State of Florida
Department of Children and Families
Clear
S
A
ECURITY
GREEMENT
D
C
F
(DCF) E
S
U
FOR
EPARTMENT OF
HILDREN AND
AMILIES
MPLOYEES AND
YSTEMS
SERS
The Department of Children and Families has authorized me:
Name
Employer/Office/Region
To have access to sensitive data using computer-related media (e.g., printed reports, system inquiry, on-
line updates, electronic copies or any photographic or magnetic media).
By my signature below, I acknowledge my understanding a security violation may result in criminal
prosecution according to the provisions of Federal and State statutes and may also result in disciplinary
action against me according to the department’s Standards of Conduct in the Employee Handbook. Also
by signing below, I acknowledge that I have received, read, understand and agree to be bound by the
following:
I understand the Florida Computer Crimes Act, Chapter 815, Florida Statutes, prohibits
individuals from willfully, knowingly, and without authorization from deleting important data, or
accessing, disrupting, denying use, destroying, injuring, or introducing a virus/malware on a
computer, computer system, or computer network, or modifying or destroying computer data,
computer programs, or their supporting documentation. Violations are not acceptable and may
be subject to discipline up to and including separation and/or criminal charges.
I understand Chapter 119.0712, Florida Statutes, provides that all personal identifying
information contained in records relating to an individual’s personal health or eligibility for
health-related services held by the Department of Health is confidential.
I understand Chapter 119.0712, Florida Statutes, provides that personal information contained
in a motor vehicle record is confidential pursuant to the federal Driver’s Privacy Protection Act
(DPPA) of 1994, 18 U.S.C. ss. 2721 et seq. Such information may be released only as authorized
by that act.
I understand that 45 CFR §155.260, Privacy and Security of Personally Identifiable Information,
requires the DCF workforce to comply with all policies and procedures developed and
implemented by DCF to protect the privacy and security of Personally Identifiable Information.
CF 114, 03/07/2018
Page 1 of 19
Original to Human Resources File
State of Florida
Department of Children and Families
Clear
S
A
ECURITY
GREEMENT
D
C
F
(DCF) E
S
U
FOR
EPARTMENT OF
HILDREN AND
AMILIES
MPLOYEES AND
YSTEMS
SERS
The Department of Children and Families has authorized me:
Name
Employer/Office/Region
To have access to sensitive data using computer-related media (e.g., printed reports, system inquiry, on-
line updates, electronic copies or any photographic or magnetic media).
By my signature below, I acknowledge my understanding a security violation may result in criminal
prosecution according to the provisions of Federal and State statutes and may also result in disciplinary
action against me according to the department’s Standards of Conduct in the Employee Handbook. Also
by signing below, I acknowledge that I have received, read, understand and agree to be bound by the
following:
I understand the Florida Computer Crimes Act, Chapter 815, Florida Statutes, prohibits
individuals from willfully, knowingly, and without authorization from deleting important data, or
accessing, disrupting, denying use, destroying, injuring, or introducing a virus/malware on a
computer, computer system, or computer network, or modifying or destroying computer data,
computer programs, or their supporting documentation. Violations are not acceptable and may
be subject to discipline up to and including separation and/or criminal charges.
I understand Chapter 119.0712, Florida Statutes, provides that all personal identifying
information contained in records relating to an individual’s personal health or eligibility for
health-related services held by the Department of Health is confidential.
I understand Chapter 119.0712, Florida Statutes, provides that personal information contained
in a motor vehicle record is confidential pursuant to the federal Driver’s Privacy Protection Act
(DPPA) of 1994, 18 U.S.C. ss. 2721 et seq. Such information may be released only as authorized
by that act.
I understand that 45 CFR §155.260, Privacy and Security of Personally Identifiable Information,
requires the DCF workforce to comply with all policies and procedures developed and
implemented by DCF to protect the privacy and security of Personally Identifiable Information.
CF 114, 03/07/2018
Page 1 of 19
Original to Human Resources File
I understand the penalty provisions of Sections 7431, 7213 and 7213A of the Internal Revenue
Code, which provide civil and criminal penalties for unauthorized inspection or disclosure of
Federal Tax Information.
I understand that Internal Revenue Code 6103(l)(7) provides confidentiality for FTI accessed for
work related to the Social Security Act, the Food Stamp Act of 1977, or USC Title 38 and
disclosure of this information is a confidentiality violation.
