Chapter 282 - 2011 Florida Statutes

Home > Laws > 2011 Florida Statutes > Title XIX > Chapter 282

Quick Links

General Laws Conversion Table (2023) [PDF]
Florida Statutes Definitions Index (2023) [PDF]
Table of Section Changes (2023) [PDF]
Preface to the Florida Statutes (2023) [PDF]
Table Tracing Session Laws to Florida Statutes (2023) [PDF]
Index to Special and Local Laws (1971-2023) [PDF]
Index to Special and Local Laws (1845-1970) [PDF]
Statute Search Tips

2011 Florida Statutes

Title XIX PUBLIC BUSINESS

Chapter 282
COMMUNICATIONS AND DATA PROCESSING

CHAPTER 282

COMMUNICATIONS AND DATA PROCESSING

PART I

ENTERPRISE INFORMATION TECHNOLOGY SERVICES MANAGEMENT

(ss. 282.003-282.34)

PART II

ACCESSIBILITY OF INFORMATION AND TECHNOLOGY

(ss. 282.601-282.606)

PART III

COMMUNICATION INFORMATION TECHNOLOGY SERVICES

(ss. 282.701-282.711)

PART I

ENTERPRISE INFORMATION TECHNOLOGY
SERVICES MANAGEMENT

282.003 Short title.

282.0041 Definitions.

282.0055 Assignment of information technology.

282.0056 Development of work plan; development of implementation plans; and policy recommendations.

282.201 State data center system; agency duties and limitations.

282.203 Primary data centers.

282.204 Northwood Shared Resource Center.

282.205 Southwood Shared Resource Center.

282.318 Enterprise security of data and information technology.

282.33 Objective standards for data center energy efficiency.

282.34 Statewide e-mail service.

282.003 Short title.—This part may be cited as the “Enterprise Information Technology Services Management Act.”

History.—s. 8, ch. 87-137; s. 1, ch. 92-98; s. 93, ch. 92-142; s. 4, ch. 96-390; s. 7, ch. 97-286; s. 45, ch. 99-13; s. 4, ch. 2008-116; s. 5, ch. 2009-80.

282.0041 Definitions.—As used in this chapter, the term:

(1) “Agency” has the same meaning as in s. 216.011(1)(qq), except that for purposes of this chapter, “agency” does not include university boards of trustees or state universities.

(2) “Agency for Enterprise Information Technology” means the agency created in s. 14.204.

(3) “Agency information technology service” means a service that directly helps an agency fulfill its statutory or constitutional responsibilities and policy objectives and is usually associated with the agency’s primary or core business functions.

(4) “Annual budget meeting” means a meeting of the board of trustees of a primary data center to review data center usage to determine the apportionment of board members for the following fiscal year, review rates for each service provided, and determine any other required changes.

(5) “Breach” has the same meaning as in s. 817.5681(4).

(6) “Business continuity plan” means a plan for disaster recovery which provides for the continued functioning of a primary data center during and after a disaster.

(7) “Computing facility” means agency space containing fewer than a total of 10 physical or logical servers, any of which supports a strategic or nonstrategic information technology service, as described in budget instructions developed pursuant to s. 216.023, but excluding single, logical-server installations that exclusively perform a utility function such as file and print servers.

(8) “Customer entity” means an entity that obtains services from a primary data center.

(9) “Data center” means agency space containing 10 or more physical or logical servers any of which supports a strategic or nonstrategic information technology service, as described in budget instructions developed pursuant to s. 216.023.

(10) “Department” means the Department of Management Services.

(11) “Enterprise information technology service” means an information technology service that is used in all agencies or a subset of agencies and is established in law to be designed, delivered, and managed at the enterprise level.

(12) “E-mail, messaging, and calendaring service” means the enterprise information technology service that enables users to send, receive, file, store, manage, and retrieve electronic messages, attachments, appointments, and addresses. The e-mail, messaging, and calendaring service must include e-mail account management; help desk; technical support and user provisioning services; disaster recovery and backup and restore capabilities; antispam and antivirus capabilities; archiving and e-discovery; and remote access and mobile messaging capabilities.

