Step 5
Rules of Behavior Rules of behavior help


Federal Motor Carrier Safety Administration (FMCSA)

FMCSA IT Systems User

Rules of Behavior

As a user of the Federal Motor Carrier Safety Administration FMCSA IT systems, I understand that I am personally responsible for the use and any misuse of my system account and password. I also understand that by accessing a U.S. Government information system, I must comply with the following requirements:

  1. FMCSA IT systems are authorized for official use only.

  2. FMCSA IT systems may not be used (i) for a purpose that violates any Federal law; (ii) for mass mailings of personal messages/statements; (iii) for commercial purposes, financial gain, or to support "for profit" non-Government activities; or (iv) to engage in any DOT or FMCSA-discrediting activities (e.g., gambling; viewing of adult content). "FMCSA-discrediting activities" also include seeking, transmitting, collecting, or storing defamatory, discriminatory, obscene, harassing, or intimidating messages or materials.

  3. The FMCSA IT systems are the property of the Federal Government and FMCSA owns the data stored in this system.

  4. Non-public Information that was obtained via the FMCSA IT systems may not be divulged outside of authorized channels without the express permission of the owner of that information.

  5. Any activity that violates Federal laws for information protection (e.g., hacking, spamming) is prohibited.

  6. Users must protect all confidential/sensitive and privacy information from disclosure.

  7. Hard copies of confidential/sensitive and privacy information must be shredded and destroyed.

  8. Users of FMCSA IT systems may not communicate FMCSA information to external news groups, bulletin boards, or other public forums.

  9. FMCSA IT system accounts are provided solely for the use of the individual for whom they were created. Passwords or any other authentication mechanisms must never be shared or stored in printed form in any place accessible. If stored digitally, a password must not be stored in a clear-text or a readable format.

  10. FMCSA IT system account passwords must be at least twelve alphanumeric characters in length and contain a combination of 1 uppercase, 1 lowercase, 1 numeric character, and 1 special characters (@, $, #, etc.). Passwords must be changed every 60 days (30 days for Administrator accounts).

  11. Any security problems or password compromises must be reported immediately to the FMCSA Information System Security Manager (ISSM) at

  12. Users of FMCSA IT system using non-FMCSA furnished equipment to access FMCSA IT systems must install and maintain antivirus and anti-spyware tools on said equipment.

  13. You may only send sensitive and privacy information to systems and personnel that have been approved for this level of information. Consult the FMCSA Privacy Officer or ISSM for what is considered "sensitive" and "privacy" information, and what FMCSA IT systems are approved to receive the same.

  14. Users must only use Sensitive Personally Identifiable Information (SPII) on encrypted laptops, mobile devices, and storage media devices. SPII is a subset of PII which if lost, compromised or disclosed without authorization, could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual. (e.g., DoB, SSN, and Driver's License).

  15. I agree to accept any written communication from FMCSA relating to my participation on FMCSA IT systems by electronic mail at the email address(es) I provide to FMCSA. Such electronic communication shall be complete upon its transmission by FMCSA.

I understand that Federal law provides for punishment under Title 18 of the U.S. Code, including a fine and up to 10 years in prison for the first offense for anyone who:

  1. Intentionally accesses a Government information system without authorization, or exceeds authorized access, and obtains information that requires protection against unauthorized disclosure.

  2. Intentionally accesses a Government information system without authorization, or exceeds authorized access, and impacts the Government's operation, including availability of that system.

  3. Intentionally accesses a Government information system without authorization, or exceeds authorized access, and alters, damages, or destroys information therein.

  4. Intentionally accesses a Government information system without authorization, or exceeds authorized access, and obtains anything of value.

  5. Prevents authorized use of a Government information system.

By checking these boxes, I certify that
* I understand and have reviewed the FMCSA Portal Overview Training Materials.

FMCSA logo

Feedback | Privacy Policy | | Freedom of Information Act (FOIA) | Accessibility | OIG Hotline | Web Policies and Important Links | Site Map | Plug-ins

Federal Motor Carrier Safety Administration
1200 New Jersey Avenue SE, Washington, DC 20590 • 1-800-832-5660 • TTY: 1-800-877-8339 • Field Office Contacts

Application Release Date: February 13 2017, 7:00 PM EDT, Version: