HomeMy WebLinkAbout20251072.tiffResolution
Approve User Agreement for Colorado Bureau of Investigation (CBI) -Criminal
Justice Information Service (CJIS) System Access for Non -Criminal Justice Agency
and Authorize Clerk to the Board's Office to Sign
Whereas, the Board of County Commissioners of Weld County, Colorado, pursuant to
Colorado statute and the Weld County Home Rule Charter, is vested with the authority of
administering the affairs of Weld County, Colorado, and
Whereas, the Board has been presented with a User Agreement for the Colorado Bureau
of Investigation (CBI) -Criminal Justice Information Service (CJIS) System Access for a
Non -Criminal Justice Agency between the County of Weld, State of Colorado, by and
through the Board of County Commissioners of Weld County, on behalf of the Clerk to
the Board's Office, and the Colorado Department of Public Safety, Bureau of
Investigation, with further terms and conditions being as stated in said agreement, and
Whereas, after review, the Board deems it advisable to approve said agreement, a copy
of which is attached hereto and incorporated herein by reference.
Now, therefore, be it resolved by the Board of County Commissioners of Weld County,
Colorado, that the User Agreement for the Colorado Bureau of Investigation (CBI) -
Criminal Justice Information Service (CJIS) System Access for a Non -Criminal Justice
Agency between the County of Weld, State of Colorado, by and through the Board of
County Commissioners of Weld County, on behalf of the Clerk to the Board's Office, and
the Colorado Department of Public Safety, Bureau of Investigation, be, and hereby is,
approved.
Be it further resolved by the Board that Chloe A. White, Deputy Clerk to the Board
Supervisor, be, and hereby is, reaffirmed as the Terminal Agency Coordinator (TAC) and
Local Agency Security Officer (LASO), with responsibilities as outlined in said agreement.
Be it further resolved by the Board that Esther E. Gesick, Clerk to the Board, and
Chloe A. White, Deputy Clerk to the Board Supervisor, be, and hereby are, authorized to
sign said agreement.
cc, c-rB (EG/cw), c A (BB/KM)
05 /oq /25
2025-1072
BC0015
User Agreement for Colorado Bureau of Investigation (CBI) -Criminal Justice Information
Service (CJIS) System Access for Non -Criminal Justice Agency
Page 2
The Board of County Commissioners of Weld County, Colorado, approved the above
and foregoing Resolution, on motion duly made and seconded, by the following vote on
the 21st day of April, A.D., 2025:
Perry L. Buck, Chair: Aye
Scott K. James, Pro-Tem: Aye
Jason S. Maxey: Aye
Lynette Peppler: Aye
Kevin D. Ross: Aye
Approved as to Form:
Bruce Barker, County Attorney
Attest:
Esther E. Gesick, Clerk to the Board
2025-1072
BC0015
Clerk to the Board's Office
Phone: (970) 400-4225
1150 O Street
P.O. Box 758
Greeley, Colorado 80632
www.weld.gov
Memorandum
To: Weld County Board of Commissioners
From: Chloe A. White, Deputy Clerk to the Board Supervisor
Date: April 8, 2025
Subject: User Agreement for Colorado Bureau of Investigation (CBI) -Criminal Justice
Information System (CJIS) Systems Access for a Non -Criminal Justice Agency
The Colorado Department of Public Safety, Bureau of Investigation, is requiring the Clerk
to the Board's Office to execute an updated User Agreement for Colorado Bureau of
Investigation (CBI) -Criminal Justice Information System (CJIS) Systems Access for a
Non -Criminal Justice Agency, as a requirement to access the Secure Document Delivery
System (SDDS), which contains Criminal History Record Information (CHRI) generated
from a State and Federal background check. Said results are generated in response to
liquor license applications and used by the Board of County Commissioners and the
Colorado Department of Revenue, Liquor Enforcement Division, to render decisions.
The last User Agreement was executed on August 1, 2022, under Document #2022-2235.
There are no financial obligations of the County, as the costs for said background checks
are the responsibility of the applicants.