(13) “Information-system utility” means a full-service information-processing facility offering hardware, software, operations, integration, networking, and consulting services.

(14) “Information technology” means equipment, hardware, software, firmware, programs, systems, networks, infrastructure, media, and related material used to automatically, electronically, and wirelessly collect, receive, access, transmit, display, store, record, retrieve, analyze, evaluate, process, classify, manipulate, manage, assimilate, control, communicate, exchange, convert, converge, interface, switch, or disseminate information of any kind or form.

(15) “Information technology policy” means statements that describe clear choices for how information technology will deliver effective and efficient government services to residents and improve state agency operations. A policy may relate to investments, business applications, architecture, or infrastructure. A policy describes its rationale, implications of compliance or noncompliance, the timeline for implementation, metrics for determining compliance, and the accountable structure responsible for its implementation.

(16) “Performance metrics” means the measures of an organization’s activities and performance.

(17) “Primary data center” means a data center that is a recipient entity for consolidation of nonprimary data centers and computing facilities and that is established by law.

(18) “Project” means an endeavor that has a defined start and end point; is undertaken to create or modify a unique product, service, or result; and has specific objectives that, when attained, signify completion.

(19) “Risk analysis” means the process of identifying security risks, determining their magnitude, and identifying areas needing safeguards.

(20) “Service level” means the key performance indicators (KPI) of an organization or service which must be regularly performed, monitored, and achieved.

(21) “Service-level agreement” means a written contract between a data center and a customer entity which specifies the scope of services provided, service level, the duration of the agreement, the responsible parties, and service costs. A service-level agreement is not a rule pursuant to chapter 120.

(22) “Standards” means required practices, controls, components, or configurations established by an authority.

(23) “SUNCOM Network” means the state enterprise telecommunications system that provides all methods of electronic or optical telecommunications beyond a single building or contiguous building complex and used by entities authorized as network users under this part.

(24) “Telecommunications” means the science and technology of communication at a distance, including electronic systems used in the transmission or reception of information.

(25) “Threat” means any circumstance or event that may cause harm to the integrity, availability, or confidentiality of information technology resources.

(26) “Total cost” means all costs associated with information technology projects or initiatives, including, but not limited to, value of hardware, software, service, maintenance, incremental personnel, and facilities. Total cost of a loan or gift of information technology resources to an agency includes the fair market value of the resources.

(27) “Usage” means the billing amount charged by the primary data center, less any pass-through charges, to the customer entity.

(28) “Usage rate” means a customer entity’s usage or billing amount as a percentage of total usage.

History.—ss. 3, 11, ch. 83-92; s. 17, ch. 87-137; ss. 10, 11, ch. 90-160; s. 4, ch. 91-171; s. 10, ch. 91-221; s. 5, ch. 91-429; s. 3, ch. 92-98; s. 95, ch. 92-142; s. 14, ch. 94-226; s. 11, ch. 94-340; s. 9, ch. 97-286; s. 16, ch. 2000-164; s. 51, ch. 2001-61; s. 10, ch. 2001-261; s. 4, ch. 2007-105; s. 5, ch. 2008-116; s. 6, ch. 2009-80; s. 5, ch. 2010-78; s. 9, ch. 2010-148; s. 3, ch. 2011-50.

Note.—Former s. 282.303.

282.0055 Assignment of information technology.—In order to ensure the most effective and efficient use of the state’s information technology and information technology resources and notwithstanding other provisions of law to the contrary, policies for the design, planning, project management, and implementation of enterprise information technology services shall be the responsibility of the Agency for Enterprise Information Technology for executive branch agencies created or authorized in statute to perform legislatively delegated functions. The supervision, design, delivery, and management of agency information technology shall remain within the responsibility and control of the individual state agency.

