Prison Service Order Operation of the Police National Computer ORDER NUMBER 0905
Date of Issue/ Click on Number for link to reference Amendment 01/03/1999 Amendments can be tracked in the Numerical Index.
PSI Amendments should be read before and in conjunction with PSO 01/03/99 PSI 19/1999 Operation of Police National Computer – expired 29/02/2000
PRISON SERVICE ORDER - 0905
POLICE NATIONAL COMPUTER (PNC)
Chapter Contents
1 Introduction
2 Operating Procedures
3 Audit Arrangements
4 Paper Transactions
5 Managing PNC Work
Annexes
A List of prison establishments with a PNC terminal
B PNC Transaction Security Log
C PNC Transaction Audit Log
D PNC Monthly Tracking Certificate
E PNC User Identification Allocation Log
F PNC User Form
G Paper transaction arrangements for establishments without a terminal
H List of staff authorised to request Pre-Convictions from a PNC prison
J Request for Previous Convictions Form
Chapter 1 INTRODUCTION
KEY POINTS
The installation of PNC terminals enables establishments to gain more speedy access to prisoners‘ Pre-Convictions.
Better access to Pre-Convictions, allows local prisons to categorise and allocate prisoners, serving short sentences, who sometimes remain ‘Uncategorised’, because Pre-Convictions are not easily obtainable.
Those establishments that do not have a PNC terminal, can ask a nearby establishment with one, to print and send them a prisoner’s Schedule of Pre-Convictions, via a set procedure.
1.1.1. Police permission to use PNC within prisons is given on the understanding that : (a), only trained staff have access to the terminals (see Chapter 5 for training arrangements); (b), they adhere strictly to the Operating Procedures and Data Protection Arrangements set out in Chapter 2; and (c), they carry out systematic audit to ensure appropriate use of the information on the system (see Chapter 3).
1.1.2. Those establishments that have no PNC terminal can obtain pre- convictions, by post, from those establishments with the facility. Every prison without a terminal has been allocated a PNC prison to deal with. Details of these arrangements and the security procedures which apply to these paper transactions can be found in Chapter 4.
1.1.3. Because of the complex operating and security procedures, PNC establishments need support and guidance from Headquarters. Contact points and a step-by step guide on how to overcome some common problems can be found in Chapter 5.
1.1.4. The installation of PNC terminals is negotiated centrally with the Police. Governors of establishments without terminals must not attempt to obtain one through their local Constabulary, regardless of whether it is intended for use by prison staff or seconded police officers, unless they have first sought authorisation from Security Group.
Chapter 2 OPERATING PROCEDURES
KEY POINTS
Governors of establishments with PNC must ensure that their staff comply fully with the rules set out in this chapter.
PNC prisons have ‘read only’ access to the PNC. Enquiries are allowed solely for the purpose of obtaining a list of previous convictions (The Prison Report) on newly-sentenced or remand prisoners., or for the purposes of HDC risk assessments. A log must be kept to record the details of every transaction
Access to the PNC is awarded to named individual users through a single Directly Connected Terminal (DCT). The terminal must not have any external or internal communication interfaces apart from those required to access the PNC.
Each new user will be allocated a User ID and Initial Password, thereafter users are responsible for regularly changing their passwords.
Passwords must not be shared with, or disclosed to, any other person.
User identities and passwords will be disabled if not used in any three month period.
The location in which PNC terminals are housed in establishments, has been agreed with PITO, and must not be altered without prior permission being given by them through Security Group.
Any breach of security must be reported to the nominated establishment IT Security Officer.
2.1 References
2.1.1 It is mandatory that establishments comply fully with the regulations detailed in this Chapter. Governors, of prisons with PNC, must also ensure that staff comply with the terms and conditions stated in the following documents:
PNC Data Access Agreement ACPO Code of Practice for Data Protection ACPO Manual for Data Protection Management PNC Code of Connection Volume 2
These documents are sent separately to all establishments with PNC terminals.
2.2 Location of Terminal
2.2.1 Before PNC terminals are installed in prisons, there are visits by staff from Security Group and the Police Information Technology Organization (PITO), to ensure that the proposed location for the terminal is appropriate. The PNC terminal must not be removed from this agreed location.
2.2.2 Governors must ensure that only authorised prison staff have access to the area in which the terminal is held. At no time and under no circumstances will prisoners be allowed in the room.
2.3 Users and Passwords
2.3.1 Only authorised users are allowed access to the PNC terminal. Establishments should have no more than nine users. Each user is provided with a unique user identity. Users are accountable for all transactions performed under their user identity. User identities are allocated by the Police National Computer Directorate at Hendon, and cannot be reallocated to another individual.