I understand that DCF operating procedure CFOP 50-2, Security of Data and Information
Technology Resources, outlines the processes for securely connecting to the department's
network and securely using departmental data and other information technology resources,
including how to report a security event.
I understand it is the policy of DCF that no contract employee shall have access to Internal
Revenue Service tax information or Florida Department of Law Enforcement managed Criminal
Justice Information Security policy covered data
(https://www.fbi.gov/file-repository/cjis-
security-policy-v5_5_20160601-2-1.pdf), unless approved in writing, by name and position to
access specified information, as authorized by regulation and/or statute.
I understand it is the policy of DCF that I do not disclose personal passwords.
I understand it is the policy of DCF that I do not obtain Department information for my own use
or another person’s personal use.
I understand the viewing of employee or client data, even data that is not confidential or
otherwise exempt from disclosure as a public record, without a business need constitutes
misuse of access and is not acceptable and may be subject to discipline up to and including
separation.
I understand the Department of Children and Families will perform regular database queries to
identify possible misuse of access.
I will only access or view information or data for which I am authorized and have a legitimate
business reason to see when performing my job duties. I shall maintain the integrity of all
confidential and sensitive information accessed.
PRIVACY ACT STATEMENT: Disclosure of your social security number is voluntary, but must be provided in order to gain
access to department systems. It is protected information pursuant to Section 282.318, Florida Statutes, the Security of
Data and Information Technology Resources Act. The Department requests social security numbers to ensure secure
access to data systems, prevent unauthorized access to confidential and sensitive information collected and stored by
the Department, and provide a unique identifier in our systems.
Print Employee / System User Name
Signature Employee / System User
Date
Print Supervisor Name
Supervisor Signature
Date
CF 114, 03/07/2018
Page 2 of 19
Original to Human Resources File
A
R
GREEMENT
EFERENCES
F
S
, C
815: C
R
C
LORIDA
TATUTES
HAPTER
OMPUTER
ELATED
RIMES
815.01 Short title.—The provisions of this act shall be known and may be cited as the “Florida Computer Crimes
Act.”
History.—s. 1, ch. 78-92.
815.02 Legislative intent.—The Legislature finds and declares that:
(1) Computer-related crime is a growing problem in government as well as in the private sector.
(2) Computer-related crime occurs at great cost to the public since losses for each incident of computer crime
tend to be far greater than the losses associated with each incident of other white collar crime.
(3) The opportunities for computer-related crimes in financial institutions, government programs, government
records, and other business enterprises through the introduction of fraudulent records into a computer system,
the unauthorized use of computer facilities, the alteration or destruction of computerized information or files, and
the stealing of financial instruments, data, and other assets are great.
(4) The proliferation of new technology has led to the integration of computer systems in most sectors of the
marketplace through the creation of computer networks, greatly extending the reach of computer crime.
(5) While various forms of computer crime might possibly be the subject of criminal charges based on other
provisions of law, it is appropriate and desirable that a supplemental and additional statute be provided which
proscribes various forms of computer abuse.
History.—s. 1, ch. 78-92; s. 2, ch. 2014-208.
815.03 Definitions.—As used in this chapter, unless the context clearly indicates otherwise:
(1) “Access” means to approach, instruct, communicate with, store data in, retrieve data from, or otherwise
make use of any resources of a computer, computer system, or computer network.
(2) “Computer” means an internally programmed, automatic device that performs data processing.
(3) “Computer contaminant” means any set of computer instructions designed to modify, damage, destroy,
record, or transmit information within a computer, computer system, or computer network without the intent or
permission of the owner of the information. The term includes, but is not limited to, a group of computer
instructions, commonly called viruses or worms, which are self-replicating or self-propagating and which are
designed to contaminate other computer programs or computer data; consume computer resources; modify,
destroy, record, or transmit data; or in some other fashion usurp or interfere with the normal operation of the
computer, computer system, or computer network.
(4) “Computer network” means a system that provides a medium for communication between one or more
computer systems or electronic devices, including communication with an input or output device such as a display
terminal, printer, or other electronic equipment that is connected to the computer systems or electronic devices
by physical or wireless telecommunication facilities.
(5) “Computer program or computer software” means a set of instructions or statements and related data which,
when executed in actual or modified form, cause a computer, computer system, or computer network to perform
specified functions.
