of this
Agreement including, without limitation, any and all claims, losses, liabilities,
expenditures, demands or causes of action of any nature whatsoever resulting from
injuries or damages sustained by any person or property. In the event any lawsuit or
other proceeding is brought against the City of Delray Beach by reason of any such
claim, cause of action, or demand, Town of Gulfstream shall, upon written notice from
the City of Delray Beach, resist and defend such lawsuit or proceeding by counsel
satisfactory to the City of Delray Beach or, at the City of Delray Beach's option, pay for
an attorney selected by City Attorney to defend the City of Delray Beach. The
obligations of this section shall survive the expiration or earlier termination of this
Agreement. To the extent considered necessary by the Contract Administrator and the
City Attorney, any sums due Town of Gulfstream under this Agreement may be retained
by the City of Delray Beach until all of the City of Delray Beach's claims for
indemnification pursuant to this Agreement have been settled or otherwise resolved.
Any amount withheld shall not be subject to payment of interest by the City of Delray
Beach. Nothing herein shall be construed as a waiver of Chapter 768 of Florida
Statutes.
8. This agreement constitutes the entire agreement of the parties and may
not be modified as amended without a written agreement executed by both parties.
IN WITNESS HEREOF, the parties have caused this agreement to be executed
by the proper officers and officials.
Town of Gulfstream
City of Delray Beach
By: >`'Q��� By: " h 64q ---
William Thrasher, City Manager Donald Cooper, Cit Manager
.Tu A
Dated:46mA It , 2016.
2
Dated: June a , 2016.
License Pale Reader Supplemens
LICENSE PLATE READER SUPPLEMENT TO
CRIMINAL JUSTICE USER AGREEMENT
This License Plate Reader Supplement ("Supplemental Agreement") to the Criminal
Justice User Agreement supplements the Criminal Justice User Agreement entered into
between the Florida Department of Law Enforcement (hereinafter referred tPOLICE DEPT. with
o as FDLE),
an agency of the State of Florida, and theDELRAY BEACH
headquarters at300 west Atlantic AVe., Delra Beach,
referred to as the User). FL 33444, (hereinafter
PURPOSE: The purpose of this Supplemental Agreement is to document the terms
and conditions under which FDLE will make certain information (as specified below
under Terms and Conditions) available to state and local criminal justice agencies for
use in comparing such information against scanned vehicle license plate numbers
retrieved by means of license plate screening technology from mobile and fixed sites.
ASSOCIATED AGREEMENTS: Both the aforementioned Criminal Justice User
Agreement and the Memorandum of Understanding between the Federal Bureau of
Investigation (FBI) and FDLE conceming the FBI's transmission of information (as
specified below under Terms and Conditions) from the National Crime Information
Center (NCIC) to FDLE, are incorporated herein by reference. A copy of the latter is
attached hereto.
TERMS AND CONDITIONS:
FDLE agrees to provide access to the information services described below and will
adhere to the following terms and conditions:
1. Provide the User with access to files extracted from the Florida Crime Information
Center (hereinafter FCIC) and NCIC Hot Files, and Florida Department of Highway
Safety and Motor Vehicles (DHSMV) records including, but not limited to the Expired
Tag File, Expired License File and Sanctioned Driver File;
2. Provide extract information from FCIC, updated eight times per day and including
information from all FCIC records with license plate data, except Intel -flagged
records;
3. Provide updated extract information from NCIC as often as made available by the
FBI, including license plate information from the NCIC Hot Files and from other files
as may be made available by the FBI;
4. Provide updated extract information from DHSMV as often as made available by
DHSMV;
5. Respond to specific inquiries from the User; and
6. Provide the User with the name and contact information of FDLE technical and
administrative points of contact.
By accepting access to the information services described above, the User agrees to
adhere to the following terms and conditions:
April 14, 2014 page I of
License Plate Reader Supp:ement
1. Use the FCIC/NCIC/DHSMV extracts for criminal justice purposes only;
2. Control access to the CJNet and FDLE FTP server so as to deny direct access by
the User's license plate screening technology vendor;
3. Execute a Memorandum of Understanding with the User's license plate screening
technology vendor restricting the vendor's use of information obtained from FDLE for
this program to criminal justice purposes and precluding use by an entity other than
the User;
4. Update its local database as FCIC/NCIC/DHSMV updates become available,
assuring that information deleted from the FCIC/NCIC/DHSMV system is also
deleted from all local databases;
5. Confirm data extract hits are still active in FCIC/NCIC, at the earliest reasonable
opportunity, and before taking enforcement action, in accordance with current hit
confirmation policy;
6. Confirm, via an FCIC driver license or vehicle registration transaction, that DHSMV
data extract hits correspond to current, live DHSMV data, at the earliest reasonable
opportunity, and before taking enforcement action; and
7. Provide and update the FDLE with the name and telephone number of technical and
administrative points of contact.
TERMINATION: Either party may terminate this Supplemental Agreement, with or
without cause, upon providing advanced written notice of forty-five (45) calendar days.
Termination for cause includes, but is not limited to, any change in the law that affects
either party's ability to substantially perform as originally provided in this Supplemental
Agreement. Should the aforementioned circumstances arise, either party may
terminate or modify the Supplemental Agreement accordingly.
FDLE reserves the right to terminate service, including service provided under the
Criminal Justice User Agreement between FDLE and the User, without notice, upon
presentation of reasonable and credible evidence that the User is violating this
Supplemental Agreement or any pertinent federal or state law, regulation or rule.
MODIFICATIONS: Modifications to the provisions in this Supplemental Agreement
shall be valid only through execution of a formal written amendment, properly approved
by the parties.
TERM OF AGREEMENT: This Supplemental Agreement will become effective upon
signing by both parties and will remain in force until it is determined by FDLE that a
new agreement is required.
April 14, 2014 page 2 oto
Liceme Plan: Rmdcr Supplement
IN WITNESS HEREOF, the parties hereto have caused this Supplemental Agreement
to be executed by the proper officers and officials.
