NEW SMYRNA BEACH POLICE DEPARTMENT NEW SMYRNA BEACH, FLORIDA POLICY AND PROCEDURE DIRECTIVE

Transcription

1 TITLE: NUMBER: EFFECTIVE: July 25, 2012 NEW SMYRNA BEACH POLICE DEPARTMENT NEW SMYRNA BEACH, FLORIDA POLICY AND PROCEDURE DIRECTIVE Electronic Communications Protocols CFA STANDARD: CFA Chapter AMENDS: DATE FOR REVIEW: As Required REVIEW BY: Staff DATE REVISED: June 1, 2012 PURPOSE... 1 DISCUSSION... 1 POLICY... 2 DEFINITIONS... 2 INFORMATION TECHNOLOGY MANAGER... 3 COMPUTER UTILIZATION... 3 SOFTWARE POLICY... 4 REQUESTS FOR HARDWARE/SOFTWARE... 5 SECURITY... 5 MOBILE COMPUTER TERMINALS... 5 FCIC/NCIC USE... 6 ELECTRONIC BLOGS*, WEB POSTING, CHAT ROOMS... 7 RETENTION OF INTERNET/INTRANET USE... 8 POWER DATA MANAGEMENT SYSTEMS (DMS)... 8 VOICE MAIL... 8 COMPLIANCE PROCEDURES... 9 VIOLATION PENALTIES... 9 LEGAL DISCLAIMER INTRANET PURPOSE The purpose of this Directive is to establish guidelines and regulations governing security and utilization of computer hardware and software used on New Smyrna Beach Police Department owned, purchased or leased computer equipment. It is also to establish guidelines in the creation, maintenance, use, and disposition of information contained in various electronic communication systems within the New Smyrna Beach Police Department. Various communications systems may be utilized by, or provided to Police Department members. They include both contemporaneous and pre-record communications. Some of these are: Telephones and tele-facsimile (Fax) devices Electronic mail ( ) systems Internet/Intranet Systems Radio and Paging Systems Electronic and paper documents Power DMS DISCUSSION As a law enforcement agency, it is imperative that the New Smyrna Beach Police Department diligently strives to maintain lawful adherence to all state and federal laws. Compliance with copyright and software licensing laws can be difficult due to the ease with which these products can be copied. Often the individual involved is not aware of the prohibitions involved or the possible consequences of their actions. This Directive, in part, is designed to Electronic Communications Protocol Page 1 of 10

2 familiarize all members of the Department with the general content of these laws and the procedures necessary to ensure compliance. POLICY It is the policy of the New Smyrna Beach Police Department to provide electronic communications as a method of expediting business communication, eliminating paperwork, and automating routine office tasks in a cost-effective manner. In utilizing this expeditious and efficient forum of communication, members of the New Smyrna Beach Police Department must be cognizant of the fact that their work is subject to public and media scrutiny. Within this context, the use of electronic communications by Police Department members is encouraged as a method of conducting official business. This policy is applicable to all computer software and hardware currently installed and all future installations. Members of the New Smyrna Beach Police Department shall abide by all software copyright and licensing agreements. It is the Police Department s policy that the provided resources are not to be used for private or nonofficial use. Computer hardware and software owned or operated by the City shall be used for official business purposes only. Ordinarily, members should not access communications intended solely for another member or person unless requested to do so by the intended recipient, or directed to do so by a management representative. Unless the other party does not speak or read the language, all communications shall be in English, and no encryption program(s) shall be used without approval of the Chief of Police or designee. Members are advised that they do NOT have a reasonable expectation of privacy when members use a computer or any type of communications system that is authorized or provided by the NSB Police Department. All Internet/Intranet access, mail messages, programs, or documents sent to or by members, including the deciphering of encrypted text will be monitored. Additionally, management has the right to inspect or remove any document or program housed on a department-approved system. The New Smyrna Beach Police Department has taken the necessary steps to provide Internet access to members of the Department. This document outlines the policies on access to and acceptable use of the Internet by Police Department members. These policies may also be extended to outsourced vendors/contractors. Any member eligible for and desiring access to the Internet will be provided access under the terms and conditions of this policy. Violation of this policy may be grounds for having access to Internet services restricted or revoked and may be grounds for other appropriate actions. DEFINITIONS AUTHORIZED SOFTWARE: Is computer software that has been authorized by the Chief of Police with the recommendation of the Information Technology Manager. BLOG: A blog (short for web-log) is a personal online journal that is frequently updated and intended for general public consumption. Blogs are defined by their format: a series of entries posted to a single page in reversechronological order. COPYRIGHT: The right granted by law to an author, publisher, or distributor, for exclusive production, sale, or distribution of specific computer software or a computer software package. COPY OF RECORD: The printed copy of electronic mail messages or a copy kept in electronic form, which must be retained as per established retention requirements. Both the sender and the recipient's copy of will be designated as the agency's Copy of Record, and it will be the sender's responsibility to meet established retention requirements. ELECTRONIC MAIL ( ): Electronic Mail is the electronic transfer of information typically in the form of electronic messages, memoranda, and attached documents from a sending party to one or more receiving parties by means of an intermediate telecommunications system. that is created or received by an agency in connection with official business is a record that is subject to Access and Records Management laws and regulations. Electronic Communications Protocol Page 2 of 10

