Computer and mobile device use.pdf

Full Transcript

BOCA RATON POLICE SERVICES DEPARTMENT
Departmental Standards Directive 13.966
COMPUTER AND MOBILE DEVICE USE
Revised: May 3, 2019

I.

PURPOSE:

The purpose of this departmental standards directive is to provide employees with the guidelines when
using City issued computers, mobile devices, related software, applications and/or equipment.

II.

POLICY:

The Department will provide computers, mobile devices and/or related equipment to access electronic
communication systems such as email, Internet, and other software necessary for employees to carry out
their duties.

III. DEFINITIONS:
Application (App): Software that is a program or group of programs designed for the benefit of end users.
Cell Phone: A mobile phone that utilizes Wi-Fi and/or cellular service for voice service, that can make and
receive phone calls, but does not have the data services that allow text messaging, email products or
applications.
Computer: An electronic device for storing and processing data, typically in binary form.
Device: Any equipment issued by the City to access information or facilitate communication, including,
but not limited to computers, cell phones, mobile devices, pagers, and tablets.
Electronic Mail (Email): The electronic transfer of information typically in the form of appointments,
messages, memoranda, mobile computer terminal messages and attached documents from a sending
party to one or more receiving parties.
Mobile Device: Portable communication equipment (including cell phones, Smart Phones, and Tablets)
that uses Wi-Fi or cellular service for making/receiving phone calls, running applications, and/or sending
text messages.
Mobile Device Management (MDM): A software application that is used by the City’s Information
Technology (IT) Division to configure, manage and restrict the uses of mobile devices.
Public Records: In accordance with FSS 119.011(12), defines public records to include: all documents,
papers letters, maps, books, tapes, photographs, films, sound recordings, data processing software, or
other material, regardless of the physical form, characteristics, or means of transmission, made or
Effective: February 22, 2002
Revised: May 3, 2019

Computer and Mobile Device Use
Directive No. 13.966
Page 1 of 7

received pursuant to law or ordinance or in connection with the transaction of official business by any
agency.
Smart Phone: A mobile device with multifunctional features including an operating system that allows the
communication of both voice and data information, including the ability to utilize phone services, email
products, applications and/or text messaging.
Tablet: A mobile device that consists of a touchscreen display, processing circuitry, and a rechargeable
battery in a single thin, flat package, that utilizes Wi-Fi and/or cellular data service, but does not have the
primary ability to function as a phone.
Text Messaging: The act of composing and sending electronic messages referred to as text messages or
texts between two or more mobile devices. Text messaging can use short message services (SMS), but
also can include multimedia messages containing images, videos, and sound content, as well as ideograms
known as emoji.
Third-Party Technology: Hardware or software utilized by the Department which is owned by a third party
that includes, but is not limited to, external databases and applications.
User: Any City employee who either utilizes a City-issued computer or mobile device for City business.

IV. PROCEDURE:
A.

ADVISORIES:
Employees shall have no expectation of privacy when using Department
computers, mobile devices, or related equipment for any purpose. Employees shall not
have any expectation that any material or data contained in any portion of the computer,
mobile devices, or related equipment, which includes email, text messages, images,
sound recordings and history of Internet use, will be either private or confidential and
shall consent as a condition of employment to the Department’s interception and
retrieval of all such material, data and communications.
The Department may inspect, monitor, audit or otherwise examine, at any time
and without prior notice, any computer system, mobile device or related equipment
Department-owned to determine if an employee is in compliance with City and/or
Department written directives.
a.
This monitoring, auditing and inspection may include, but is not limited
to, the content of computer hard drives, mobile devices, email, text messages,
images, sound recordings, and any logs and files that may exist on servers,
routers, switches, or other equipment owned or maintained by the City.
b.
Moreover, the Department may at any time and without notice, monitor
or record an employee’s email, text messages, Internet usage, etc. Failure by the
Department to monitor or conduct such audits or inspections shall not in any way
diminish the Department’s right to do so.