Cc,: CAC Mc), cTe, c ea.
oLf i as i a5
2025-1072
5600 15
!COLORADO
Bureau of Investigation
Department of Public Safety
690 Kipling Street, Suite 4000
Denver, CO 80215
User Agreement for CBI-CJIS Systems Access for Non -Criminal Justice Agency
1. Purpose
The purpose of this User Agreement is to outline the responsibilities the Colorado Bureau of
Investigation (CBI) maintains as the operating agency of the Colorado Crime Information Center (CCIC)
Computerized Criminal History database (CCH) and the Secure Document Delivery System (SDDS)
Criminal Justice Information Systems. These systems are collectively referred to as the CBI-CJIS Systems.
The CBI agrees to furnish to the Non -Criminal Justice Agency (NCJA), hereafter called the Agency,
criminal justice information through the CBI-GIS Systems subject to the provisions contained herein.
The scope of this User Agreement also extends to the contribution of fingerprint submissions to the CBI.
1.1. Policy
The CBI is the GIS Systems Agency (CSA) for the State of Colorado. Pursuant to the User Agreement
between the CBI and the Federal Bureau of Investigation (FBI) Criminal Justice Information System (GIS)
Division, the CBI adopts the FBI-GIS policies —including but not limited to the GIS Security Policy —as
the standard for all Colorado GIS systems. Additionally, all operating policies, manuals, and procedures
specific to CCIC and SDDS are incorporated by reference. It is the CBI policy that all data contained
within the CCIC and SDDS computer systems are considered Criminal Justice Information (CJI) and may
only be accessed and/or disseminated as specifically prescribed and authorized by Colorado law.
The CBI maintains and operates the CCIC computer system under shared management pursuant to this
User Agreement. CCIC houses CCH and provides information from NCIC and III. An Account Terminal
Agency Coordinator (TAC) is designated for each Agency, and is responsible for that Agency's use,
security, and personnel who operate GIS systems. All parties will operate in accordance with Colorado
and Federal law; this User Agreement shall be governed, construed, and enforced in accordance with
the laws of the State of Colorado. This User Agreement shall not be amended as any amendment
would require a new version of this agreement produced by the CBI and signed by all parties.
1.2. Governing Standards
The Agency shall access, retain, submit, and destroy all GI following the requirements within the
laws, policies, and manuals listed below and incorporated into this agreement by reference herein.
• Title 28, Code of Federal Regulations, Part 20
• GIS Security Policy
• The National Crime Prevention and Privacy Compact, Title 34 of the United States Code, Chapter
403, Subchapter II
NCJA CJIS Systems User Agreement rev.5.1 10/29/2024 p,
690 Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.state.co.us I A
Jared Polls, Governor I Stan Hilkey, Executive Director
• Security and Management Outsourcing Standard for Non-Channelers (Outsourcing Standard)
• Colorado Open Records Act (CORA)/Colorado Criminal Justice Records Act (CCJRA)
• Any and all Colorado Laws specifically pertaining to the collection and use of fingerprints for and
by the Agency
• CBI Misuse Policy
• Secure Document Delivery System Manual
1.3. Definitions
Agency: A non -criminal justice agency subject to the included standards throughout this agreement
Agency Head: The Chief Executive, or the member of the Agency appointed as the authority
responsible for the operations of the Agency
Agency Personnel: Individuals working for the Agency in any capacity, including employees,
volunteers, vendor support staff, and contract staff
CBI: Colorado Bureau of Investigation
CCIC: Colorado Crime Information Center
CCH: Computerized Criminal History Database
CHRI: Criminal History Record Information, a subset of GI
CIA: Criminal Justice Agency
UI: Criminal Justice Information
CRS: Federal Bureau of Investigation's Criminal Justice Information Services
UIS System: Any computer system containing information derived from CCIC CCH, or the FBI CCH
Compact: The National Crime Prevention and Privacy Compact Act of 1998
Compact Officer The chief administrator of the Colorado criminal history record repository
CORA: Colorado Open Records Act
CSA: GIS Systems Agency
CSA ISO: UIS Systems Agency Information Security Officer. The appointed FBI GIS Division personnel
responsible to coordinate information security efforts at all GIS interface agencies
CSO: GIS Systems Officer
FBI: Federal Bureau of Investigation
Ill: Interstate Identification Index
Individual User: An employee of an NGA with access to GIS information
LASO: Local Agency Security Officer
Live scan: A device or machine used to obtain and/or transmit electronic fingerprint captures
MBIS: Multi-Biometric Identification Solution; the statewide fingerprint repository owned and
maintained by the CBI
NCIC: National Crime Information Center
Operator: An individual user of GIS data with direct access to GIS systems
ORI: Originating Agency Identifier
Outsourcing: Obtaining services to store, access, or support CHRI lawfully obtained by the Agency to
any governmental or non -governmental entity
Outsourcing Standard: The standard for outsourcing agreements as mandated in the national Crime
Prevention and Privacy Compact Council document, "Security and Management Control Outsourcing
Standard for Non-Channelers"
PII: Personally Identifying Information
SDDS: Secure Document Delivery System
SDDS Administrator: The primary point of contact at the Agency for access to the Secure
Document Delivery System
Terminal Agency: An Agency that accesses data derived from the CCIC and NCIC computer systems.