NAME OF USER (AGENCY) DELRAY BEACH POLICE DEPARTMENT
USER CHIEF EXECUTIVE OR OFFICIAL
1 TITLE Chief of Police
Goldman (PLEASE PRINTI
e Nubin, City Clerk
Approved as to form and legal
sufficiency
WITNESS TITLE YAL
Noel Pfeffer, City Attorney
FLORIDA DEPARTMENT OF LAW ENFORCEMENT
BY Jennifer Cook Pritt TITLE Director
A (PLEASE PRINK
DATE_ i of ��14A26) y
I
WITNESS_ :SI��){��(__ TITLE fi �
April 14, 2D 14 pate 3 of 4
License Plate Reader Supplement
Agency Contact Information
User Administrative Point of Contact
Name: Marla Dahl
Phone: (561) 243-7865
Email: dahl@mydelraXbeach.com
User Technical Point of Contact
Name: Marla Dahl
Phone: (561) 243-7865
Email: dahl@mydelraybeach.com
FDLE Administrative Point of Contact
Name: Larry Coffee
Phone: (850) 410-8192
Email: larrycoffee@fdle.state.fl.us
FDLE Technical Point of Contact
Name: Harrison Rivers
Phone: (850) 410-8349
Email: harrisonrivers@fdle.state.fl.us
April 14, 2014 page 4 of 4
N,DE( Supplement
N-DEx Supplement to the CRIMINAL JUSTICE/
Criminal Justice Network (CJNeQ
USER AGREEMENT
This Agreement supplements the Criminal Justice User Agreement or Criminal Justice
Network (CJNet) User Agreement (as appropriate) entered into between the Florida
Department of Law Enforcement (hereinafter referred to as FDLE), an agency of the
State of Florida, and the DELRAY BEACH POLICE DEPT.
located at 300 West Atlantic Ave„Delray Beach, FI 33444 with headquarters or
FI 0500400 with a primary ORI of
---�_, (hereinafter referred to as the User).
PURPOSE- The purpose of this Supplemental Agreement is to document the terms
and conditions under which the User will obtain and provide access to the Law
Enforcement National Data Exchange (N-DEx).
ASSOCIATED AGREEMENTS: The aforementioned Criminal Justice/Criminal Justice
Network (CJNet) User Agreement (as appropriate) is incorporated herein by reference.
A copy of the Agreement entered into by User is attached hereto.
Whereas, the Federal Bureau of Investigation (FBI) Criminal Justice Information
Services (CJIS) Advisory Policy Board (APB) has designated that the CSO (CJIS
Systems Officer) of each state as responsible for monitoring system use, enforcing
system discipline and security, and assuring that the CJIS operating procedures are
followed by all users, as well as other related duties outlined in FDLE's CJIS System
User Agreement with the FBI's CJIS division;
Whereas, the FDLE CJIS Director is the CSO for the State of Florida;
Whereas, N-DEx's mission is to provide law enforcement agencies with an investigative
tool to search, link, analyze and share criminal justice information such as incident/case
reports, incarceration data, and parole/probation data on a national basis;
Whereas, the User has executed a Criminal Justice User Agreement or Criminal Justice
Network (CJNet) User Agreement with FDLE;
Whereas, the User requests access to N-DEx to assist in the performance of its law
enforcement duties;
Whereas, data obtained from N-DEx is considered Criminal Justice Information (CJI)
and as such the FBI Security Policy shall be followed;
Therefore, in consideration of the mutual benefits to be derived from this Agreement
the FDLE and the User do hereby agree as follows;
April 14, 2014
Page 1 of 6
N-DFa Supplement
SECTION 1— USER PROVISIONS
By accepting access to the information services described above, the User agrees to
adhere to the following terms and conditions:
1. The User agrees to abide by all present or hereinafter approved rules, policies and
Procedures established for access to and governance of N-DEx, including, but not
limited to the collection, storage, processing, search, retrieval, dissemination and
exchange of criminal justice information provided via N-DEx.
2. The User will designate an N-DEx Agency Level Coordinator (NAC). The N-DEx
NAC will be the central point of contact for the User on N-DEx related issues and
ensure User compliance with N-DEx policies and procedures, including but not
limited to those identified in this Supplement.
3. The User shall ensure that only approved and qualified persons performing the
administration of criminal Justice have access to N-DEx. The User shall ensure that
access to N-DEx and information within N-DEx is on a strictly need -to -know basis.
4. The User shall conduct a fingerprint -based background check in accordance with the
i
aforementioned and executed Criminal Justice User Agreement (Secton III
,
paragraph 1) or Criminal Justice Network (CJNet) User Agreement (Section III,
paragraph l) prior to granting an employee access to N-DEx.
5. The User will immediately inform N-DEx and FDLE upon the termination or
ineligibility of any employee with N-DEx access, and take appropriate actions to
ensure the employee's or former employee's N-DEx access is deactivated.
6. The User will conduct a quarterly audit of employees with N-DEx access to confirm:
a, the continued employment status with the User, and
b. that the employee continues to perform duties that require N-DEx access.
7. The User will not use N-DEx to conduct employment background checks.
8. The User will ensure that all employees with N-DEx accessare trained and informed
of applicable N-DEx policies and procedures. The User will ensure all N-DEx users
have completed the N-DEx computer based training (CBT) program
Overview and N-DEx Policy and Operating CBT, provided by Ngrams for User-DExThe User may
contact the FBI to obtain a Train -the -Trainer class. The User will maintain
documentation for audit review of N-DEx CBT/classroom training by its users. Users
are also required to either be FCIC Certified or have completed the CJIS Online
Security Awareness Training.
9. The User will immediately report to the FDLE CSO all violations of or attempts to
compromise the security of N-DEx.
April 14, 2014
Page 2 of
N -DE, SUPPIM"I
10. The User shall not use N-DEx information, including analytical products derived
therefrom, as a basis for enforcement or other official action or disseminate such
information outside of the User agency, for an
purpose in in less
the User first obtains the express permission of and verfles theei abil ty and
accuracy of the information with the agency(s) that contributed the information in
question. Specifically included within this limitation is the inclusion of any N-DEx
information in an official case file and any use of N-DEx information in the
Preparation of judicial process such as affidavits, warrants or subpoenas.
11. The User shall not electronically retain or copy N-DEx information without obtaining
the contributing agency's permission.
12 In the event N-DEx information is summarized or otherwise documented, the User
shall indicate the information was obtained from N-DEx.
13. Information in N-DEx, including any analytical products, may be disseminated
subject to the following requirements:
a. Hard or electronic copies of documents retrieved from the system may not be
Provided to a participating or nonparticipating agency without the approval of
the contributing agency.
b. Information or summaries of information from the system may be shared with
a non -participating law enforcement agency in the furtherance of a legitimate
law enforcement investigation or for development of community crime
analysis.
c. Immediate dissemination of information can be made if the recipient of the
information determines that an emergency involving an actual or potential
threat of terrorism, immediate danger of death or serious physical injury to
any person, of imminent harm to the national security requires dissemination
without delay.
d. Dissemination is permitted to the extent required by applicable law or court
Process or allowed by applicable guidelines.
e. The owner of the information shall be promptly notified of all disseminations
made under this exception.
14. Criminal investigative or intelligence information received from N-DEx is protected
from public disclosure by state law. See Section 119.071(2)(b), Florida Statutes
(2009). The User shall direct any requests (including public record requests) from
information contained in or derived from N
any person, entity or agency that is not a participant in N-DEx, for reports or
data. -DEx to the agency that contributed the
15. The User will duly report to the FDLE CSO and the contributing agency via email
any instances in which N-DEx information is used in an unauthorized manner. Such
April 14, 2014
Page 3 of
N.DEx Supplement
notice is to be provided in a timely manner within 72 hours of when the User first
learned of the unauthorized use.
