The Florida Senate

282.003  Short title.

282.005  Legislative findings and intent.

282.101  Construction of terms, "information technology" or "information technology system."

282.102  Powers and duties of the State Technology Office of the Department of Management Services.

282.103  SUNCOM Network; exemptions from the required use.

282.104  Use of state SUNCOM Network by municipalities.

282.105  Use of state SUNCOM Network by nonprofit corporations.

282.106  Use of SUNCOM Network by libraries.

282.107  SUNCOM Network; criteria for usage.

282.109  Emergency assumption of control.

282.1095  State agency law enforcement radio system.

282.111  Statewide system of regional law enforcement communications.

282.20  Technology Resource Center.

282.21  The State Technology Office of the Department of Management Services' electronic access services.

282.22  The State Technology Office of the Department of Management Services production and dissemination of materials and products.

282.303  Definitions.

282.3031  Assignment of information resources management responsibilities.

282.3032  Development and implementation of information systems; guiding principles.

282.3041  State agency responsibilities.

282.3055  Agency Chief Information Officer; appointment; duties.

282.3063  Agency Annual Enterprise Resource Planning and Management Report.

282.3095  Task Force on Privacy and Technology.

282.310  State Annual Report on Enterprise Resource Planning and Management.

282.315  Chief Information Officers Council; creation.

282.318  Security of data and information technology resources.

282.322  Special monitoring process for designated information resources management projects.

282.404  Geographic information board; definition; membership; creation; duties; advisory council; membership; duties.

282.003  Short title.--This part may be cited as the "Information Resources Management Act of 1997."

History.--s. 8, ch. 87-137; s. 1, ch. 92-98; s. 93, ch. 92-142; s. 4, ch. 96-390; s. 7, ch. 97-286; s. 45, ch. 99-13.

282.005  Legislative findings and intent.--The Legislature finds that:

(1)  Information is a strategic asset of the state, and, as such, it should be managed as a valuable state resource.

(2)  The state makes significant investments in information technology resources in order to manage information and to provide services to its citizens.

(3)  An office must be created to provide support and guidance to enhance the state's use and management of information technology resources and to design, procure, and deploy, on behalf of the state, information technology resources.

(4)  The cost-effective deployment of technology and information resources by state agencies can best be managed by a Chief Information Officer.

(5)  The head of each state agency, in consultation with the State Technology Office, has primary responsibility and accountability for the planning, budgeting, acquisition, development, implementation, use, and management of information technology resources within the agency.

(6)  The expanding need for, use of, and dependence on information technology resources requires focused management attention and managerial accountability by state agencies and the state as a whole.

(7)  The agency head, in consultation with the State Technology Office, has primary responsibility for the agency's information technology resources and for their use in accomplishing the agency's mission. However, each agency shall also use its information technology resources in the best interests of the state as a whole and thus contribute to and make use of shared data and related resources whenever appropriate.

(8)  The state shall provide, by whatever means is most cost-effective and efficient, the information resources management infrastructure needed to collect, store, and process the state's data and information, provide connectivity, and facilitate the exchange of data and information among both public and private parties.

(9)  A necessary part of the state's information resources management infrastructure is a statewide communications system for all types of signals, including voice, data, video, radio, and image.

(10)  To ensure the best management of the state's information technology resources, and notwithstanding other provisions of law to the contrary, the functions of information resources management are hereby assigned to the Board of Regents as the agency responsible for the development and implementation of policy, planning, management, rulemaking, standards, and guidelines for the State University System; to the State Board of Community Colleges as the agency responsible for establishing and developing rules and policies for the Florida Community College System; to the Supreme Court, for the judicial branch; to each state attorney and public defender; and to the State Technology Office for the executive branch of state government.

(11)  Notwithstanding anything to the contrary contained in this act, the State Technology Office shall take no action affecting the supervision or control of the personnel or data processing equipment that the Comptroller deems necessary for the exercise of his or her official constitutional duties as set forth in s. 4(d) and (e), Art. IV of the State Constitution.

(12)  Notwithstanding anything to the contrary contained in this act, the State Technology Office shall take no action affecting the supervision and control of the personnel or data processing equipment which the Attorney General deems necessary for the exercise of his or her official constitutional duties as set forth in s. 4(c), Art. IV of the State Constitution.

History.--s. 8, ch. 97-286; s. 46, ch. 99-13; s. 3, ch. 2000-164.

282.101  Construction of terms, "information technology" or "information technology system."--Any reference in this part to "information technology" or "information technology system" means any transmission, emission, and reception of signs, signals, writings, images, and sounds of intelligence of any nature by wire, radio, optical, or other electromagnetic systems and includes all facilities and equipment owned, leased, or used by all agencies and political subdivisions of state government, and a full-service information-processing facility offering hardware, software, operations, integration, networking, and consulting services.

History.--s. 22, ch. 69-106; s. 10, ch. 87-137; s. 47, ch. 99-13; s. 4, ch. 2000-164.

Note.--Former s. 287.26.

282.102  Powers and duties of the State Technology Office of the Department of Management Services.--There is created a State Technology Office, administratively placed within the Department of Management Services, which shall be headed by a Chief Information Officer who is appointed by the Governor and is in the Senior Management Service. The office shall have the following powers, duties, and functions:

(1)  To publish electronically the portfolio of services available from the office, including pricing information; the policies and procedures of the office governing usage of available services; and a forecast of the priorities and initiatives for the state communications system for the ensuing 2 years. The office shall provide a hard copy of its portfolio of services upon request.

(2)  To coordinate the purchase, lease, and use of all information technology services for state agencies, including communications services provided as part of any other total system to be used by the state or any of its agencies.

(3)  To advise and render aid to state agencies and political subdivisions of the state as to systems or methods to be used for organizing and meeting information technology requirements efficiently and effectively.

(4)  To integrate the information technology systems and services of state agencies.

(5)  To adopt technical standards for the state information technology system which will assure the interconnection of computer networks and information systems of state agencies.

(6)  To assume management responsibility for any integrated information technology system or service when determined by the office to be economically efficient or performance-effective.

(7)  To enter into agreements for the support and use of the information technology services of state agencies and of political subdivisions of the state.

(8)  To use or acquire, with agency concurrence, information technology facilities now owned or operated by any state agency.

(9)  To standardize policies and procedures for the use of such services.

(10)  To purchase from or contract with information technology providers for information technology facilities or services, including private line services.

(11)  To apply for, receive, and hold, or assist agencies in applying for, receiving, or holding, such authorizations, licenses, and allocations or channels and frequencies to carry out the purposes of ss. 282.101-282.109.

(12)  To acquire real estate, equipment, and other property.

(13)  To cooperate with any federal, state, or local emergency management agency in providing for emergency communications services.

(14)  To delegate to state agencies the powers of acquisition and utilization of information technology equipment, facilities, and services or to control and approve the purchase, lease, and use of all information technology equipment, services, and facilities, including communications services provided as part of any other total system to be used by the state or any of its agencies.

(15)  To take ownership, custody, and control of existing communications equipment and facilities, with agency concurrence, including all right, title, interest, and equity therein, to carry out the purposes of ss. 282.101-282.109. However, the provisions of this subsection shall in no way affect the rights, title, interest, or equity in any such equipment or facilities owned by, or leased to, the state or any state agency by any telecommunications company.

(16)  To adopt rules pursuant to ss. 120.536(1) and 120.54 relating to information technology and to administer the provisions of this part.

(17)  To provide a means whereby political subdivisions of the state may use the state information technology system upon such terms and under such conditions as the office may establish.

(18)  To apply for and accept federal funds for any of the purposes of ss. 282.101-282.109 as well as gifts and donations from individuals, foundations, and private organizations.

(19)  To monitor issues relating to communications facilities and services before the Florida Public Service Commission and, when necessary, prepare position papers, prepare testimony, appear as a witness, and retain witnesses on behalf of state agencies in proceedings before the commission.

