House Bill 7023 amends various sections of Florida Statutes to enhance cybersecurity protections by establishing exemptions from public records requirements for certain cybersecurity-related information held by state and local government agencies. The bill introduces new definitions, such as "login credentials" and "public-facing portal," while revising existing definitions related to cybersecurity. It provides exemptions for specific cybersecurity processes, practices, reports, and login credentials, as well as information that could facilitate unauthorized access to data or technology. Additionally, the bill consolidates exemptions for agency-produced data processing software and expands exemptions for public meetings that would reveal sensitive cybersecurity information.

The bill also removes existing exemptions for secure login credentials and cybersecurity-related information held by various state departments, including the Department of State and the Department of the Lottery, and repeals certain sections related to data security in Citizens Property Insurance Corporation and state postsecondary education institutions. It emphasizes the necessity of keeping sensitive information confidential to protect against cybersecurity threats, including provisions for login credentials and sensitive agency-produced software. Furthermore, any portion of a meeting that could disclose confidential information is exempt from existing public meeting laws, and recordings and transcripts of these closed portions must be kept confidential. The public records exemptions established by this bill will be subject to future legislative review and will stand repealed on October 2, 2031, unless reenacted by the Legislature.

Statutes affected:
H 7023 Filed: 15.16, 24.1051, 101.5607, 106.0706, 112.31446, 119.07, 119.071, 119.0712, 119.0713, 119.0714