Laserfiche WebLink
<br />audit procedures established by the project. (d) A project shall not include in any <br />criminal intelligence system information which has been obtained in violation of <br />any applicable Federal, State, or local law or ordinance. In an interjurisdictional <br />intelligence system, the project is responsible for establishing that no information <br />is entered in violation of Federal, State, or local laws, either through examination <br />of supporting information submitted by a participating agency or by delegation of <br />this responsibility to a properly trained participating agency which is subject to <br />routine inspection and audit procedures established by the project. ( e) A project <br />or authorized recipient shall disseminate criminal intelligence information only <br />where there is a need to know and a right to know the information in the <br />performance of a law enforcement activity. (f) (1) Except as noted in paragraph <br />(f)(2) of this section, a project shall disseminate criminal intelligence information <br />only to law enforcement authorities who shall agree to follow procedures <br />regarding information receipt, maintenance, security, and dissemination which <br />are consistent with these principles. (2) Paragraph (f) ( 1) of this section shall not <br />limit the dissemination of an assessment of criminal intelligence information to a <br />government official or to any other individual, when necessary, to avoid imminent <br />danger to life or property. (g) A project maintaining criminal intelligence <br />information shall ensure that administrative, technical, and physical safeguards <br />(including audit trails) are adopted to insure against unauthorized access and <br />against intentional or unintentional damage. A record indicating who has been <br />given information, the reason for release of the information, and the date of each <br />dissemination outside the project shall be kept. Information shall be labeled to <br />indicate levels of sensitivity, levels of confidence, and the identity of submitting <br />agencies and control officials. Each project must establish written definitions for <br />the need to know and right to know standards for dissemination to other agencies <br />as provided in paragraph (e) of this section. The project is responsible for <br />establishing the existence of an inquirer's need to know and right to know the <br />information being requested either through inquiry or by delegation of this <br />responsibility to a properly trained <br /> <br />- 3- <br /> <br />participating agency which is subject to routine inspection and audit procedures <br />established by the project. Each intelligence project shall assure that the <br />following security requirements are implemented: (1) Where appropriate, projects <br />must adopt effective and technologically advanced computer software and <br />hardware designs to prevent unauthorized access to the information contained in <br />the system; (2) The project must restrict access to its facilities, operating <br />environment and documentation to organizations and personnel authorized by <br />the project; (3) The project must store information in the system in a manner <br />such that it cannot be modified, destroyed, accessed, or purged without <br />authorization; (4) The project must institute procedures to protect criminal <br />intelligence information from unauthorized access, theft, sabotage, fire, flood, or <br />other natural or manmade disaster; (5) The project must promulgate rules and <br />regulations based on good cause for implementing its authority to screen, reject <br />for employment, transfer, or remove personnel authorized to have direct access <br />to the system; and (6) A project may authorize and utilize remote (off-premises) <br /> <br />WEISS West Bay Region Node MOU Agreement <br /> <br />Page 27 of 48 <br />