3 EXTERNAL ELECTRONIC MAIL: Electronic mail received from an outside agency or the public. INFORMATION TECHNOLOGY MANAGER: Is a departmental member who has been assigned the responsibility and authority to oversee the computer hardware, software, and communications system within the agency by the Chief of Police. NON-PUBLIC RECORDS: messages are not subject to the provisions of the "Public Records Act", Chapter 119, FSS when they consist of non-circulated materials and are not intended to serve as final evidence of the knowledge to be recorded. This includes internal and external personal communications or announcements of a non-business nature and personal notes intended for one s personal use. As an example: A draft of a written directive can be ed to all Division personnel for preview and editing. The draft is not subject to the "Public Records Act. Once the draft has been staffed and approved by the Chief of Police, it is an official policy and becomes public record, and the transitory messages may be deleted. PUBLIC RECORDS: Electronic mail messages are public records when they are created or received in the transaction of official business and retained as evidence of official policies, actions, decisions, or transactions. E- Mail messages that are kept because they contain valuable information are also public records. messages, which constitute public records, must be identified, accessible, and retained just like records in other formats. POWER DMS (Document Management Software): DMS is a paperless distribution, organization, and maintenance of written directives, and Policies and Procedures. TRANSITORY MESSAGES: Do not set policy, establish guidelines or procedures; certify a transaction, or become a receipt. Transitory messages are those records created for the informal communication of information and might be compared to a telephone conversation, written telephone messages, post-it notes, or verbal communications in an office hallway. They are not designed for the perpetuation or formalization of knowledge. These records are subject to public inspection. NON-TRANSITORY MESSAGES: Are those records, which document or set official policies, actions, decisions, or transactions and are for the perpetuation or formalization of knowledge. These records are subject to public inspection. VOICE MAIL: An interactive computerized system for answering and routing telephone calls, for recording, saving, and relaying messages. INFORMATION TECHNOLOGY MANAGER (ITM) The Information Technology Manager is a departmental member who has been assigned the responsibility and authority to oversee the computer hardware, software, and communications system within the agency by the Chief of Police. The ITM is responsible to ensure that the system(s) utilized by the agency continues to operate in the most efficient and effective manner utilizing current and appropriate soft/hardware Duties include, but are not limited to: acting as the liaison with the City of New Smyrna Beach Network Administrator; Volusia County Operations; software/hardware vendors; or any other entity, person, or organization regarding the utilization of hardware, software, and electronic communications utilized by the agency and members. COMPUTER UTILIZATION Hardware and software owned or operated by the New Smyrna Beach Police Department shall be used for official business purposes only. No City member or any other individual or organization is authorized to utilize any city computer hardware, software, or related facilities and supplies for other than official city business without the expressed written approval of the Chief of Police Authorized software must meet following criteria: Approved by New Smyrna Beach Police Department Information Systems as a department standard after being screened and approved by Information Technology Manager for authorized use, Purchased utilizing the purchasing process after approval by the Chief of Police, Developed by New Smyrna Beach Police Department staff or authorized agents for business. Electronic Communications Protocol Page 3 of 10