SECTION It — CONTRIBUTOR PROVISIONS
In situations where the User contributes data to N-DEx:
I. Prior to making or implementing any decision to submit data directly to N-DEx, the
User will contact the FDLE WIS CSO for information regarding the current status of
any of the regional or statewide data sharing programs/initiatives then in operation or
planned for the near future. Submitting data directly to N-DEx would involve
bypassing any of the regional or statewide data sharing programs/initiatives in
operation, and would require the development of programming specific to the User
for that purpose.
2. The User shall execute an N-DEx Memorandum of Understanding (MOU) with the
FBI, said MOU to be provided by the FBI, if the User contributes data to N-DEx.
3. The User has the sole responsibility to ensure that information that it contributes to
N-DEx was not obtained and is not maintained in violation of any federa
local law applicable to the User. l, state or
4. The User retains sole ownership of, sole responsibility for, and exclusive control over
the content of the information that it contributes to N-DEx, and the User may, at will
and at any time, update, correct or delete the information
DEx. that it contributes to N-
5. The User has the responsibility and accountability for ensuring compliance with all
laws, regulations policies and procedures applicable to its entry and sharing of
information in N-DEx.
6. The User shall obtain FDLE approval prior to any system modification related to N-
DEx that could affect and/or cause degradation of criminal justice information
services provided by FDLE.
The User has the duty, sole responsibility and accountability to make reasonable
efforts to ensure the accuracy upon entry, and the continuing accuracy thereafter, of
information contributed to N-DEx. In an effort to maintain system discipline, the User
shall submit data, including any updates or changes to the original submission, on at
least a monthly basis. Updates and changes are encouraged as often as the User
can feasibly execute them. The User should not make any changes to the
information it contributes that are not mirrored within the User's source records.
Should FDLE receive a challenge to, or reasonable question about the validity
and/or accuracy of the information in N-DEx, FDLE will notify the User.
April 14, 2014
Page 4 of 6
MDEx Supplement
SECTION III — FDLE PROVISIONS
FDLE agrees to provide access to the information services described above and will
adhere to the following terms and conditions:
1. FDLE reserves the right to immediately suspend service to the User based
onviolation(s) of N-DEx policy or this Agreement, or on valid, articulable concerns for
the security and integrity of N-DEx. Services may be reinstated following such
instances upon receipt of satisfactory assurances that such violations have been
corrected and such concerns addressed.
2. FDLE shall have the authority to conduct audits of User records and operation to
ensure compliance with this Supplement and N-DEx policies.
3 FDLE will assist the User in obtaining N-DEx training as identified in this
Supplement.
4 FDLE reserves the right to deny N-DEx access to any individual based on valid,
articulable concerns for the security and integrity of N-DEx.
LIABILITY: The N-DEx system is not a separate legal entity capable of maintaining an
employer-employee relationship and, as such, personnel assigned by a party to perform
N-DEx functions shall not be considered employees of the N-DEx or of any other party
for any purpose.
TERMINATION- Either party may terminale this Supplemental Agreement, with or
without cause, upon providing advanced written notice of 45 days. Termination for
cause includes, but is not limited to, any change in the law that affects either party's
ability to substantially perform as originally provided in this Supplemental Agreement.
Should the aforementioned circumstances arise, either party may terminate or modify
the Supplemental Agreement accordingly.
FDLE reserves the right to terminate service, including service provided under the
Criminal Justice User Agreement between FDLE and the User, without notice, upon
Presentation of reasonable and credible evidence that the User is violating this
Supplemental Agreement or any pertinent federal or state law, regulation or rule.
MODIFICATIONS- Modifications to the provisions in this Supplemental Agreement
shall not be effective until execution of a formal written amendment.
TERM OF AGREEMENT: This Supplemental Agreement will remain in force until it is
determined by FDLE that a new agreement is required. The User should initiate the
execution of a new agreement when a change of agency chief executive or official
occurs.
April 14, 2014
Page 5 of 6
N-DEz Supplemmt
IN WITNESS HEREOF, the parties hereto have caused this Supplemental Agreement
to be executed by the proper officers and officials.
NAME OF USER (AGENCY) DELRAY BEACH POLICE DEPARTMENT
USER CHIEF EXECUTIVE OR OFFICIAi
CITY
TITLE Chief of Police
tZEt�ickstein, ayor (SIGNATURE V
1 Ch
DATE eve
Ile Nubin, City Clerk
C �(�
Approved as to form and legal
WITNESS sufficiency ,
TITLE
FLORIDA DEPARTMENT OF LAW ENFORCEMENT Noel P effer, City Attorney
BY Jennifer Cook Pritt
n (PLEASE PRINT) TITLE Director
rv��nn � ut<tl
DATE�I�'
WITNESS Mh �
TITLE m�,i�
April 14, 2014
Pap 6 of 6
FDLE Criminal Justice User Agreement
CRIMINAL JUSTICE USER AGREEMENT
This Agreement, is entered into between the Florida Department of Law Enforcement
(hereinafter referred to as FDLE), an agency of the State of Florida with headquarters at
2331 Phillips Road, Tallahassee, Florida and the
DELRAY BEACH POLICE DEPARTMENT
with headquarters at
With the primary ORI of.F'L0500400
(hereinafter referred to as the User).
Whereas, FDLE is authorized by law to operate and regulate the Florida Criminal
Justice Network (hereinafter CJNet) as an intra -agency information and data-sharin
network for use by the state's criminal justice agencies; g
Whereas, FDLE is authorized by law to establish and operate the Florida Crime
Information Center (hereinafter FCIC) for the exchange of information relating to crimes,
criminals and criminal activity;
Whereas, FDLE participates in the National Crime Information Center (hereinafter
NCIC), a service of the United States Department
Index (hereinafter III), the Federal Bureau of Investof Justice, the Interstate Identification
Enforcement Online (hereinafter LEO)igation's (hereinafter FBI) Law
, the FBI's National Data Exchange (hereinafter
NDEx) and the International Justice and Public Safety Network (hereinafter Nlet
serves as Florida's Criminal Justice Information Services and
(CJIS) Systems Agency (CSA)
for the interstate transmission of Criminal Justice Information (CJI) to and from agencies
in Florida and agencies in the continental United States, Alaska, Hawaii, U.S. Virgin
Islands, Canada and Puerto Rico;
Whereas, the FDLE Director of Criminal Justice Information Services is recognized by
the FBI as the CJIS Systems Officer (CSO) for the State of Florida, responsible for
administering and ensuring statewide compliance with the FBI CJIS Security Policy
(CSP);
Whereas, the User requires access to intrastate and interstate CJI systems provided by
FDLE through the CJNet in order to effectively discharge its public duties;
Whereas, FDLE facilitates local law enforcement and other criminal justice agencies'
requests to participate in the information services provided on CJNet, provided the User
agrees to abide by applicable federal and state laws; administrative code, and all
Policies, procedures and regulations related to these systems. FDLE
over the management and operation of CJNet and FCIC. retains full control
April 14, 2014
Page I of 17
FDLE Criminal Juslim User Agreement
Therefore, in consideration of the mutual benefits to be derived from this Agreement,
the FDLE and the User do hereby agree as follows:
This User Agreement is designed for criminal justice agencies within Florida that have
either direct or indirect access to FCIC/CJNet. If the User does not perform a specific
function, the provisions regarding that function will not apply to the User.
