Criminal Justice Information Protection Policy
16 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the main purpose of the Media Protection Policy?

  • To ensure that all media is available for public dissemination
  • To promote the use of personal information systems
  • To ensure Criminal Justice Information is protected until it is appropriately handled (correct)
  • To allow broad public access to Criminal Justice Information
  • How often should user accounts with access to Criminal Justice Information be reviewed?

  • Only when a security incident occurs
  • Annually at a minimum (correct)
  • At the end of each fiscal year
  • Every six months
  • Which of the following is NOT a recommended storage practice for Criminal Justice Information?

  • Using a locked drawer or cabinet for physical media
  • Storing hardcopy documents in a secure area
  • Allowing any employee access to CJI documents (correct)
  • Restricting electronic media access to authorized individuals
  • What must be done with Criminal Justice Information at the end of its media life?

    <p>Destroy or sanitize it using approved methods</p> Signup and view all the answers

    What action is recommended if Criminal Justice Information is stored outside a secure location?

    <p>Ensure the data is encrypted</p> Signup and view all the answers

    Which of the following locations is considered publicly accessible and should not be used for processing Criminal Justice Information?

    <p>A hotel business center computer</p> Signup and view all the answers

    What should be done if a user has inappropriate access to Criminal Justice Information?

    <p>Immediate action should be taken to rectify access levels</p> Signup and view all the answers

    Which of the following is a requirement regarding the use of personal information systems?

    <p>They cannot be used to access or store Criminal Justice Information</p> Signup and view all the answers

    What certification must be met by the cryptographic module when encryption is used?

    <p>FIPS 140-2 standards</p> Signup and view all the answers

    Which of the following is NOT a recommended practice for protecting CJI during transport?

    <p>Allow all personnel to access CJI</p> Signup and view all the answers

    What action should be taken when disposing of CJI documents?

    <p>Shred the documents</p> Signup and view all the answers

    Which role is responsible for notifying about the loss or disclosure of CJI records?

    <p>Local Agency Security Officer (LASO)</p> Signup and view all the answers

    Which security measure is advised for controlling access to CJI?

    <p>Implementing role-based rules</p> Signup and view all the answers

    What should be done if an incident involving CJI is discovered?

    <p>Notify the Chief of Police and complete a report within 24 hours</p> Signup and view all the answers

    Which of the following actions is NOT acceptable when handling CJI?

    <p>Mailing hard copies of CJI information</p> Signup and view all the answers

    What is the appropriate safeguard for electronic and physical media during transport?

    <p>Only allow transfer by authorized personnel</p> Signup and view all the answers

    Study Notes

    Media Protection Policy

    • Purpose: To ensure the protection of Criminal Justice Information (CJI) until it is either released to the public via authorized channels or purged/destroyed according to record retention rules.
    • Scope: This policy applies to all SGSC Police Department employees who have access to CJI.

    User Accounts/Access Validation

    • Regular Review: All account systems containing CJI should be periodically reviewed, at least annually to ensure access and privileges align with job functions, need-to-know, and current employment status.

    Commercial Dissemination

    • Authorized Release: CJI can only be released to the public via authorized channels.

    Media Storage and Access

    • Secure Storage: Electronic and physical media containing CJI must be stored in a secure area (locked drawer, cabinet, or room).
    • Restricted Access: Only authorized personnel are allowed to access electronic and physical media containing CJI.
    • Printout Management: CJI printouts must be stored in a secure area accessible only to employees whose job requires it.
    • Encryption: When CJI is stored electronically outside a physically secure location, it must be protected by encryption that meets FIPS 140-2 standards.
    • Log Out: All computer users must lock or log off their computers when not in immediate vicinity to protect CJI.

    Media Transport

    • Authorized Recipients: Electronic and physical media containing CJI can only be transported to agencies that are authorized recipients of the information and are being serviced by the accessing agency.
    • Control and Protection: Transport of CJI outside of secure areas must be restricted to authorized personnel.
    • Secure Delivery: Confidential electronic and paper documents containing CJI must be securely delivered by:
      • Authorized personnel viewing or accessing the data in a secure location.
      • No mailing hard copies and no personal transportation of CJI unless specifically authorized.
      • Use of a shredder when disposing of CJI documents.

    Electronic Media Sanitization and Disposal

    • Proper Sanitization: All electronic media containing CJI must be sanitized and disposed of using approved equipment, techniques, and procedures.

    Breach Notification and Incident Reporting

    • Reporting: In case of a breach, the SGSC Police Department personnel must notify the Chief of Police, TAC, and LASO within 24 hours. A detailed incident report must be submitted.
    • Supervisory Action: The supervisor must communicate the situation to the LASO to notify them of the loss or disclosure of CJI records.

    Roles and Responsibilities

    • Personnel Responsibility: All SGSC Police Department personnel are responsible for complying with the Media Protection Policy.
    • Supervisory Responsibility: Supervisors are responsible for ensuring their team members adhere to policy and reporting breaches.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers the essential aspects of the Media Protection Policy concerning Criminal Justice Information (CJI). It evaluates your understanding of user account validation, secure media storage practices, and authorized release channels. Test your knowledge on best practices for protecting sensitive information within the SGSC Police Department.

    More Like This

    Use Quizgecko on...
    Browser
    Browser