4 Resources covered by this directive include but are not limited to: Minicomputers and their peripherals Personal computers and their peripherals Printers Plotters and similar devices Computer workstations Data capture devices such as scanners, card readers, barcode readers, and similar devices Communication services such as leased, dial up or private line circuits used for data transmission Modems, multiplexers, channel/data service units, or their equivalent Software programs covered by this directive include but are not limited to: Utility programs Operating systems Application programs from any source such as Power DMS or OSSI Control procedures and/or command procedures Documentation related to any of the above Computer paper and forms Magnetic or optical storage media such as magnetic tapes, tape cartridges, optical disks, or magnetic disk packs and diskettes Police department members and/or independent contractors may utilize any of the approved resources after being authorized by the Information Technology Manager Formal demonstrations of software or hardware, programming activities, and dissemination of data and/or documentation to any individual or organization within or outside of the City control is prohibited without prior approval from the Chief of Police, the Information Technology Manager or designee. Division Commanding Officers, however, may authorize demonstrations of their user applications for visitors or for training purposes when such exercises are carried out with reasonable precautions against release of sensitive or proprietary information Computer generated data files or reports must be approved by the Chief of Police, or designee, prior to being distributed to persons or organizations external to City of New Smyrna Beach government No devices of any kind may be attached to any City computer equipment without the authorization of the Chief of Police or the Information Technology Manager No member shall install any software on a City owned or operated computer system unless it is authorized and approved by the Information Technology Manager. The use of proprietary software without an approved license agreement is strictly prohibited. CFA (D) No member shall bypass or modify any installed security systems or menu interfaces without the expressed permission of the Chief of Police or designee. COMPUTER SOFTWARE POLICY The New Smyrna Beach Police Department recognizes and supports the legitimate interests of copyright holders, and prohibits its members and contractors from violating the rights of copyright holders Members are prohibited from using software on any machine other than the one for which a license was obtained, unless the license clearly provides the right to copy the software or to use it on another machine. Questions regarding license agreements shall be directed to the New Smyrna Beach Police Department Information Technology Manager Only authorized computer software may be used on any computer owned, purchased, or leased by the New Smyrna Beach Police Department To prevent the introduction of unlicensed software and computer viruses, all personal computers are configured with security software. These measures ensure that the Information Technology Manager or designee is authorized to perform software installations. CFA (E) Electronic Communications Protocol Page 4 of 10

