Enterprise System Catalog
Senate Bill 272
Approved on October 11, 2015, SB 272 adds a section to the California Public Records Act requiring local agencies to create and post a catalog of Enterprise Systems by July 1, 2016, with annual updates.
An Enterprise System, as defined by Senate Bill 272, is a software application or computer system that collects, stores, exchanges, and analyzes information an agency uses that is both of the following:
- A multi-departmental system or a system that contains information collected about the public.
- A system to record
An Enterprise System does not include any of the following:
- Information technology security systems, including firewalls and other cybersecurity systems.
- Physical access control systems, employee identification management systems, video monitoring, and other physical control systems.
- Infrastructure and mechanical control systems, including those that control or manage street lights, electrical, natural gas, or water or sewer functions.
- Systems related to 911 dispatch and operation or emergency services.
- Systems that would be restricted from disclosure pursuant to Section 6254.19.
- The specific records that the information technology system collects, stores, exchanges, or analyzes.
1. Create a catalog of enterprise systems containing:
- Current system vendor
- Current system product
- A brief statement of the system’s purpose
- A general description of categories or types of data
- The department that serves as the system’s primary custodian
- How frequently system data is collected
- How frequently system data is updated
2. To make the catalog publicly available upon request
3. To post the catalog in a prominent location on the agency’s website
If the public interest served by not disclosing the information described clearly outweighs the public interest served by disclosure, the local agency may instead provide a system name, brief title or identifier of the system.