Kansas City Police Department PII Procedures

Questions and Answers

What is the effective date for the procedural instruction regarding Personally Identifiable Information (PII) by the Kansas City Missouri Police Department?

03/25/2020 (correct)

03/25/2022

03/25/2019

03/25/2021

What is defined as a breach of security according to the guidelines?

Unauthorized access that compromises personal information (correct)

Access by public citizens for accountability

Any access to PII by department members

Good faith access for business purposes

What does the Kansas City Missouri Police Department aim to establish with the guidelines for PII?

Increased public access to criminal records

Guidelines for data correction and transmission of PII (correct)

Standardized protocols for public inquiries

Enhanced surveillance methods for sensitive information

How does the procedural instruction describe good faith access to PII?

As acquisition for business purposes of the Department (C)

Which document does NOT get rescinded by the procedural instruction regarding PII?

PPBM Code of Ethics and Rules of Conduct (B)

What constitutes PII?

Information directly identifiable to an individual (A)

Which of the following is excluded from the definition of PII?

Publicly available information (A)

What type of information is considered sensitive data?

A person's date of birth (A)

Which of the following represents sensitive data that could lead to privacy issues if compromised?

Social Security Number (C)

Which of these is not typically classified as sensitive data?

Home telephone number (D)

Which information listed would be linked to sensitive data due to potential privacy breaches?

Date of Birth (D)

Which of the following is a key characteristic of sensitive data?

It could adversely affect individual privacy if accessed without authorization (A)

What type of identification number is considered sensitive information?

State Identification Number (B)

Who has the authority to amend records containing PII within the Department?

The Department element that created the record (C)

What must a member do upon becoming aware of a breach of PII?

Report to the Information Technology (IT) help desk immediately (A)

Under what circumstances can exceptions to the written directive be made?

Only with specific requests approved by the Chief of Police or designee (B)

What is the role of the Information Technology (IT) help desk in the event of a PII breach?

To notify the Local Area Security Officer (LASO) immediately (A)

What is the primary consideration for making changes to Department records containing PII?

The mission and needs of the Department with legal compliance (D)

What is the main purpose of collecting PII by the Department?

To ensure only authorized personnel have access to sensitive data. (C)

Which of the following individuals would NOT typically provide PII to the Department?

Private investigators conducting unrelated research. (D)

What should authorized members of the Department do with PII?

Protect it in accordance with their duties. (C)

In what formats does the Department collect PII?

In both electronic and conventional paper formats. (C)

What aspect of PII disclosure is emphasized by the Department's guidelines?

It must be reviewed on a case-by-case basis pursuant to law. (D)

What documents guide the Department's policies on accessing sensitive data?

Computerized Police Information Systems and Code of Ethics. (B)

Which statement reflects a commitment of the Department regarding PII?

Only authorized members protect PII in their duties. (B)

Which of the following options best represents a misuse of PII according to the Department's guidelines?

Accessing PII for personal gain or unrelated activities. (D)

What is required for accessing PII according to the established policies?

Information must only be used for official purposes. (A)

Under what condition can PII be shared with third parties?

With the individual’s written consent. (A)

What must an individual provide when requesting correction of their PII?

A written reason along with verifiable documentation. (C)

Which of the following is a requirement when accessing one's own PII?

A valid legal identification is required. (A)

When can PII be corrected or amended according to formal procedures?

If the information is found inaccurate or outdated. (A)

What is a situation in which PII may NOT be shared?

In violation of written directives or laws. (B)

What is the role of the Custodian of Records in relation to PII?

They manage and provide access to PII upon request. (D)

What safeguards exist regarding PII access to unauthorized individuals?

Only authorized personnel can assess the need for PII access. (D)

Study Notes

Overview of Policies on Personally Identifiable Information (PII)

• Guidelines established for the acquisition, use, storage, and transmission of PII and sensitive data by the Kansas City Missouri Police Department.
• Public access to these guidelines allows individuals to understand how to correct their PII as collected by the Department.

Terminology

• Breach of Security: Unauthorized access that compromises personal information security; does not include good faith access by authorized personnel.
• Personally Identifiable Information (PII): Any data that can be used to identify an individual, excluding publicly available or lawfully obtained information.
• Sensitive Data: Information that, if lost or accessed unlawfully, could harm an individual's privacy; includes date of birth, Social Security Number, driver’s license, financial and medical information.

Policy Commitment

• The Department prioritizes the protection of PII and sensitive data, adhering to ethics and rules governing confidential information access.
• Applies to all members who work with digital systems, communication channels, and data management.

General Information on PII Handling

• Collection and Use: PII is collected from citizens, vendors, and employees as part of regular operations, in electronic or paper formats.
• Authorization: Access to PII is limited to authorized personnel using it strictly for official duties; sharing contrary to directives is prohibited.

Sharing with Third Parties

• PII can be shared in accordance with legal requirements, contracts, or with individual consent for criminal justice purposes.

Correcting PII Information

• Individuals may request to view or amend their PII under the Missouri Sunshine Law, needing valid identification.
• Requests for corrections must be supported by written justification; amendments are at the Department's discretion.

Security Breach Protocol

• Any member aware of a potential breach must notify the IT help desk, which will then inform the Local Area Security Officer.

Exceptions and Changes

• Exceptions to the written directive can only be made with approval from the Chief of Police or designated individual, ensuring compliance with legal standards.

Description

This quiz covers the procedural instructions regarding Personally Identifiable Information (PII) as issued by the Kansas City Missouri Police Department. It focuses on the policies and protocols established to protect sensitive information within computerized police systems. Learn about the references and amendments related to this important subject.