Cal. Code Regs. tit. 15 § 3041.3

Current through Register 2024 Notice Reg. No. 49, December 6, 2024
Section 3041.3 - Incarcerated/Supervised Person Access to Computers
(a) Incarcerated persons shall not access any computer outside of their authorized work, Rehabilitative Programs managed by the Division of Rehabilitative Programs (DRP), as defined in section 3000, or as needed for legal research on the Law Library Electronic Delivery System, except as authorized by the department's Information Security Officer (ISO).
(b) Incarcerated persons shall not access any computer connected to a local area network (LAN), or which has any type of direct, outside communication capability, except as approved by the ISO or provided in section 3370(c).
(c) Only those computer programs developed by incarcerated persons that are written in a programming language approved by the ISO shall be authorized for use.
(1) The use of incarcerated persons as programmers and system experts shall be prohibited where there is a risk to the information assets of the department or the public, as determined by the institution head or the ISO. Incarcerated persons shall not be used as programmers or system experts for departmental business applications, systems, and data.
(2) Incarcerated persons assigned to one computer for work, or a Rehabilitative Program managed by DRP shall not be assigned to, or permitted to use, any other computer, except as approved by the ISO.
(d) Areas where incarcerated persons are authorized to work on computers shall be posted as such. Each computer in a facility shall be labeled to indicate whether or not incarcerated persons are authorized access to that computer.
(e) Incarcerated persons shall not access any computer that contains or is capable of accessing sensitive or confidential information or is connected to, other computers containing sensitive or confidential information, except as provided in section 3370(b).
(f) Incarcerated persons shall not use or be informed of any computer password, except when issued by the supervising staff. The supervising staff and not the incarcerated person must always retain the ability to change the password.
(g) Incarcerated persons shall not have access to diskettes or any other electronic storage media, except within an area approved by the institution head.
(h) Incarcerated persons shall not possess a computer as part of their personal property.
(i) Incarcerated persons shall not access or use any computer-based tool or program that is capable of destroying or corrupting stored data, except as provided in sections 3041.3(m) and 3370(c).
(j) Incarcerated persons who have a record of computer fraud or abuse shall not be placed in any work assignment which provides access to a computer and shall be restricted from computer based rehabilitative programs which provide Internet access.
(k) No external communication capabilities; e.g., telephone lines with connectivity outside the facility, data lines, data punch panels, or telephone access punch panels, shall be permitted in any area where incarcerated persons are allowed to access computers, except as approved in writing by the ISO. The local Information Security Coordinator must keep a copy of the written exception on file for post audit.
(l) Incarcerated persons shall not directly access or alter any computer's operating system, except as provided in sections 3041.3(m) and 3370(b), or authorized by the ISO.
(m) Incarcerated person refurbishing of computers shall be permitted only as part of a program that has been approved, and subject to all requirements established, by the institution head and ISO. An unclothed body search shall be conducted on each incarcerated person prior to their exiting any area where a computer refurbishing program exists.
(n) Each parole office shall ensure the security of computers, LANs, and modems or other communication devices used in that office from unauthorized access by supervised persons. The unit supervisor of each parole office shall be responsible for enforcement of this subsection.

Cal. Code Regs. Tit. 15, § 3041.3

Note: Authority cited: Section 5058, Penal Code. Reference: Sections 502 and 502.7, Penal Code.

Note: Authority cited: Section 5058, Penal Code. Reference: Sections 502 and 502.7, Penal Code.

1. New section filed 3-24-99; operative 4-23-99 (Register 99, No. 13).
2. Amendment of section heading and new subsection (n) filed 1-31-2002; operative 3-2-2002 (Register 2002, No. 5).
3. Change without regulatory effect amending subsection (b) filed 5-6-2003 pursuant to section 100, title 1, California Code of Regulations (Register 2003, No. 19).
4. Amendment of subsection (n) filed 12-9-2008; operative 1-8-2009 (Register 2008, No. 50).
5. Amendment of subsections (a), (d)-(f) and (k) filed 11-24-2009; operative 12-24-2009 (Register 2009, No. 48).
6. Amendment of subsections (a) and (c)(2) filed 10-29-2013 as an emergency; operative 10-29-2013 (Register 2013, No. 44). A Certificate of Compliance must be transmitted to OAL by 4-7-2014 or emergency language will be repealed by operation of law on the following day.
7. Certificate of Compliance as to 10-29-2013 order, including amendment of subsections (b) and (j), transmitted to OAL 4-4-2014 and filed 5-14-2014; amendments effective 5/14/2014 pursuant to Government Code section 11343.4(b)(3) (Register 2014, No. 20).
8. Amendment of subsections (a) and (c)(2) filed 2-18-2016 as an emergency; operative 2-18-2016 (Register 2016, No. 8). Pursuant to Penal Code section 5058.3, a Certificate of Compliance must be transmitted to OAL by 7-27-2016 or emergency language will be repealed by operation of law on the following day.
9. Certificate of Compliance as to 2-18-2016 order transmitted to OAL 7-26-2016 and filed 9/6/2016 (Register 2016, No. 37).
10. Amendment of subsections (a) and (c)(2) and amendment of Note filed 4-27-2021 as an emergency; operative 4/27/2021 (Register 2021, No. 18). Emergency expiration extended 60 days (Executive Order N-40-20) plus an additional 60 days (Executive Order N-71-20). A Certificate of Compliance must be transmitted to OAL by 2-1-2022 or emergency language will be repealed by operation of law on the following day.
11. Editorial correction of History 10 (Register 2021, No. 36).
12. Amendment of subsections (a) and (c)(2) and amendment of Note refiled 2-1-2022 as an emergency; operative 2/1/2022 (Register 2022, No. 5). A Certificate of Compliance must be transmitted to OAL by 5-2-2022 or emergency language will be repealed by operation of law on the following day.
13. Amendment of subsections (a) and (c)(2) and amendment of Note refiled 5-2-2022 as an emergency; operative 5/3/2022 (Register 2022, No. 18). A Certificate of Compliance must be transmitted to OAL by 8-1-2022 or emergency language will be repealed by operation of law on the following day.
14. Certificate of Compliance as to 5-2-2022 order transmitted to OAL 7-20-2022 and filed 8/31/2022 (Register 2022, No. 35).
15. Change without regulatory effect amending section heading and section filed 7-1-2024 pursuant to section 100, title 1, California Code of Regulations (Register 2024, No. 27).