Approved on October 11, 2015, SB 272 adds a section to the California Public Records Act requiring local agencies to create a catalog of Enterprise Systems by July 1, 2016 with annual updates.
A software application or computer system that collects, stores, exchanges and analyzes information that the agency uses that is both of the following: A multi-departmental system or a system that contains information collected about the public and a system that serves as an original source of data within an agency.
An Enterprise System does not include any of the following:
- Information Technology security systems, including firewalls and other cybersecurity systems.
- Physical access control systems, employee identification management systems, video monitoring and other physical control systems.
- Infrastructure and mechanical control systems, including those that control or manage street lights, electrical, natural gas or water or sewer functions.
- Systems related to 911 dispatch and operation or emergency services.
- Systems that would be restricted from disclosure by Section 6254.19.
- The specific records that the information technology system collects, stores, exchanges or analyzes.
1. Create a catalog of enterprise systems, containing:
- Current system vendor
- Current system product
- System's purpose
- A description of categories or types of data
- The department that is the prime custodian of the data
- The frequency that system data is collected
- The frequency that system data is updated
2. T o make the catalog publicly available upon request
3. T o post the catalog in a prominent location on the agency's website
If the public interest served by not disclosing the information described clearly outweighs the public interest served by disclosure, the local agency may insteadprovide a system name, brief title or identifier of the system.