NCJA UIS Systems User Agreement rev.5.1 10/29/2024
690 Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.state.co.us
Jared Polis, Governor I Stan Hilkey, Executive Director
I ci
TAC: Terminal Agency Coordinator
UCR: Uniform Crime Reporting
2. CHRI Limitations
The Agency understands that CHRI has the following limitations:
1. CHRI is defined and has three parts as follows:
a. The arresting agency's name and crime class under which the person was arrested. The arrest data
submitted includes the mandatory field of name, race, sex, and date of birth. All arrests are
accompanied by fingerprints.
b. The charge(s) issued by the prosecutor.
c. The name of the court that tried the case and the ultimate disposition of the case.
2. CHRI and custody information is compiled from information submitted to the CBI from law
enforcement agencies, prosecutors, courts, Department of Mental Health, and Department of
Corrections (hereinafter referred to as contributing agencies). Although the CBI makes reasonable
efforts to ensure all information is submitted as required by law, it is not responsible for omissions
from contributing agencies.
3. Before releasing information on individuals or taking adverse action against an individual listed on the
CHRI, the person in question should be afforded the opportunity to dispute and correct the record.
4. CHRI is constantly being updated as new arrests and other information are entered into the system by
contributing agencies. The record released is only valid as of the date the criminal history record check
was performed.
5. Certain statutes allow for the suppression or deletion of records, and this information is not provided.
6. The CBI retains records for the State of Colorado only. All fingerprinting reasons include a check
through the FBI, which the CBI will request on the Agency's behalf as a normal part of the criminal
history record check.
7. The FBI is required to keep an accurate accounting of the purpose of each disclosure of a criminal
history record. Therefore, fingerprint -based requests for FBI CHRI must include in the Reason for
Fingerprinted (RFP) field, the purpose and/or statutory authority for which the FBI CHRI is to be used
as previously determined by the FBI. When a specific WI, has been designated (i.e., via a CSO/SIB
letter, Public Law 92-544 statutory approval letter, etc.), the provided RFP must be utilized.
8. If CHRI information is received by an agency that is not requested, the agency is responsible for
contacting the CBI. The agency will destroy the records after clarification is made with the CBI.
3. CBI CJIS Systems Agency (CSA) Responsibility
The CBI serves as the Colorado CJIS Systems Agency (CSA). As such, the CBI will provide access to CCIC,
NCIC, and SDDS as lawfully authorized. Furthermore, the CBI will provide operational support including:
1. Legal and legislative review of matters pertaining to GIS systems;
2. Operational, technical, and investigative assistanceto personnel using CJIS systems;
3. Provision of training and materials to the TAC to assist with their respective Agency training
responsibilities;
4. Assistance in investigating and rectifying incomplete, incorrect, or misidentified criminal records
or other files;
5. The CBI is the custodian of CCIC records. Public requests, subpoenas, and other requests for any
CCIC information shall be referred to the CBI for review and response.
6. Approval of outsourcing to private contractors and external governmental agencies (such as
consolidated information technology departments).
NC1A CJIS Systems User Agreement rev.5.1 10/19/2014
690 Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.state.co.us I
1
Jared Polls, Governor I Stan Hilkey, Executive Director
Costs associated with provision of these services will be paid by the CBI through budgeted funds to include
fingerprint fees.