History.—s. 5, ch. 2007-105; s. 6, ch. 2008-116.

282.0056 Development of work plan; development of implementation plans; and policy recommendations.—

(1) For the purposes of carrying out its responsibilities under s. 282.0055, the Agency for Enterprise Information Technology shall develop an annual work plan within 60 days after the beginning of the fiscal year describing the activities that the agency intends to undertake for that year, including proposed outcomes and completion timeframes for the planning and implementation of all enterprise information technology services. The work plan must be presented at a public hearing and approved by the Governor and Cabinet, and thereafter submitted to the President of the Senate and the Speaker of the House of Representatives. The work plan may be amended as needed, subject to approval by the Governor and Cabinet.

(2) The agency may develop and submit to the President of the Senate, the Speaker of the House of Representatives, and the Governor by October 1 of each year implementation plans for proposed enterprise information technology services to be established in law.

(3) In developing policy recommendations and implementation plans for established and proposed enterprise information technology services, the agency shall describe the scope of operation, conduct costs and requirements analyses, conduct an inventory of all existing information technology resources that are associated with each service, and develop strategies and timeframes for statewide migration.

(4) For the purpose of completing its work activities, each state agency shall provide to the agency all requested information, including, but not limited to, the state agency’s costs, service requirements, and equipment inventories.

(5) Within 60 days after the end of each fiscal year, the agency shall report to the Governor and Cabinet, the President of the Senate, and the Speaker of the House of Representatives on what was achieved or not achieved in the prior year’s work plan.

History.—s. 6, ch. 2007-105; s. 7, ch. 2008-116; s. 7, ch. 2009-80; s. 4, ch. 2011-50.

282.201 State data center system; agency duties and limitations.—A state data center system that includes all primary data centers, other nonprimary data centers, and computing facilities, and that provides an enterprise information technology service as defined in s. 282.0041, is established.

(1) INTENT.—The Legislature finds that the most efficient and effective means of providing quality utility data processing services to state agencies requires that computing resources be concentrated in quality facilities that provide the proper security, infrastructure, and staff resources to ensure that the state’s data is maintained reliably and safely, and is recoverable in the event of a disaster. Efficiencies resulting from such consolidation include the increased ability to leverage technological expertise and hardware and software capabilities; increased savings through consolidated purchasing decisions; and the enhanced ability to deploy technology improvements and implement new policies consistently throughout the consolidated organization. Therefore it is the intent of the Legislature that agency data centers and computing facilities be consolidated into primary data centers to the maximum extent possible by 2019.

(2) AGENCY FOR ENTERPRISE INFORMATION TECHNOLOGY DUTIES.—The Agency for Enterprise Information Technology shall:

(a) Collect and maintain information necessary for developing policies relating to the data center system, including, but not limited to, an inventory of facilities.

(b) Annually approve cost-recovery mechanisms and rate structures for primary data centers which recover costs through charges to customer entities.

(c) By September 30 of each year, submit to the Legislature, the Executive Office of the Governor, and the primary data centers recommendations to improve the efficiency and cost-effectiveness of computing services provided by state data center system facilities. Such recommendations must include, but need not be limited to:

1. Policies for improving the cost-effectiveness and efficiency of the state data center system, which includes the primary data centers being transferred to a shared, virtualized server environment, and the associated cost savings resulting from the implementation of such policies.

2. Infrastructure improvements supporting the consolidation of facilities or preempting the need to create additional data centers or computing facilities.

3. Uniform disaster recovery standards.

4. Standards for primary data centers which provide cost-effective services and transparent financial data to user agencies.

5. Consolidation of contract practices or coordination of software, hardware, or other technology-related procurements and the associated cost savings.

6. Improvements to data center governance structures.

(d) By October 1 of each year beginning in 2011, provide recommendations to the Governor and Legislature relating to changes to the schedule for the consolidations of state agency data centers as provided in subsection (4).