5 Mobile Data Computer users may only use disks obtained from Police Department personnel that have been scanned for viruses. CFA (E) REQUESTS FOR COMPUTER HARDWARE OR SOFTWARE All requests for purchase of computer hardware or software shall be forwarded to the Information Technology Manager through the normal chain of command using the standard property request/approval form The ITM shall review the request to ensure that it complies with established department hardware and software standards. If a discrepancy is encountered, the ITM shall contact the Chief of Police and discuss the request with him/her No computer software or hardware shall be ordered or purchased independent of the New Smyrna Beach Police Department Information Technology Manager If the Chief of Police approves the request, the request shall be forwarded to purchasing for action and ordering. SECURITY Only those persons authorized by the Chief of Police or his/her designee and issued a password shall be authorized to utilize the departmentally approved software and hardware. CFA (G) Members shall not disclose codes, passwords, or any other information obtained through the software programs that are only available to department members through the performance of their assigned duties Members, who disclose any information or violate the confidentiality of information known only to them by the virtue of their position, shall be subject to disciplinary action up to termination of employment Employees are prohibited from using unauthorized codes, passwords or other means to gain access to addressed to others, personal or business related. CFA (F) Members are prohibited from using unauthorized means to gain access to addressed to others. Members shall not disclose passwords to others. All electronic mail is subject to review by the Chief of Police or designee. MOBILE COMPUTER TERMINALS CFA (C) Mobile Computers Terminal (MCT) shall be used only for official department business MOUNTING OF THE MCT: The MCT has been mounted with an airbag cut off switch. When the airbag is off, the switch light is on. Passengers must be informed that the airbag has been deactivated. It is critical that the mount not be adjusted without the approval of the fleet manager USE WHILE VEHICLE IN MOTION: Due to safety considerations, it is recommended that the MCT be used only while the vehicle is stopped RADIO TRAFFIC: All call-related information from both Communications and officers will be made by voice transmission over the radio system. When dispatching a call for service, Communications will first dispatch it by voice radio and then forward the call information to the MCT of the affected field unit for reference. Officers will use the voice radio to acknowledge the call as well as for other call related information such as requests for clarification. This will ensure that all units are aware of the activity of other units TERMINAL MESSAGES: The use of terminal messages must be restricted. Terminal messages are designed for car-to-car transitory information and shall not be directed to Telecommunicators. On the rare occasion when a terminal message must be sent to Communications, it will be addressed to the appropriate terminal ID, not to an individual Telecommunicator. Electronic Communications Protocol Page 5 of 10

6 Do not use a terminal message to make any type of official request for which action will need to be taken. Often, the message is not read immediately, the screen has been cleared, or a personnel change has taken place. All requests will be made by voice radio transmission so that they are time stamped for logging purposes. Requests for Medical Examiner, wreckers, and other services must be done by voice radio transmission or telephone. Terminal messages are not private. They are public records Use of terminal messages will be closely monitored by supervisors who will take appropriate action to curtail excessive transmissions FCIC/NCIC UTILIZATION All procedures, confidentiality, requirements, and certifications shall be in compliance with the Florida Crime Information Center policies and procedures All members utilizing the criminal justice information system terminals shall be required to successfully complete the Florida Department of Law Enforcement s initial FCIC/NCIC training and recertify every two (2) years All communications sent or received via FCIC/NCIC shall be considered confidential and for law enforcement utilization or purposes only FCIC/NCIC checks for vehicle registrations, driver s licenses and warrants may be performed via MCT Anytime a hit is received, the officer must immediately notify Communications by voice radio transmission. Communications must then perform the FCIC/NCIC check again for confirmation purposes Officers shall make FCIC/NCIC check requests by voice radio transmission anytime officer safety is an issue. ELECTRONIC MAIL ( ) CFA (A) messages should be considered transitory messages and shall be considered as a means of informal communications, information that is short lived, or has no administrative value The electronic mail ( ) system and all messages created therein are property of the New Smyrna Beach Police Department Only members authorized by the Chief of Police shall use MANDATORY CHECKS: All department employees must check and read and their attachments sent through the department s internal system. This shall be done at the beginning and end of each shift/work day AUTHORIZED USE: is authorized for business communications. It is intended to replace communications that previously may have been handled by phone calls. This includes scheduling requests for information and responses to requests for information Reasonable personal use of by members is permitted, but such use should not interfere or conflict with business use. Members should exercise good judgment regarding the reasonableness of personal use UNAUTHORIZED USE: is not to be used for certain personal and business matters PROHIBITED PERSONAL USE: includes, but is not limited to: Solicitation Charitable requests Membership drives Political & Religious causes Pornography Electronic Communications Protocol Page 6 of 10

