Terms of Use and Rules of Behavior

The National Emergency Management Association (NEMA) maintains the EMAC website and applications utilized by state emergency management agencies and other entities. 

NEMA developed and maintained applications are for official use only by authorized users. 

All persons granted access to an EMAC applications or any information stored in the EMAC website in the performance of duties with their state emergency management agency acknowledge that they will be exposed to security sensitive, confidential, and deliberative information which forms the basis of EMAC's emergency response.

No person granted access to the EMAC website or EMAC applications or any information stored therein shall disclose, or, through their own act of negligence or carelessness, allow it to be disclosed, any information accessed to anyone other than authorized recipients.

Any person found to have failed to keep such information secure shall be subject to immediate loss of access privileges and may also be subject to appropriate discipline.

The following rules of behavior apply to all EMAC website users.

EMAC applications are hosted by NEMA contractor support. Unauthorized use of EMAC's system is prohibited.

Computer systems may be monitored for all lawful purposes, including to ensure that their use is authorized, for management of the system, to facilitate protection against unauthorized access, and to verify security procedures, survivability, and operational security. 

Use of EMAC's systems, authorized or unauthorized, constitutes consent to monitoring of this system. Unauthorized use may subject you to criminal prosecution. Evidence of unauthorized use collected during monitoring may be used for administrative, criminal, or other adverse action. Use of this system constitutes consent to monitoring for these purposes. Use of this system implies understanding of these terms and conditions. 


System Access

By using EMAC's system, you acknowledge and agree to the following:

I will use this system only for the purposes for which it is intended. I understand that I am given access to EMAC's systems only to perform my specific role within the system.

If I am granted an elevated role (privileged account), I understand that I am only to use that account to perform functions that require elevated roles. I will not use an elevated account to log in and perform general user functions. I will not attempt to access components of the system I am not authorized to access. I will comply with all user access credential requirements as specified in user documentation, which includes the use of username and password, meeting all password requirements of the EMAC system.

I agree to protect access credentials from disclosure. I will not provide my access credentials to anyone, including system administrators. I will promptly change an access credential whenever the compromise of that credential is known or suspected. I will not attempt to bypass access control measures.

Data Protection

EMAC's systems are unclassified. 

The EMAC system only collects limited personally identifiable information (PII) from individuals as needed to maintain operations or in the creation and maintenance of an individual's account.

This information is used to provide access to the information and applications maintained by NEMA.

EMAC's website and applications are not authorized to host Sensitive Personally Identifiable Information (SPII) or classified information. 

SPII is defined as any information, which if lost, compromised, or disclosed without authorization, could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual. Examples include Social Security number, Alien Registration Number, driver’s license or state identification number, passport number, and biometric identifiers (e.g., fingerprint, iris scan, voice print).

SPII also includes information that if linked with a person's name or other unique identifier (e.g., address, phone number) could result in harm, embarrassment, inconvenience, or unfairness to the individual if lost, compromised, or disclosed without authorization. Examples of this information that is harmful if linked with other identifiers include date of birth, criminal or immigration history, medical information, mother’s maiden name, account passwords, etc.

As a EMAC website and application user, you agree to:

  • Not post SPII to EMAC in any form. This includes uploading of documents that contain SPII.
  • Not post classified information in any form to include uploading of documents that contain classified information.
  • Adequately mark any unclassified but sensitive information such as For Official Use Only (FOUO) documents prior to uploading.
  • Protect data stored in the EMAC website and applications from disclosure to un-authorized persons or groups.


NEMA provides the capability to send emails through EMAC's applications. 

When simulating exercises and sending emails for the purpose of exercise conduct, all messages and events should be marked with the appropriate headers to indidate these are exercise events and exercise messages.

By using the system, you acknowledge and agree to the following:

I understand that my e-mail may be used to send resource requests and situation reports. I further understand that my email will be used for official communication.

EMAC Applications

NEMA maintains the following EMAC systems: EMAC Operations System (EOS), Resource Planner, Mutual Aid Support System (MASS), Liaisons, NCS, and Reimbursement. 

Data uploaded to the EMAC system is owned by the organization who entered and by the state emergency management agency of the organization's state. 

NEMA has special access to modify or delete data to maintain data integrity and completeness of data. 

Participating organizations and personnel who maintain accounts in the EMAC website and EMAC applications use the systems voluntarily. 

The official NEMA Data and Information Sharing as adopted by the NEMA membership is as follows:

It is the policy of NEMA not to share data or information considered to be the property of State Emergency Management Agencies, without express written permission of the owner. The exception is information gathered through NEMA surveys for the purpose of issue papers, reports and publications.


By using the system, you acknowledge and agree to the following:

If notified of a virus or malware contamination, I will immediately cease operations and report the incident to emac@csg.org.

I will promptly report IT security incidents. I understand that I have no expectation of privacy while using EMAC's website and application.

I understand that I will be held accountable for my actions while accessing and using the EMAC website and applications. 

Limitation of Liability

The information and resources contained in the EMAC website and EMAC's applications are entered by each Participant, remains the property of each Participant, and is offered for informational purposes only.  

NEMA makes no assurance regarding the veracity, accuracy or usefulness or availability of any information or resources transmitted or made available via the EMAC system. NEMA shall not be liable for any error or omission of information or resources.

Each Participant that provides information in the EMAC website and applications represents and warrants that the Participant has the authority to post the information and resources and that the content posted to MASS is reasonably accurate and complete. Each Participant shall remove or correct any inaccurate information and/or resources entered into the EMAC website and applications, within a reasonable time after the Participant is aware of the inaccuracy.

Intellectual Property

All copyright, trademarks, and other intellectual property contained in the EMAC website and EMAC applications belong to NEMA or to the Participant that has entered the information.

Nothing in this Agreement grants you a right or license to use any copyright, trademark or other intellectual property rights controlled by NEMA or any other Participant.