Prison Service Order
ORDER
NUMBER0905
/ Operation of the Police National Computer
Date of Issue/
Amendment / Click on Number for link to reference
01/03/1999
Amendments can be tracked in the Numerical Index.
PSI Amendments should be read before and in conjunction with PSO
01/03/99 / PSI 19/1999 Operation of Police National Computer – expired 29/02/2000
PRISON SERVICE ORDER - 0905
POLICE NATIONAL COMPUTER (PNC)
ChapterContents
1Introduction
2Operating Procedures
3Audit Arrangements
4Paper Transactions
5Managing PNC Work
Annexes
AList of prison establishments with a PNC terminal
BPNC Transaction Security Log
CPNC Transaction Audit Log
DPNC Monthly Tracking Certificate
EPNC User Identification Allocation Log
FPNC User Form
GPaper transaction arrangements for establishments without a terminal
HList of staff authorised to request Pre-Convictions from a PNC prison
JRequest for Previous Convictions Form
Chapter 1INTRODUCTION
KEY POINTS
The installation of PNC terminals enables establishments to gain more speedy access to prisoners‘ Pre-Convictions.
Better access to Pre-Convictions, allows local prisons to categorise and allocate prisoners, serving short sentences, who sometimes remain ‘Uncategorised’, because Pre-Convictions are not easily obtainable.
Those establishments that do not have a PNC terminal, can ask a nearby establishment with one, to print and send them a prisoner’s Schedule of Pre-Convictions, via a set procedure.
1.1.1.Police permission to use PNC within prisons is given on the understanding that : (a), only trained staff have access to the terminals (see Chapter 5 for training arrangements); (b), they adhere strictly to the Operating Procedures and Data Protection Arrangements set out in Chapter 2; and (c), they carry out systematic audit to ensure appropriate use of the information on the system (see Chapter 3).
1.1.2.Those establishments that have no PNC terminal can obtain pre-convictions, by post, from those establishments with the facility. Every prison without a terminal has been allocated a PNC prison to deal with. Details of these arrangements and the security procedures which apply to these paper transactions can be found in Chapter 4.
1.1.3.Because of the complex operating and security procedures, PNC establishments need support and guidance from Headquarters. Contact points and a step-by step guide on how to overcome some common problems can be found in Chapter 5.
1.1.4.The installation of PNC terminals is negotiated centrally with the Police. Governors of establishments without terminals must not attempt to obtain one through their local Constabulary, regardless of whether it is intended for use by prison staff or seconded police officers, unless they have first sought authorisation from Security Group.
Chapter 2OPERATING PROCEDURES
KEY POINTS
Governors of establishments with PNC must ensure that their staff comply fully with the rules set out in this chapter.
PNC prisons have ‘read only’ access to the PNC. Enquiries are allowed solely for the purpose of obtaining a list of previous convictions (The Prison Report) on newly-sentenced or remand prisoners., or for the purposes of HDC risk assessments. A log must be kept to record the details of every transaction
Access to the PNC is awarded to named individual users through a single Directly Connected Terminal (DCT). The terminal must not have any external or internal communication interfaces apart from those required to access the PNC.
Each new user will be allocated a User ID and Initial Password, thereafter users are responsible for regularly changing their passwords.
Passwords must not be shared with, or disclosed to, any other person.
User identities and passwords will be disabled if not used in any three month period.
The location in which PNC terminals are housed in establishments, has been agreed with PITO, and must not be altered without prior permission being given by them through Security Group.
Any breach of security must be reported to the nominated establishment IT Security Officer.
2.1References
2.1.1It is mandatory that establishments comply fully with the regulations detailed in this Chapter.Governors, of prisons with PNC, must also ensure that staff comply with the terms and conditions stated in the following documents:
PNC Data Access Agreement
ACPO Code of Practice for Data Protection
ACPO Manual for Data Protection Management
PNC Code of Connection Volume 2
These documents are sent separately to all establishments with PNC terminals.
2.2Location of Terminal
2.2.1Before PNC terminals are installed in prisons, there are visits by staff from Security Group and the Police Information Technology Organization (PITO), to ensure that the proposed location for the terminal is appropriate. The PNC terminal must not be removed from this agreed location.
2.2.2Governors must ensure that only authorised prison staff have access to the area in which the terminal is held. At no time and under no circumstances will prisoners be allowed in the room.
2.3Users and Passwords
2.3.1Only authorised users are allowed access to the PNC terminal. Establishments should have no more than nine users. Each user is provided with a unique user identity. Users are accountable for all transactions performed under their user identity. User identities are allocated by the Police National Computer Directorate at Hendon, and cannot be reallocated to another individual.