7 Anything in violation of State Statute(s) Any other causes or matters unrelated as directed by the Chief of Police or his/her designee PROHIBITED BUSINESS USE: includes, but is not limited to: Sharing of sensitive or confidential information (i.e., evaluations, counseling statements, and personnel information); Communications that establish Policy and Procedures or guidelines; Communications intended to formalize or perpetuate knowledge; Communication certifying a transaction or intended to serve as a receipt; No shall contain any language that is obscene, suggestive messages; offensive, graphical images, (except where authorized) or contains racial, religious, ethnic, or sexual slurs; Illegal activities; Threats, harassment, intimidation, slander, or defamation; Political endorsements; Commercial activities or solicitations; Chain letters; Misrepresenting one s identity while using except in bona fide undercover investigations Intercepting, disrupting, or altering electronic communications; The use of electronic mail system to compromise the integrity of the Police Department by spreading rumors or gossip; The use of the electronic mail system for moonlighting, job searches, or the advertisement of personal business outside the realm of approved Department Bulletin Board Systems; and Sensitive or confidential information. USE OF BLOGS*, WEB POSTINGS, CHAT ROOMS A blog (short for web-log) is a personal online journal that is frequently updated and intended for general public consumption. Blogs are defined by their format: a series of entries posted to a single page in reverse-chronological order. Blogs generally represent the personality of the author or reflect the purpose of the Website that hosts the blog. Topics sometimes include brief philosophical musings, commentary on Internet and other social issues, and links to other sites the author favors, especially those that support a point being made on a post As an employee of the New Smyrna Beach Police Department, the use and application of good judgment, decency and common sense is expected both on and off duty This expectation also applies while engaged in various computer activities both on and off duty Participation in World Wide Web/internet services such as Web postings, blogs, chat rooms, dating services, etc., should be carefully considered for proper personal conduct Employees are not to use, or cause/authorize to use, any official information, photographs, speech, or writings that identify them as a member of the New Smyrna Beach Police Department. Employees shall guard themselves accordingly and shall not participate in any conduct that is likely to have an adverse effect on the reputation of the New Smyrna Beach Police Department. RETENTION OF messages of a transitory nature as authorized by this Policy and Procedure, must be retained by any means that assures safe maintenance and public accessibility throughout the appropriate retention period in accordance with Florida State Statute TRANSITORY MESSAGES: Electronic and printed hard copy will be retained by the sender until obsolete, superseded, or administrative value is lost and may be deleted on a daily basis NON-TRANSITORY MESSAGES: The Copy of Record will be retained as per established Department of State retention guidelines either by printing and filing, maintaining an electronic copy or by storing on a disk medium until scheduled for disposal. Electronic Communications Protocol Page 7 of 10

8 Both the sender and receiver of will be responsible for meeting established retention requirements. INTERNET/INTRANET USE SPECIFIC PROVISIONS CFA (B) Internet access can provide significant business benefit for the New Smyrna Beach Police Department members. However, there is also significant legal, security, and productivity issues related to how the Internet is used. Because of the security, legal, and productivity issues, each Internet user within the Police Department network has the following responsibilities: Examples of such issues are viruses, spending significant work time on non-productive activities, breaches of data security, confidentiality, and intellectual property rights To be aware of the purpose and nature of any information contained in data files or correspondence and to not exchange information deemed personal or outside the scope of City business Under no circumstances should data ever be transported, which if intercepted, would place the city in violation of any law The content of anything exchanged via Internet access (regardless of its state of encryption) must be appropriate and consistent with Police Department policy, subject to the same restrictions as any other correspondence Any member receiving disk images or programs via the Internet must conduct a virus check on them before executing or distributing them Members granted access to any Internet connected resource shall use that access in a way, which is consistent with their job function, regardless of whether the access is off-hours, or on the member's time. It is the Police Department s policy that the provided resources are not to be used for private or nonofficial use The Internet shall not be used to send (upload) or receive (download) copyrighted materials, trade secrets, proprietary financial information, or similar materials without prior authorization from the Chief of Police or designee For investigative and intelligence purposes, specific authorized members may access Internet sites containing pornography Use of Internet resources provided by or through the Police Department may be subject to monitoring for security and/or network management reasons. Users of these services are therefore advised of this potential monitoring. POWER DATA MANAGEMENT SYSTEMS (DMS) POWER DMS: The New Smyrna Beach Police Department s document management software will be used to meet proof of distribution requirements (sign off sheets). The items distributed will be directives, policies and procedures, revisions, updates and reviews, training, and other information of importance. An event log is recorded from this system on individual employees MANDATORY DMS CHECK IN: All Department members must check, read and sign any documents sent through Power DMS. This shall be done at the beginning of each shift or workday. VOICE MAIL DESIGNATED WORK AREA TELEPHONES: Members of the Police Department have a 7-digit phone extension number that is assigned. This specific phone number is designated through the Department s voice mail system as an individual voice mail. Each member must check his/her individual voice mail and/or employee number at a minimum of once per shift/work day. Electronic Communications Protocol Page 8 of 10

