CM-2014-603 - 11/21/2014City of Round Rock
T-J��E AS ROCH Agenda Item Summary
Agenda Number:
Title: Consider authorizing a letter of Agreement and Nondisclosure Agreement
for Certified Users of the Regional Notification System provided by the
Capital Area Council Of Govenments (CAPCOG)
Type: City Manager Item
Governing Body: City Manager Approval
Agenda Date: 11/21/2014
Dept Director: Fire Chief David Coatney
Cost:
Indexes:
Attachments: LAF and CAPCOG Letter of Agreement for Notification system
Department: Fire Department
Text of Legislative File CM -2014-603
This is an agreement between CAPCOG and the City of Round Rock, authorizing participation in the CAPCOG
Regional Notification System (RNS). Effective October 1, 2014 the RNS is being funded by the Capital Area
Emergency Communications District (CAECD), so there is no charge to our jurisdiction for participating in the
system. This letter agreement is required of all participating organizations to ensure compliance with the
Policies and Procedures that govern RNS operations (copy attached). The Regional Notification System is
implemented using the Firsti system, a web -based application which uses a combination cf databases,
including the 911 database, to send messages during an emergency.
Staff recommends approval
CilyofRounCRock Page I PtlnNE on 11/30Re14
WK
1•-,.- �a au, u.:x {y r�k rx, '}0
^
3rI
Zr
,.
1
CONTRACT APPROVAL FORM FOR CITY MANAGER ACTION
Required for Submission of Specific City Manager Items
Department Name: Fire Depedment Project Name: Regional Nodficetlon System
Project MgNReaource: David Caatney, His Chlef
x�City Manager Approval
CepePlea Coundl of Govemmanls
CContractor/Vendor;(CAPCOG)
CMA Wording
Consider authorising a boar of Agreement and Nondisclosure Agreement for Certified Users of the Regional Notification System
provided by Na Capital Area Council of Govemments (CAPCOG).
Approval
ElEmployee EE Bowden Date October 28,2014
Capital Area Council of Governments
Regional Notification System (RNS)
Policies & Procedures
Version 3.2—Effective: October 8, 2014
1. PROGRAM BACKGROUND
1.1.The Capital Area Council of Governments (CAPCOG) administers and
maintains a Regional Notification System (RNS) for jurisdictions in the ten
counties (Bastrop, Blanco, Burnet, Caldwell, Fayette, Hays, Lee, Llano, Travis
and Williamson) that comprise the CAPCOG region.
1.2. The CAPCOG Regional Notification System (RNS), originally known as the
CAPCOG Emergency Notification System (ENS), was implemented in 2006
using a combination of federal Homeland Security Grant Program funds and
local assessments.
1.3. The RNS has been implemented using the FirstCallo system, a web -based
application provided under contract with FirstCall Network, Inc., Baton Rouge,
LA. FirstCalle uses a combination of databases, including the 9-1-1 database,
to send messages.
2. PURPOSE
2.1. To outline tasks necessary for efficient and effective operations, including tasks
associated with the transition from the current system to the FirstCall® system,
and to assign responsibility for completion of such tasks.
2.2. To establish operational guidelines for the effective administration and use of
the CAPCOG RNS.
2.3. To provide rules for uniform use of the CAPCOG RNS.
2.4. To provide information for continued quality assurance within the CAPCOG
region.
2.5. To ensure adequate accounting of RNS activity.
3. DEFINITIONS
3.1. Regional Program Administrator (RPA)—A CAPCOG employee responsible
for day-to-day operations of the overall CAPCOG RNS to include system
access privileges, contract maintenance, quality assurance and quality
improvement (CA/Q1), system usage and accounting, and program training.
C M - 2 o w4 -too3
CAPCOG RNS Policies & Procedures
Version 3.2 Adopted by CAPCOG Executive Committee, October 8, 2014
3.1.1. The RPA may designate assistants to aid in the program administration
3.2. Local Program Administrator (LPA)—An employee of a participating
jurisdiction/organization responsible for day to day operations of the RNS
program on the local level to include system access privileges, QA/QI, system
usage and accounting, and program training.
3.2.1. The LPA may designate assistants to aid in the program administration to
include persons assigned to administer subaccounts of the
jurisdiction/organization.
3.2.2. Each participating jurisdiction/organization will provide CAPCOG with the
name and contact information of their LPA and all assistants.
3.2.3. The LPA and assistants will be the points -of -contact for the RPA in the
administration of the CAPCOG RNS.
3.2.4. LPAs and assistants must complete a non -disclosure agreement
regarding the 9-1-1 database.