4. Agency Responsibility
The Agency is responsible for providing adequate security and support for CJIS systems access at the
agency. The Agency is ultimately responsible for ensuring all responsibilities listed in this document
are satisfied.
The Agency is responsible for immediately notifying the CBI of any changes in the Colorado State
Statute under which fingerprint background checks are submitted and authority for access to state
and national criminal history information is granted. This includes if the statute is repealed or re-
numbered, changes are made to the statute verbiage or any other changes that affect the Colorado
State Statute in any manner.
The CBI will leverage agency network services, whether dedicated line or Internet service, and assist the
Agency in configuring adequate security using agency -provided software and hardware. Costs associated
with purchasing, maintaining, and securing agency network equipment will be paid by the Agency.
The Agency may assign any of the duties listed above to a single person, or to separate individuals.
Although responsibilities are delegated to one or more individuals, the Agency is ultimately
accountable for ensuring all responsibilities are met.
When a new TAC, LASO, billing contact, and/or Agency Head are designated, the Agency Head will notify
the CBI Compact Officer in writing within ten days of the appointment.
4.1 Key Roles
Each Agency shall appoint personnel to the following roles and allow sufficient resources to perform
all listed duties. The Agency may assign key roles to a single person, or to separate individuals. Once
the CBI has approved outsourcing by the Agency, roles may be assigned to outsourced person
including employees of contractors or external Information Technology departments or divisions.
Although responsibilities are delegated to these roles, the Agency is ultimately accountable for
ensuring all responsibilities are met.
Terminal Agency Coordinator (TAC)
The TAC unifies Agency responsibility for individual user actions and serves as a CBI point of contact for
quality control, dissemination of manuals and other publications, training, audits, and any other matters
concerning the use and misuse of CJIS systems. The TAC provides oversight for all CJIS systems and
programs within the Agency and oversees the Agency's training and compliance with CJIS policies.
NC1A CJIS Systems User Agreement rev.5.1 10/29/2024
690 Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.state.co.us
Jared Polis, Governor I Stan Hilkey, Executive Director
Local Agency Security Officer
The LASO is the primary information security contact between the Agency and the CSA under which this
Agency interfaces with the FBI-CJIS Division. The LASO actively represents their Agency in all matters
pertaining to information security, disseminates information security alerts and other material to their
constituents, maintains information security documentation (including system configuration data), assists
the TAC with information security audits of hardware and procedures, and keeps the CSA informed as to
any information security needs and problems.
SDDS Administrator
The administrator will perform all necessary duties related to the approval of SODS user access and the
security of the information therein.
Billing Contact
Each Agency that submits non -criminal applicant fingerprints for licensing --or employment external
to the criminal justice agency --shall designate a primary point of contact for billing.
4.1.1. TAC Responsibility
The TAC shall:
1. Maintain the most current versions of the GIS Security Policy, Outsourcing Standard, and SDDS
Policies, making them available to the appropriate personnel. The Agency Head and TAC are also
responsible for enforcing the policies contained in these documents;
2. Ensure all staff are provided adequate training for their responsibilities, duties, and degree of GIS
systems access or use;
3. Appropriately manage operator access to GIS systems to include determining appropriate access and
terminating access immediately upon separation of the employee;
4. If the separated employee had to undergo a fingerprint -based background check, alert the CBI that the
separated employee no longer works for the Agency so that the CBI can deflag the employee in CCIC
for subsequent arrest notification purposes;
5. Disseminate essential system -related bulletins as needed to relevant Agency personnel;
6. Report any allegation or findings of misuse of GIS information by Agency personnel to the CBI;
7. Provide information regarding GIS systems use at the local Agency to the CBI as the state CSA. This
responsibility includes, but is not limited to:
a. Detecting, reporting, and cooperatively investigating any unauthorized access ("misuse") of
GIS systems with the CBI immediately;
b. Providing information to the CBI for the purpose of the background investigation regarding
NCJA C11S Systems Uses Agreement rev.5.1 10/19/2014
690 Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.state.co.us
Jared Polis, Governor I Stan Hilkey, Executive Director
I®
each individual user;
c. Providing and maintaining copies of agreements with non -criminal justice agencies and
businesses with access to local agency GI.