SECTION I FCIC/NCIC/CJNET FDLE REQUIREMENTS
FDLE is duly authorized and agrees to ensure access to the criminal justice information
services provided on CJNet and adhere to the following:
i. Serve as the CSA for the State of Florida and provide the User with access to CJI
as is available in the FCIC/NCIC and III systems and NLETS through CJNet, and
to serve as the means of exchanging CJI between the User and other criminal
justice agencies on CJNet.
2. Provide the opportunity for CJIS certification/re-certification and CJIS Security
Awareness training.
3. Provide the User with information concerning privacy and security requirements
imposed by state and federal policies, laws, rules and regulations. All references
herein to policies, operating procedures, operating instructions, operating manuals
and technical memoranda with which adherence is required may be found on the
CJNet CJIS Resource Center web page.
4. Provide state criminal history record check services for non -criminal justice
purposes as provided by law.
5. Act as the central state repository; provide identification, record keeping, and
exchange of Criminal History Record Information (CHRI) services.
6. Facilitate access, using CJNet, to other information applications or systems that
the User may be authorized to access.
SECTION Il FCIC/NCIC/CJNET USER REQUIREMENTS
By accepting access as set forth above, the User agrees to adhere to the following to
ensure continuation of access:
USE OF THE SYSTEM: Use of the CJNet and any system accessed via the
CJNet is restricted to the administration of criminal justice or as otherwise
specifically authorized or required by statute. Information obtained from the
FCIC/NCIC files, or computer interfaces to other state or federal systems, by
means of access granted through CJNet, can only be used for authorized
purposes in compliance with FCIC/NCIC and III rules, regulations and operating
procedures, and state and federal law. It is the responsibility of the User to ensure
access to CJNet is for authorized purposes only, and to regulate proper use of the
April 14, 2014 Page 2 or 17
FDLE Criminal.luslim User Agreement
network and information at all times. The User shall establish appropriate written
standards, which may be incorporated with existing codes of conduct, for
disciplining violators of this and any incorporated policy. Accessing information
and systems provided via CJNet for other than authorized purposes is deemed
misuse. The User shall notify the CSO of any sustained/confirmed cases of
misuse by using the CJS Systems Misuse Reporting Form found on the CJNet
CJIS Resource Center web page. In cases of sustained/confirmed misuse, the
User shall identify disciplinary actions and the corrective actions taken to prevent
future incidents. FDLE reserves the right to deny CJI access to individuals who
have sustained cases of misuse.
1.1 If the User provides an interface between FDLE and other criminal justice
agencies, the serviced agency(tes) shall abide by all of the provisions of this
agreement. Serviced agencies that access CJNet, FCIC/NCIC and/or
related applications by interfacing through the User shall, likewise, abide by
agency shall enter into an interagency agreement when access to
all provisions of this agreement. Additionally, the User and the serviced
CJNet/FCIC/NCIC is provided by the User to a serviced agency.
1.2 MESSAGES: Only law enforcement and other criminal justice messages
shall be sent over and through the CJNet and FCIC/NCIC. All messages
shall be treated as privileged unless otherwise indicated. The User should
be prudent in use of regional and statewide broadcast message requests.
All messages shall use plain English language in the message.
1.3 COMPLIANCE: The User shall access FCIC/NCIC and other CJNet
applications in strict compliance with applicable CJNet, FCIC, NCIC, III and
Nlets policies including, but not limited to, policies, practices and procedures
relating to:
1.3.1 TIMELINESS: FCIC/NCIC records shall be entered, modified,
located, cleared, and canceled promptly in order to ensure system
accuracy and effectiveness. If the User performs FCIC/NCIC
updates for other agencies, the User shall comply with timeliness
requirements for the records entered for the serviced agencies as
well.
1.3.2 HOT FILE ENTRIES: In order to make entries into the FCIC/NCIC
hot files, the User shall have personnel dedicated to maintain a 24-
hour, seven-day a week FCIC/NCIC operation.
1.3.2.1 If the User enters records into FCIC/NCIC for another
agency, the User shall execute an interagency
agreement with each serviced agency outlining each
agency's responsibilities.
April 14, 2014 Page 3 of 17
FDLE Criminal Jusam User Agreement
1.3.2.2 Adult Warrants, Missing Persons and all property records
of the FCIC Hot File records, entered by state and local
agencies, will be made available to the public on the
Internet via the FCIC Public Access System (PAS),
unless explicitly flagged by the User for exclusion.
1.3.3 QUALITY ASSURANCE: Appropriate and reasonable quality
assurance procedures shall be in place, including second party
verification during entry, to ensure all entries in FCIC/NCIC are
complete, accurate, and valid.
1.3.4 VALIDATION: The User shall validate all records that the User has
entered into the system for accuracy and retention. To be in
compliance with FCIC/NCIC rules, regulations and operating
procedures, the User shall ensure each record is modified to confirm
the successful validation of each record on file in FCIC/NCIC. Failure
to modify a record to indicate validation may result in its removal from
the file. The User shall develop its own written validation procedures
specifying the steps taken by the User to complete record validation.
1.3.5 HIT CONFIRMATION: The User shall comply with FCIC/NCIC rules,
regulations and operating procedures by responding to the hit
confirmations in a timely manner (within ten minutes or one-hour
depending on priority).
1.3.6 DISSEMINATION: Information obtained from the FCIC/NCIC hot
files, CJNet or computer interfaces to other state or federal systems,
by means of access granted pursuant to Section 943.0525, F.S.,
shall only be used for the administration of criminal justice.
1.3.6.1 Upon receipt of a public record request for CJI, the User
shall confer with FDLE regarding the appropriate
response. It is the responsibility of the User to ensure
that access to the CJNet is for authorized criminal justice
purposes only, and to regulate proper access to and use
of the network and information at all times.
