What is an agency expected to do if the California Highway Patrol (CHP) Computer Crimes Investigations Unit (CCIU) decides to not investigate the incident?
Complete the Agency Information Security Incident Report (SIMM 65C) and submit it to the California Office of Information Security (OIS). The CHP CCIU criteria to investigate are not the same as the criteria to identify an incident and file an incident report with the OIS. These are separate paths. The CHP CCIU may have many reasons for not pursuing a criminal investigation, such as insufficient evidence in which to build a case or an inability to meet a specific dollar threshold. The CHP’s decision not to investigate does not eliminate the requirements for agencies to conduct their administrative investigation, to pursue appropriate administrative remedies and corrective actions, to file a SIMM 65C with the OIS or, if needed, to notify individuals that their personal information was improperly accessed or acquired (see “Notifying Individuals…” below).
Related Questions
- Once an agencys Information Security Officer reports the security incident to the California Highway Patrol (CHP) Emergency Notification and Tactical Alert Center (ENTAC), what happens next?
- What is an agency expected to do if the California Highway Patrol (CHP) Computer Crimes Investigations Unit (CCIU) decides to not investigate the incident?
- What if an agency calls the California Highway Patrol Emergency Notification and Tactical Alert Center and they refuse to take the report?