(20)  Unless delegated to the agencies by the Chief Information Officer, to manage and control, but not intercept or interpret, communications within the SUNCOM Network by:

(a)  Establishing technical standards to physically interface with the SUNCOM Network.

(b)  Specifying how communications are transmitted within the SUNCOM Network.

(c)  Controlling the routing of communications within the SUNCOM Network.

(d)  Establishing standards, policies, and procedures for access to the SUNCOM Network.

(e)  Ensuring orderly and reliable communications services in accordance with the standards and policies of all state agencies and the service agreements executed with state agencies.

(21)  To plan, design, and conduct experiments for information technology services, equipment, and technologies, and to implement enhancements in the state information technology system when in the public interest and cost-effective. Funding for such experiments shall be derived from SUNCOM Network service revenues and shall not exceed 2 percent of the annual budget for the SUNCOM Network for any fiscal year or as provided in the General Appropriations Act for fiscal year 2000-2001. New services offered as a result of this subsection shall not affect existing rates for facilities or services.

(22)  To enter into contracts or agreements, with or without competitive bidding or procurement, to make available, on a fair, reasonable, and nondiscriminatory basis, property and other structures under office control for the placement of new facilities by any wireless provider of mobile service as defined in 47 U.S.C. s. 153(n) or s. 332(d) and any telecommunications company as defined in s. 364.02 when it is determined to be practical and feasible to make such property or other structures available. The office may, without adopting a rule, charge a just, reasonable, and nondiscriminatory fee for the placement of the facilities, payable annually, based on the fair market value of space used by comparable communications facilities in the state. The office and a wireless provider or telecommunications company may negotiate the reduction or elimination of a fee in consideration of services provided to the office by the wireless provider or telecommunications company. All such fees collected by the office shall be deposited directly into the State Agency Law Enforcement Radio System Trust Fund, and may be used by the office to construct, maintain, or support the system.

(23)  To provide an integrated electronic system for deploying government products, services, and information to individuals and businesses.

(a)  The integrated electronic system shall reflect cost-effective deployment strategies in keeping with industry standards and practices, including protections of security of private information as well as maintenance of public records.

(b)  The office shall provide a method for assessing fiscal accountability for the integrated electronic system and shall establish the organizational structure required to implement this system.

(24)  To provide administrative support to the Chief Information Officers Council and other workgroups created by the Chief Information Officer.

(25)  To facilitate state information technology education and training for senior management and other agency staff.

(26)  To prepare, on behalf of the Executive Office of the Governor, memoranda on recommended guidelines and best practices for information resources management, when requested.

(27)  To prepare, publish, and disseminate the State Annual Report on Enterprise Resource Planning and Management under s. 282.310.

(28)  To study and make a recommendation to the Governor and Legislature on the feasibility of implementing online voting in this state.

(29)  To facilitate the development of a network access point in this state, as needed.

History.--s. 22, ch. 69-106; s. 1, ch. 70-327; s. 36, ch. 83-334; s. 11, ch. 87-137; s. 220, ch. 92-279; s. 55, ch. 92-326; s. 16, ch. 95-143; s. 1, ch. 96-357; s. 9, ch. 96-390; s. 11, ch. 97-286; s. 65, ch. 98-279; s. 5, ch. 2000-164.

Note.--Former s. 287.25.

282.103  SUNCOM Network; exemptions from the required use.--

(1)  There is created within the State Technology Office of the Department of Management Services the SUNCOM Network which shall be developed to serve as the state communications system for providing local and long-distance communications services to state agencies, political subdivisions of the state, municipalities, and nonprofit corporations pursuant to ss. 282.101-282.111. The SUNCOM Network shall be developed to transmit all types of communications signals, including, but not limited to, voice, data, video, image, and radio. State agencies shall cooperate and assist in the development and joint use of communications systems and services.

(2)  The State Technology Office of the Department of Management Services shall design, engineer, implement, manage, and operate through state ownership, commercial leasing, or some combination thereof, the facilities and equipment providing SUNCOM Network services, and shall develop a system of equitable billings and charges for communication services.

(3)  All state agencies are required to use the SUNCOM Network for agency communications services as the services become available; however, no agency is relieved of responsibility for maintaining communications services necessary for effective management of its programs and functions. If a SUNCOM Network service does not meet the communications requirements of an agency, the agency shall notify the State Technology Office of the Department of Management Services in writing and detail the requirements for that communications service. If the office is unable to meet an agency's requirements by enhancing SUNCOM Network service, the office shall grant the agency an exemption from the required use of specified SUNCOM Network services.

History.--s. 22, ch. 69-106; s. 13, ch. 87-137; s. 3, ch. 91-171; s. 222, ch. 92-279; s. 55, ch. 92-326; s. 10, ch. 96-390; s. 66, ch. 98-279; s. 6, ch. 2000-164.

Note.--Former s. 287.27.

282.104  Use of state SUNCOM Network by municipalities.--Any municipality may request the State Technology Office of the Department of Management Services to provide any or all of the SUNCOM Network's portfolio of communications services upon such terms and under such conditions as the department may establish. The requesting municipality shall pay its share of installation and recurring costs according to the published rates for SUNCOM Network services and as invoiced by the office. Such municipality shall also pay for any requested modifications to existing SUNCOM Network services, if any charges apply.

History.--s. 3, ch. 82-56; s. 1, ch. 83-70; s. 14, ch. 87-137; s. 11, ch. 96-390; s. 67, ch. 98-279; s. 7, ch. 2000-164.

Note.--Former s. 287.251.

282.105  Use of state SUNCOM Network by nonprofit corporations.--

(1)  The State Technology Office of the Department of Management Services shall provide a means whereby private nonprofit corporations under contract with state agencies or political subdivisions of the state may use the state SUNCOM Network, subject to the limitations in this section. In order to qualify to use the state SUNCOM Network, a nonprofit corporation shall:

(a)  Expend the majority of its total direct revenues for the provision of contractual services to the state, a municipality, or a political subdivision of the state; and

(b)  Receive only a small portion of its total revenues from any source other than a state agency, a municipality, or a political subdivision of the state during the period of time SUNCOM Network services are requested.

(2)  Each nonprofit corporation seeking authorization to use the state SUNCOM Network pursuant to this section shall provide to the office, upon request, proof of compliance with subsection (1).

(3)  Nonprofit corporations established pursuant to general law and an association of municipal governments which is wholly owned by the municipalities shall be eligible to use the state SUNCOM Network, subject to the terms and conditions of the office.

(4)  Institutions qualified pursuant to s. 240.605 shall be eligible to use the state SUNCOM Network, subject to the terms and conditions of the office. Such entities shall not be required to satisfy the other criteria of this section.

(5)  Private, nonprofit elementary and secondary schools shall be eligible for rates and services on the same basis as public schools, providing these nonpublic schools do not have an endowment in excess of $50 million.

History.--s. 1, ch. 80-107; s. 2, ch. 82-56; s. 3, ch. 83-70; s. 15, ch. 87-137; s. 223, ch. 92-279; s. 55, ch. 92-326; s. 197, ch. 95-148; s. 12, ch. 96-390; s. 19, ch. 97-296; s. 68, ch. 98-279; s. 36, ch. 99-399; s. 8, ch. 2000-164.

Note.--Former s. 287.272.

282.106  Use of SUNCOM Network by libraries.--The State Technology Office of the Department of Management Services may provide SUNCOM Network services to any library in the state, including libraries in public schools, community colleges, the State University System, and nonprofit private postsecondary educational institutions, and libraries owned and operated by municipalities and political subdivisions.

History.--s. 2, ch. 96-357; s. 9, ch. 2000-164.

282.107  SUNCOM Network; criteria for usage.--

(1)  The State Technology Office shall periodically review the qualifications of subscribers using the state SUNCOM Network and shall terminate services provided to any facility not qualified pursuant to ss. 282.101-282.111 or rules adopted hereunder. In the event of nonpayment of invoices by subscribers whose SUNCOM Network invoices are paid from sources other than legislative appropriations, such nonpayment represents good and sufficient reason to terminate service.