1. The recommendations must be based on the goal of maximizing current and future cost savings by:

a. Consolidating purchase decisions;

b. Leveraging expertise and other resources to gain economies of scale;

c. Implementing state information technology policies more effectively; and

d. Maintaining or improving the level of service provision to customer entities.

2. The agency shall establish workgroups as necessary to ensure participation by affected agencies in the development of recommendations related to consolidations.

(e) Develop and establish rules relating to the operation of the state data center system which comply with applicable federal regulations, including 2 C.F.R. part 225 and 45 C.F.R. The agency shall publish notice of rule development in the Florida Administrative Weekly by October 1, 2011. The rules must address:

1. Ensuring that financial information is captured and reported consistently and accurately.

2. Identifying standards for hardware, including standards for a shared, virtualized server environment, and operations system software and other operational software, including security and network infrastructure, for the primary data centers; requiring compliance with such standards in order to enable the efficient consolidation of the agency data centers or computing facilities; and providing an exemption process from compliance with such standards, which must be consistent with paragraph (5)(b).

3. Requiring annual full cost recovery on an equitable rational basis. The cost-recovery methodology must ensure that no service is subsidizing another service and may include adjusting the subsequent year’s rates as a means to recover deficits or refund surpluses from a prior year.

4. Requiring that any special assessment imposed to fund expansion is based on a methodology that apportions the assessment according to the proportional benefit to each customer entity.

5. Requiring that rebates be given when revenues have exceeded costs, that rebates be applied to offset charges to those customer entities that have subsidized the costs of other customer entities, and that such rebates may be in the form of credits against future billings.

6. Requiring that all service-level agreements have a contract term of up to 3 years, but may include an option to renew for up to 3 additional years contingent on approval by the board, and require at least a 180-day notice of termination.

(3) STATE AGENCY DUTIES.—

(a) For the purpose of completing its work activities as described in subsection (1), each state agency shall provide to the Agency for Enterprise Information Technology all requested information and any other information relevant to the agency’s ability to effectively transition its computer services into a primary data center. The agency shall also participate as required in workgroups relating to specific consolidation planning and implementation tasks as assigned by the Agency for Enterprise Information Technology and determined necessary to accomplish consolidation goals.

(b) Each state agency shall submit to the Agency for Enterprise Information Technology information relating to its data centers and computing facilities as required in instructions issued by July 1 of each year by the Agency for Enterprise Information Technology. The information required may include:

1. Amount of floor space used and available.

2. Numbers and capacities of mainframes and servers.

3. Storage and network capacity.

4. Amount of power used and the available capacity.

5. Estimated expenditures by service area, including hardware and software, numbers of full-time equivalent positions, personnel turnover, and position reclassifications.

6. A list of contracts in effect for the fiscal year, including, but not limited to, contracts for hardware, software and maintenance, including the expiration date, the contract parties, and the cost of the contract.

7. Service-level agreements by customer entity.

(c) Each state agency customer of a primary data center shall notify the data center, by May 31 and November 30 of each year, of any significant changes in anticipated utilization of data center services pursuant to requirements established by the boards of trustees of each primary data center.

(4) SCHEDULE FOR CONSOLIDATIONS OF AGENCY DATA CENTERS.—

(a) Consolidations of agency data centers shall be made by the date and to the specified primary data center as provided in this section and in accordance with budget adjustments contained in the General Appropriations Act.

(b) By December 31, 2011, the following shall be consolidated into the Northwest Regional Data Center:

1. The Department of Education’s Knott Data Center in the Turlington Building.

2. The Department of Education’s Division of Vocational Rehabilitation.

3. The Department of Education’s Division of Blind Services, except for the division’s disaster recovery site in Daytona Beach.