Effective: February 22, 2002
Revised: May 3, 2019

Computer and Mobile Device Use
Directive No. 13.966
Page 2 of 7

All employees have an obligation to report intentional or negligent violations of
the City and/or Department’s written directives by another employee to their supervisors.
Supervisors to whom violations are reported, will take appropriate disciplinary action.
Employees are required to provide the chief of police, or his/her designee, upon
request, any password or encryption code that the employee has assigned or affixed to
any Department-issued communications, mobile devices, computer hardware, software,
files, data, caches, or electronic images stored on any Department-issued device.
Employees who are found to have violated the City and/or Department’s written
directives regarding computer usage or access to criminal justice information systems are
subject to discipline, up to and including termination of employment.

B.

INFORMATION TECHNOLOGY GUIDELINES:
GENERAL: 32.01
a.
Employees shall only use Department-owned computers, mobile devices,
or related equipment to access the electronic communication systems, such as
email, text messages, mobile computer terminal messages, etc. for City business
unless otherwise specified.
b.
Access to the Internet is a tool provided by the Department to employees
to enhance their ability to perform their jobs by providing research opportunities.
c.

Generally, employees will use the Internet for job related research only.

d.
Incidental and occasional personal use of the Internet will be permitted,
provided such use does not interfere with or delay official Department business.
e.
All work-related information obtained via the Internet should be verified
before being used.
EMPLOYEE RESPONSIBILITIES: 32.01
a.
Each employee is responsible for checking his/her email account at least
once during each workday.
b.
Viewing or opening email addressed to an employee creates a
presumption by the Department that the employee has read the email and all its
attachments.
c.
Employees are responsible for all activity that occurs on their Department
devices or related equipment.
d.
Employees are responsible for the care and maintenance of his/her
devices or related equipment.

Effective: February 22, 2002
Revised: May 3, 2019

Computer and Mobile Device Use
Directive No. 13.966
Page 3 of 7

e.
Employees will follow the manufacturer’s directions for cleaning parts,
such as screens, keyboards, and cases.
f.
Employees are responsible for reporting malfunctioning devices or
related equipment to IT employees through the prescribed method as dictated
by the IT Director or his/her designee.
g.
Employees shall immediately notify their supervisors and IT employees if
their devices, or related equipment have been exposed or potentially exposed to
unauthorized access or have been damaged, misplaced, lost or stolen, so access
to the devices can be suspended or disabled.
h.
Employees are financially responsible for damage or loss due to
negligence or failure to comply with policy provisions.
i.
Employees shall use Department-issued devices or related equipment in
a legal and responsible manner.
j.
Employees must use appropriate security measures to protect against
unauthorized access to the City’s email or computer network when using
Department-owned devices or related equipment.
k.
To request approval to use new software, employees shall request
approval from an IT representative through their division commander. If
approved, only IT employees shall install the software.
IT EMPLOYEE RESPONSIBILITIES:
a.

All devices and related equipment will be assigned by IT employees.

b.

All devices will be managed by the IT Division through an MDM program.

c.
All devices and related equipment will be purchased and disposed of by
IT employees.
d.
An inventory list of issued devices and related equipment shall be
maintained by IT employees.
e.
Only IT employees may alter, modify, or delete existing configurations,
files, systems, and like contents on an employee’s devices or related equipment.
f.
Hardware items are not to be removed or added to City devices or related
equipment unless performed by an IT employee.
PROHIBITED USE: 32.01
a.
While using computers, mobile devices, and/or related equipment to
access electronic communication systems such as email, text messages, Internet
and other software, employees shall not intentionally view, download, transmit
Effective: February 22, 2002
Revised: May 3, 2019