3.3. Certified User—an individual who has been designated by the LPA to activate
that part of the system that relies on the 9-1-1 database. Certified Users must
have received training on the system and must complete a non -disclosure
agreement regarding the 9-1-1 database. This agreement must be submitted to
CAPCOG before the Certified User is granted access to that portion of the RNS
that utilizes the 9-1-1 database.
3.4. Restricted User—an individual who has been designated by the RPA or LPA
to activate any portion of the CAPCOG RNS that does not rely on the 9-1-1
database.
3.5.9-1-1 Database—the list of telephone numbers and associated names and
addresses that are collected by telephone service providers for use in the 9-1-1
emergency telephone system. State law (Texas Administrative Code, Title 1,
Part 12, Rule §252.13) restricts use of the information in this database to the
"purpose of warning or alerting citizens regarding information in an emergency
situation where property or human life is in jeopardy".
3.6. Open Source Data—the list of names (persons/businesses), addresses, and
phone numbers that are purchased by FirstCall Network, Inc. through open
sources. This data is not subject to the regulations that govern the 9-1-1 data,
and may be used for both emergency and non -emergency notifications. (It may
also include email, SMS, social media, etc.)
3.7. Registrant Data—the list of names (persons/businesses), addresses and
phone numbers of persons that elect to self -register personal information into
the notification database. At the discretion of a participating jurisdiction and with
the approval of the RPA, it may include persons who register for the State of
Texas Emergency Assistance Registry (STEAR) or similar programs. Although
this data is not subject to the regulations that govern the 9-1-1 data, its use is
limited to emergency notifications. (It may also include email, SMS, social
media, etc.)
Page 2 of 6
CAPCOG RNS Policies & Procedures
Version 3.2 Adopted by CAPCOG Executive Committee, October 8, 2014
3.8. User Data—The list of names, addresses, phone numbers and other contact
information for persons who have been identified as having a legitimate role
related to the planning, response, recovery, and mitigation of emergencies or
disasters. This may include information that is considered confidential under
provisions of state law.
4. POLICY
4.1. Acceptable uses of the CAPCOG RNS
4.1.1. The CAPCOG RNS is funded by the Capital Area Emergency
Communications District (CAECD) and its use is restricted to legitimate
governmental activities. Any personal use or use for partisan political activities
is strictly prohibited.
4.1.2. Because the FirstCalle system relies on a variety of databases, its use
has been divided into four tiers:
4.1.2.1. Tier I utilizes the 9-1-1, Open Source, and Registrant databases
for the purpose of "warning or alerting citizens regarding information in
an emergency situation where property or human life is in jeopardy."
Each person that accesses or initiates this level of notification must be a
Certified User.
4.1.2.2. Tier It utilizes the Registrant and User databases to make
notifications to members of the general public and personnel from
participating jurisdictions/organizations related to Homeland Security
activities. Federal and state laws extend this to all types of emergencies,
both man-made and natural.
4.1.2.3. Tier III utilizes the Open Source database to make notifications
for any governmental purpose. NOTE: Tier M notifications must not he
made between the hours of 8:00 PM and 8:00 AM.
4.1.2.4. Tier IV utilizes the User databases to make notifications to
members of the general public and personnel from participating
jurisdictions/organizations for any governmental purpose.
4.2. CAPCOG shall:
4.2.1. Maintain a contractual relationship with FirstCall Networks, Inc., for
operation of the CAPCOG RNS.
4.2.2. Designate the Regional Program Administrator (RPA).
4.2.3. The RPA is responsible for:
4.2.3.1. Providing credentials to the LPAs and validating the list of LPAs
quarterly.
4.2.3.2. Providing or authorizing training for Certified Users.
4.2.3.3. Providing technical and procedural guidance for notification use
and administration.
Page 3 of 6
CAPCOG RNS Policies & Procedures
Version 3.2 Adopted by CAPCOG Executive Committee, October S, 2014
4.2.3.4. Provide training, including course materials, for all LPAs. This
may be accomplished by conducting a Train -the -Trainer course for all or
some of the jurisdictions/organizations.
4.2.3.5. Provide technical and procedural guidance for RNS use and
administration.
4.2.3.6. Maintain administrator privileges on each subaccount created
under the CAPCOG RNS.
4.3. Participating jurisdictions/organizations:
4.3.1. The FirstCall®application is available to any county or city in the
CAPCOG region that has executed an agreement to participate in the CAPCOG
RNS.
4.3.2. Other organizations that actively participate in the emergency
management and emergency response activities of CAPCOG-member
jurisdictions/organizations, including, but not limited to, emergency services
districts, school districts and hospitals are eligible to apply to participate in the
CAPCOG RNS. These organizations must execute an agreement to participate
in the CAPCOG RNS and abide by the provisions of these policies and
procedures.
