- AVHCWD posts information about its enterprise information systems in accordance with Senate Bill 272 (2015) and Section 6270.5 of the California Public Records Act (Government Code Section 6250-6276.48) which requires certain local agencies to create catalogs of their enterprise systems that store certain information, and post a listing of these systems on their websites. If they do not have a website, they are required to publish the catalog in a way that can be provided to anyone who asks. This law applies to all California special districts, cities and counties, and compliance is required by July 1, 2016. Learn more about SB 272 here.
WHAT IS COVERED BY SB 272?
Section 6270.5 defines an enterprise system as a software application or computer system that collects, stores, exchanges, and analyzes information that the agency uses that is:
a multi-departmental system or system that contains information collected about the public; and
a system of record (A system of record means a system that serves as an original source of data within an agency.)
WHAT IS EXCLUDED?
Enterprise systems do not include cyber security systems, infrastructure and mechanical control systems, or information that would reveal vulnerabilities to, or otherwise increase the potential for an attack on, a public agency's IT system. Additionally, section 6270.5 does not automatically require disclosure of the specific records that the IT systems collect, store, exchange or analyze, however, the Act's other provisions pertaining to disclosure of such records still apply.
WHAT IS REQUIRED IN THE CATALOG?
For each enterprise system included in the catalog list, agencies must disclose:
Current system vendor
Current system product
The purpose of the system
What kind of data is stored in it
The department that serves as the system's primary custodian
How frequently system data is collected
How frequently system data is updated