The information below is provided through the CJIS Security Policy Resource Center. If you have any questions about CJIS or need more information, please contact the contract department. Under the first policy area agreement on the exchange of information, it is stated that information exchanged by the communication media should be securely protected by appropriate security measures. The information exchanged can take many forms, for example.B. instant messages, e-mail, hard copy, fax, web services and also information systems that send, receive and record CJI information systems. It should be noted that, prior to the exchange of criminal justice information, the authorities should conclude formal agreements defining security checks. Information exchange agreements help to understand the roles, responsibilities and ownership of data between agencies and other external parties. CJIS Security Directive – The main security premise of the CJIS Directive is to provide appropriate controls to protect the entire life cycle of criminal information (CJI), whether at rest or in transit. The CJIS Security Policy provides instructions for the creation, display, modification, transmission, dissemination, storage and destruction of CJI data. This Directive shall apply to any individual – contractor, private body, representative of a non-criminal judicial authority or member of a criminal justice unit – having access to criminal services and information or assistance to criminal justice services and information. For public and federal government user agreements, each head of the Special Intelligence Bureau (SIB) or an official of the CJIS Systems Agency (CSA) should execute a written user agreement signed with the FBI`s CJIS department stating that they are prepared to comply with the Information Exchange Directive even before having access to and participating in CJIS registration information programs. All agreements with the FBI`s CJIS division would be coordinated with the csa director, and the interface agency would have to allow the FBI to regularly test the ability to enter the FBI network via an external network connection. The proper handling of criminal information is of the utmost importance and authorities should establish procedures for the management and storage of information in order to protect it against unauthorized disclosure, misuse or modification.
These procedures should be followed when handling, processing, communicating and storing ICJs. In addition, the information management and protection guidelines also apply to the use of CJI shared with the FBI CJIS or obtained by the FBI CJIS for non-criminal purposes. . . .