This bill amends various sections of Florida Statutes to enhance the protection of sensitive cybersecurity and operational technology information held by state agencies. It introduces a public records exemption for sensitive information related to cybersecurity, including definitions for terms such as "breach," "critical infrastructure," and "cybersecurity." The bill also exempts discussions revealing sensitive information from public meeting requirements and allows for the retroactive application of these exemptions, with a mandate for legislative review by October 2, 2031. Additionally, it repeals certain existing statutes related to data security in the Citizens Property Insurance Corporation and state postsecondary education institutions, while emphasizing the confidentiality of information like login credentials and risk assessments.

Furthermore, the bill establishes new exemptions for public records and meetings concerning sensitive cybersecurity information, recognizing that disclosure could impair essential governmental programs. It specifies that any meeting portion revealing confidential information will be exempt from existing public meeting laws, and recordings or transcripts of these closed portions will be deemed confidential. The bill underscores the necessity of these exemptions to protect vital governmental operations and maintain the integrity of agency systems against cybersecurity threats, with the act taking effect upon becoming law.

Statutes affected:
S 7024 pb: 119.0725, 15.16, 24.1051, 106.0706, 112.31446, 119.07, 119.071, 119.0712, 119.0713, 119.0714, 627.352