1.3.6.2 The User will disseminate CHRI obtained or derived from
federal records or systems only to criminal justice
agencies and only for the administration of criminal
justice. The administration of criminal justice includes
criminal justice employment screening.
1.3.6.3 The User, if functioning in the capacity of a pretrial
release program or providing CHRI for a pretrial release
program, may disseminate Florida public record
information only, in compliance with Section 907.043 (3),
April 14, 2014 Page 4 of 17
FDLE Criminal Justice User Agreemenl
F.S., which requires "[ejach pretrial release program [to]
prepare a register displaying information that is relevant
to the defendants released through such a program."
The authority to disseminate information for this purpose
shall be restricted to county probation services offices
-d th03a criminal justice entities providing the probation
offices with information obtained via the FCIC message
switch for the administration of criminal justice.
1.3.7 RETENTION: CHRI which the User maintains, whether retrieved
from III or Florida's criminal history record system, shall be kept in a
secure records environment to prevent unauthorized access.
Retention of CHRI is governed by the record retention schedule for
law enforcement published by the Florida Department of State, GS2.
1.3.7.1 Retention of criminal history records, whether retrieved
from III or the state system, for extended periods may be
appropriate when the time sensitivity of the specific
record is important.
1.3.7.2 When, In the sound judgment of the User, retention of
criminal history records, whether retrieved from Ili or the
state system, is no longer required, final disposition will
be accomplished in a secure manner in compliance with
state law, FCIC/NCIC and III rules, regulations and
operating procedures to preclude unauthorized access.
1.3.7.3 Because CHRI may become outdated at any time, a
current criminal history record check should be
performed whenever CHRI is used or relied upon by the
User. Entry or retention of criminal history records in a
separate or local database would be inconsistent with
this principle, and is therefore discouraged. The
retention of criminal history records, whether retrieved
from III or the state system, in a secondary (non-FDLE)
database is not authorized by law.
1.3.8 CRIMINAL HISTORY TRANSMISSION: Any electronic device that
uses wireless or radio technology to transmit voice data may be used
for the transmission of CHRI only when an officer determines there is
an immediate need for this information to further an investigation or
there is a situation affecting the safety of an officer or the public.
1.3.8.1 A facsimile machine may be used to transmit criminal
history information between criminal justice agencies,
provided both agencies have an NCIC Originating
Agency Identifier (ORI) and are authorized to receive
April 14, 2014 Page 5 of 17
FDLE criminal Justice User Agreement
criminal history information. Appropriate measures shall
be taken to prevent unauthorized viewing or receipt by
unauthorized persons
1.3.9 TRANSACTION LOGGING: Each interface agency accessing
FCIC/NCIC and III systems shall ensure that an automated
transaction log is maintained, The FCIC/NCIC portion of this log
shall be maintained for a minimum of twelve months, and the III
portion shall be maintained for a minimum of four years.
1.3.9.1 Automated transaction logging is a feature included in the
application software provided by FDLE, and local
agencies are encouraged to retain these logs for future
reference. Users purchasing or developing an interface
to FCIC shall ensure transaction logging is an included
feature.
1.3.9.2 The automated transaction log shall identify: the operator
on all transactions, the agency authorizing all
transactions, the requester and secondary recipient for all
criminal history transactions. This information can be
captured at log -on and can be a name, badge number,
serial number, or other unique identifier.
1.3.9.3 The User may only disseminate CHRI to another
authorized recipient and shall maintain a record of any
dissemination of state or federal criminal history
information. This record shall reflect at a minimum: (1)
date of release; (2) to whom the information relates; (3)
to whom the information was released; (4) the State
Identification (SID) and/or the FBI number(s); (5) the
purpose code and (6) the reason for which the
information was requested.
1.3.10 INFORMATION ACCESS: The User shall allow only properly
screened (as per Section III, paragraph 2 of this User Agreement),
authorized personnel performing a criminal justice function who have
received proper security awareness training to have access to
information contained within the CJNet, FCIC/NCIC or other state or
federal criminal justice information system accessed through the
FCIC message switch, FBI CJIS Wide Area Network or Internet. The
User will also provide assistance to other criminal justice agencies
not equipped with direct FCIC access in compliance with FCIC/NCIC
and III rules, regulations and operating procedures, but only to the
extent that such assistance is not otherwise prohibited.
April 14, 2014 Page 6 of 17
FDLE Criminal Justice User Agreement
1.3.10.1 The User shall ensure that all personnel who initiate a
transaction to the FCIC message switch are current in
CJIS certification.
1.3.10.2 Each individual user shall be properly authenticated prior
to initiating a transaction to or requesting information
from FCIC or other CJNet application.
1.3.10.3 The User shall ensure that persons allowed to complete
CJIS certification are at least 18 years of age and are
U.S. citizens or have a valid immigration status/visa.
1.3.10.4 FDLE reserves the right to deny FCIC, CJNet or related
programs/ systems access to any individual based on
valid, articulable concerns for the security and integrity of
FCIC, CJNet or related programs/ systems.
1.3.11 WORKSTATION: FDLE is not responsible for the workstation
acquisition, maintenance, operation, repair, supplies or workstation
operation personnel costs. The User shall immediately notify the
FDLE Customer Support Center, should an FCIC/NCIC workstation
or device, associated with an FCIC/NCIC entry(tes), malfunction or
become inoperable. All costs associated with returning the
workstation to operation, other than CJNet costs, shall be the User's
responsibility. FDLE will assist with executing trouble -shooting
procedures.
1.4 Interface Operations: For systems Implemented after December 31, 2008,
the User shall ensure that all automated interfaces that programmatically
(i.e., without human intervention) generate transactions to the FCIC
message switch are restricted to no more than one transaction per second
per interface.
2. AUDITS: The User shall permit an FDLE appointed inspection team to conduct
inquiries with regard to any allegations or potential security violations, as well as
for routine audits.
2.1 FDLE conducts regularly scheduled compliance and technical security
audits of every agency accessing the CJNet to ensure network security,
conformity with state law, and compliance with all applicable FDLE, CJNet,
FCIC/NCIC and III rules, regulations and operating procedures.
Compliance and technical security audits may be conducted at other than
regularly scheduled times.
3. TRAINING: The User is responsible for complying with training requirements
established in CSP and the rules, regulations, and policies established by
FCIC/NCIC, III, FDLE and other CJNet applications. The User is responsible for
April 14, 2014 Page 7 0117
FDLE Criminal Juslice User Agreement
remaining current in the applications, procedures, and policies and ensuring
personnel attend these training sessions.
3.1 All User personnel who access CJI for the administration of criminal justice
shall complete security awareness training, including but not limited to
criminal justice officials, e.g., Police Chiefs, Sheriffs, Judges, State
Attorneys, etc.
3.2 Only operators who have successfully completed CJIS certification shall be
allowed to have unsupervised access to the FCIC/NCIC system.