Computer and Mobile Device Use
Directive No. 13.966
Page 4 of 7

or receive electronic images that contain nudity, pornography, child
pornography, or other images, words, or language that are sexually explicit or of
lascivious or sexually suggestive nature; unless necessary as part of a criminal
investigation approved by the chief of police or his/her designee. If any of the
information is accessed, the employee shall notify his/her bureau commander
through the chain of command, explaining the circumstances surrounding the
access.
b.
While using computers, mobile devices, and/or related equipment to
access electronic communication systems such as email, text messages, Internet
and other software, employees shall not violate any of the City and/or
Department written directives.
c.
Personal use of mobile devices for telephone calls and/or text messaging
is prohibited, except in an emergency, and then only the telephone call capability
shall be used. 32.05
d.
Personal use of City email or other messaging systems (MCT, paging, etc.)
is prohibited.
e.
The use of another person’s identity and/or password is prohibited,
except as is necessary for testing by IT employees.
f.
Employees are prohibited from hiding or password protecting personal
files stored on Department-owned computers, mobile devices, or related
equipment.
g.
Employees shall not use the computer, mobile devices, or related devices
to access social media sites (e.g. Facebook, Twitter) or streaming media sites and
services (e.g. YouTube, Netflix) unless in performance of their assigned duties or
approved by the chief of police or his/her designee. 32.05
h.
Phone calls and/or text messages shall not be forwarded to your
personally-owned devices. 32.05
i.
Employees shall not store or share confidential, HIPAA-protected
records, or Criminal Justice Information System (CJIS) data on their devices or
related equipment, or in any cloud storage associated with his/her devices or
applications.
j.
The Department strictly prohibits any unauthorized copying of licensed
software as a violation of copyright laws.
k.
Employees shall not electronically sign, or click “I Accept”, to any license
agreements during the installation of any new software unless the software has
been approved by IT.

Effective: February 22, 2002
Revised: May 3, 2019

Computer and Mobile Device Use
Directive No. 13.966
Page 5 of 7

SECURITY: 32.01
a.
Employees who use devices to access information regulated by state and
federal law from the Florida Crime Information Center and the National Crime
Information Center (FCIC/NCIC) and the Department of Highway Safety and
Motor Vehicles shall adhere to the security policies and procedures outlined in
Departmental Standards Directive 81.200 Criminal Justice Information Systems.
b.
Employees will not reveal to any unauthorized person, the existence or
functionality of, or means of accessing, defeating, or avoiding any type of security
feature associated with a Department communication system.
c.
External USB drives shall not be connected to a device unless active and
up-to-date antivirus software installed by IT is running on the device being used.
d.
Employees will not knowingly create, send, receive, or forward any
message that contains any hostile computer programs, such as viruses, worms,
Trojan horse programs or any other program or device intended to cause harm
or inconvenience to the recipient(s).
e.
To achieve compliance with Criminal Justice Information Systems (CJIS)
security policies, Department employees shall adhere to the password
requirements contained in Appendix A.
f.
Employees shall not disclose passwords to others except as deemed
necessary by IT employees.
g.
Employees shall, either log-off the computer, or use a password
protected screen saver, when absence from the computer will create a security
risk.
h.
Employees who are found to have violated City and/or Department
written directives regarding computer usage or access to criminal justice
information systems are subject to discipline, up to and including termination of
employment.
PUBLIC RECORDS:
a.
Employees shall adhere to all Florida State Statutes pertaining to public
records.
b.
All transmissions are public record and are stored by the Department for
review and auditing purposes.
c.
Mobile device users shall retain any mobile device public records not
archived by the City (including photographs and notes).

Effective: February 22, 2002
Revised: May 3, 2019

Computer and Mobile Device Use
Directive No. 13.966
Page 6 of 7

d.
IT employees maintain copies of all electronic messages originating
within the Police Services Department. Email messages that are kept because
they contain valuable information are public records subject to public inspection.
e.
A designee of the chief of police shall review the contents of all electronic
messages requested, as a part of any public records request, to eliminate all
information exempted or confidential by law.
THIRD-PARTY TECHNOLOGY:
a.
Privately owned and administered technological solutions are made
available to Department personnel for official Department business only.
(Examples include AK, LEX, Palm Beach County Robbery Clearing House, etc.)
b.
Employees shall not sign agreements with technology providers, nor shall
they use third-party applications without the approval of the chief of police or
his/her designee.
c.
Personnel shall not share access to any third-party databases or systems
with anyone outside the Department.

Approved:

Daniel C. Alexander
Chief of Police

Effective: February 22, 2002
Revised: May 3, 2019

Date:

Computer and Mobile Device Use
Directive No. 13.966
Page 7 of 7