2.4Deleting or Disabling User Identities
2.4.1The Data Protection Officer (see Chapter 3) will regularly monitor the establishment user identities and must disable or delete a user identity if the user has not used PNC for three months. A user identity must be deleted if the owner leaves or transfers to a new post. A user identity must be disabled if the owner is on long-term leave or is suspended.
2.4.2New user identities will be disabled if not used after seven days.
2.5.1Passwords
2.5.1The PNC automatically authenticates users logging into an establishment terminal via the password associated with that identity. Only those users with a valid password are able to gain access to the system. For users of PNC transactions passwords must be at least seven characters long and changed at defined intervals not exceeding three months. Passwords will be alpha/numeric.
2.5.2All forms of authentication, whether they are passwords, machine readable cards, authorisation codes or any other device, are unique to an individual and must not be shared with, or disclosed to, any other individual. The user of a particular password, card or other means of authentication is responsible for its safekeeping.
2.5.3Users are responsible for changing their passwords. New users will be given initial passwords by the system administrator at Hendon. On their first login to the system,new users must change this initial password to something known only to themselves. The system itself will prompt this.
2.5.4In the event that a user forgets their password, they must contact Security Group who will arrange for another ‘initial password’ to be issued from Hendon. As far as is possible, such instances should be kept to a minimum.
2.6Designated Use
2.6.1Designated users are authorised to have access to PNC to obtain the ‘The Prison Report’ (previous convictions) on newly sentenced or remand prisoners, or for prisoners subject to risk assessment for HDC.
2.6.2They are responsible for every transaction that takes place in their name. They are also responsible for ensuring that the details of every transaction are recorded on the PNC Transaction Security Log (see Annex B). They are also responsible for ensuring that the terminal is logged off after use, and that no data is captured from PNC onto a user’s own local fixed or removable disk. Disk drives on all PNC terminals installed in prisons have been disabled to help prevent this. The disk-drive must not be re-enabled.
2.6.3Users must ensure that they report any breach of security, without delay, to the establishment IT Security Officer. (Further information on the IT Security Officer is given in Chapter 3).
Chapter 3AUDIT ARRANGEMENTS
KEY POINTS
Each establishment with a PNC terminal must appoint a Data Protection Officer and an IT Security Officer.
The Data Protection Officer is responsible for carrying out weekly audit of transactions made by PNC users, and must complete weekly the PNC Transaction Audit Log.
The IT Security Officer is a more senior member of staff with responsibility for the overall integrity of PNC and the information obtained. The IT Security Officer must complete the PNC Monthly Tracking Certificate.
The IT Security Officer must also ensure that the PNC terminal is used to best effect. There must be effective management to ensure the daily operation of the terminal.
The appropriate operation and supervision of PNC is also subject to external audit by the Standards Audit Unit.
3.1The Need for Audit
3.1.1The information held on PNC is sensitive. Audit procedures ensure that pre-convictions are obtained only for prisoners. Audit also ensures that only authorised users have access to the system. The audit arrangements set out in this chapter have been agreed with the PNC Security Manager at PITO and must be complied with.
3.1.2Governors of establishments with PNC terminals must ensure that staff of appropriate ranks are nominated to fill the roles of Data Protection Officer (DPO) and IT Security Manager.
3.2The Data Protection Officer
3.2.1.Every time a user makes an enquiry on PNC, they must complete the PNC Transaction Security Log. These entries must then be scrutinized weekly by the DPO. This Officer must be a member of staff not below the rank of Executive/Senior Officer (or equivalent). As the Data Protection Officer is acting as auditor of PNC use, he or she will not be given access as a user. They will be authorised to carry out only weekly transaction checks., and monitor use of user identities. The specific responsibilities of the DPO are:
i.carry out random checks on 10% of enquiries made on the PNC each week to ensure that each enquiry is made solely for the purpose of obtaining a list of previous convictions on serving prisoners;
ii.where a discrepancy is found, i.e. the transaction was not made by an authorised user, or if the enquiry was not made for the purpose of obtaining pre-convictions of a serving prisoner, he/she must immediately report this as a breach of security;
iii.the breach of security must be reported to the IT Security Officer immediately it is discovered. In the event that the IT Security Officer is not available the Governor ‘In Charge’ must be told of the breach instead;
iv.recording the details of each check in the PNC Transactions Audit Log (see Annex C);
vensuring that all Prison Reports obtained from the PNC are kept with the prisoner’s Record (F2050);
vireviewing user access rights and removing user status from those staff who no longer regularly use the terminal;
viiensuring that users complete the PNC Transaction Security Log, and that this and the PNC Transaction Audit Log, are kept for three years for inspection;
viiiensuring that the PNC terminal is not removed from the location agreed with PITO, without prior approval.
ixmonitoring site user identities to make sure they are being used - if a user identity has not been used for three months it must be deleted and disabled (see section 2.5)
3.3The IT Security Officer
3.3.1.So that there is another manager in an establishment with more general oversight of PNC use and routine weekly auditing, a senior manager, appointed by the governor, must assume the duties of IT Security Officer. Once again the IT Security Officer will not be able to access PNC as a user, but rather will be authorised only to reset passwords.