(2)  The State Technology Office shall adopt rules setting forth its procedures for withdrawing and restoring authorization to use the state SUNCOM Network. Such rules shall provide a minimum of 30 days' notice to affected parties prior to termination of voice communications service.

(3)  Nothing in this section shall be construed to limit or restrict the ability of the Florida Public Service Commission to set jurisdictional tariffs of telecommunications companies.

History.--s. 1, ch. 82-56; s. 2, ch. 83-70; s. 16, ch. 87-137; s. 13, ch. 96-390; s. 33, ch. 2000-152; s. 10, ch. 2000-164.

Note.--Former s. 287.255.

282.109  Emergency assumption of control.--In the event of an emergency, the Governor may direct emergency management assumption of control over all or part of the state communications system.

History.--s. 22, ch. 69-106; s. 37, ch. 83-334.

Note.--Former s. 287.28.

282.1095  State agency law enforcement radio system.--

(1)  The State Technology Office of the Department of Management Services may acquire and implement a statewide radio communications system to serve law enforcement units of state agencies, and to serve local law enforcement agencies through a mutual aid channel. The Joint Task Force on State Agency Law Enforcement Communications is established in the State Technology Office of the Department of Management Services to advise the office of member-agency needs for the planning, designing, and establishment of the joint system. The State Agency Law Enforcement Radio System Trust Fund is established in the State Technology Office of the Department of Management Services. The trust fund shall be funded from surcharges collected under ss. 320.0802 and 328.72.

(2)(a)  The Joint Task Force on State Agency Law Enforcement Communications shall consist of eight members, as follows:

1.  A representative of the Division of Alcoholic Beverages and Tobacco of the Department of Business and Professional Regulation who shall be appointed by the secretary of the department.

2.  A representative of the Division of Florida Highway Patrol of the Department of Highway Safety and Motor Vehicles who shall be appointed by the executive director of the department.

3.  A representative of the Department of Law Enforcement who shall be appointed by the executive director of the department.

4.  A representative of the Fish and Wildlife Conservation Commission who shall be appointed by the executive director of the commission.

5.  A representative of the Division of Law Enforcement of the Department of Environmental Protection who shall be appointed by the secretary of the department.

6.  A representative of the Department of Corrections who shall be appointed by the secretary of the department.

7.  A representative of the Division of State Fire Marshal of the Department of Insurance who shall be appointed by the State Fire Marshal.

8.  A representative of the Department of Transportation who shall be appointed by the secretary of the department.

(b)  Each appointed member of the joint task force shall serve at the pleasure of the appointing official. Any vacancy on the joint task force shall be filled in the same manner as the original appointment.

(c)  The joint task force shall elect a chair from among its members to serve a 1-year term. A vacancy in the chair of the joint task force must be filled for the remainder of the unexpired term by an election of the joint task force members.

(d)  The joint task force shall meet as necessary, but at least quarterly, at the call of the chair and at the time and place designated by him or her.

(e)  The per diem and travel expenses incurred by a member of the joint task force in attending its meetings and in attending to its affairs shall be paid pursuant to s. 112.061, from funds budgeted to the state agency that the member represents.

(f)  The State Technology Office of the Department of Management Services is hereby authorized to rent or lease space on any tower under its control. The office may also rent, lease, or sublease ground space as necessary to locate equipment to support antennae on the towers. The costs for use of such space shall be established by the office for each site, when it is determined to be practicable and feasible to make space available. The office may refuse to lease space on any tower at any site. All moneys collected by the office for such rents, leases, and subleases shall be deposited directly into the State Agency Law Enforcement Radio System Trust Fund and may be used by the office to construct, maintain, or support the system.

(g)  The State Technology Office of the Department of Management Services is hereby authorized to rent, lease, or sublease ground space on lands acquired by the office for the construction of privately owned or publicly owned towers. The office may, as a part of such rental, lease, or sublease agreement, require space on said tower or towers for antennae as may be necessary for the construction and operation of the state agency law enforcement radio system or any other state need. The positions necessary for the office to accomplish its duties under this paragraph and paragraph (f) shall be established in the General Appropriations Act and shall be funded by the State Agency Law Enforcement Radio System Trust Fund.

(3)  Upon appropriation, moneys in the trust fund may be used by the office to acquire by competitive procurement the equipment; software; and engineering, administrative, and maintenance services it needs to construct, operate, and maintain the statewide radio system. Moneys in the trust fund collected as a result of the surcharges set forth in ss. 320.0802 and 328.72 shall be used to help fund the costs of the system. Upon completion of the system, moneys in the trust fund may also be used by the office to provide for payment of the recurring maintenance costs of the system. Moneys in the trust fund may be appropriated to maintain and enhance, over and above existing agency budgets, existing radio equipment systems of the state agencies represented by the task force members, in an amount not to exceed 10 percent per year per agency, of the existing radio equipment inventory until the existing radio equipment can be replaced pursuant to implementation of the statewide radio communications system.

(4)(a)  The joint task force shall establish policies, procedures, and standards which shall be incorporated into a comprehensive management plan for the use and operation of the statewide radio communications system.

(b)  The joint task force shall have the authority to permit other state agencies to use the communications system, under terms and conditions established by the joint task force.

(5)(a)  The State Technology Office of the Department of Management Services shall provide technical support to the joint task force and shall bear the overall responsibility for the design, engineering, acquisition, and implementation of the statewide radio communications system and for ensuring the proper operation and maintenance of all system common equipment.

(b)  The positions necessary for the office to accomplish its duties under this section shall be established through the budgetary process and shall be funded by the State Agency Law Enforcement Radio System Trust Fund.

History.--s. 1, ch. 88-144; s. 1, ch. 92-72; s. 224, ch. 92-279; s. 55, ch. 92-326; s. 30, ch. 94-218; s. 111, ch. 94-356; s. 860, ch. 95-148; s. 5, ch. 95-283; s. 1, ch. 96-312; s. 5, ch. 96-357; s. 10, ch. 96-388; s. 14, ch. 96-390; s. 6, ch. 98-251; s. 69, ch. 98-279; s. 81, ch. 99-245; s. 3, ch. 99-289; s. 37, ch. 99-399; s. 11, ch. 2000-164.

282.111  Statewide system of regional law enforcement communications.--

(1)  It is the intent and purpose of the Legislature that a statewide system of regional law enforcement communications be developed whereby maximum efficiency in the use of existing radio channels is achieved in order to deal more effectively with the apprehension of criminals and the prevention of crime generally. To this end, all law enforcement agencies within the state are directed to provide the State Technology Office of the Department of Management Services with any information the office requests for the purpose of implementing the provisions of subsection (2).

(2)  The State Technology Office of the Department of Management Services is hereby authorized and directed to develop and maintain a statewide system of regional law enforcement communications. In formulating such a system, the office shall divide the state into appropriate regions and shall develop a program which shall include, but not be limited to, the following provisions:

(a)  The communications requirements for each county and municipality comprising the region.

(b)  An interagency communications provision which shall depict the communication interfaces between municipal, county, and state law enforcement entities which operate within the region.

(c)  Frequency allocation and use provision which shall include, on an entity basis, each assigned and planned radio channel and the type of operation, simplex, duplex, or half-duplex, on each channel.

(3)  The office shall adopt any necessary rules and regulations for implementing and coordinating the statewide system of regional law enforcement communications.

(4)  The Chief Information Officer of the State Technology Office or his or her designee is designated as the director of the statewide system of regional law enforcement communications and, for the purpose of carrying out the provisions of this section, is authorized to coordinate the activities of the system with other interested state agencies and local law enforcement agencies.

(5)  No law enforcement communications system shall be established or present system expanded without the prior approval of the State Technology Office of the Department of Management Services.