4. The FCAT Explorer.

5. FACTS.org.

1. By September 30, 2011, the Department of Corrections.

2. By March 31, 2012, the Department of Transportation’s Burns Building.

3. By March 31, 2012, the Department of Transportation’s Survey & Mapping Office.

(d) During the 2011-2012 fiscal year, the following shall be consolidated into the Northwood Shared Resource Center:

1. By July 1, 2011, the Department of Transportation’s Office of Motor Carrier Compliance.

2. By March 31, 2012, the Department of Highway Safety and Motor Vehicles.

(e) During the 2012-2013 fiscal year, the following shall be consolidated into the Southwood Shared Resource Center:

1. By September 30, 2012, the Division of Emergency Management and the Department of Community Affairs, except for the Emergency Operation Center’s management system in Tallahassee and the Camp Blanding Emergency Operations Center in Starke.

2. By September 30, 2012, the Department of Revenue’s Carlton Building and Imaging Center locations.

3. By December 31, 2012, the Department of Health’s Test and Development Lab and all remaining data center resources located at the Capital Circle Office Complex.

(f) During the 2012-2013 fiscal year, the following shall be consolidated into the Northwood Shared Resource Center:

1. By July 1, 2012, the Agency for Health Care Administration.

2. By December 31, 2012, the Department of Environmental Protection’s Palmetto Commons.

3. By March 30, 2013, the Department of Law Enforcement’s headquarters location.

(g) During the 2013-2014 fiscal year, the following agencies shall work with the Agency for Enterprise Information Technology to begin preliminary planning for consolidation into a primary data center:

1. The Department of the Lottery’s headquarters location.

2. The Department of Legal Affairs.

3. The Fish and Wildlife Conservation Commission, except for the commission’s Fish and Wildlife Research Institute in St. Petersburg.

4. The Executive Office of the Governor.

5. The Department of Veterans’ Affairs.

6. The Department of Elderly Affairs.

7. The Department of Financial Services’ Hartman, Larson, and Fletcher Building Data Centers.

8. The Department of Agriculture and Consumer Services’ Agriculture Management Information Center in the Mayo Building and Division of Licensing.

(h) During the 2014-2015 fiscal year, the following agencies shall work with the Agency for Enterprise Information Technology to begin preliminary planning for consolidation into a primary data center:

1. The Department of Health’s Jacksonville Lab Data Center.

2. The Department of Transportation’s district offices, toll offices, and the District Materials Office.

3. The Department of Military Affairs’ Camp Blanding Joint Training Center in Starke.

4. The Department of Community Affairs’ Camp Blanding Emergency Operations Center in Starke.

5. The Department of Education’s Division of Blind Services disaster recovery site in Daytona Beach.

6. The Department of Education’s disaster recovery site at Santa Fe College.

7. The Department of the Lottery’s Disaster Recovery Backup Data Center in Orlando.

8. The Fish and Wildlife Conservation Commission’s Fish and Wildlife Research Institute in St. Petersburg.

9. The Department of Children and Family Services’ Suncoast Data Center in Tampa.

10. The Department of Children and Family Services’ Florida State Hospital in Chattahoochee.

(i) During the 2015-2016 fiscal year, all computing resources remaining within an agency nonprimary data center or computing facility shall be transferred to a primary data center for consolidation unless otherwise required to remain in the agency for specified financial, technical, or business reasons that must be justified in writing and approved by the Agency for Enterprise Information Technology. Such data centers, computing facilities, and resources must be identified by the Agency for Enterprise Information Technology by October 1, 2014.

(j) Any agency that is consolidating agency data centers into a primary data center must execute a new or update an existing service-level agreement within 60 days after the specified consolidation date, as required by s. 282.203, in order to specify the services and levels of service it is to receive from the primary data center as a result of the consolidation. If an agency is unable to execute a service-level agreement by that date, the agency shall submit a report to the Executive Office of the Governor and to the chairs of the legislative appropriations committees within 5 working days after that date which explains the specific issues preventing execution and describing its plan and schedule for resolving those issues.

