Jami Oakland Identification Specialist Kallie Dresbach Identification Specialist Angela Smith Identification Section Leader What is the NonCriminal Agency User Guide Sets forth procedures and guidelines for Noncriminal Justice Agencies that access criminal history records CHRI th ID: 809648
Download The PPT/PDF document "Non-Criminal Justice Agency User Agreeme..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Non-Criminal Justice Agency User Agreement
Jami Oakland – Identification SpecialistKallie Dresbach – Identification SpecialistAngela Smith – Identification Section Leader
Slide2What is the Non-Criminal Agency User Guide?
Sets forth procedures and guidelines for Noncriminal Justice Agencies that access criminal history records (CHRI) through finger print submissions.It is designed to be a reference for agencies regarding the access, maintenance, dissemination and audit requirements for CHRI.
Slide3What do I have to do?
Authorized Agencies must sign a user agreement which is a contractual agreement between the authorized agency and SDDCI.Agencies are responsible for complying with mandatory training requirementsDCI will provide:Training and instruction of fingerprinting
Finger print handling and submission for accessing CHRI
CJIS Security Training
Slide4CJIS Security Training
All persons directly associated with the accessing, maintaining, processing, dissemination or destruction of CHRI shall be trained.Training Must be completed within 6 months of employmentCJIS Security training has a 2 year recertify for non-crim agenciesTraining link and password will be emailed to individuals the end of June 2017
Slide5What is CHRI?
CHRI is the information collected on individuals in which they were finger printed and arrested forCHRI is both state and FBI results received from the state/federal finger print based background checkCHRI does not include driver License HistorySDDCI is the central repository for the state of SD
NOTE:
FBI CHRI could contain more or less information than the SD response.
Slide6Appropriate use of CHRI
CHRI may be made available for use in connection with licensing or employmentAgency must have an ORI (Originating Agency Identifier) in order to request a FBI background checkWhen CHRI is needed for a subsequent use – a new request must be submitted
Local Sheriff’s offices are not permitted to run a Triple I (Interstate Identification Index) for noncriminal justice purposes.
Slide7Application Notification and Record Challenge
Agencies are required to have written policies which outline the disqualifiers for employment and how long they will allow an employee for an appealAgencies are required to provide written notification to individuals who will be denied employment based on information revealed on the background checkAgencies must allow a reasonable amount of time for the individual to appeal the denial of employment.
Slide8Misuse of CHRI
Exchange of records and/ or information is subject to CANCELLATION of ORI if dissemination is made to an agency or individuals that is not authorized to receive it.Misuse of CHRI is a misdemeanor or felony depending on the circumstances.Exception to this rule:
School districts are the only agencies that are allowed to Disseminate CHRI to another School district. CHRI must be securely mailed directly to the school district. A Secondary Dissemination log is required.
Slide9Examples of misuse of CHRI
Pierre School District conducts a state/federal background check on Jane Doe. They receive the results and Jane asks for a copy of the background check, the school District makes a copy and gives it to her.NO, the individual can not have a copy or SEE the FBI results. The results are not to be filed in the personnel file, they must be filed separately.
Slide10Another Example:
Sioux Falls School District conducts a state/federal background check on John Doe, once the results are received a daycare, where John Doe works part time asks for a copy of the background check instead of conducting one for their agency.NO, School districts are allowed to share results from one school district to another school district but can not share with other agencies.
Slide11Dissemination of Criminal History Record Information
With all authorized dissemination a Secondary Dissemination log shall be maintained until the onsite audit is complete and the agency receives a successful Policy Compliance ReviewAgain, currently only schools are allowed to share CHRI between districts
Slide12Secondary Dissemination Log
Should Contain:Name of SubjectDate of BirthSS# (optional)Agency name – releasing recordDate of release
Name of Person requesting record
Requesting Agency
Purpose of the Record
Signature of person signing for the record (Must be released to the school district, not the subject of the background check.)
Slide13Outsourcing of Noncriminal Justice Administrative Function
The Outsourcing Standard permits agencies to select a private or governmental agency to perform noncriminal justice administrative functions on behalf of the agency.Shredding IT SupportData Storage
The NCJA must provide SDDCI written permission to outsource and SDDCI will notify the agency whether the outsourced vendor is approved or denied.