(6)  Within the limits of its capability, the Department of Law Enforcement is encouraged to lend assistance to the State Technology Office of the Department of Management Services in the development of the statewide system of regional law enforcement communications proposed by this section.

History.--ss. 1, 2, 3, 4, 5, 6, ch. 72-296; s. 1, ch. 77-174; s. 12, ch. 79-8; s. 225, ch. 92-279; s. 55, ch. 92-326; s. 11, ch. 96-388; s. 15, ch. 96-390; s. 7, ch. 98-251; s. 70, ch. 98-279; s. 42, ch. 99-399; s. 12, ch. 2000-164.

Note.--Former s. 287.29.

282.20  Technology Resource Center.--

(1)(a)  The State Technology Office of the Department of Management Services shall operate and manage the Technology Resource Center.

(b)  For the purposes of this section, the term:

1.  "Office" means the State Technology Office of the Department of Management Services.

2.  "Information-system utility" means a full-service information-processing facility offering hardware, software, operations, integration, networking, and consulting services.

3.  "Customer" means a state agency or other entity which is authorized to utilize the SUNCOM Network pursuant to this part.

(2)  The Technology Resource Center shall:

(a)  Serve the office and other customers as an information-system utility.

(b)  Cooperate with customers to offer, develop, and support a wide range of services and applications needed by users of the Technology Resource Center.

(c)  Cooperate with the Florida Legal Resource Center of the Department of Legal Affairs and other state agencies to develop and provide access to repositories of legal information throughout the state.

(d)  Cooperate with the office to facilitate interdepartmental networking and integration of network services for its customers.

(e)  Assist customers in testing and evaluating new and emerging technologies that could be used to meet the needs of the state.

(3)  The office may contract with customers to provide any combination of services necessary for agencies to fulfill their responsibilities and to serve their users.

(4)  Acceptance of any new customer other than a state agency which is expected to pay during the initial 12 months of use more than 5 percent of the previous year's revenues of the Technology Resource Center shall be contingent upon approval of the Office of Planning and Budgeting in a manner similar to the budget amendment process in s. 216.181.

(5)  The Technology Resource Center may plan, design, establish pilot projects for, and conduct experiments with information technology resources, and may implement enhancements in services when such implementation is cost-effective. Funding for experiments and pilot projects shall be derived from service revenues and may not exceed 5 percent of the service revenues for the Technology Resource Center for any single fiscal year. Any experiment, pilot project, plan, or design must be approved by the Chief Information Officer of the State Technology Office.

(6)  Notwithstanding the provisions of s. 216.272, the Technology Resource Center may spend the funds in the reserve account of its working capital trust fund for enhancements to center operations or for information technology resources. Any expenditure of reserve account funds must be approved by the Chief Information Officer of the State Technology Office. Any funds remaining in the reserve account at the end of the fiscal year may be carried forward and spent as approved by the Chief Information Officer of the State Technology Office, provided that such approval conforms to any applicable provisions of chapter 216.

History.--s. 3, ch. 94-226; s. 10, ch. 94-340; s. 12, ch. 97-241; s. 13, ch. 97-286; s. 48, ch. 99-13; s. 13, ch. 2000-164.

282.21  The State Technology Office of the Department of Management Services' electronic access services.--The State Technology Office of the Department of Management Services may collect fees for providing remote electronic access pursuant to s. 119.085. The fees may be imposed on individual transactions or as a fixed subscription for a designated period of time. All fees collected under this section shall be deposited in the appropriate trust fund of the program or activity that made the remote electronic access available.

History.--s. 13, ch. 97-241; s. 14, ch. 2000-164.

282.22  The State Technology Office of the Department of Management Services production and dissemination of materials and products.--

(1)  It is the intent of the Legislature that when materials, products, information, and services are collected or developed by or under the direction of the State Technology Office of the Department of Management Services, through research and development or other efforts, including those subject to copyright, patent, or trademark, they shall be made available for use by state and local government entities at the earliest practicable date and in the most economical and efficient manner possible and consistent with chapter 119.

(2)  To accomplish this objective the office is authorized to publish or partner with private sector entities to produce or have produced materials and products and to make them readily available for appropriate use. The office is authorized to charge an amount or receive value-added services adequate to cover the essential cost of producing and disseminating such materials, information, services, or products and is authorized to sell services, when appropriate, to any entity who is authorized to use the SUNCOM Network pursuant to this part and to the public.

(3)  In cases in which the materials or products are of such nature, or the circumstances are such, that it is not practicable or feasible for the office to produce or have produced materials and products so developed, it is authorized, after review and approval by the Executive Office of the Governor, to license, lease, assign, sell, or otherwise give written consent to any person, firm, or corporation for the manufacture or use thereof, on a royalty basis, or for such other consideration as the office shall deem proper and in the best interest of the state; the office is authorized and directed to protect same against improper or unlawful use or infringement and to enforce the collection of any sums due for the manufacture or use thereof by any other party.

(4)  All proceeds from the sale of such materials and products or other money collected pursuant to this section shall be deposited into the Grants and Donations Trust Fund of the office and, when properly budgeted as approved by the Legislature and the Executive Office of the Governor, used to pay the cost of producing and disseminating materials and products to carry out the intent of this section.

History.--s. 14, ch. 97-241; s. 49, ch. 99-13; s. 15, ch. 2000-164.

282.303  Definitions.--For the purposes of ss. 282.303-282.322, the term:

(1)  "Agency" means those entities described in ¹s. 216.011(1)(mm).

(2)  "Chief Information Officer" means the person appointed by the agency head, in consultation with the State Technology Office, to coordinate and manage the information resources management policies and activities within that agency.

(3)  "Chief Information Officers Council" means the council created in s. 282.315 to facilitate the sharing and coordination of information resources management issues and initiatives among the agencies.

(4)  "State Technology Office" means the office created in s. 282.102 to support and coordinate cost-effective deployment of technology and information resources and services across state government.

(5)  "Information technology hardware" means equipment designed for the automated storage, manipulation, and retrieval of data, voice or video, by electronic or mechanical means, or both, and includes, but is not limited to, central processing units, front-end processing units, including miniprocessors and microprocessors, and related peripheral equipment such as data storage devices, document scanners, data entry, terminal controllers and data terminal equipment, word processing systems, equipment and systems for computer networks, personal communication devices, and wireless equipment.

(6)  "Information technology services" means all services that include, but are not limited to, feasibility studies, systems design, software development, enterprise resource planning, application service provision, consulting, or time-sharing services.

(7)  "Data processing software" means the programs and routines used to employ and control the capabilities of data processing hardware, including, but not limited to, operating systems, compilers, assemblers, utilities, library routines, maintenance routines, applications, and computer networking programs.

(8)  "Agency Annual Enterprise Resource Planning and Management Report" means the report prepared by the Chief Information Officer of each agency as required by s. 282.3063.

(9)  "State Annual Report on Enterprise Resource Planning and Management" means the report prepared by the State Technology Office as defined in ²s. 282.3093.

(10)  "Project" means an undertaking directed at the accomplishment of a strategic objective relating to enterprise resources management or a specific appropriated program.

(11)  "Enterprise resource planning and management" means the planning, budgeting, acquiring, developing, organizing, directing, training, and control associated with government information technology resources. The term encompasses information and related resources, as well as the controls associated with their acquisition, development, dissemination, and use.

(12)  "Information technology resources" means data processing hardware and software and services, communications, supplies, personnel, facility resources, maintenance, and training.

(13)  "Enterprise resources management infrastructure" means the hardware, software, networks, data, human resources, policies, standards, and facilities that are required to support the business processes of an agency or state enterprise.

(14)  "Technology Review Workgroup" means the workgroup created in s. 216.0446 to review and make recommendations on agencies' information resources management planning and budgeting proposals.

(15)  "Total cost" means all costs associated with information resources management projects or initiatives, including, but not limited to, value of hardware, software, service, maintenance, incremental personnel, and facilities. Total cost of a loan or gift of information technology resources to an agency includes the fair market value of the resources, except that the total cost of loans or gifts of information technology resources to state universities to be used in instruction or research does not include fair market value.

