As the capabilities of the National Network of Fusion Centers have expanded to accomplish our mission of enhancing public safety and preventing crime and terrorism, we have found that at the heart of this mission is the effective, efficient, ethical, lawful, and professional sharing of intelligence and information. By the nature of our mission, we are called upon to handle large volumes of sensitive information of many kinds and from many sources. It is therefore essential we take all appropriate measures to ensure the confidentiality and security of this information.

Best practices for the storage of this sensitive information include the FBI’s Criminal Justice Information Services (CJIS) Security Policy (current version 5.4, dated 6 October, 2015) which provides the CJIS policy for guidance in the creation, viewing, modification, transmission, dissemination, storage, and destruction of protected law enforcement information during its full lifecycle, whether in transit or at rest. Additionally, ISO/IEC 27018, Code of Practice for personally identifiable information (PII) in public clouds acting as PII processors for those wishing to utilize cloud services is also available. Acquiring systems that let users control their own data through compliance with the National Information Exchange Model (NIEM) is also a best practice.

Taking the necessary steps to ensure all individuals who have access to protected law enforcement information -- contractor, cloud computing service provider, non-criminal justice agency representative, or member of a criminal justice entity – and agreeing to comply with CJIS guidance and NIEM guidelines is critical.

Finally, I recommend a review of current practices, especially with existing contractors, to verify compliance with CJIS guidance and NIEM best practices. By taking these information protection measures, we will be better be able to serve our mission and the public.

News Source: 

Information Sharing Environment Newsletter, Written By: Mike Sena, President of the National Fusion Center Association, 22 Feb 2016