SB 272 Compliance
Senate Bill 272 was chaptered into law on October 11, 2015, amending the California Public Records Act. Section 6270.5 was added to the Government Code and mandates that all Local Agencies publish a Catalog of Enterprise Systems by July 1, 2016, and update it annually. The CA Gov’t Code 6270.5 defines Enterprise Systems to be:
- Software application or a computer system that collects and analyzes information that the agency uses that is both of the following:
- A multi-departmental system that contains information collected about the public;
- A “system of record” defined as a system that serves as an original source of data within an agency;
- An Enterprise System shall not include any of the following:
- Information technology security systems including firewalls and cyber security systems;
- Physical access control systems, employee identification management systems, video monitoring and other physical control systems;
- Infrastructure and mechanical control systems, include those that control or manage street lights, electrical, natural gas or water or sewer functions;
- Systems related to 911 dispatch of emergency services.
The law requires that the catalog disclose a list of the enterprise systems utilized by the agency, and, among other things, the current system vendor and product, unless, on the facts of the particular case, the public interest served by not disclosing that information clearly outweighs the public interest served by disclosure, in which case the local agency may instead provide a system name, brief title, or identifier of the system. It should be noted that nothing in this section of the law shall be construed to permit public access to records held by the agency to which access is otherwise restricted by statute or to alter the process for requesting public records, as set forth in this chapter of the law.
Complete text of CA Gov’t Code 6270.5.