(16)  "Standards" means the use of current, open, nonproprietary, or non-vendor-specific technologies.

History.--ss. 3, 11, ch. 83-92; s. 17, ch. 87-137; ss. 10, 11, ch. 90-160; s. 4, ch. 91-171; s. 10, ch. 91-221; s. 5, ch. 91-429; s. 3, ch. 92-98; s. 95, ch. 92-142; s. 14, ch. 94-226; s. 11, ch. 94-340; s. 9, ch. 97-286; s. 16, ch. 2000-164.

¹Note.--Redesignated as s. 216.011(1)(qq) by s. 1, ch. 2000-371.

²Note.--Repealed by s. 29, ch. 2000-164.

282.3031  Assignment of information resources management responsibilities.--For purposes of ss. 282.303-282.322, to ensure the best management of state information technology resources, and notwithstanding other provisions of law to the contrary, the functions of information resources management are hereby assigned to the Board of Regents as the agency responsible for the development and implementation of policy, planning, management, rulemaking, standards, and guidelines for the State University System; to the State Board of Community Colleges as the agency responsible for establishing and developing rules and policies for the Florida Community College System; to the Supreme Court for the judicial branch; to each state attorney and public defender; and to the State Technology Office for the agencies within the executive branch of state government.

History.--s. 10, ch. 97-286; s. 50, ch. 99-13; s. 17, ch. 2000-164.

282.3032  Development and implementation of information systems; guiding principles.--To ensure the best management of the state's information technology resources, the following guiding principles are adopted:

(1)  Enterprise resource planning by state governmental entities is a prerequisite for the effective development and implementation of information systems to enable sharing of data and cost-effective and efficient services to individuals.

(2)  The enterprise resource planning process, as well as coordination of development efforts, should include all principals from the outset.

(3)  State governmental entities should be committed to maximizing information sharing and participate in enterprise-wide efforts when appropriate.

(4)  State governmental entities should maximize public access to data, while complying with legitimate security, privacy, and confidentiality requirements.

(5)  State governmental entities should strive for an integrated electronic system for providing individuals with information to the extent possible.

(6)  To the extent that state government entities charge each other for data, this practice, insofar as possible, should be eliminated. Further, when the capture of data for mutual benefit can be accomplished, the costs for the development, capture, and network for access to that data should be shared.

(7)  The redundant capture, storage, and dissemination of data should, insofar as possible, be eliminated.

(8)  Only data that are auditable, or that otherwise can be determined to be accurate, valid, and reliable, should be maintained.

(9)  Methods of sharing data among different protocols should be developed without requiring major redesign or replacement of individual systems.

(10)  Integration of data elements should be achieved by establishing standard definitions, formats, and integrated electronic systems, when possible.

History.--s. 10, ch. 97-286; s. 18, ch. 2000-164.

282.3041  State agency responsibilities.--The head of each state agency, in consultation with the State Technology Office, is responsible and accountable for enterprise resource planning and management within the agency in accordance with legislative intent and as defined in this part.

History.--s. 10, ch. 97-286; s. 51, ch. 99-13; s. 19, ch. 2000-164.

282.3055  Agency Chief Information Officer; appointment; duties.--

(1)(a)  To assist the agency head in carrying out the enterprise resource planning and management responsibilities, the agency head shall appoint, in consultation with the State Technology Office, or contract for a Chief Information Officer at a level commensurate with the role and importance of information technology resources in the agency. This position may be full time or part time.

(b)  The Chief Information Officer must, at a minimum, have knowledge and experience in both management and information technology resources.

(2)  The duties of the Chief Information Officer include, but are not limited to:

(a)  Coordinating and facilitating agency enterprise resource planning and management projects and initiatives.

(b)  Preparing an agency annual report on enterprise resource planning and management pursuant to s. 282.3063.

(c)  Developing and implementing agency enterprise resource planning and management policies, procedures, and standards, including specific policies and procedures for review and approval of the agency's purchases of information technology resources.

(d)  Advising agency senior management as to the enterprise resource planning and management needs of the agency for inclusion in planning documents required by law.

(e)  Assisting in the development and prioritization of the enterprise resource planning and management schedule of the agency's legislative budget request.

History.--s. 10, ch. 97-286; s. 20, ch. 2000-164.

282.3063  Agency Annual Enterprise Resource Planning and Management Report.--

(1)  By September 1 of each year, and for the State University System within 90 days after completion of the expenditure analysis developed pursuant to s. 240.271(4), each Chief Information Officer shall prepare and submit to the State Technology Office an Agency Annual Enterprise Resource Planning and Management Report. Following consultation with the State Technology Office and the Chief Information Officers Council, the Executive Office of the Governor and the fiscal committees of the Legislature shall jointly develop and issue instructions for the format and contents of the report.

(2)  The Agency Annual Enterprise Resource Planning and Management Report shall contain, at a minimum, the following:

(a)  A forecast of enterprise resource planning and management priorities and initiatives for the ensuing 2 years.

(b)  A description of the current enterprise resource planning and management infrastructure of the agency and planned changes for the ensuing 2 years.

(c)  A status report on the major enterprise resource planning and management projects of the agency.

(d)  An assessment of the progress made toward implementing the prior fiscal year legislative appropriation to the agency for enterprise resource planning and management.

(e)  The estimated expenditures by the agency for enterprise resource planning and management for the prior fiscal year.

(f)  An inventory list, by major categories, of the agency information technology resources, which specifically identifies the resources acquired during the previous fiscal year.

(g)  An assessment of opportunities for the agency to share enterprise resource planning and management projects or initiatives with other governmental or private entities.

(h)  A list of enterprise resource planning and management issues the agency has identified as statewide issues.

History.--s. 10, ch. 97-286; s. 20, ch. 98-73; s. 21, ch. 2000-164.

282.3095  Task Force on Privacy and Technology.--

(1)  The State Technology Office shall create a Task Force on Privacy and Technology. The task force shall include professionals in the fields of communications, government, law enforcement, law, marketing, technology, and financial services, including, but not limited to, the Florida Association of Court Clerks and Comptrollers, the Florida Insurance Council, the Society of Consumer Affairs Professionals in Business, the Florida Retail Federation, and the Office of Statewide Prosecution. The task force shall study and make policy recommendations by February 1, 2001, to the Legislature and the Governor which include, but are not limited to:

(a)  Privacy issues under the constitutions and laws of the United States and the State of Florida, the Public Records Act, and the advent of the use of advanced technologies.

(b)  Technology fraud, including, but not limited to, the illegal use of citizens' identities and credit.

(c)  Balancing the traditional openness of public records in the state with the need to protect the privacy and identity of individuals.

(d)  The sale of public records to private individuals and companies.

(2)  The task force shall recommend to the State Technology Office no fewer than three pilot projects designed to further the deployment of electronic access with protection of privacy. The pilot projects shall apply technologies and operating procedures to increase electronic access to public records and to reduce the reliance on paper documents while including safeguards for the protection of privacy rights and confidential information.

(3)  In order to carry out its duties and responsibilities, the task force shall hold public meetings necessary to gather the best available knowledge regarding these issues. The State Technology Office shall staff the task force as necessary. The members of the task force shall serve without compensation, but shall be reimbursed for reasonable and necessary expenses of attending the public meetings and performing duties of the task force, including per diem and travel expenses as provided in s. 112.061. Such expenses shall be reimbursed from funds of the Department of Highway Safety and Motor Vehicles. This subsection expires July 1, 2001.

History.--s. 22, ch. 2000-164.

282.310  State Annual Report on Enterprise Resource Planning and Management.--

(1)  By February 15 of each year, the State Technology Office shall develop a State Annual Report on Enterprise Resource Planning and Management.

(2)  The State Annual Report on Enterprise Resource Planning and Management shall contain, at a minimum, the following:

(a)  The state vision for enterprise resource planning and management.

