Section R13-1-201. ACJIS Security Measures

Latest version.

All data is extracted from pdf, click here to view the pdf.

A.       All criminal justice agencies that collect, store, disseminate, or access criminal justice information or criminal history infor- mation from the ACJIS shall sign and return to the Depart- ment’s Access Integrity Unit an ACJIS User Agreement. The ACJIS User Agreement states that the agency will follow state and federal requirements as specified in R13-1-204(A) relating

to the collection, storage, dissemination, and access of crimi- nal justice information and criminal history record information obtained directly or indirectly from the ACJIS.

B.       A criminal justice agency accessing the ACJIS network shall meet the following security guidelines:

1.        Access and dissemination of information from the ACJIS network is limited to criminal justice agencies for the administration of criminal justice or for criminal justice employment.

2.        An agency that enters records into the ACJIS network is responsible for the accuracy, timeliness, and complete- ness of the record entries.

3.        An agency shall have an ACJIS misuse policy that out- lines the sanctions imposed on agency personnel who misuse ACJIS.

4.        An agency shall ensure that agency equipment connected to the ACJIS network is fully compatible with existing ACJIS computer equipment and upgraded as necessary to remain compatible with ACJIS configurations and archi- tecture.

5.        An agency shall ensure that agency personnel maintain appropriate operator certification levels as specified in R13-1-203.

C.       A criminal justice agency that interfaces its record manage- ment system with the ACJIS network shall meet the following interface standards and security requirements as set by the Department:

1.        Provide to the Department a complete and accurate sche- matic of agency network and hardware configuration;

2.        Ensure that there are security controls to prevent unautho- rized access to ACJIS information;

3.        Follow user identification and password configurations specified by the Department;

4.        Establish a process to review system logs and store the logs for one year; and

5.        Sign the Department’s ACJIS interface addendum agree- ing to follow the standards in this subsection.

Historical Note

New Section made by final rulemaking at 11 A.A.R.

1550, effective June 4, 2005 (Supp. 05-2).

                    
                        var val = document.getElementById('citecontent').innerHTML;
                        art.dialog.defaults.title = window.location.href;
                        art.dialog.data('cite', val);
                        art.dialog.data('homeDemoPath', '/Scripts/plus/artDialog/');
                        art.dialog.open('/Scripts/plus/artDialog/citeiframe.html');