3.3.2The responsibilities of the IT Security Officer are:
i.to have oversight of the overall integrity of the PNC terminal and all information obtained from it;
ii.liaise with Security Group and PNC Security Manager at PITO, when necessary;
iii.investigate fully any alleged breaches of security and inform Security Group of them without delay;
iv.ensure that every authorised PNC User signs the PNC User Form (see Annex F);
v.complete, on the last day of every month, the PNC Monthly Tracking Certificate (see Annex D) and forward it to Security Group, Room 637, Abell House, John Islip Street, London, SW1P 4LH. The Certificate will show that the PNC Transaction Security Log, PNC User Form and User Allocation Log, (see Annex E) and the PNC Transaction Audit Log have all been correctly completed and are up to date.
3.3.3The IT Security Officer, as the most senior manager with any involvement with PNC, must also ensure that the terminal is used to its best effect. There must be effective management to ensure the daily operation of the PNC terminal.
3.4External Audit by SAU
3.4.1During Standards Audit Unit inspections of a PNC establishment, an auditor will examine all aspects of PNC operation.
Chapter 4 PAPER TRANSACTIONS
KEY POINTS
It is important that establishments without a PNC terminal, can obtain Schedules of Pre-Convictions quickly for any prisoners they receive who do not arrive with them. The paper transaction system described in detail here, is intended to provide quick access.
Every establishment without a terminal has been allocated an establishment with one. Should they receive a prisoner without a Schedule of Pre-Convictions, they must request them from the PNC prison. A list of PNC prisons and their ‘client establishments’ is set out at Annex G
Training establishments will seldom need to make use of this facility as the overwhelming majority of the prisoners received by them will come with pre-convictions obtained while they were held in local prisons.
In client prisons, only a small number of staff can request pre-convictions from establishments with PNC.
The arrangements detailed below are necessary to ensure that pre-convictions are only requested for bona fide prisoners. They must be strictly adhered to.
4.1Responsibilities of the Client Establishment
4.1.1Governors of establishments without PNC terminals must arrange for the completion of Annex. H, that lists those staff eligible to request pre-convictions, and those staff authorised to countersign the request. This form must be sent to the appropriate PNC establishment. Any change to the list must be immediately communicated to the PNC establishment.
4.1.2.When the client prison receive prisoners for whom pre-convictions are required, a member of staff (listed in Section 1 of Annex H) will obtain a LIDS printout giving the following information:
(a).the prisoners’ full names;
(b).their prison numbers;
(c).their places of abode;
(d).their date s of birth; and
(e).their dates of reception.
4.1.3.The member of staff must then complete two copies of Annex J ‘Request for Previous Convictions’ up to and including Section 5. The forms and the print out must then be passed to a member of staff authorised to countersign the request. The Countersigning Officer must satisfy himself that the requests are being made for bona fide prisoners, and then complete Section 6 on both copies of the form.
4.1.4.One copy of the form and a copy of the LIDS printout, must be retained by the client establishment and stored in the ‘Previous Convictions Pending’ Log. The other copy and the original LIDS printout must be sent to ‘The Phoenix Officer’ at the PNC establishment.
4.1.5In the event of any request for previous convictions not being returned within seven days, the PNC prison must be contacted to enquire: (a), whether the request has been received; and (b), whether pre-convictions have been sent.
4.1.6On receipt of the previous convictions, Section 10 of the returned Annex J must be completed. This completed form, and a list of the names of the prisoners for whom pre-convictions were requested, must then be retained in a log entitled ‘ Previous Convictions Received’. The forms must be kept for audit for at least three (3) years.
4.2Responsibilities of the PNC Establishment
4.2.1On receipt of Annex J from the client prison, the PNC terminal officer must:
(a).check that the Request for Previous Convictions is from a member of staff listed in Annex H;
(b).check that the request has been countersigned by a member of staff listed in Section 2 of Annex H; and
(c).make the required enquiries of PNC in accordance with the PNC Operating Procedures set out in Chapter 2.
4.2.2A PNC enquiry must not be made if:
(a).the members of staff making and authorising the request are not listed on the copy of Annex H being retained by the PNC prison; or if
(b).any item of information about a prisoner is missing.
4.2.3All incomplete requests must be returned to the client establishment without delay.
4.2.4A Senior or Executive Officer must then check the lists of Previous Convictions against the LIDS printout to ensure that they tally. If a Schedule of Pre-Convictions has been printed under an alias, this must be clearly shown in red ink at the top of the list. Under no circumstances should previous convictions on a prisoner, not listed in the LIDS printout, be sent to the client prison.