(b)  A forecast of the state enterprise resource planning and management priorities and initiatives for the ensuing 2 years.

(c)  A summary of major statewide policies recommended by the State Technology Office for enterprise resource planning and management.

(d)  A summary of memoranda issued by the Executive Office of the Governor.

(e)  An assessment of the overall progress toward an integrated electronic system for deploying government products, services, and information to individuals and businesses and state enterprise resource planning and management initiatives and priorities for the past fiscal year.

(f)  A summary of major statewide issues related to improving enterprise resource planning and management by the state.

(g)  An inventory list, by major categories, of state information technology resources.

(h)  A summary of the total agency expenditures or descriptions of agreements, contracts, or partnerships for enterprise resource planning and management and of enterprise-wide procurements done by the office on behalf of the state.

(i)  A summary of the opportunities for government agencies or entities to share enterprise resource planning and management projects or initiatives with other governmental or private sector entities.

The state annual report shall also include enterprise resource planning and management information from the annual reports prepared by the Board of Regents for the State University System, from the State Board of Community Colleges for the Florida Community College System, from the Supreme Court for the judicial branch, and from the Justice Administrative Commission on behalf of the state attorneys and public defenders. Expenditure information shall be taken from each agency's annual report as well as the annual reports of the Board of Regents, the State Board of Community Colleges, the Supreme Court, and the Justice Administrative Commission.

(3)  The state annual report shall be made available in writing or through electronic means to the Executive Office of the Governor, the President of the Senate, the Speaker of the House of Representatives, and the Chief Justice of the Supreme Court.

History.--s. 10, ch. 97-286; s. 21, ch. 98-73; s. 29, ch. 98-136; s. 52, ch. 99-13; s. 23, ch. 2000-164.

282.315  Chief Information Officers Council; creation.--The Legislature finds that enhancing communication, consensus building, coordination, and facilitation of statewide enterprise resource planning and management issues is essential to improving state management of such resources.

(1)  There is created a Chief Information Officers Council to:

(a)  Enhance communication among the Chief Information Officers of state agencies by sharing enterprise resource planning and management experiences and exchanging ideas.

(b)  Facilitate the sharing of best practices that are characteristic of highly successful technology organizations, as well as exemplary information technology applications of state agencies.

(c)  Identify efficiency opportunities among state agencies.

(d)  Serve as an educational forum for enterprise resource planning and management issues.

(e)  Assist the State Technology Office in identifying critical statewide issues and, when appropriate, make recommendations for solving enterprise resource planning and management deficiencies.

(2)  Members of the council shall include the Chief Information Officers of all state agencies, including the Chief Information Officers of the agencies and governmental entities enumerated in s. 282.3031, except that there shall be one Chief Information Officer selected by the state attorneys and one Chief Information Officer selected by the public defenders. The chairs, or their designees, of the Geographic Information Board, the Florida Financial Management Information System Coordinating Council, the Criminal and Juvenile Justice Information Systems Council, and the Health Information Systems Council shall represent their respective organizations on the Chief Information Officers Council as voting members.

(3)  The State Technology Office shall provide administrative support to the council.

History.--s. 10, ch. 97-286; s. 24, ch. 2000-164.

282.318  Security of data and information technology resources.--

(1)  This section may be cited as the "Security of Data and Information Technology Resources Act."

(2)(a)  Each agency head, in consultation with the State Technology Office, is responsible and accountable for assuring an adequate level of security for all data and information technology resources of the agency and, to carry out this responsibility, shall, at a minimum:

1.  Designate an information security manager who shall administer the security program of the agency for its data and information technology resources.

2.  Conduct, and periodically update, a comprehensive risk analysis to determine the security threats to the data and information technology resources of the agency. The risk analysis information is confidential and exempt from the provisions of s. 119.07(1), except that such information shall be available to the Auditor General in performing his or her postauditing duties.

3.  Develop, and periodically update, written internal policies and procedures to assure the security of the data and information technology resources of the agency. The internal policies and procedures which, if disclosed, could facilitate the unauthorized modification, disclosure, or destruction of data or information technology resources are confidential information and exempt from the provisions of s. 119.07(1), except that such information shall be available to the Auditor General in performing his or her postauditing duties.

4.  Implement appropriate cost-effective safeguards to reduce, eliminate, or recover from the identified risks to the data and information technology resources of the agency.

5.  Ensure that periodic internal audits and evaluations of the security program for the data and information technology resources of the agency are conducted. The results of such internal audits and evaluations are confidential information and exempt from the provisions of s. 119.07(1), except that such information shall be available to the Auditor General in performing his or her postauditing duties.

6.  Include appropriate security requirements, as determined by the agency, in the written specifications for the solicitation of information technology resources.

(b)  In those instances in which the State Technology Office of the Department of Management Services develops state contracts for use by state agencies, the department shall include appropriate security requirements in the specifications for the solicitation for state contracts for procuring information technology resources.

History.--ss. 1, 2, 3, ch. 84-236; s. 28, ch. 87-137; s. 1, ch. 89-14; s. 7, ch. 90-160; s. 13, ch. 91-171; s. 234, ch. 92-279; s. 55, ch. 92-326; s. 22, ch. 94-340; s. 863, ch. 95-148; s. 131, ch. 96-406; s. 15, ch. 97-286; s. 25, ch. 2000-164.

282.322  Special monitoring process for designated information resources management projects.--For each information resources management project which is designated for special monitoring in the General Appropriations Act, with a proviso requiring a contract with a project monitor, the Technology Review Workgroup established pursuant to s. 216.0446, in consultation with each affected agency, shall be responsible for contracting with the project monitor. Upon contract award, funds equal to the contract amount shall be transferred to the Technology Review Workgroup upon request and subsequent approval of a budget amendment pursuant to s. 216.292. With the concurrence of the Legislative Auditing Committee, the office of the Auditor General shall be the project monitor for other projects designated for special monitoring. However, nothing in this section precludes the Auditor General from conducting such monitoring on any project designated for special monitoring. In addition to monitoring and reporting on significant communications between a contracting agency and the appropriate federal authorities, the project monitoring process shall consist of evaluating each major stage of the designated project to determine whether the deliverables have been satisfied and to assess the level of risks associated with proceeding to the next stage of the project. The major stages of each designated project shall be determined based on the agency's information systems development methodology. Within 20 days after an agency has completed a major stage of its designated project or at least 90 days, the project monitor shall issue a written report, including the findings and recommendations for correcting deficiencies, to the agency head, for review and comment. Within 20 days after receipt of the project monitor's report, the agency head shall submit a written statement of explanation or rebuttal concerning the findings and recommendations of the project monitor, including any corrective action to be taken by the agency. The project monitor shall include the agency's statement in its final report, which shall be forwarded, within 7 days after receipt of the agency's statement, to the agency head, the inspector general's office of the agency, the Executive Office of the Governor, the appropriations committees of the Legislature, the Joint Legislative Auditing Committee, the Technology Review Workgroup, the President of the Senate, the Speaker of the House of Representatives, and the Office of Program Policy Analysis and Government Accountability. The Auditor General shall also receive a copy of the project monitor's report for those projects in which the Auditor General is not the project monitor.

History.--s. 23, ch. 94-340; s. 11, ch. 97-100; s. 16, ch. 97-286; s. 23, ch. 98-73; s. 30, ch. 98-136; s. 40, ch. 99-399.

282.404  Geographic information board; definition; membership; creation; duties; advisory council; membership; duties.--

(1)  As used in this section, the term "geographic information" means information or data for which location or spatial distribution is an essential element, including, but not limited to, information pertaining to:

(a)  Land, air, water, and mineral resources;

(b)  The distribution of plant, animal, and human populations;

(c)  Real property interests;

(d)  The elements of the growth management comprehensive planning process under ss. 163.3177 and 163.3178;

(e)  Political, jurisdictional, ownership, and other artificial divisions of geography; and

(f)  Measured features listed in paragraphs (a)-(d) herein and geographic features produced pursuant to chapter 472.