(6) “Computer services” include, but are not limited to, computer time; data processing or storage functions; or
other uses of a computer, computer system, or computer network.
(7) “Computer system” means a device or collection of devices, including support devices, one or more of which
contain computer programs, electronic instructions, or input data and output data, and which perform functions,
including, but not limited to, logic, arithmetic, data storage, retrieval, communication, or control. The term does
not include calculators that are not programmable and that are not capable of being used in conjunction with
external files.
(8) “Data” means a representation of information, knowledge, facts, concepts, computer software, computer
programs, or instructions. Data may be in any form, in storage media or stored in the memory of the computer, or
in transit or presented on a display device.
(9) “Electronic device” means a device or a portion of a device that is designed for and capable of communicating
across a computer network with other computers or devices for the purpose of transmitting, receiving, or storing
CF 114, 03/07/2018
Page 3 of 19
Original to Human Resources File
data, including, but not limited to, a cellular telephone, tablet, or other portable device designed for and capable
of communicating with or across a computer network and that is actually used for such purpose.
(10) “Financial instrument” means any check, draft, money order, certificate of deposit, letter of credit, bill of
exchange, credit card, or marketable security.
(11) “Intellectual property” means data, including programs.
(12) “Property” means anything of value as defined in s. 812.012 and includes, but is not limited to, financial
instruments, information, including electronically produced data and computer software and programs in
machine-readable or human-readable form, and any other tangible or intangible item of value.
History.—s. 1, ch. 78-92; s. 9, ch. 2001-54; s. 4, ch. 2010-117; s. 3, ch. 2014-208.
815.04 Offenses against intellectual property; public records exemption.—
(1) A person who willfully, knowingly, and without authorization introduces a computer contaminant or modifies
or renders unavailable data, programs, or supporting documentation residing or existing internal or external to a
computer, computer system, computer network, or electronic device commits an offense against intellectual
property.
(2) A person who willfully, knowingly, and without authorization destroys data, programs, or supporting
documentation residing or existing internal or external to a computer, computer system, computer network, or
electronic device commits an offense against intellectual property.
(3) Data, programs, or supporting documentation that is a trade secret as defined in s. 812.081, that is held by an
agency as defined in chapter 119, and that resides or exists internal or external to a computer, computer system,
computer network, or electronic device is confidential and exempt from the provisions of s. 119.07(1) and s. 24(a),
Art. I of the State Constitution. This subsection is subject to the Open Government Sunset Review Act in
accordance with s. 119.15 and shall stand repealed on October 2, 2021, unless reviewed and saved from repeal
through reenactment by the Legislature.
(4) A person who willfully, knowingly, and without authorization discloses or takes data, programs, or supporting
documentation that is a trade secret as defined in s. 812.081 or is confidential as provided by law residing or
existing internal or external to a computer, computer system, computer network, or electronic device commits an
offense against intellectual property.
(5)(a) Except as otherwise provided in this subsection, an offense against intellectual property is a felony of the
third degree, punishable as provided in s. 775.082, s. 775.083, or s. 775.084.
(b) If the offense is committed for the purpose of devising or executing any scheme or artifice to defraud or to
obtain any property, the person commits a felony of the second degree, punishable as provided in s. 775.082, s.
775.083, or s. 775.084.
History.—s. 1, ch. 78-92; s. 1, ch. 94-100; s. 431, ch. 96-406; s. 1, ch. 2014-177; s. 4, ch. 2014-208; s. 5, ch. 2016-5;
s. 20, ch. 2016-6.
815.045 Trade secret information.—The Legislature finds that it is a public necessity that trade secret
information as defined in s. 812.081, and as provided for in s. 815.04(3), be expressly made confidential and
exempt from the public records law because it is a felony to disclose such records. Due to the legal uncertainty as
to whether a public employee would be protected from a felony conviction if otherwise complying with chapter
119, and with s. 24(a), Art. I of the State Constitution, it is imperative that a public records exemption be created.
The Legislature in making disclosure of trade secrets a crime has clearly established the importance attached to
trade secret protection. Disclosing trade secrets in an agency’s possession would negatively impact the business
interests of those providing an agency such trade secrets by damaging them in the marketplace, and those entities
and individuals disclosing such trade secrets would hesitate to cooperate with that agency, which would impair the
effective and efficient administration of governmental functions. Thus, the public and private harm in disclosing
trade secrets significantly outweighs any public benefit derived from disclosure, and the public’s ability to
scrutinize and monitor agency action is not diminished by nondisclosure of trade secrets.
