Rules governing the use of CCIC and NCIC information are based on the following laws and policies:
- Title 28 of the Code of Federal Regulations (CFR), Part 20
- Title 18 of United States Code (USC), Section 2721
- The FBI-CJIS Security Policy
- CCIC System Misuse Policy for Criminal Justice Agencies
As defined in 28 CFR 20, criminal justice information (CJI) systems, such as CCIC/NCIC, this data can only be accessed or disseminated in support of the administration of criminal justice, which is defined as: "detection, apprehension, detention, pretrial release, posttrial release, prosecution, adjudication, correctional supervision, or rehabilitation of accused persons or criminal offenders. The administration of criminal justice shall include criminal identification activities and the collection, storage, and dissemination of criminal history record information."
The Colorado Bureau of Investigation takes the security of criminal justice information very seriously. Every Colorado criminal justice agency with access to CCIC/NCIC is audited triennially to ensure that information is being accessed properly and for the right reasons, and handled in a secure manner.
If you have knowledge or suspicion of a misuse or mishandling of CCIC/NCIC/CJIS information, please download and complete this Report of Alleged CCIC Misuse form and email it to cdps.cbi.ccic@state.co.us.