(k) Beginning September 1, 2011, and every 6 months thereafter until data center consolidations are complete, the Agency for Enterprise Information Technology shall provide a status report on the implementation of the consolidations that must be completed during the fiscal year. The report shall be submitted to the Executive Office of the Governor and the chairs of the legislative appropriations committees. The report must, at a minimum, describe:

1. Whether the consolidation is on schedule, including progress on achieving the milestones necessary for successful and timely consolidation of scheduled agency data centers and computing facilities; and

2. The risks that may affect the progress or outcome of the consolidation and how these risks are being addressed, mitigated, or managed.

(l) Each agency identified in this subsection for consolidation into a primary data center shall submit a transition plan to the Agency for Enterprise Information Technology by September 1 of the fiscal year before the fiscal year in which the scheduled consolidation will occur. Transition plans shall be developed in consultation with the appropriate primary data centers and the Agency for Enterprise Information Technology, and must include:

1. An inventory of the agency data center’s resources being consolidated, including all hardware, software, staff, and contracted services, and the facility resources performing data center management and operations, security, backup and recovery, disaster recovery, system administration, database administration, system programming, job control, production control, print, storage, technical support, help desk, and managed services, but excluding application development;

2. A description of the level of services needed to meet the technical and operational requirements of the platforms being consolidated and an estimate of the primary data center’s cost for the provision of such services;

3. A description of resources for computing services proposed to remain in the department;

4. A timetable with significant milestones for the completion of the consolidation; and

5. The specific recurring and nonrecurring budget adjustments of budget resources by appropriation category into the appropriate data processing category pursuant to the legislative budget instructions in s. 216.023 necessary to support agency costs for the transfer.

(m) Each primary data center shall develop a transition plan for absorbing the transfer of agency data center resources based upon the timetables for transition as provided in this subsection. The plan shall be submitted to the Agency for Enterprise Information Technology, the Executive Office of the Governor, and the chairs of the legislative appropriations committees by September 30 of the fiscal year before the fiscal year in which the scheduled consolidations will occur. Each plan must include:

1. An estimate of the cost to provide data center services for each agency scheduled for consolidation;

2. A staffing plan that identifies the projected staffing needs and requirements based on the estimated workload identified in the agency transition plan;

3. The fiscal year adjustments to budget categories in order to absorb the transfer of agency data center resources pursuant to the legislative budget request instructions provided in s. 216.023;

4. An analysis of the cost effects resulting from the planned consolidations on existing agency customers; and

5. A description of any issues that must be resolved in order to accomplish as efficiently and effectively as possible all consolidations required during the fiscal year.

(n) The Agency for Enterprise Information Technology shall develop a comprehensive transition plan, which shall be submitted by October 15th of the fiscal year before the fiscal year in which the scheduled consolidations will occur to each primary data center, to the Executive Office of the Governor, and the chairs of the legislative appropriations committees. The transition plan shall be developed in consultation with agencies submitting agency transition plans and with the affected primary data centers. The comprehensive transition plan must include:

1. Recommendations for accomplishing the proposed transitions as efficiently and effectively as possible with minimal disruption to customer agency business processes;

2. Strategies to minimize risks associated with any of the proposed consolidations;

3. A compilation of the agency transition plans submitted by agencies scheduled for consolidation for the following fiscal year; and

4. Revisions to any budget adjustments provided in the agency or primary data center transition plans.

(o) Any agency data center scheduled for consolidation after the 2011-2012 fiscal year may consolidate into a primary data center before its scheduled date contingent upon the approval of the Agency for Enterprise Information Technology.

(5) AGENCY LIMITATIONS.—

(a) Unless authorized by the Legislature or as provided in paragraphs (b) and (c), a state agency may not:

1. Create a new computing facility or data center, or expand the capability to support additional computer equipment in an existing computing facility or nonprimary data center;

2. Spend funds before the agency’s scheduled consolidation into a primary data center to purchase or modify hardware or operations software that does not comply with hardware and software standards established by the Agency for Enterprise Information Technology pursuant to paragraph (2)(e) for the efficient consolidation of the agency data centers or computing facilities;

3. Transfer existing computer services to any data center other than a primary data center;

4. Terminate services with a primary data center or transfer services between primary data centers without giving written notice of intent to terminate or transfer services 180 days before such termination or transfer; or

5. Initiate a new computer service if it does not currently have an internal data center except with a primary data center.