3.3 FCIC/NCIC operators who are in their initial six months of assignment may
be permitted supervised access to FCIC/NCIC. Operators shall
successfully complete CJIS certification within six months of appointment or
assignment to duties requiring direct access to FCIC/NCIC.
3.4 The User shall require all personnel who are authorized to initiate a
transaction to the FCIC message switch to successfully complete CJIS
Certification. The User agrees to remove from FCIC/NCIC access any
employee who fails to achieve required certification standards, whose
certification has expired, whose certification is otherwise rescinded or as
directed by FDLE.
3.5 The User shall require all information technology (IT) personnel, including
any vendor or contracted staff who will in the course of their contracted
criminal justice support duties initiate a transaction to the FCIC message
switch, to successfully complete CJIS certification.
3.6 The User shall maintain training records for all personnel with access to CJI,
i.e., CJIS certification and security awareness training.
3.7 The User shall require all IT personnel, including any vendor, responsible
for maintaining/supporting any IT component used to process, store or
transmit any unencrypted CJI, to successfully complete and maintain in
current status the CJIS security awareness training provided by FDLE.
4. RELOCATION; Should the User desire to relocate the data circuit(s) and/or
equipment connected to CJNet, the User shall provide FDLE written notice 90 days
in advance of the projected move. All costs associated with the relocation of the
equipment and the data circuit(s), including delays in work order dates, will be
borne by the User unless FDLE has funding to make changes without charge. The
repair and cost of any damages resulting from such relocation will be the User's
responsibility.
4.1 The User shall also provide 90 days advance notice when requesting
additional access to FCIC.
April 14, 2014 Page 8 of 17
FELE Criminal Justice User Agreement
5. LIABILITY: The User understands that the FDLE, its officers, and employees shall
not be liable in any claim, demand, action, suit, or proceeding, including, but not
limited to, any suit in law or in equity, for damages by reason of, or arising out of,
any false arrest or imprisonment or for any loss, cost, expense or damages
resulting from or arising out of the acts, omissions, or detrimental reliance of the
personnel of the User in entering, removing, or relying upon information
transmitted through CJNet or in the FCIC/NCIC and NLETS information systems.
6. CRIMINAL HISTORY RECORDS: FDLE is authorized to establish a statewide
biometric identification system and an intrastate system for the communication of
information relating to crimes, criminals and criminal activity.
To support the creation and maintenance of the criminal history files, the User, as
appropriate, shall:
6.1 Provide for inclusion in criminal history records information systems, adult
and juvenile criminal fingerprints on all felony arrests; adult criminal
fingerprints on all misdemeanors and comparable ordinance violation
arrests; and juvenile fingerprints on misdemeanor arrests specified at
Section 943.051, F.S. The submission of otherjuvenile misdemeanor arrest
fingerprints is optional.
6.2 Provide security for CHRI and systems that process or store CHRI, and
security training for personnel who receive, handle or have access to CHRI.
6.3 Screen all personnel who will have direct access to CHRI and reject for
employment personnel who have violated or appear unwilling or incapable
of abiding by the requirements outlined in this agreement.
6.4 Defer to FDLE on any determination as to what purposes qualify for criminal
justice versus non -criminal justice designation, as well as with respect to
other purposes that may be authorized by law.
6.5 As authorized by Florida Statutes and/or federal regulations, the User may
share state CHRI. Dissemination of information requires compliance with all
applicable statutes, FCIC/NCIC and III rules, regulations and operating
procedures, including logging. Agencies shall maintain the restriction on
dissemination applicable to such record information, including but not limited
to confidentiality or exemption from Section 11 9.07(l), F.S., as provided by
law.
6.6 Provide security and establish policies to prevent unauthorized access to or
dissemination of sealed records, or unauthorized notification of expunged
records.
As FALCON is a CJI system, the User shall adhere to all policies regarding
access, use and dissemination of CHRI. The User shall comply with all training and
other appropriate requirements associated with its criminal justice status. The
April 14, 2014 Page 9 of 17
FDLE Criminal Juslim User Agreement
User shall review FALCON subscriptions to determine whether the User is still
authorized to receive criminal history record information on an individual. The User
shall indicate the continued authorizing relationship with that individual, i.e., the
person is still employed, volunteering, etc., or is currently the subject of
investigation or under supervision by the User. CHRI received as a result of a
FALCON subscription may be disseminated for criminal justice purposes, and is
subject to the same legal and policy restrictions associated with CHRI.
SECTION III SECURITY REQUIREMENTS
The User shall comply with the CSP and the rules, regulations, policies and
procedures established for CJNet, FCIC/NCIC, III and NLETS, which include but
are not limited to System Security, Personnel Security, Physical Security, User
Authorization, Technical Security, Dissemination of Information Obtained from the
Systems, and Destruction of Records. By accepting access as set forth above, the
User agrees to adhere to the following security policies in order to ensure
continuation of that access:
2. PERSONNEL BACKGROUND SCREENING: At a minimum, the User shall
conduct a state and national fingerprint -based records check on 1) all personnel
who are authorized to access state and/or national CJI data or systems, 2) IT
personnel who maintain/support information technology components used to
process, transmit or store unencrypled CJI, and 3) other personnel, including but
not limited to support personnel, contractors and custodial staff, with unescorled
physical or logical access to physically secure locations, as defined in the CSP
and/or IT components used to process, transmit or store unencrypted CJI. The
User is strongly encouraged to screen the applicant by other available means, e.g.,
local court records, in addition to the fingerprint -based record check.
2.1 The User shall submit applicant fingerprints of persons described in Section
III, paragraph 2, for positive comparison against the state and national
criminal history and for searching of the Hot Files.
2.2 The results of the fingerprint -based record check shall be reviewed prior to
granting access to CJI or components used to process/store CJI, including
access for IT support. The User may conduct a preliminary on-line criminal
justice employment check using Purpose code V' for this purpose.
2.2.1 If a record of any kind exists, the User shall consult the FDLE
Guidelines for CJIS Access and notify the CSO for review. Upon
notification from the User, the CSO shall review the matter to
determine if access is appropriate and officially notify the User in
writing of the CSO's decision regarding access.
2.2.2 Once the original background screening has been completed, if the
User learns that an employee with access to CJI, including any
personnel as identified in Section III, paragraph 2, has a criminal
April 14, 2014 Page 10 of 17
FDLE Criminal Justice User Agreement
history or pending charge(s), the User shall consult the FDLE
Guidelines for CJIS Access and notify the CSO. The CSO shall
review the facts and circumstances and notify the User in writing
regarding access to CJI.
2.2.3 The User shall have a written policy for discipline of personnel who 1)
access CJNet and/or CJI for purposes that are not authorized, 2)
disclose information to unauthorized individuals, or 3) violate
FCIC/NCIC or III rules, regulations or operating procedures.