2.4 Deleting or Disabling User Identities
2.4.1 The Data Protection Officer (see Chapter 3) will regularly monitor the establishment user identities and must disable or delete a user identity if the user has not used PNC for three months. A user identity must be deleted if the owner leaves or transfers to a new post. A user identity must be disabled if the owner is on long-term leave or is suspended.
2.4.2 New user identities will be disabled if not used after seven days.
2.5.1 Passwords
2.5.1 The PNC automatically authenticates users logging into an establishment terminal via the password associated with that identity. Only those users with a valid password are able to gain access to the system. For users of PNC transactions passwords must be at least seven characters long and changed at defined intervals not exceeding three months. Passwords will be alpha/numeric.
2.5.2 All forms of authentication, whether they are passwords, machine readable cards, authorisation codes or any other device, are unique to an individual and must not be shared with, or disclosed to, any other individual. The user of a particular password, card or other means of authentication is responsible for its safekeeping.
2.5.3 Users are responsible for changing their passwords. New users will be given initial passwords by the system administrator at Hendon. On their first login to the system, new users must change this initial password to something known only to themselves. The system itself will prompt this.
2.5.4 In the event that a user forgets their password, they must contact Security Group who will arrange for another ‘initial password’ to be issued from Hendon. As far as is possible, such instances should be kept to a minimum.
2.6 Designated Use
2.6.1 Designated users are authorised to have access to PNC to obtain the ‘The Prison Report’ (previous convictions) on newly sentenced or remand prisoners, or for prisoners subject to risk assessment for HDC.
2.6.2 They are responsible for every transaction that takes place in their name. They are also responsible for ensuring that the details of every transaction are recorded on the PNC Transaction Security Log (see Annex B). They are also responsible for ensuring that the terminal is logged off after use, and that no data is captured from PNC onto a user’s own local fixed or removable disk. Disk drives on all PNC terminals installed in prisons have been disabled to help prevent this. The disk-drive must not be re-enabled.
2.6.3 Users must ensure that they report any breach of security, without delay, to the establishment IT Security Officer. (Further information on the IT Security Officer is given in Chapter 3).
Chapter 3 AUDIT ARRANGEMENTS
KEY POINTS
Each establishment with a PNC terminal must appoint a Data Protection Officer and an IT Security Officer.
The Data Protection Officer is responsible for carrying out weekly audit of transactions made by PNC users, and must complete weekly the PNC Transaction Audit Log.
The IT Security Officer is a more senior member of staff with responsibility for the overall integrity of PNC and the information obtained. The IT Security Officer must complete the PNC Monthly Tracking Certificate.
The IT Security Officer must also ensure that the PNC terminal is used to best effect. There must be effective management to ensure the daily operation of the terminal.
The appropriate operation and supervision of PNC is also subject to external audit by the Standards Audit Unit.
3.1 The Need for Audit
3.1.1 The information held on PNC is sensitive. Audit procedures ensure that pre-convictions are obtained only for prisoners. Audit also ensures that only authorised users have access to the system. The audit arrangements set out in this chapter have been agreed with the PNC Security Manager at PITO and must be complied with.
3.1.2 Governors of establishments with PNC terminals must ensure that staff of appropriate ranks are nominated to fill the roles of Data Protection Officer (DPO) and IT Security Manager.
3.2 The Data Protection Officer
3.2.1. Every time a user makes an enquiry on PNC, they must complete the PNC Transaction Security Log. These entries must then be scrutinized weekly by the DPO. This Officer must be a member of staff not below the rank of Executive/Senior Officer (or equivalent). As the Data Protection Officer is acting as auditor of PNC use, he or she will not be given access as a user. They will be authorised to carry out only weekly transaction checks., and monitor use of user identities. The specific responsibilities of the DPO are: i. carry out random checks on 10% of enquiries made on the PNC each week to ensure that each enquiry is made solely for the purpose of obtaining a list of previous convictions on serving prisoners; ii. where a discrepancy is found, i.e. the transaction was not made by an authorised user, or if the enquiry was not made for the purpose of obtaining pre-convictions of a serving prisoner, he/she must immediately report this as a breach of security; iii. the breach of security must be reported to the IT Security Officer immediately it is discovered. In the event that the IT Security Officer is not available the Governor ‘In Charge’ must be told of the breach instead; iv. recording the details of each check in the PNC Transactions Audit Log (see Annex C); v ensuring that all Prison Reports obtained from the PNC are kept with the prisoner’s Record (F2050); vi reviewing user access rights and removing user status from those staff who no longer regularly use the terminal; vii ensuring that users complete the PNC Transaction Security Log, and that this and the PNC Transaction Audit Log, are kept for three years for inspection; viii ensuring that the PNC terminal is not removed from the location agreed with PITO, without prior approval. ix monitoring site user identities to make sure they are being used - if a user identity has not been used for three months it must be deleted and disabled (see section 2.5)
3.3 The IT Security Officer
3.3.1. So that there is another manager in an establishment with more general oversight of PNC use and routine weekly auditing, a senior manager, appointed by the governor, must assume the duties of IT Security Officer. Once again the IT Security Officer will not be able to access PNC as a user, but rather will be authorised only to reset passwords.