8. The TAC assumes all responsibilities ofthe LASO if separate individual has not been appointed with
LASO duties for the Agency.
9. The Agency Head and/orTAC may appoint one or more alternate TACs to assist with one or more of
these duties.
10. The TAC shall be responsible for ensuring adequate CCIC training for operators within the Agency to
include:
a. Providing necessary training for newly hired operators;
b. Ensuring completion of security awareness training once every two years;
c. Maintaining documentation of any and all GIS and fingerprinting training attended.
4.1.2 Local Agency Security Officer (LASO) Responsibility
The LASO shall:
1. Maintain the most current versions of the GIS Security Policy, Outsourcing Standard, and Interface
Control Document, making them available to the appropriate personnel. The Agency Head and LASO
are also responsible for enforcing the policies contained in these documents;
2. Identify who is using the CSA approved hardware, software, and firmware, and ensure no
unauthorized individuals have access to the same;
3. Identify and document how any local agency interface is connected to the state system;
4. Ensure that personnel security screening procedures are being followed as stated in this policy;
5. Ensure the approved and appropriate security measures are in place and operational;
6. Support policy compliance and ensure the GIS Systems Agency Information Security Officer (CSA
ISO) is promptly informed of all security incidents where GI may be affected.
4.1.3 SDDS Administrator Responsibility
The SDDS Administrator shall:
1. Ensure SDDS results are reviewed at least weekly and information to be maintained from SDDS is
downloaded and stored in a secure area or system as defined in the GIS Security Policy.
2. Ensure each individual user of the SDDS is issued unique credentials.
3. Ensure access to the SDDS is terminated when a user no longer requires access, or separates
employment from the Agency.
4.1.4 Billing Contact Responsibility (where applicable)
Where the Agency pays the CBI directly for services, a designated contact will be required to ensure the
CBI and the Agency can communicate regarding any billing related matters.
4.2 Outsourcing
Many agencies contract with external private or public entities, such as County IT departments, or
businesses providing data services, to perform services related to information technology and
operational support.
Prior to outsourcing GIS Services, the Agency shall request and receive written permission from the
NCJA CJIS Systems User Agreement rev.5.1 10/29/1024
690 Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.state.co.us
Jared Polis, Governor I Stan Hilkey, Executive Director
Aiek-
I COPS
CBI Compact Officer as mandated in the Outsourcing Standard, section 2.
4.3 Audit Responsibilities
The CBI wil conduct an audit for each Agency at least once every three years. Additionally, the FBI audit
staff will conduct audits at least once every three years. This audit shall include a sample of non -criminal
justice agencies in Colorado who are authorized recipients of GI. The objective of this compliance audit is
to verify adherence to CBI and FBI policies and regulations.
The Agency is responsible for performing internal audits of outsourced services as mandated in the
Outsourcing Standard.
The TAC is the primary point of contact for audit information. Audit information requested for CBI or FBI
auditing purposes is to be provided in a complete and timely manner. The LASO shall provide technology
security audit information through the TAC.
The CBI wil cover costs to audit any Colorado non -criminal justice agency and/or data center in Colorado
used by these agencies. It is the responsibility of the contracting agency to pay travel and lodging costs
for audits of these facilities (to include data centers where CJI is stored) outside Colorado.
4.4 Personnel Security and Training
Fingerprint -based background checks shall be required by all agency personnel where mandated by
Colorado law. Pursuant to the Outsourcing Standard and the CJIS Security Policy, this will also extend to
contractor personnel performing outsourced services. Contractor personnel shall undergo fingerprint -
based background checks prior to servicing agencies where agency personnel are required to undergo
fingerprint -based background checks. When fingerprinting is required, it is required for all personnel and
contractors with direct, indirect, or incidental access to CJI (including but not limited to janitorial,
maintenance, IT staff, HR staff, and those with direct read/write system access). Access to CJI must be
denied to any personnel or contractor whose background check includes a felony conviction.
Regardless of whether a background check is performed, all personnel are also required to successfully
complete CJIS-specific Security Awareness Training six months after initial assignment and annually
thereafter.
