CJIS Media Protection When a Stanislaus County Dispatch Center Refreshes Its MDTs — Datapath managed IT, cybersecurity, and compliance
Back to Blog
GOVERNMENT Insights Published June 15, 2026 Updated June 15, 2026 4 min read

CJIS Media Protection When a Stanislaus County Dispatch Center Refreshes Its MDTs

When a Stanislaus County dispatch center refreshes the mobile data terminals in its patrol fleet, CJIS media protection means every old drive that ever touch…

Dan J Sturdivant, Vice President at Datapath

By

Dan J Sturdivant

Vice President

CaliforniaCentral ValleyIrvine

Quick summary

  • When a Stanislaus County dispatch center refreshes the mobile data terminals in its patrol fleet, CJIS media protection means every old drive that ever touched criminal justice information is sanitized or destroyed to an auditable standard, and every new terminal is encrypted and access-controlled before it carries a single record.
  • What does CJIS media protection actually require when a dispatch center swaps its mobile data terminals?
  • When a Stanislaus County dispatch center refreshes the mobile data terminals in its patrol fleet, CJIS media protection means every old drive that ever touched criminal justice inf

What does CJIS media protection actually require when a dispatch center swaps its mobile data terminals?

When a Stanislaus County dispatch center refreshes the mobile data terminals in its patrol fleet, CJIS media protection means every old drive that ever touched criminal justice information is sanitized or destroyed to an auditable standard, and every new terminal is encrypted and access-controlled before it carries a single record. The refresh is not an IT logistics project. It is a chain-of-custody event, and the audit trail you keep is the difference between a clean assessment and a finding.

We work with public safety teams across the Central Valley, and the MDT refresh is where good intentions quietly fail. A county replaces forty terminals, the old units go into a closet, and eight months later nobody can prove what happened to the drives that held dispatch logs, plate reads, and query results. That gap is exactly what an auditor looks for.

Why the dispatch MDT is a harder case than a back-office laptop

A mobile data terminal in a patrol vehicle is a moving endpoint on a hostile network. It authenticates over cellular, it caches data so a deputy is not stranded when coverage drops, and it is physically exposed in a vehicle that gets shared across shifts. Compare that to a finance laptop in an Irvine office and the threat model is not close.

That mobility changes three things during a refresh:

  • Cached criminal justice information persists on local storage, so a terminal that looks “wiped” at the UI level can still hold recoverable records.
  • Shared-shift use means many user identities touched one device, so access logging has to survive the hardware swap.
  • Advanced authentication has to be re-established per device, not assumed to carry over from the old fleet.

A media-protection workflow that survives an audit

Here is the sequence we run with a county dispatch team so the refresh produces evidence, not risk.

  1. Inventory every outgoing terminal against the asset register before anything is unplugged. If a unit is missing, that becomes an incident now, not a surprise later.
  2. Sanitize or destroy each storage device to a defensible standard, and record the method, the serial number, the date, and the person who performed it.
  3. Issue a certificate of destruction for drives that are physically destroyed, and keep it with the asset record.
  4. Image and harden each new terminal with full-disk encryption enabled before deployment, not after.
  5. Re-enroll advanced authentication for each deputy and confirm logging flows to the central store.
  6. Reconcile the final inventory so the count of destroyed, redeployed, and retired units matches the register exactly.

The discipline that matters is the recordkeeping. An assessor rarely doubts that you can wipe a drive. They doubt that you can prove you did, for a specific serial number, on a specific date.

Where most Central Valley agencies get stuck

Smaller agencies in Modesto, Ceres, and the surrounding county do not have a dedicated evidence-handling team for IT assets. The same two people run the help desk, the network, and the refresh. When a refresh lands in the same month as a grant deadline or a CAD upgrade, media protection is the corner that gets cut because it is invisible until audit season.

This is the operating reality we built our public-sector managed IT work around: the controls have to run as a standing process, owned by someone, with evidence a chief can hand to an auditor without a scramble. A one-time cleanup before an assessment does not hold up, because the next refresh starts the clock over.

What “good” looks like a year later

A dispatch center that handled its MDT refresh well can answer four questions in minutes:

  • Which terminals left the fleet, and what happened to each drive?
  • Who authorized the sanitization, and what method did they use?
  • Are all new terminals encrypted and reporting to central logging?
  • Does the asset register reconcile to the physical count today?

If those answers live in a folder instead of someone’s memory, the agency is in good shape. If they do not, the refresh created an exposure that will surface at the worst possible time.

Budgeting the refresh so media protection is not the line item that gets cut

Grant-funded agencies in Merced, Manteca, and the broader county often buy the terminals with one funding source and never budget the decommissioning work, because destruction and certification are services, not hardware. That accounting gap is why the old drives end up in a closet: there was money to buy the new fleet and no line item to retire the old one safely.

We push public-safety clients to scope the sanitization, certification, and reconciliation as part of the refresh cost from day one. It is a small fraction of the hardware spend, and it is the part an assessor actually examines. Treating it as optional is how a routine upgrade turns into an audit finding. A dispatch center that plans the retirement of a terminal with the same care it plans the purchase is the one that walks into its next assessment without a scramble.

How Datapath approaches a public-safety refresh

We treat a dispatch MDT refresh as a controlled change with a media-protection plan attached, not as a hardware order. That means we scope the sanitization standard up front, assign ownership for the certificates of destruction, and confirm encryption and logging on the new fleet before the old units leave the building. For a county team already stretched thin, the value is not the wipe itself. It is that the evidence exists, organized, the day an assessor asks.

If your agency has a terminal refresh coming and you want the media-protection side handled so it strengthens your next assessment instead of threatening it, start a conversation with our team. We will map the workflow to how your dispatch center actually runs.

Book a Consultation
Book a Consultation

See also

general

How Managed IT Services in Stockton Improve Efficiency With AI Integration

6 min read

k12

California K-12 IT Managed Services Pilot Program (Authorized): What Districts Need to Know

12 min read

general

IT Services in Irvine: What Regulated Businesses Should Expect

10 min read

Disclaimer: This blog is intended for marketing purposes only, and nothing presented in here is contractually binding or necessarily the final opinion of the authors.

Need a practical roadmap for regulated-industry IT performance?

Datapath can benchmark your current model and define the next 90 days of high-impact improvements.

Book a Consultation