Section .0400 – Use And Access Requirements For Criminal History Record Information, Nics Information, And N-Dex Information

Link to law: http://reports.oah.state.nc.us/ncac/title 14b - public safety/chapter 18 - division of criminal information/subchapter b/14b ncac 18b .0401.html
Published: 2015

Subscribe to a Global-Regulation Premium Membership Today!

Key Benefits:

Subscribe Now
SECTION .0400 – USE AND ACCESS REQUIREMENTS FOR CRIMINAL

HISTORY RECORD INFORMATION, NICS INFORMATION, AND N-DEX INFORMATION

 

14B NCAC 18B .0401       DISSEMINATION and Logging OF CHRI and NICS

RECORDS

(a)  Criminal history record information (CHRI) obtained

from or through DCIN, NCIC, N-DEx, or Nlets shall not be disseminated to anyone

outside of those agencies eligible under 14B NCAC 18A .0201(a) except as

provided by Rules .0403, .0405, .0406, and .0409 of this Section.  Any agency

assigned a limited access ORI shall not obtain CHRI. Any agency requesting CHRI

that has not received an ORI pursuant to 14B NCAC 18A .0201(a) shall be denied

access and referred to the North Carolina CSO.

(b)  CHRI is available to eligible agency personnel only on

a "need-to-know" basis as defined in 12 NCAC 04H .0104.

(c)  The use or dissemination of CHRI obtained through DCIN

or N-DEx for unauthorized purposes is a violation of this Rule.

(d)  CIIS shall maintain an automated log of

CCH/CHRI/National Instant Criminal Background Check System (NICS) inquiries for

a period of not less than one year from the date of inquiry.  The automated log

shall contain the following information as supplied by the user on the inquiry

screen and shall be made available on-line to the inquiring agency;

(1)           date of inquiry;

(2)           name of record subject;

(3)           state identification number (SID) or FBI

number of the record subject;

(4)           message key used to obtain information;

(5)           purpose code;

(6)           user's initials;

(7)           (Attention field) name of person and agency

requesting information who is the initial user of the record;

(8)           (Attention 2 field) name of person and

agency requesting information who is outside of the initial user agency.  If there

is not a second individual receiving the information, information indicating

why the information is requested may be placed in this field; and

(9)           if applicable, NICS Transaction Number

(NTN) for NICS logs only.

(e)  Criminal justice agencies making secondary

disseminations of CCH, CHRI, N-DEx, or NICS information obtained through DCIN

shall maintain a log of the dissemination in a case.  This log must identify

the name of the recipient and their agency.

(f)  Each criminal justice agency obtaining CHRI through a

DCIN device shall conduct an audit of their automated CCH log as provided by

DCIN once every month for the previous month.  The audit shall take place

within 15 business days of the end of the month being reviewed.  This audit

shall include a review for unauthorized inquiries and disseminations, improper

use of agency ORI's, agency names, and purpose codes.  These logs must be

maintained on file for one year from the date of the inquiry, and may be

maintained electronically by the criminal justice agency. Any violation of CIIS

rules must be reported by an agency representative to CIIS within 20 business

days of the end of the month being reviewed.  On those months that do not

contain 20 business days, any violations of CIIS rules must be reported by an

agency representative to CIIS by the first business day of the following month,

at the latest. If an agency does not have a device connected to DCIN that can

receive CHRI, this audit is not required.

(g)  Each criminal justice agency obtaining information from

NICS or N-DEx shall conduct the same monthly audit as those for CHRI logs.  The

audit shall take place within 15 business days of the end of the month being

reviewed. This audit shall include a review for unauthorized inquiries or

disseminations and improper use of purpose codes. These logs must be maintained

on file for one year from the date of inquiry, and may be maintained

electronically by the criminal justice agency. Any violation of CIIS rules must

be reported by an agency representative to CIIS within 20 business days of the

end of the month being reviewed.  On those months that do not contain 20

business days, any violations of CIIS rules must be reported by an agency

representative to CIIS by the first business day of the following month, at the

latest.

(h)  DCIN automated CCH logs, automated NICS logs, and any

secondary dissemination logs shall be available for audit or inspection by the

CSO or his designee as provided in 14B NCAC 18B .0801.

(i)  Out of state agencies requesting a statewide criminal

record check shall utilize NCIC.

 

History Note:        Authority G.S. 114-10; 114-10.1;

Eff. August 1, 2014;

Transferred and Recodified from 12 NCAC 04I .0401 Eff.

November 1, 2015.