3.3.2 The responsibilities of the IT Security Officer are: i. to have oversight of the overall integrity of the PNC terminal and all information obtained from it; ii. liaise with Security Group and PNC Security Manager at PITO, when necessary; iii. investigate fully any alleged breaches of security and inform Security Group of them without delay; iv. ensure that every authorised PNC User signs the PNC User Form (see Annex F); v. complete, on the last day of every month, the PNC Monthly Tracking Certificate (see Annex D) and forward it to Security Group, Room 637, Abell House, John Islip Street, London, SW1P 4LH. The Certificate will show that the PNC Transaction Security Log, PNC User Form and User Allocation Log, (see Annex E) and the PNC Transaction Audit Log have all been correctly completed and are up to date.
3.3.3 The IT Security Officer, as the most senior manager with any involvement with PNC, must also ensure that the terminal is used to its best effect. There must be effective management to ensure the daily operation of the PNC terminal.
3.4 External Audit by SAU
3.4.1 During Standards Audit Unit inspections of a PNC establishment, an auditor will examine all aspects of PNC operation.
Chapter 4 PAPER TRANSACTIONS
KEY POINTS
It is important that establishments without a PNC terminal, can obtain Schedules of Pre-Convictions quickly for any prisoners they receive who do not arrive with them. The paper transaction system described in detail here, is intended to provide quick access.
Every establishment without a terminal has been allocated an establishment with one. Should they receive a prisoner without a Schedule of Pre-Convictions, they must request them from the PNC prison. A list of PNC prisons and their ‘client establishments’ is set out at Annex G
Training establishments will seldom need to make use of this facility as the overwhelming majority of the prisoners received by them will come with pre-convictions obtained while they were held in local prisons.
In client prisons, only a small number of staff can request pre- convictions from establishments with PNC.
The arrangements detailed below are necessary to ensure that pre- convictions are only requested for bona fide prisoners. They must be strictly adhered to.
4.1 Responsibilities of the Client Establishment
4.1.1 Governors of establishments without PNC terminals must arrange for the completion of Annex. H, that lists those staff eligible to request pre-convictions, and those staff authorised to countersign the request. This form must be sent to the appropriate PNC establishment. Any change to the list must be immediately communicated to the PNC establishment.
4.1.2. When the client prison receive prisoners for whom pre-convictions are required, a member of staff (listed in Section 1 of Annex H) will obtain a LIDS printout giving the following information:
(a). the prisoners’ full names; (b). their prison numbers; (c). their places of abode; (d). their date s of birth; and (e). their dates of reception.
4.1.3. The member of staff must then complete two copies of Annex J ‘Request for Previous Convictions’ up to and including Section 5. The forms and the print out must then be passed to a member of staff authorised to countersign the request. The Countersigning Officer must satisfy himself that the requests are being made for bona fide prisoners, and then complete Section 6 on both copies of the form.
4.1.4. One copy of the form and a copy of the LIDS printout, must be retained by the client establishment and stored in the ‘Previous Convictions Pending’ Log. The other copy and the original LIDS printout must be sent to ‘The Phoenix Officer’ at the PNC establishment.
4.1.5 In the event of any request for previous convictions not being returned within seven days, the PNC prison must be contacted to enquire: (a), whether the request has been received; and (b), whether pre-convictions have been sent.
4.1.6 On receipt of the previous convictions, Section 10 of the returned Annex J must be completed. This completed form, and a list of the names of the prisoners for whom pre-convictions were requested, must then be retained in a log entitled ‘ Previous Convictions Received’. The forms must be kept for audit for at least three (3) years.
4.2 Responsibilities of the PNC Establishment
4.2.1 On receipt of Annex J from the client prison, the PNC terminal officer must:
(a). check that the Request for Previous Convictions is from a member of staff listed in Annex H; (b). check that the request has been countersigned by a member of staff listed in Section 2 of Annex H; and (c). make the required enquiries of PNC in accordance with the PNC Operating Procedures set out in Chapter 2.