9 CELL PHONES: Members authorized to have issued departmental cell phones shall be required to return all phone messages 30 minutes within receipt, unless otherwise authorized by the Divisional Commanding Officer EXIGENT CIRCUMSTANCES: All Departmental members must have access to a telephone, cell phone, or other facsimile and shall be required to call in, respond to, or return all phone calls received from the Department during a time that the member knows of, or should have known, that a threat of a natural and/or man-made disaster (or other unusual event) that can or will impact the safety or welfare of the citizens of the City of New Smyrna Beach. COMPLIANCE PROCEDURES All users of computers, telephones, or other like equipment owned, leased, purchased outright or through a grant process, by the New Smyrna Beach Police Department are to adhere to this policy and any related security safeguards The Information Technology Manager or designee shall conduct periodic inspections of the Department equipment to ensure compliance with this policy. VIOLATION PENALTIES Any violation of this directive, including but not limited to; failure to abide to check in procedures, misuse of , misuse intra/internet privileges, MCTs, or software/hardware requirements may result in disciplinary action Copyright laws do not preclude the imposition of liability for copyright infringements on governmental agencies and/or their staff. According to Title 17, United States Code, Section 101 et seq., the federal copyright act protects the interests of persons who have developed original works of authorship, including computer software. Illegal reproduction of software can be subject to civil damages and criminal penalties, including fines and imprisonment. LEGAL DISCLAIMER INTRANET The New Smyrna Beach Police Department disclaims all responsibility and accepts no liability (including negligence) for the consequences of any person acting, or refraining from acting, on any information prior to the receipt by those of subsequent written confirmation The following are samples of legal disclaimers, one of which shall be attached to all that is sent from or about the Police Department that is business in nature: ~~Mail is intended for work preparation purposes only. No legal definite promise. This document should only be read by those persons to whom it is addressed and it is not intended to be relied upon by any person without subsequent written confirmation of its contents. ~~Florida has a very broad public records law. Most written communications to or from government employees regarding government business are public records available to the public and media upon request. Your communications may, therefore, be subject to public disclosure. ~~This communication and any attachments may contain privileged information for the sole use of the designated recipients named above. Any unauthorized review; use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply and destroy all copies of the original message. ~~If you have received this message in error, please notify us immediately by telephone. Please also destroy and delete the message from your computer. New Smyrna Beach Police Department, 246 Industrial Park Avenue, New Smyrna Beach, Florida Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e- mail is strictly prohibited. Electronic Communications Protocol Page 9 of 10

10 MB 9/00; LBA; 09/04Lba; 10/16/07lba ;05/23/2008lba/; 6/1/12wad APPROVED: Chief Ronald P. Pagano DATE: 06 / 26 /_12 Written Directive Electronic Communications Protocol Electronic Communications Protocol Page 10 of 10