(2)(a)  The Florida Geographic Information Board is created in the State Technology Office. The purpose of the board is to facilitate the identification, coordination, collection, and sharing of geographic information among federal, state, regional, and local agencies, and the private sector. The board shall develop solutions, policies, and standards to increase the value and usefulness of geographic information concerning Florida. In formulating and developing solutions, policies, and standards, the board shall provide for and consider input from other public agencies, such as the state universities, large and small municipalities, urban and rural county governments, and the private sector.

(b)  The Geographic Information Board may issue guidelines on recommended best practices, including recommended policies and standards, for the identification, coordination, collection, and sharing of geographic information.

(c)  The Geographic Information Board may contract for, accept, and make gifts, grants, loans, or other aid from and to any other governmental entity and to any person. Members may contribute, and the board may receive and expend, funds for board initiatives.

(3)  The board consists of the Chief Information Officer in the State Technology Office, the executive director of the Fish and Wildlife Conservation Commission, the executive director of the Department of Revenue, and the State Cadastral Surveyor, as defined in s. 177.503, or their designees, and the heads of the following agencies, or their designees: the Department of Agriculture and Consumer Services, the Department of Community Affairs, the Department of Environmental Protection, the Department of Transportation, and the Board of Professional Surveyors and Mappers. The Governor shall appoint to the board one member each to represent the counties, municipalities, regional planning councils, water management districts, and county property appraisers. The Governor shall initially appoint two members to serve 2-year terms and three members to serve 4-year terms. Thereafter, the terms of all appointed members must be 4 years and the terms must be staggered. Members may be appointed to successive terms and incumbent members may continue to serve the board until a new appointment is made.

(4)  The Chief Information Officer in the State Technology Office, or his or her designee, shall serve as the chair of the board. A majority of the membership of the board constitutes a quorum for the conduct of business. The board shall meet at least twice each year, and the chair may call a meeting of the board as often as necessary to transact business. Administrative and clerical support to the board shall be provided by the State Technology Office of the Department of Management Services.

(5)  The board shall:

(a)  Promote the sharing of geographic information;

(b)  Conduct periodic assessments of geographic information and geographic information systems in this state to identify information management activities and available resources;

(c)  Increase efficiency and reduce costs of data acquisition by promoting the coordination of geographic information activities, including, but not limited to, development and maintenance of a data directory in which geographic information is cataloged;

(d)  Promote consistency of data elements by establishing standard data definitions and formats;

(e)  Promote the adoption and use of standards that have broad application to the public and private sectors;

(f)  By March 1 of each year, develop and approve a strategic plan pursuant to the requirements set forth in s. 186.022(9). Copies of the plan shall be transmitted electronically or in writing to the Executive Office of the Governor, the Speaker of the House of Representatives, the President of the Senate, and the members of the Geographic Information Advisory Council as provided in subsection (7);

(g)  Serve as liaison between local, regional, and state government and the Federal Government to promote the sharing of geographic information;

(h)  Establish technical advisory committees to assist the board; and

(i)  Serve as the coordinator for census activities and facilitate the availability and usability of the data collected by the United States Census Bureau.

(6)  The Florida Geographic Information Advisory Council is created in the State Technology Office to provide technical assistance and recommendations to the board.

(7)  The Geographic Information Advisory Council consists of one member each from the State Technology Office, the Fish and Wildlife Conservation Commission, the Department of Revenue, the Department of Agriculture and Consumer Services, the Department of Community Affairs, the Department of Environmental Protection, the Department of Transportation, the State Cadastral Surveyor, the Board of Professional Surveyors and Mappers, counties, municipalities, regional planning councils, water management districts, and property appraisers, as appointed by the corresponding member of the board, and the State Geologist. The Governor shall appoint to the council one member each, as recommended by the respective organization, to represent the Department of Children and Family Services, the Department of Health, the Florida Survey and Mapping Society, Florida Region of the American Society of Photogrammetry and Remote Sensing, Florida Association of Cadastral Mappers, the Florida Association of Professional Geologists, Florida Engineering Society, Florida Chapter of the Urban and Regional Information Systems Association, the forestry industry, the State University System survey and mapping academic research programs, and State University System geographic information systems academic research programs; and two members representing utilities, one from a regional utility, and one from a local or municipal utility. These persons must have technical expertise in geographic information issues. The Governor shall initially appoint six members to serve 2-year terms and six members to serve 4-year terms. Thereafter, the terms of all appointed members must be 4 years and must be staggered. Members may be appointed to successive terms, and incumbent members may continue to serve the council until a successor is appointed. Representatives of the Federal Government may serve as ex officio members without voting rights.

(8)  A majority of the membership constitutes a quorum for the conduct of business and shall elect the chair of the advisory council biennially. The council shall meet at least twice a year, and the chair may call meetings as often as necessary to transact business or as directed by the board. The chair, or his or her designee, shall attend all board meetings on behalf of the council. Administrative and clerical support shall be provided by the State Technology Office of the Department of Management Services.

(9)  The advisory council shall:

(a)  Develop operational procedures for the conduct of business;

(b)  Make recommendations to the geographic information board for policies, procedures, standards, and technical solutions pertaining to the planning, coordination, sharing, consistency, development, and maintenance of geographic information;

(c)  Develop solutions that promote coordinated and cost-effective statewide financing of geographic information;

(d)  Make recommendations for the reduction of unnecessary duplication of geographic information efforts among various state, federal, regional, and local agencies and the private sector;

(e)  Seek information from the geographic information and mapping community in formulating priorities for the federal and state mapping and geographic information programs and activities; and

(f)  Inform mapping and geographic information users in the state of programs, available materials and information, and standards and solutions pertaining to mapping and geographic information.

(10)  If any specified state agency fails to comply with this section without good cause, the Executive Office of the Governor may withhold releases of appropriations of those portions of the agency's operating budget that pertain to the collection and analysis of geographic information.

(11)  Local governments are encouraged to participate within their abilities and resources in order to facilitate implementation of this section.

History.--s. 1, ch. 96-390; s. 34, ch. 97-96; s. 17, ch. 97-286; s. 24, ch. 98-73; s. 82, ch. 99-245; s. 26, ch. 2000-164.

282.5001  Short title.

282.5002  Definitions.

282.5003  Exclusive remedies for failure to be year 2000 compliant.

282.5004  Damages for failure to be year 2000 compliant; mediation; limitation on class actions; statute of limitations.

282.5005  Immunity from liability for directors and officers of businesses.

282.5006  Antitrust exemption with respect to exchanges of information.

282.5007  Alternative dispute resolution procedures.

282.5008  Construction of act.

282.5001  Short title.--This act may be cited as the "Commerce Protection Act."

History.--s. 1, ch. 99-230.

282.5002  Definitions.--For the purposes of this act, the following terms have the following meanings:

(1)  BUSINESS.--The term "business" means a person or an entity engaged in providing goods or services in this state, but the term excludes any governmental agency or any agency of the legislative or judicial branch of state government.

(2)  DATE DATA.--The term "date data" means data that contain dates or that contain both dates and times.

(3)  DIRECT ECONOMIC DAMAGES.--The term "direct economic damages" includes only economic compensatory damages that follow both immediately and necessarily from the failure of the information technology products of a business or governmental agency to be year 2000 compliant. The term excludes special damages, incidental damages, and exemplary or punitive damages.

(4)  GOVERNMENTAL AGENCY.--The term "governmental agency" includes any agency of the executive branch of state government or any political subdivision of the state as defined in s. 1.01 or any agency of such a political subdivision. For purposes of this section, the term also includes any public or private university school of medicine that is part of a public or private university supported in whole or in part by state funds and that has an affiliation with a local government or state instrumentality under which the medical school's computer systems, or diagnostic or therapeutic equipment dependent upon date logic, are used to provide clinical patient care services to the public.