4.5 Operator Access
Operators with direct access shall be trained and successfully obtain user certification within six months
of assignment and shall recertify annually thereafter (this certification includes Security Awareness
Training). The Agency is responsible for actions of Agency personnel using CJIS systems and data derived
from CJIS systems. All systems submitting or receiving CJI or PII shall uniquely identify each user. Any
violation of the policies incorporated in this agreement shall be prohibited by the Agency, including but
not limited to:
• Sharing of user credentials for access to CJIS Systems.
• CJS Access from publicly accessible computers shall be considered a violation of this agreement.
• CJIS access shall be prohibited for individuals using personally owned information systems. The
CBI may provide written approval for agencies that provide a detailed policy for use of personal
NGA GIS Systems User Agreement rev.5.1 10/19/1024
690 Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.state.co.us
Jared Polls, Governor I Stan Hilkey, Executive Director
I COPS
information systems which complies with the standards of the CJIS Security Policy.
Each Agency shall set standards of discipline for violation of GIS policy, and document such standards.
This can include incorporating the management of CJIS policy violations into agency policies for other
disciplinary actions.
4.6 Purpose Code X Queries
When an emergency placement is necessary and a prospective relative or other available person is
identified, and child(ren)/youth are placed into temporary custody by law enforcement and/or the court
with a county department of human or social services, the county department shall conduct an initial
name -based state and federal criminal history record check. To complete the name -based record check,
the county department can contact local law enforcement to conduct the check and receive the results
verbally or the county department can conduct the check themselves if they have access to CCIC/NCIC.
Pursuant to Colorado Revised Statute 19-3-406, fingerprints submitted for emergency placement of a child
shall be submitted within five days of placement of the child, or within 15 days in exigent circumstances
per FBI mandate.
If the child is not placed or fingerprints are not going to be submitted after the name -based criminal
history record check is conducted, the county department shall provide the CBI, upon request, with the
reason fingerprints will not be submitted.
4.7 Electronic Fingerprint Submission
Applicants should be referred to the Colorado Applicant Background Services (CABS) program site for
submission of fingerprint -based background checks.
Agencies electing to maintain their own live scan fingerprint equipment shall meet the following
standards:
1. Each Agency owning, leasing, and/or operating a live scan machine for electronic submission of
fingerprints shall incorporate the technical standards of the CBI live scan Interface Control
Document.
2. Live scan equipment shall be manufactured and/or supported by an FBI and CBI approved vendor.
3. Machines shall meet image quality specifications designated by the CBI and FBI, and be
maintained regularly to sustain that image quality.
4. All civil live scan submissions shall meet the quality standards and specifications mandated for the
Colorado Applicant Background Services and maintain an acceptance rate of 98%.
5. All systems submitting or receiving GI or PII shall uniquely identify each user.
6. Adequate hardware and software support shall be maintained to ensure systems remain patched,
functional, and secure.
4.8 Submitting Duplicate Transactions
Each Agency that submits fingerprints, either electronically or by mail, is responsible for all charges and
fees incurred by such submission. If a fingerprint submission is submitted multiple times and duplicate
charges occur, it is the Agency's responsibility to pay all associated charges and fees resulting from the
duplicate transactions.
NCJA CJIS Systems User Agreement rev.5.1 10/29/2024
690 Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.state.co.us
Jared Polis, Governor I Stan Hilkey, Executive Director
I®
i
•
Duplicate submissions of identical fingerprint submissions for different or multiple state statutes are
not acceptable. A separate set of fingerprints needs to be taken and submitted for each state
statute that mandates a fingerprint -based background check.
If a fingerprint submission is rejected for low quality and a resubmission is necessary, a new set of
fingerprints will need to be taken and submitted. Fingerprints identified as being sent previously
will not be accepted. Such submission is a violation of policy per FBI mandate.
5. Misuse of CHRI and Unauthorized Disclosure
The exchange of the CHRI is subject to cancellation if dissemination is made outside the receiving
departments or related agencies and if CHRI is used for any other reason not stated in the Colorado
codified law or Federal law. Furthermore, depending upon the nature of the offense and the identity of
the offender, federal or state crimes may be charged for the willful, unauthorized disclosure of CHRI.
Misuse of the CHRI can be a misdemeanor or felony depending on the circumstances.