2.3 As the CSA for the State of Florida, the FDLE reserves the right to deny
individual user access to any system or related program that is used to
process, transmit or store CJI based on valid, articulable concerns for the
security and integrity of the information and/or related systems.
2.4 The User shall ensure the appropriate ORI is used for submission of
applicant fingerprints. Fingerprints submitted for positions associated with
the administration of criminal justice or as required by the CSP, shall include
the User's criminal justice ORI. Fingerprints submitted for any other
positions not related to the administration of criminal justice or required by
the CSP shall include the appropriate and approved non -criminal justice
ORI.
3. PHYSICAL SECURITY: The User shall identify facilities, areas, rooms, etc. where
CJI is accessed, processed and/or stored to determine physical security
requirements as identified in the CSP. The User may designate a facility, area,
room, etc., either a physically secure location or a secured area, as defined in the
CSP, provided the appropriate requirements are met. Access shall be limited to
persons needing access for completion of required duties. The User shall have a
written policy that ensures and implements security measures, secures devices
that access FCIC/NCIC/CJNet and prevents unauthorized use or viewing of
information on these devices. The use of password protected screen blanking
software is recommended for devices that access FCIC/NCIC when the operator
may leave the computer unsupervised. FDLE reserves the right to object to
equipment location, security measures, qualifications and number of personnel
who will be accessing FCIC/NCIC and to suspend or withhold service until such
matters are corrected to FDLE's reasonable satisfaction.
4. ADMINISTRATIVE SECURITY: The User shall designate individual agency
contacts, as described below, to assist the User and FDLE in ensuring compliance
with this Agreement. Training for these positions is provided by FDLE, and the
User shall ensure that its designee is keenly aware of the duties and
responsibilities of each of the following positions. FDLE reserves the right to object
to the Users appointment of a TAC, LASO, LAI or AAA based on valid, articulable
concerns for the security and integrity of FCIC, CJNet or related
programs/systems. The User shall provide FDLE with up-to-date contact
information for these positions.
April 14, 2014 Page 11 of 17
FDLE Criminal Justice User Agreement
4.1 TERMINAL AGENCY COORDINATOR: The User shall designate a
Terminal Agency Coordinator (TAC) to ensure compliance with FCIC/NCIC
and III rules, regulations and operating procedures, and to facilitate
communication between FDLE and the User. The TAC shall maintain a
current CJIS Certification. TACs shall attend TAC training within six (6)
months of being assigned to the position, and as often, as required by
FDLE, thereafter.
4.2 LOCAL AGENCY SECURITY OFFICER: The User shall designate a Local
Agency Security Officer (LASO) to ensure compliance with the CSP. Within
six months of assignment to the position, the LASO is encouraged to
complete any appropriate LASO training made available by FDLE, including
CJIS security awareness training.
4.3 In addition to TAC and LASO, there are other points of contact and positions
necessary to manage applications and facilitate communication between the
User and FDLE. These positions are identified on the Agency CJIS Contact
Form, which may be found on the CJNet CJIS Resource Center website
under CJIS Forms and Publications.
5. MANAGEMENT CONTROL AGREEMENTS: In situations where data
processing/information services, law enforcement dispatch functions or human
resources functions are provided by a non -criminal justice governmental entity, the
User shall enter into a management control agreement as required by the CSP. In
situations where governmental structure or hierarchy does not support or permit an
agreement between the parties involved, a directive which includes all of the
provisions for a management control agreement identified in the CSP may be
substituted.
6. INTERAGENCY AGREEMENTS: The User shall execute an Interagency
Agreement with any other criminal justice agency to which criminal justice
information services are outsourced, including but not limited to information
technology related functions. The User shall consult with FDLE to determine if a
given function requires an Interagency Agreement.
7. TECHNICAL SECURITY
7.1 Remote access services to CJI, including, but not limited to access to
FCIC/NCIC and CJNet via the User's Network, will be permitted provided
the User establishes appropriate security measures to ensure compliance
with all rules, regulations, procedures, and the CSP.
7.2 All FCIC/NCIC/III data transmitted over any public network segment shall be
encrypted as required by the CSP. This requirement also applies to any
private data circuit that is shared with non -criminal justice users and/or is
not under the direct security control of a criminal justice agency.
April 14, 2014 Page 12 of 17
FOLE Crlminal Justice User Agreement
7.3 The User shall maintain, in current status, and provide upon request by
FDLE a complete topological drawing, which depicts the User's network
configuration as connected to CJNet. As required by the CSP, this
documentation shall clearly indicate all network connections, service
agencies and interfaces to other information systems.
7.4 The User shall ensure only authorized criminal justice agencies or agencies
authorized by FDLE are permitted access to the CJNet via the User's CJNet
connection.
7.5 The User shall ensure all devices with connectivity to CJNet employ virus
protection, anti -spam and anti-spyware software and such software shall be
maintained in accordance with the software vendor's published updates.
7.6 CJI, including but not limited to information obtained from the FCIC
message switch and CJNet, may only be accessed via computers or
interface devices owned by the User or by the contracted entity. Vendors
under contract with the User to perform the administration of criminal justice
may be allowed to use their own devices for access provided all
requirements of the FBI CJIS Security Addendum are satisfied.
7.7 The User shall ensure that CJNet-only devices have a Windows or network
type password to prevent unauthorized access.
7.8 Provided appropriate security precautions are in place, and upon approval
from the FDLE Network Administration staff, the User may employ wireless
network connectivity (for example the 802.11 wireless networking protocol).
8. COMPUTER SECURITY INCIDENT RESPONSE CAPABILITY: The User shall
have a written policy documenting the actions to be taken in response to a possible
computer security Incident. The policy shall include identifying, reporting,
investigating and recovery from computer security incidents. The User shall
immediately notify the CSO of any suspected compromise of the CJNet.
9. SECURITY AUTHORITY: All policies, procedures and operating instructions
contained in the CSP and FCIC/NCIC, III and NLETS documents, operating
manuals and technical memoranda, are hereby incorporated into and made a part
of this agreement, except to the extent that they are inconsistent herewith or legally
superseded by higher authority.
10. CLIENT SOFTWARE LICENSE: The FCIC Client Software (eAgent) license from
Diverse Computing, Incorporated is located in the Help menu of the eAgent client
software. The FCIC Client Software (eAgent) license is made a part of and
incorporated by reference into this User Agreement and shall be binding on the
User upon acceptance of the software. The User is allowed up to one hundred
(100) eAgent Subswitch mnemonics. The User is not permitted to install eAgent,
as provided by FDLE, on laptops for use in a mobile environment, including tablets,
netbooks and other "handheld" devices. The User is not permitted to use the
eAgent client software as an interface to the FCIC message switch for another
application.