History.—s. 2, ch. 94-100. Note.—Former s. 119.165.
815.06 Offenses against users of computers, computer systems, computer networks, and electronic devices.—
(1) As used in this section, the term “user” means a person with the authority to operate or maintain a computer,
computer system, computer network, or electronic device.
CF 114, 03/07/2018
Page 4 of 19
Original to Human Resources File
(2) A person commits an offense against users of computers, computer systems, computer networks, or
electronic devices if he or she willfully, knowingly, and without authorization:
(a) Accesses or causes to be accessed any computer, computer system, computer network, or electronic device
with knowledge that such access is unauthorized;
(b) Disrupts or denies or causes the denial of the ability to transmit data to or from an authorized user of a
computer, computer system, computer network, or electronic device, which, in whole or in part, is owned by,
under contract to, or operated for, on behalf of, or in conjunction with another;
(c) Destroys, takes, injures, or damages equipment or supplies used or intended to be used in a computer,
computer system, computer network, or electronic device;
(d) Destroys, injures, or damages any computer, computer system, computer network, or electronic device;
(e) Introduces any computer contaminant into any computer, computer system, computer network, or electronic
device; or
(f) Engages in audio or video surveillance of an individual by accessing any inherent feature or component of a
computer, computer system, computer network, or electronic device, including accessing the data or information
of a computer, computer system, computer network, or electronic device that is stored by a third party.
(3)(a) Except as provided in paragraphs (b) and (c), a person who violates subsection (2) commits a felony of the
third degree, punishable as provided in s. 775.082, s. 775.083, or s. 775.084.
(b) A person commits a felony of the second degree, punishable as provided in s. 775.082, s. 775.083, or s.
775.084, if he or she violates subsection (2) and:
1. Damages a computer, computer equipment or supplies, a computer system, or a computer network and the
damage or loss is at least $5,000;
2. Commits the offense for the purpose of devising or executing any scheme or artifice to defraud or obtain
property;
3. Interrupts or impairs a governmental operation or public communication, transportation, or supply of water,
gas, or other public service; or
4. Intentionally interrupts the transmittal of data to or from, or gains unauthorized access to, a computer,
computer system, computer network, or electronic device belonging to any mode of public or private transit, as
defined in s. 341.031.
(c) A person who violates subsection (2) commits a felony of the first degree, punishable as provided in s.
775.082, s. 775.083, or s. 775.084, if the violation:
1. Endangers human life; or
2. Disrupts a computer, computer system, computer network, or electronic device that affects medical
equipment used in the direct administration of medical care or treatment to a person.
(4) A person who willfully, knowingly, and without authorization modifies equipment or supplies used or
intended to be used in a computer, computer system, computer network, or electronic device commits a
misdemeanor of the first degree, punishable as provided in s. 775.082 or s. 775.083.
(5)(a) In addition to any other civil remedy available, the owner or lessee of the computer, computer system,
computer network, computer program, computer equipment or supplies, electronic device, or computer data may
bring a civil action against a person convicted under this section for compensatory damages.
(b) In an action brought under this subsection, the court may award reasonable attorney fees to the prevailing
party.
(6) A computer, computer system, computer network, computer software, computer data, or electronic device
owned by a defendant that is used during the commission of a violation of this section or a computer or electronic
device owned by the defendant that is used as a repository for the storage of software or data obtained in
violation of this section is subject to forfeiture as provided under ss. 932.701-932.704.
(7) This section does not apply to a person who:
(a) Acts pursuant to a search warrant or to an exception to a search warrant authorized by law;
(b) Acts within the scope of his or her lawful employment; or
(c) Performs authorized security operations of a government or business.
(8) For purposes of bringing a civil or criminal action under this section, a person who causes, by any means, the
access to a computer, computer system, computer network, or electronic device in one jurisdiction from another
jurisdiction is deemed to have personally accessed the computer, computer system, computer network, or
electronic device in both jurisdictions.
CF 114, 03/07/2018
Page 5 of 19
Original to Human Resources File
ADVERTISEMENT