4.3.3. Each jurisdiction/organization participating in the CAPCOG RNS shall:
4.3.3.1. Designate a Local Program Administrator and assistants, as
needed, to serve as points of contact (POC) for CAPCOG for the
purpose of administering the RNS, and notify CAPCOG immediately
when the designated POC is no longer valid.
4.3.3.2. Assign unique User IN and passwords for every person granted
access to the CAPCOG RNS.
4.3.3.2.1. User IDs and passwords shall be issued only to
employees and/or officials of the participating
jurisdiction/organization.
4.3.3.2.2. User IDs and passwords shall not be shared by other
persons and shall not be written or stored in locations that would
be easily accessible by others.
4.3.3.2.3. In the event a user is no longer authorized to access
and activate the RNS, the RNS credentials shall be terminated
by the participating jurisdiction/organization in accordance with
local policy.
4.3.3.3. Protect the confidentiality of addressing databases and of
information furnished by 9-1-1 database providers, and notify CAPCOG's
Director of Emergency Communications in writing within two business
days of the receipt of a request for addressing databases or information,
to include those made under the Texas Public Information Act.
Page 4 of 6
CAPCOG RN8 Policies & Procedures
Version 3.2 Adopted by CAPCOG Executive Committee, October 8, 2014
Participating jurisdictions/organizations shall not release any information
in response to such requests.
4.3.3.4. Notify the RPA within two business days of an request for
information regarding the data housed in the FirstCall notification
system.
4.3.3.5. Execute an agreement to participate in the system stating that it
will abide by these policies and procedures. This agreement will be for
one year, effective on the date signed by CAPCOG and the organization,
and will be automatically renewed unless cancelled in writing by either
party.
4.4. Each Certified User shall :
4.4.1. Protect the confidentiality of 9-1-1 addressing databases and of
information furnished by 9-1-1 database providers.
4.4.2. Sign and date the Nondisclosure Agreement and submit it to the RPA at
the address indicated on the agreement. This form is available on-line at
hftp://www.capcog.org/divisions/homeland-security/ens-docs/.
5. FUNDING
5.1. The CAECD will fund the following costs of the RNS:
5.1.1. CAPCOG personnel costs associated with operation and maintenance of
the system;
5.1.2. Maintenance costs for system hardware and software; and
5.1.3. Costs of system enhancements.
Page 5 of 6
CAPCOG ENS Policies & Procedures
Version 3.2 Adopted by CAPCOG Executive Committee, October 8, 2014
EXHIBIT 1
RNS NONDISCLOSURE AGREEMENT FOR CERTIFIED USERS
• I, the undersigned, understand the sensitivity and confidentiality of the 9-1-1 database information
that supports the CAPCOG Regional Notification System (RNS). I further realize that the
potential for abuse of the RNS mandates that all Certified Users exercise extreme caution in
granting access to the system, all of its components, and any derivative information or reports
generated by it.
• Access to the FNS and related information is provided solely for the purposes of public safety by
authorized personnel. Any other use is prohibited. Therefore, I agree to take reasonable
precautions to prevent accidental or unauthorized access to the RNS, it's supporting
documentation, related screen names and passwords, and any documents or reports (hardcopy
or electronic) produced by the system.
• Account numbers, User IDs and Personal Identification Numbers (PIN) may not be disclosed to
any third party. I understand and agree that any person requesting access to the System must
contact the Regional Program Administrator or the Local Program Administrator, be trained on
the system and be given their own User IDs and PINS.
• I will not copy, or permit anyone else to copy, any documentation (physical or electronic versions)
of the RNS software or the output images unless the copying is required to support use of the
system or official use archives.
• If I receive a request under the Texas Public Information Act for disclosure of any of the RNS 9-1-
1 database information, I agree not to disclose the information, but instead to notify the Local
Program Administrator (LPA) for my jurisdiction/organization who will follow procedures noted in
Section 4.3.3.3 of the CAPCOG RNS Policies and Procedures.
I certify that I have read and understand this Nondisclosure Agreement
Name (printed) t. U.iay �e 4ciAti, PA_
ClS e l�� 11 oo, /v/
(Signature) (Date)
Please return a signed Nondisclosure Agreement for each Certified User to:
CAPCOG Homeland Security Division
6800 Burleson Road
Building 310, Suite 165
Austin, TX 78744
This form is available on-line at
"http: llwww. capcog. org/Programs/Homeland_Secu rity/ens/default. asp"
Page 6 of 6