CJIS Requirements Clause Samples

CJIS Requirements. The County has electronic access to state and federal databases containing unencrypted and confidential Criminal Justice Information (“CJI”). These databases are managed by the Minnesota Bureau of Criminal Apprehension (“BCA”) which requires that anyone who could have ‘logical and physical access to CJI’ must submit to a fingerprint-based record check (“Covered Individuals”). This includes not only those who actually have authorization to access CJI from their desktop computers, but also includes those who receive the CJI for any reason and those who do not receive CJI but are or could be in the general physical proximity of those who do receive it. This includes both a Contractor’s employees and sub-contractors. Covered Individuals must contact the BCA at ▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇@▇▇▇▇▇.▇▇.▇▇ to complete the vendor screening program. Covered Individuals must complete the program and obtain approval prior to accessing any CJIS data under this Agreement. Additionally, Contractor and all applicable employees and/or subcontractors must be in compliance with all applicable data security rules and regulations. Contractor must maintain an overall understanding and provide the current level of compliance with Federal Bureau of Investigation’s Criminal Justice Information Services (FBI CJIS) Security Policy 5.4, and related security policy(ies) or its successor version(s), including the CJIS Security Addendum, Exhibit 2 and the CJIS Security Addendum Certification, Exhibit 3 as well as the Minnesota Bureau of Criminal Apprehension’s Minnesota Justice Information Services (BCA MNJIS) security requirements outlined in FBI CJIS requirements document(s) and BCA Security Policy 5050, or its successor version(s). Exhibit 2 and Exhibit 3 are attached and made a part of the Agreement.

CJIS Requirements. Customer certifies that it and its Users will comply with the following CJIS requirements: (a) Customer agrees to use training, policy and procedures to ensure Users use proper handling, processing, storing and communication protocols for Customer Data and any Third Party Data; (b) Customer agrees to protect the Service and any Third Party Data by monitoring and auditing staff user activity to ensure that it is only within the purview of system application development, system maintenance and the support roles assigned; (c) Customer will only provide access to the Service and any Third Party Data through Customer-managed role-based access and applied sharing rules configured by Customer; (d) Customer agrees to create and retain activity transaction logs to enable auditing by Peregrine staff, CJIS and any Third Party Data owners; (e) Customer agrees to perform independent employment background screening for its staff at Customer’s own expense; and (f) Customer agrees to reinforce staff policies for creating User accounts with only one Customer domain email address for each User, with exceptions only as granted in writing by ▇▇▇▇▇▇▇▇▇.

CJIS Requirements. (If applicable)

CJIS Requirements. CGA and AWS have agreed that certain requirements of the CJIS Security Policy that pertain to use of the Covered Services will be supported as set forth in this Section 4. For convenience, topics in this section are numbered to conform to the section numbering in the CJIS Security Policy as of the Effective Date (CJIS Security Policy version 5.7, dated August 16, 2018).