(b) Exceptions to the limitations in subparagraphs (a)1., 2., 3., and 5. may be granted by the Agency for Enterprise Information Technology if there is insufficient capacity in a primary data center to absorb the workload associated with agency computing services, if expenditures are compatible with the scheduled consolidation and the standards established pursuant to paragraph (2)(e), or if the equipment or resources are needed to meet a critical agency business need that cannot be satisfied from surplus equipment or resources of the primary data center until the agency data center is consolidated.

1. A request for an exception must be submitted in writing to the Agency for Enterprise Information Technology. The agency must accept, accept with conditions, or deny the request within 60 days after receipt of the written request. The agency’s decision is not subject to chapter 120.

2. At a minimum, the agency may not approve a request unless it includes:

a. Documentation approved by the primary data center’s board of trustees which confirms that the center cannot meet the capacity requirements of the agency requesting the exception within the current fiscal year.

b. A description of the capacity requirements of the agency requesting the exception.

c. Documentation from the agency demonstrating why it is critical to the agency’s mission that the expansion or transfer must be completed within the fiscal year rather than when capacity is established at a primary data center.

(c) Exceptions to subparagraph (a)4. may be granted by the board of trustees of the primary data center if the termination or transfer of services can be absorbed within the current cost-allocation plan.

(d) Upon the termination of or transfer of agency computing services from the primary data center, the primary data center shall require information sufficient to determine compliance with this section. If a primary data center determines that an agency is in violation of this section, it shall report the violation to the Agency for Enterprise Information Technology.

(6) RULES.—The Agency for Enterprise Information Technology may adopt rules to administer this part relating to the state data center system including the primary data centers.

History.—s. 8, ch. 2008-116; s. 24, ch. 2009-21; s. 8, ch. 2009-80; s. 44, ch. 2010-5; s. 2, ch. 2010-148; s. 5, ch. 2011-50.

282.203 Primary data centers.—

(1) DATA CENTER DUTIES.—Each primary data center shall:

(a) Serve customer entities as an information-system utility.

(b) Cooperate with customer entities to offer, develop, and support the services and applications as defined and provided by the center’s board of trustees and customer entities.

(c) Comply with rules adopted by the Agency for Enterprise Information Technology, pursuant to this section, and coordinate with the agency in the consolidation of data centers.

(d) Provide transparent financial statements to customer entities, the center’s board of trustees, and the Agency for Enterprise Information Technology. The financial statements shall be provided as follows:

1. Annually, by July 30 for the current fiscal year and by December 1 for the subsequent fiscal year, the data center must provide the total annual budgeted costs by major expenditure category, including, but not limited to, salaries, expense, operating capital outlay, contracted services, or other personnel services, which directly relate to the provision of each service and which separately indicate the administrative overhead allocated to each service.

2. Annually, by July 30 for the current fiscal year and by December 1 for the subsequent fiscal year, the data center must provide total projected billings for each customer entity which are required to recover the costs of the data center.

3. Annually, by January 31, the data center must provide updates of the financial statements required under subparagraphs 1. and 2. for the current fiscal year.

4. By February 15, for proposed legislative budget increases, the data center must provide updates of the financial statements required under subparagraphs 1. and 2. for the subsequent fiscal year.

The financial information required under subparagraphs 1., 2., and 3. must be based on current law and current appropriations.

(e) Annually, by October 1, submit to the board of trustees cost-reduction proposals, including strategies and timetables for lowering customer entities’ costs without reducing the level of services.

(f) Maintain the performance of the facility, which includes ensuring proper data backup, data backup recovery, an effective disaster recovery plan, and appropriate security, power, cooling and fire suppression, and capacity.