April 14, 2014 Page 13 o117
FDLE Criminal Justice User Agreement
11. PRIVATE VENDORS: Private vendors which, under contract with the User, are
permitted access to information systems that process CJI, shall abide by all
aspects of the FBI CJIS Security Addendum.
11.1 The contract between the User and the vendor shall incorporate the FBI
CJIS Security Addendum to ensure adequate security of CJI.
11.2 The User shall ensure all vendor employees are appropriately screened
prior to granting the vendor employees access to CJI. Vendor employee
fingerprints submitted by the User to FDLE as required by the CSP shall be
taken/rolled/printed by a recognized law enforcement agency or an FDLE
approved third party vendor. NOTE: A vendor may not fingerprint its own
employees.
11.3 The User shall maintain the Security Addendum Certification form for each
member of the vendor staff with access to information systems that
processes CJI.
11.4 The User shall ensure all vendor employees with access to CJI have
received the appropriate security awareness training via the CJIS Online
application and are in current status.
11.5 The User shall ensure private vendors permitted such access are aware of
the provisions of Section 817.5681, F.S. regarding breach of security of
personal information.
11.6 The User shall contact FDLE for review prior to entering into a contract or
agreement with a private vendor in the course of which state or national CJI
is processed, stored or transferred from the User's physically secure
location to a vendor owned or operated facility(s) (e.g., cloud services.)
11.7 The User shall maintain and keep current a list of all vendor employees who
have been authorized access to CJI.
12. USERNAMES and PASSWORDS/AUTHENTICATION: The User shall ensure that
all personnel, including IT support and vendors, who initiate a transaction to the
FCIC message switch have a separate and distinct username and password/
authentication for the software/interface used to initiate the transaction.
12.1 The User shall ensure that all User -operated interfaces, including but not
limited to computer aided dispatch systems, record management systems,
jail management systems and mobile data systems with the FCIC message
switch or other systems that contain CJI, follow the password requirements
as outlined in the CSP.
12.2 Individual users shall refrain from sharing passwords and/or other
authenticators, including but not limited to smart cards, tokens, public key
April 14, 2014 Page 14 of 17
FDLE Criminal Justice User Agreement
infrastructure (PKI) certificates, etc., used to access CJI or CJNet related
systems.
12.3 Individual users shall refrain from using another individual's account or
session for the purpose of accessing CJI or other CJNet applications.
12.4 Individual users shall refrain from caching credentials/passwords for access
to systems/applications used to process or store CJI.
12.5 All personnel with access to any system or application that processes or
stores CJI for maintenance or administration purposes shall be uniquely
identified.
13. INDIVIDUAL USER ACCESS: The User shall deactivate individual user access to
eAgent and/or other FCIC interfaces, other CJNet applications and other
state/federal systems containing CJI, including but not limited to LEO and/or NDEx,
upon separation, reassignment or termination of duties, provided individual user
access is no longer required for the administration of criminal justice.
14. OFF SITE STORAGE/PROCESSING OF CJI: The User shall contact and receive
approval from the CSO prior to entering into an agreement with a noncriminal
justice governmental agency for off-site storage or processing of CJI (often
referred to as cloud computing or cloud services.)
SECTION IV MISCELLANEOUS REQUIREMENTS
FDLE has received funding from the United States Department of Justice and is
subject to and must demand intrastate users of its criminal history record services
adhere to US Code (28 U.S.C. section 534), State Statute (Chapter 943 F.S.),
Code of Federal Regulations (28 C.F.R. Part 20), Florida Administrative Code
(Chapter 11C-6, F.A.C.), FCIC/NCIC and III rules, regulations and operating
procedures which this agreement incorporates both present and future.
2. PENALTIES AND LIABILITIES: Any non-compliance with the terms of this
Agreement concerning the use and dissemination of criminal history information
may subject the User's officers or employees to a fine not to exceed $11,000 as
provided for in the Code of Federal Regulations, Title 28, Section 20.25, and/or
discontinuance of service. Moreover, certain offenses against system security and
the information contained therein are crimes under Florida Statutes and can result
in criminal prosecution.
3. PROVISIONS INCORPORATED: The User shall be bound by applicable federal
and state laws, federal regulations and the rules of FDLE to the same extent that
the User would be if such provisions were fully set out herein. Moreover, this
Agreement incorporates both present and future law, regulations and rules.
April 14, 2014 Page 15 of 17
FDLE Criminal Justice User Agreement
4. TERMINATION: Either party may terminate this Agreement, with or without cause,
upon providing advanced written notice of 45 days. Termination for cause
includes, but is not limited to, any change in the law that affects either party's
ability to substantially perform as provided in this Agreement. Should the
aforementioned circumstances arise, either party may terminate or ask to modify
the Agreement accordingly.
4.1 FDLE reserves the right to terminate service, without notice, upon
presentation of reasonable and credible evidence that the User is violating
this Agreement or any pertinent federal or state law, regulation or rule.
i. MODIFICATIONS: Modifications to the provisions in this Agreement shall be valid
only through execution of a formal written amendment.
6. ACCOUNTABILITY: To the extent provided by the laws of Florida, and without
waiving any defenses or immunities to which the User may be entitled, the User
agrees to be responsible for the negligent acts or omissions of its personnel arising
out of or involving any information contained in, received from, entered into or
through CJNet, FCIC/NCIC, III and NLETS.
ACKNOWLEDGEMENT: The User hereby acknowledges the duties and
responsibilities as set out in this Agreement. The User acknowledges that these
duties and responsibilities have been developed and approved by FDLE to ensure
the reliability, confidentiality, completeness, and accuracy of all records contained
in or obtained by means of the CJNet, including the FCIC/NCIC System. The User
further acknowledges that failure to comply with these duties and responsibilities
may subject its access to various sanctions as approved by the FBI Criminal
Justice Information Services Advisory policy Board. These sanctions may include
termination of NCIC services to the User. The User may appeal these sanctions
through the CSA.
TERM OF AGREEMENT: This agreement will remain in force until it is determined
by FDLE that a new agreement is required. The User should initiate the execution
of a new agreement when a change of agency chief executive or official occurs.
April 14, 2014 page 16 of 17
I
FELE Criminal Justice User Agreement
IN WITNESS HEREOF, the parties hereto have caused this agreement to be executed
by the proper officers and officials.
NAME OF THE USER AGENCY DELRAY BEACH POLICE DEPARTMENT
USER CHIEF EXECUTIVE or OFFICIAL
TITLE Chief of Police
.1
City Attorney
FLORIDA DEPARTMENT OF LAW ENFORCEMENT
DATE I� I O� a,o
WITNESS ,� TITLE? ),1,
April 14, 2014
Page 17 of 17