Title 28, U.S.C., Section 534, Pub. L. 92-544 and Title 28, CFR, 20.33(b), provide that the exchange of
records and information is subject to cancellation if dissemination is made outside the receiving
departments or related agencies. Furthermore, depending upon the nature of the offense and the identity
of the offender, federal or state crimes may be charged for the willful, unauthorized disclosure of CHRI.
Depending on the authority to which the CHRI was authorized for dissemination, penalties may differ.
6. Sanctions for Violations
The CBI may sanction the Agency for failure to meet the standards of the policies referenced in this
document.
If a CBI audit identifies policy violations, the CBI will report the findings to the Agency in violation and
request a mitigation plan. Failure to mitigate audit findings will result in sanctions as directed by the CBI
Director, CJIS Systems Officer, and Compact Officer.
The CBI may impose sanctions on individual operators if an operator is found to have used CBI-CJIS
systems in a manner that is against FBI and/or CBI policy, whether for unauthorized access, improper
dissemination, unfounded query, or other use of the system that is not pursuant to state laws. These
sanctions may include corrective training, temporary suspension, or permanent revocation of access.
5. Certification
Once signed, return THE FOLLOWING PAGE ONLY to:
CBI Biometrics Identification and Records Unit
690 Kipling Street, Suite 4000
Denver, Colorado 80215.
Alternatively, this form may be emailed to cdos.cbi.audit@state.co.us
NCJA GIS Systems User Agreement rev.5.1 10/29/2024
690 Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.state.co.us
Jared Polis, Governor I Stan Hilkey, Executive Director
NON -CRIMINAL JUSTICE AGENCY USER AGREEMENT FOR CJIS SYSTEMS ACCESS:
ACKNOWLEDGMENT
As an Agency accessing and contributing to CJIS systems within the state of Colorado, we
hereby acknowledge the responsibilities as set out in this document as well as those documents
incorporated by reference. The Agency also agrees to comply with all state and federal statutes and
regulations as may apply, and to use the information received over CJIS systems only for purposes
specifically authorized by Colorado law.
We acknowledge these responsibilities have been developed and approved by the CBI and/or the FBI in
order to ensure the security, reliability, confidentiality, completeness, and accuracy of all records
contained in or obtained by means of GIS systems.
We acknowledge a failure to comply with these responsibilities will subject the CBI and this Agency to
various sanctions as recommended by the Directors of the CBI and/or the FBI.
The CBI reserves the right to suspend service to the Agency, connected system, or an individual user when
the security or dissemination requirements are violated to preserve the integrity of the system or any data
obtained from the system. The CBI may reinstate service upon receipt of satisfactory assurance that
violation(s) have been corrected. Either the CBI or the Agency may discontinue service upon thirty days'
advance written notice. This agreement shall remain valid until terminated by either CBI or the Agency.
IN WITNESS WHEREOF, the parties hereto caused this agreement to be executed by the proper officers
and officials. This agreement will become effective upon the date signed.
Agency Name: Weld County Clerk to the Board's Office
Account Number(s) starts with CONCJ: 6331
Signature of Agency Head
(existing accounts only — new accounts will be filled in by CBI)
Esther E. Gesick, Clerk to the Board 4/21/2025
Title and Printed Name Date
Chloe A. White, Deputy Clerk to the Board Supervisor 4/21/2025
Signature of Terminal Agency Coordinator (TAC) Title and Printed Name Date
Sl_OIF,ai Chloe A. White, Deputy Clerk to the Board Supervisor 4/21/2025
Signature of Local Agency Security Officer (MO) Title and Printed Name Date
CBI Use Only Below
Signature of CBI Director/Designee
NCJA CJIS Systems User Agreement rev.5.1 10/19/2024
6% Kipling Street Suite 4000, Lakewood, CO 80215 cdpsweb.stateco.us
Jared Polis, Governor I Stan Hilkey, Executive Director
Title and Printed Name Date
I COPS
AY
2015-10-12
User Agreement for CBI-CJIS Systems Access for Non -Criminal Justice Agency
Approved as to Substance:
Elected Official or Department Head
Approved as to Funding:
n /A
Controller or Chief Financial Officer
Approved as to Form:
m,�w cam,
County Attorney or Deputy County Attorney
Hello