FL S0110

Creates section 1004.055, F.S. to establish confidentiality and exemption from public records requirements for records identifying detection, investigation, or response practices for information technology security incidents at state universities and Florida College System institutions.

Exempts portions of risk assessments, evaluations, audits, and other reports of a university's or institution's information technology security program from public records disclosure if such disclosure would facilitate unauthorized access to or modification of data or IT resources.

Exempts portions of public meetings that would reveal confidential IT security information from open meetings requirements, requiring such portions be recorded and transcribed but remain confidential unless a court determines the meeting was not restricted to discussing exempt data.

Permits disclosure of exempt records and meeting materials to the Auditor General, Cybercrime Office of the Department of Law Enforcement, Board of Governors (for state universities), State Board of Education (for Florida College System institutions), and state or federal agencies for security purposes.

Applies exemptions retroactively to records held before, on, or after the act's effective date and subjects the exemptions to the Open Government Sunset Review Act with repeal scheduled for October 2, 2022, unless reenacted by the Legislature.