(5)  INFORMATION TECHNOLOGY PRODUCT.--

(a)  The term "information technology product" includes software, firmware, microcode, hardware, and equipment containing embedded chips or microprocessors that create, read, write, calculate, compare, sequence, or otherwise operate on date data.

(b)  The "information technology products" of a business or governmental agency are those that are owned, leased, or licensed by or under the exclusive control of the business or governmental agency and are used by it in providing its goods or services.

(6)  YEAR 2000 COMPLIANT.--An information technology product is "year 2000 compliant" if the product, when used in accordance with its associated documentation or recommended user intervention, is capable of correctly processing, providing, and receiving date data, and will do so for all dates occurring between February 28, 1996, and March 1, 2000, when all other information technology products that are used with the product properly exchange date data with it. An information technology product does not fail to be year 2000 compliant merely because it contains a defect that is unrelated to the manner in which the product processes, provides, or receives date data and that only incidentally causes the product to fail to properly process, provide, or receive date data.

History.--s. 2, ch. 99-230.

282.5003  Exclusive remedies for failure to be year 2000 compliant.--The exclusive remedies in this state for recovering from a business or governmental agency damages resulting from the failure of its information technology products to be year 2000 compliant are those available for breach of a contract with or a tariff filed by the business or governmental agency; and all terms of that contract or tariff, including limitations on and exclusions of liability and disclaimers of warranty, remain fully enforceable and are unaffected by the provisions of this act. If there is no contract or tariff, the exclusive remedies in this state for recovering from a business or governmental agency damages resulting from the failure of its information technology products to be year 2000 compliant are those provided in s. 282.5004.

History.--s. 3, ch. 99-230.

282.5004  Damages for failure to be year 2000 compliant; mediation; limitation on class actions; statute of limitations.--

(1)  Unless otherwise provided by a contract or tariff, any business may be liable only for direct economic damages caused by the failure of its information technology products to be year 2000 compliant, as provided in this section.

(2)  Unless otherwise provided by a contract or tariff, any governmental agency may be liable only for direct economic damages caused by the failure of its information technology products to be year 2000 compliant, and only within the limits on the waiver of sovereign immunity established in s. 768.28.

(3)  The provisions of s. 768.81 apply to the award of damages under this section.

(4)  Damages awarded under this section shall exclude any damages that the plaintiff:

(a)  Could have avoided or mitigated with the exercise of reasonable care; or

(b)  Could have reasonably avoided or mitigated as a result of any written or otherwise communicated disclosure actually made by the defendant before December 1, 1999, in a manner consistent with that used in the past to give notifications to the plaintiff or persons similarly situated, concerning whether any of the information technology products of the business or governmental agency was year 2000 compliant.

(5)(a)  A business or governmental agency is not liable for direct economic damages if it proves by a preponderance of the evidence that it has:

1.  Secured an assessment, by a person who possesses the technical skills, experience, or competence with respect to information technology resources to evaluate information technology products for year 2000 compliance, to determine actions necessary to make the information technology products of the business or governmental agency year 2000 compliant and, based on that assessment, holds before December 1, 1999, a reasonable good faith belief that those products are year 2000 compliant; or

2.  Before December 1, 1999, conducted a date-data test of its information technology products and as a result of such test has a reasonable good faith belief that they are year 2000 compliant; or

3.  If it has five or fewer employees and has a net worth of $100,000 or less, made reasonable efforts to assess whether the entities on whose goods or services it relies and with whom it is in privity have provided information technology products that are year 2000 compliant and, with respect to each such entity, either:

a.  Holds before December 1, 1999, a reasonable good faith belief, based on the response to inquiries or on research, that the entity has provided information technology products that are year 2000 compliant; or

b.  Discloses in writing to the other party before December 1, 1999, in a manner consistent with that used in the past to give written notifications to that party, that the entity has provided information technology products that are presumed not to be year 2000 compliant or that, based on the response to inquiries, the entity is making reasonable good faith efforts to make its information technology products become year 2000 compliant.

(b)  All defenses that would otherwise be available to a business or governmental agency in any other action, including an action based on negligence, remain available with respect to an action under this section. Moreover, the failure of a business or governmental agency to comply with paragraph (a) shall not create a presumption of liability and no inference may be drawn from such failure.

(6)  Beginning January 1, 2000, upon the filing of any lawsuit or the presentation of a claim for arbitration under s. 282.5007 seeking damages under this section, and prior to the filing of an answer or response, the court having jurisdiction shall refer the claim to mediation under s. 44.102 unless the court determines that the interests of justice would not be served. The time to file the answer or response shall be tolled for up to 60 days after service of process on the defendant or until the conclusion of the mediation, whichever is earlier.

(7)  A class action may not be maintained in this state:

(a)  Against a governmental agency for damages caused by the failure of its information technology products to be year 2000 compliant.

(b)  Against a business for damages caused by the failure of its information technology products to be year 2000 compliant, unless each member of the class has suffered direct economic damages in excess of $50,000.

(8)  Any action for damages under this section must be commenced on or before March 1, 2002, but the running of this time is tolled from the date any offer is made to submit the claim to mediation until the conclusion of mediation.

History.--s. 4, ch. 99-230.

282.5005  Immunity from liability for directors and officers of businesses.--

(1)  A director or officer of a business has absolute and complete immunity from personal liability for any damages resulting from the failure of the information technology products of the business to be year 2000 compliant if the officer or director has either instructed the business or received written assurance from another officer or director that the business has been instructed to:

(a)  Take steps to determine whether those products are year 2000 compliant;

(b)  Develop and implement a plan to take actions necessary to make those products year 2000 compliant; and

(c)  Inquire whether the information technology products of the entities on whose goods or services the business relies are year 2000 compliant.

(2)  A director or officer who does not have absolute and complete immunity from personal liability under subsection (1) nevertheless has immunity from personal liability to the extent provided in chapter 607 or chapter 617.

History.--s. 5, ch. 99-230.

282.5006  Antitrust exemption with respect to exchanges of information.--The exchange of information among businesses concerning measures that have been taken or are to be taken in order for a business to make its information technology products year 2000 compliant does not constitute an activity or conduct in restraint of trade or commerce under chapter 542.

History.--s. 6, ch. 99-230.

282.5007  Alternative dispute resolution procedures.--

(1)  VOLUNTARY BINDING ARBITRATION.--

(a)  Any party to a dispute under this act for which there is no prior arbitration agreement may, before a lawsuit has been filed, make an offer to the other party to submit the dispute to voluntary binding arbitration under s. 44.104. An offer made under this paragraph must set out the maximum amount of damages that may be imposed pursuant to arbitration.

(b)  If at trial the court finds that an offer was made under paragraph (a) and was rejected, the court shall award attorney's fees and costs in accordance with this paragraph.

1.  If the offer was made by the plaintiff and rejected by the defendant, and if the defendant is ultimately found to be liable for damages in an amount equal to or exceeding that specified in the plaintiff's highest offer, the defendant must pay the plaintiff's costs and reasonable attorney's fees.

2.  If the offer was made by the defendant and rejected by the plaintiff, and if the plaintiff is not ultimately awarded damages in an amount exceeding that specified in the defendant's highest offer, the plaintiff must pay the defendant's costs and reasonable attorney's fees.

(2)  MEDIATION.--

(a)  The court may submit a claim for damages under this act to mediation pursuant to s. 44.102.

(b)  A party may serve its last best offer made in mediation upon another party as an offer of judgment under s. 768.79, and may make use of all the rights and remedies provided by this section.

(c)  The court shall have discretion to require that the costs of mediation be shared equally by the parties.

History.--s. 7, ch. 99-230; s. 35, ch. 2000-152.

282.5008  Construction of act.--This act shall not be construed to create a new cause of action or a duty to provide notice concerning year 2000 compliance nor be construed to mandate the content or timing of any notice concerning year 2000 compliance.

History.--s. 8, ch. 99-230.