4.2.2 A PNC enquiry must not be made if:
(a). the members of staff making and authorising the request are not listed on the copy of Annex H being retained by the PNC prison; or if (b). any item of information about a prisoner is missing.
4.2.3 All incomplete requests must be returned to the client establishment without delay.
4.2.4 A Senior or Executive Officer must then check the lists of Previous Convictions against the LIDS printout to ensure that they tally. If a Schedule of Pre-Convictions has been printed under an alias, this must be clearly shown in red ink at the top of the list. Under no circumstances should previous convictions on a prisoner, not listed in the LIDS printout, be sent to the client prison.
4.2.5 Sections 7,8, and 9 of the original Annex J must then be completed and photo-copied. The copy must be attached to the previous convictions, and sent in double cover envelope to the Phoenix Officer at the client establishment.
4.2.6 The original copy of Annex J and the LIDS printout must be retained by the PNC prison and filed in a log entitled ‘ Client Establishment Name PNC Requests’. Records must be kept for audit for at least three (3) years.
4.2.7 When PNC transactions undertaken on behalf of a client gaol are entered into the PNC Transaction Security Log, a note must be made of which establishment they were for.
Chapter 5 MANAGING PNC WORK
KEY POINTS
The IT Security Officer (the senior manager with oversight of PNC use) must ensure that there is a member of staff available to operate PNC every day.
The IT Security Officer must ensure that there are : adequate numbers of staff trained in the use of PNC; that the mix of staff trained is suitable to the establishment’s needs; and that any faults with the PNC hardware and software are reported quickly.
Training arrangements and a list of authorities to be contacted in the case of hardware/software faults, are set out in this chapter.
5.1. Training
5.1.1 Initial training is funded centrally by Security Group. The costs of training new operators, as replacements for the original staff, must thereafter be met by establishments. IT Security Officers should keep replacement training to a minimum by preventing the depletion of the number of PNC- trained staff they have. Training should be arranged through Security Group.
5.1.2 Establishments must not train their own staff.
5.1.3 Establishments must train enough staff to cover PNC tasks. But the number must be limited; the training of too many staff constitutes a security threat.
5.2 Faults and Contact Points
5.2.1 Detailed below is a list of common faults and the names of the companies or individuals that must be contacted in each case.
Fault/ Query Contact
PNC User has forgotten password Security Group (0171 217 5889) and needs another
Queries about the use to which PNC As above can be put
Requests for training or new User Ids As above
Printer not working Sema Helpdesk (0121 788 4019)
Personal computer failure Sema Helpdesk (0121 788 4019)
Problem with data line to PNC Cable and Wireless
Problem with the software package Sanderson Insight for accessing PNC
Queries about the PNC and Phoenix Hendon Data Centre. (0181 200 3200) application (‘#NX’)
Annex A
LIST OF ESTABLISHMENTS WITH A PNC TERMINAL
1. Altcourse 2. Bedford 3. Belmarsh 4. Blakenhurst 5. Birmingham 6. Brinsford 7. Bristol 8. Brixton 9. Cardiff 10. Chelmsford 11. Durham 12. Doncaster 13. Elmley 14. Exeter 15. Feltham 16. Glen Parva 17. High Down 18. Hindley 19. Holloway 20. Holme House 21. Hull 22. Lancaster Farms 23. Leeds 24. Leicester 25. Lewes 26. Lincoln 27. Liverpool 28. Manchester 29. Norwich 30. Parc 31. Pentonville 32. Preston 33. Risley 34. Swansea 35. Wandsworth 36. Winchester 37. Woodhill 38. Wormwood Scrubs Annex B PNC Transaction Security Log
Details of each transaction must be completed by the person making the enquiry
1 Name of PNC user
2 Tick to confirm that PNC record of the date and time that you last accessed the system matches the actual date and time
3 Prisoners Name
4 Prisoners Number
5 Date of enquiry
6 Time of enquiry
7 PNC transaction number Was a PNC printout obtained 8 (YES or NO)
1 Name of PNC user
2 Tick to confirm that PNC record of the date and time that you last accessed the system matches the actual date and time
3 Prisoners Name
4 Prisoners Number
5 Date of enquiry
6 Time of enquiry
7 PNC transaction number Was a PNC printout obtained 8 (YES or NO)
Annex C PNC Transaction Audit Log
The data protection officer must check the records of 10% of the PNC enquiries each week.
Date Time Transaction Were the Signature of PNC PNC numbers of the enquiries Data enquiries enquiries enquiries that were for Protection were were checked legitimate Officer checked checked reasons
The enquiries must be traced back to the originator and checked that they were for newly sentenced or remand prisoners.
