The bill amends section 119.0725 of the Florida Statutes to enhance the confidentiality of sensitive cybersecurity-related information held by state and local government agencies. It introduces new definitions such as "cybersecurity," "login credentials," and "operational technology," while clarifying terms like "breach" and "incident." The legislation exempts critical infrastructure information, cybersecurity incidents, network schematics, and other sensitive data from public disclosure, allowing for retroactive application of these exemptions. It also mandates a legislative review of these exemptions by October 2, 2031, and repeals certain existing statutes related to data security in the Citizens Property Insurance Corporation and state postsecondary education institutions.

Additionally, the bill specifies that secure login credentials, internet protocol addresses, and geolocation data held by the Department of Highway Safety and Motor Vehicles are exempt from public records laws. It emphasizes the need to protect this information to prevent cyberattacks and unauthorized access to government systems. The bill also includes provisions for periodic reviews and sunset clauses to ensure the appropriateness of these exemptions. Furthermore, it establishes that any meeting portions revealing confidential information must be exempt from public meeting laws, with recordings and transcripts of these closed sessions kept confidential. Overall, the bill aims to strengthen the security framework surrounding government-held data and protect sensitive information from potential threats.

Statutes affected:
S 7024 Filed: 119.0725, 15.16, 24.1051, 106.0706, 112.31446, 119.07, 119.071, 119.0712, 119.0713, 119.0714, 627.352