SB 272 California Public Records Act: July 1, 2016 Compliance Deadline

In October 2015, Governor Brown approved Senate Bill 272 which, adds to the California Public Records Act (Gov. Code §6250-6276.48) by requiring cities, counties, and special districts to create an online catalog of all “enterprise systems” that are used to collect and store data. SB 272 goes into effect on July 1, 2016 and requires all local agencies, with the exception of local educational agencies, to post the catalog on the agency’s website and update it on an annual basis.

The California Public Records Act was established to allow the public access to state and local agency’s governmental records. SB 272 is a step forward to help increase the accessibility of public information and to improve overall government transparency.

What is an Enterprise System?

The bill defines an enterprise system as a software application or computer system that collects, stores, exchanges, and analyzes information that the agency uses that is both of the following:

  1. A multi-departmental system or a system that contains information collected about the public.
  2. A system of record.

What is Required?

The enterprise system catalog must be posted in a prominent location on the local agency’s website. If agency does not have a website, the information must be readily available for the public to access upon request. The catalog must contain the following information:

  • Current system vendor;
  • Current system product;
  • A brief statement of the system’s purpose;
  • A general description of categories or types of data;
  • The department that serves as the system’s primary custodian;
  • How frequently system data is collected; and
  • How frequently system data is updated.

Exemptions under SB 272

As previously mentioned, this bill does not apply to school districts. Enterprise systems exclude information that could compromise the security of the local agency. An enterprise system does not include the following:

  • Information technology security systems, including firewalls and other cybersecurity systems.
  • Physical access control systems, employee identification management systems, video monitoring, and other physical control systems.
  • Infrastructure and mechanical control systems, including those that control or manage street lights, electrical, natural gas, or water or sewer functions.
  • Systems related to 911 dispatch and operation or emergency services.
  • Systems that would be restricted from disclosure pursuant to Section 6254.19.
  • The specific records that the information technology system collects, stores, exchanges, or analyzes.

For more information regarding SB 272 please go to the following link:
https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201520160SB272.