Annex D
HMP……………………………………………………
PNC Monthly Tracking Certificate
I have examined the following PNC logs and confirm that I am satisfied that the security procedures are being followed in accordance with the PNC Security Policy for this Establishment.
PNC Transaction Security Logs
PNC Transaction Audit Logs
PNC User Identification Allocation Tags
PNC User Form
Signature………………………………………………
Name…………………………………………………...
Date…………………………………………………….
This form must be completed by the IT Security Officer on the last day of each month and returned to:
Phoenix Prison Security Group Room 637 Abell House John Islip Street London SW1P 4LH Annex E
PNC User Identification Allocation Log The IT Security Officer must record details below of all PNC user Identifications, including those which have been allocated to new users. Name of PNC User Reason for Date Signature of PNC PNC User Identification Change Security officer
Annex F
PNC User Form I understand and accept that, in order to log onto the PNC, I must be an authorised user, be in possession of a PNC user id that is unique to me, and have a reason governed in my current job function. I also understand and accept that I may only access those PNC transactions to which I have been authorised, use the transactions for a legitimate, business/policing purpose, and use any knowledge obtained for authorised business/policing purposes only.
I have read and agree to abide by the HMP PNC Operating Procedures.
Name Signature Date
Annex G
PAPER TRANSACTION ARRANGEMENTS FOR ESTABLISHMENTS WITHOUT A TERMINAL. PNC PRISON CLIENT ESTABLISHMENTS
Altcourse -
Bedford Littlehey, Wellingborough,Onley
Belmarsh -
Blakenhurst - Birmingham Bullingdon
Brinsford Featherstone, Strafford,Shrewsbury
Bristol Dartmoor, Gloucester, Shepton Mallet, Leyhill Brixton Maidstone ,Rochester
CardiffEastwood Park, Channings Wood, Pucklechurch Chelmsford Bullwood Hall,Hollesley Bay, Highpoint
Durham Frankland, Acklington, Castington, Low Newton. Doncaster -
Elmley Canterbury, Swaleside,Stanford Hill, Cookham Wood, East Sutton Park. ExeterWeare, Portland, the Verne, Erlestoke
Feltham Coldingley, Send, Dover
Glen Parva Gartree, Hewell Grange, Brockhill
High Down Downview, Latchmere House
Hindley Agecroft, Drake Hall, Askham Grange
Holloway Blantyre House
Holme House Northallerton, Deerbolt, Kirklevington
Hull Wolds, Everthorpe, Wealstun
Lancaster Farms Lancaster, Haverigg
Leeds New Hall, Wakefield, Full Sutton Leicester Stocken, Ashwell, Swinfen Hall, Nottinham Lewes Parkhurst, Albany Camphill
Lincoln Ranby, Whatton, Morton Hall, Lowdham Liverpool ` Kirkham, Foston, Hall, Hatfield
Manchester Styal, Wetherby, Lindholme, Moorland
Norwich Wayland, Whitemoor, Bludeston, NSC
Parc -
Pentonville The Mount, Huntercombe, Reading
Preston Garth, Buckley Hall, Wymott
Risley Thorne Cross, Stoke Heath, Sudbury, Risley Swansea Usk/Prescoed, Long Lartin
Wandsworth Kingston, Haslar, Aldington
Winchester Dorchester, Guys Marsh, Ford
Woodhill Grendon, Spring Hill, Aylesbury
Wormwood Scrubbs -
Annex H
Section 1 List of staff authorised to request Previous Convictions
Date Full Name Signature Date removed from list
Section 2 List of staff authorised to countersign requests for Previous Convictions
Date Full Name Signature Date removed from list
Annex J
Request for Previous Convictions
Requesting Prison HMP…………………………………………………...
Phoenix Terminal Prison HMP…………………………………………………...
Date …………………………………………………………
Number of Prisoners on whom Pre-cons are required
………………………………………………… ……
Member of staff requesting information
Print name ………………………………………………………
Signature ……………………………………………………...
Member of staff countersigning request
Print name ………………………………………………………
Signature ……………………………………………………...
Member of staff who accessed Phoenix
Print name ………………………………………………………
Signature ……………………………………………………...
Member of staff who checked list of Previous Convictions
Print name ………………………………………………………
Signature ……………………………………………………...
+ Date Pre-cons despatched by Phoenix Terminal Prison ……………………..
10. * Date Pre-cons received by requesting prison …………………………………
+ To be completed on copy retained by Phoenix Terminal Prison * To be completed on copy retained by receiving prison
(A copy of this form is to be attached to each batch of requests for pre-cons) 1.