CS/SB 1694 (Hutson) creates a public records exemption for all information related to a cybersecurity or ransomware incident held by a local government, state agency or sheriff. The bill also creates a public meeting exemption for any portion of a meeting that would reveal information related to a local government’s physical or virtual data or information or information technology resources. A transcript and recording must be made of the exempt portion of the meeting, and those records are exempt from the public.
CS/HB 7057 (State Administration and Technology Appropriations Subcommittee, Giallombardo) provides a public records exemption for coverage limits and deductible or self- insurance amounts of insurance or risk mitigation coverages acquired for the protection of information technology systems, operational technology systems or data of a local government. The bill also exempts information related to an agency’s critical infrastructure. Additionally, any information related to an agency’s network schematics, hardware and software configurations, or encryption information or details that identify detection, investigation, or response practices or confirmed cybersecurity incidents are exempt under the bill. Finally, the bill creates a public meeting exemption for any portion of a meeting that would reveal the confidential and exempt information described above. The meetings must be recorded and transcribed, but those records are exempt. (Taggart)