CA Senate Bill 272 Compliance

Senate Bill 272, approved on October 11, 2015, adds a section to the California Public Records Act requiring local agencies to create a catalog of Enterprise Systems by July 1, 2016 with annual updates.

Full text of SB-272 available at ca.gov.

Overview

The catalog shall disclose a list of the enterprise systems utilized by the agency and, for each system, shall also disclose all of the following:

  • Current system vendor
  • Current system product
  • A brief statement of the system's purpose
  • A general description of categories or types of data
  • The department that serves as the system's primary custodian
  • How frequently system data is collected
  • How frequently system data is updated

Definitions

"Enterprise system" means a software application or computer system that collects, stores, exchanges, and analyzes information that the agency uses that is both of the following:

  • A multi-departmental system or a system that contains information collected about the public
  • A system of record

"System of record" means a system that serves as an original source of data within an agency

An enterprise system shall not include any of the following:

  • Information technology security systems, including firewalls and other cyber-security systems
  • Physical access control systems, employee identification management systems, video monitoring, and other physical control systems.
  • Infrastructure and mechanical control systems, including those that control or manage street lights, electrical, natural gas, or water or sewer functions
  • Systems related to 911 dispatch and operation or emergency services
  • Systems that would be restricted from disclosure pursuant to Section 6254.19
  • The specific records that the information technology system collects, stores, exchanges, or analyzes

City of San Juan Capistrano Catalog