SENATE BILL REPORT
SHB 1417
This analysis was prepared by non-partisan legislative staff for the use of legislative members in their deliberations. This analysis is not a part of the legislation nor does it constitute a statement of legislative intent. |
As Reported by Senate Committee On:
State Government, March 29, 2017
Title: An act relating to the harmonization of the open public meetings act with the public records act in relation to information technology security matters.
Brief Description: Concerning the harmonization of the open public meetings act with the public records act in relation to information technology security matters.
Sponsors: House Committee on State Govt, Elections & IT (originally sponsored by Representatives Hudgins and Smith).
Brief History: Passed House: 2/28/17, 98-0.
Committee Activity: State Government: 3/15/17, 3/29/17 [DP].
Brief Summary of Bill |
|
SENATE COMMITTEE ON STATE GOVERNMENT |
Majority Report: Do pass.
Signed by Senators Miloscia, Chair; Zeiger, Vice Chair; Hunt, Ranking Minority Member; Kuderer and Pearson.
Staff: Samuel Brown (786-7470)
Background: Open Public Meetings Act (OPMA). The OPMA requires public access to all meetings of the governing body of a public agency that involve the transaction of official business. Any law, rule, regulation, or directive must be adopted by a governing body at an open meeting.
A governing body may hold an executive session during a meeting to discuss matters in private for certain enumerated purposes. The presiding officer must announce the purpose of excluding the public from an executive session and the time when the executive session will conclude. Matters which may be discussed in executive session include matters affecting national security and discussions with legal counsel regarding litigation or potential litigation to which the body is likely to become a party, when knowledge of the discussion is likely to result in adverse legal or financial consequences.
Public Records Act (PRA). The PRA requires state and local agencies to make records available for inspection and copying upon request unless the information is specifically exempted under statute. Information regarding the security and vulnerability of public agency computer and telecommunication network infrastructure, including security passwords, service recovery plans, security tests and risk assessments, and other related information that could expose a risk to the security and technology infrastructure of an agency, is exempt from public disclosure under the Public Records Act.
Summary of Bill: The governing body of a public agency may hold an executive session to discuss information regarding the security and vulnerability of agency computer and telecommunication network infrastructure that is exempt from public disclosure requirements under the PRA. The governing body must be in compliance with data security breach notification requirements. Legal counsel must be available during the executive session.
Appropriation: None.
Fiscal Note: Not requested.
Creates Committee/Commission/Task Force that includes Legislative members: No.
Effective Date: Ninety days after adjournment of session in which bill is passed.
Staff Summary of Public Testimony: PRO: Policymakers need to be briefed in a secure setting about cybersecurity issues or data breaches in public institutions to close security gaps. An executive session provides the right tool to accomplish that goal.
Persons Testifying: PRO: Scott Nelson, State Auditor's Office.
Persons Signed In To Testify But Not Testifying: No one.