Slide14Examples of Outsourcing
Aberdeen school district has shredding, which includes personnel files and state/FBI background checks, they contract with a local shredding company to shred once a month.The School district would have to provide SDDCI with written permission to outsource with this agency. SDDCI will contact the company and review their security policies and will either approve or deny the outsourcing agency
Slide15Example
Spearfish school district does not have IT personnel within their school district, therefore they contract with a local IT computer support/repair shop.The school district would provide, in writing, a request to use the local computer shop to maintain their computers etc. SDDCI would contact the agency and inquire about their firewalls, encryption and security training policies. At that time SDDCI would either deny or approve the outsourcing agency.
Slide16IT Security and Responsibilities of CHRI
If you are storing records electronicallyScanning CHRI into a filePlease have your IT Staff Contact Jami Oakland at SDDCI and we will go over the IT requirements Keeping a checklist electronicallyA list that states State – FBI background check sent/ received
You can not use the word of phrase “FBI background check”
You can not email CHRI
You can not fax CHRI
You can not make copies of CHRI
Slide17Non-Criminal Justice Agency User Agreement
Page 17Fill out the followingAgency NameAgency Mailing and Physical AddressCity, State, and ZipPoint of Contact (Can be whomever you chose to be the contact person)
Telephone and Fax number
(of the contact person)
Email address
(of the contact person)
Slide18Page 18
Provide description of PurposeYou would enter why you submit state/FBI fingerprints to DCIEnter Law(s) requiring or allowing you this functionEnter your agency ORIPage 20Signature of Agency Representative
Date
Print or type name
Slide19Page 21
Non-Criminal Agency Coordinator (NAC)This individual will be the liaison between your agency and SDDCI. Will be the contact person when SDDCI sends out Audit informationWill be the contact person when an onsite Audit is scheduledWill be responsible for notifying SDDCI when a new employee start or an employee leaves so SDDCI can keep our CJIS Security training records current.
The NAC can be whomever you chose
Slide20Required information to complete the appointed NAC form
Agency NameAgency ORIAgency mailing and physical addressWork number (NAC’s)
Fax number (NAC’s)
Email address of the Agency Director
Has this person received CJIS Security training? The answer will be no
Slide21Page 22
Local Agency Security OfficerThe LASO can be whomever you want to actively represent your agency in all matters pertaining to information security, to disseminate information security alerts and other material within your agency.The LASO must contact SDDCI when misuse of CHRI has been committedUse form on page 41
The LASO can contact SDDCI with specific questions and concerns
Slide22CJIS Security Training
Please provide the following for individuals that have access to CHRINamePhysical and mailing addressEmail AddressTelephone number
Once this information is received the CJIS security training email with log in and password will be emailed to the individuals.
Slide23Once the individual has completed the CJIS online training and has taken the test please have them complete the following:
User Rules of Behavior Acknowledgement form (pages 34-35)Disciplinary Policy (pages 36-39)Acknowledgment Statement of Misuse (page 40)
You may need to make additional copies to accommodate your staff
Also, please remember to keep a copy for your records
Slide24Audit Prep
A notification letter along with a questionnaire will be mailed approx. 45 -60 days before the on-site audit.The Agency should review, complete and return the questionnaire to SDDCI in a timely manner.It is important for the agency to note any specific areas that the agency wishes to address during the on-site audit.
Once the audit is reviewed by SDDCI the POC will be contacted to schedule an on-site audit.
Slide25Agency Administrative Interview(On-Site Visit)
Topics to discuss during the on-site auditUse of criminal historyLegal AuthorityFinger print submission information
Dissemination of CHRI
Outsourcing
User Agreement
Security
Physical security
Personnel (who has access to CHRI)
Maintenance of criminal history record information
Destruction process of CHRI
Slide26Agency Criminal History Record Review
SDDCI Auditor will predetermine a random number of CHRI received by an agencyThe Auditor will document each discrepancy found during the on-site audit.Examples:Unauthorized – CHRI should not have been requested or received
Unsecured – CHRI filed or maintained in a non-secure location
Undocumented – Dissemination log and/or waiver is missing
Slide27Agency Exit Briefing
The purpose of the exit briefingIs to present a summary of findingsOverview of the general findingsShould not be considered the official outcomeThe official findings and recommendations will be mailed to the agency LASO and NAC within 30 days of the on-site audit
If the agency has failed compliance standards
A follow up audit will be conducted 30 to 90 days of initial audit
The follow up audit will include a new sampling of records
Slide28Audit Survey Form
Along with the final report the agency will receive an Audit survey form.The survey provides the agency the opportunity to rate the audit processOur Goal of the survey
Obtain information and/or opinions about the process
Communication between the agency and SDDCI
Identify areas in the audit process that needs improvement
Slide29Thank you!