(g) Develop a business continuity plan and conduct a live exercise of the plan at least annually. The plan must be approved by the board and the Agency for Enterprise Information Technology.

(h) Enter into a service-level agreement with each customer entity to provide services as defined and approved by the board. A service-level agreement may not have a term exceeding 3 years but may include an option to renew for up to 3 years contingent on approval by the board.

1. A service-level agreement, at a minimum, must:

a. Identify the parties and their roles, duties, and responsibilities under the agreement;

b. Identify the legal authority under which the service-level agreement was negotiated and entered into by the parties;

c. State the duration of the contractual term and specify the conditions for contract renewal;

d. Prohibit the transfer of computing services between primary data center facilities without at least 180 days’ notice of service cancellation;

e. Identify the scope of work;

f. Identify the products or services to be delivered with sufficient specificity to permit an external financial or performance audit;

g. Establish the services to be provided, the business standards that must be met for each service, the cost of each service, and the process by which the business standards for each service are to be objectively measured and reported;

h. Identify applicable funds and funding streams for the services or products under contract;

i. Provide a timely billing methodology for recovering the cost of services provided to the customer entity;

j. Provide a procedure for modifying the service-level agreement to address changes in projected costs of service;

k. Provide that a service-level agreement may be terminated by either party for cause only after giving the other party and the Agency for Enterprise Information Technology notice in writing of the cause for termination and an opportunity for the other party to resolve the identified cause within a reasonable period; and

l. Provide for mediation of disputes by the Division of Administrative Hearings pursuant to s. 120.573.

2. A service-level agreement may include:

a. A dispute resolution mechanism, including alternatives to administrative or judicial proceedings;

b. The setting of a surety or performance bond for service-level agreements entered into with agency primary data centers established by law; or

c. Additional terms and conditions as determined advisable by the parties if such additional terms and conditions do not conflict with the requirements of this section or rules adopted by the Agency for Enterprise Information Technology.

3. The failure to execute a service-level agreement within 60 days after service commencement shall, in the case of an existing customer entity, result in a continuation of the terms of the service-level agreement from the prior fiscal year, including any amendments that were formally proposed to the customer entity by the primary data center within the 3 months before service commencement, and a revised cost-of-service estimate. If a new customer entity fails to execute an agreement within 60 days after service commencement, the data center may cease services.

(i) Plan, design, establish pilot projects for, and conduct experiments with information technology resources, and implement enhancements in services if such implementation is cost-effective and approved by the board.

(j) Enter into a memorandum of understanding with the agency where the data center is administratively located if the data center requires the agency to provide any administrative services to the data center and the cost of such services.

(k) Be the custodian of resources and equipment that are located, operated, supported, and managed by the center for the purposes of chapter 273.

(l) Assume administrative access rights to the resources and equipment, such as servers, network components, and other devices that are consolidated into the primary data center.

1. Upon the date of each consolidation specified in s. 282.201, the General Appropriations Act, or the Laws of Florida, each agency shall relinquish all administrative access rights to such resources and equipment.

2. Each primary data center shall provide its customer agencies with the appropriate level of access to applications, servers, network components, and other devices necessary for agencies to perform their core business activities and functions.

(2) BOARD OF TRUSTEES.—Each primary data center shall be headed by a board of trustees as defined in s. 20.03.

(a) The members of the board shall be appointed by the agency head or chief executive officer of the representative customer entities of the primary data center and serve at the pleasure of the appointing customer entity. Each agency head or chief executive officer may appoint an alternate member for each board member appointed pursuant to this subsection.

1. During the first fiscal year that a state agency is to consolidate its data center operations to a primary data center and for the following full fiscal year, the agency shall have a single trustee having one vote on the board of the state primary data center where it is to consolidate, unless it is entitled in the second year to a greater number of votes as provided in subparagraph 3.

2. Board membership shall be as provided in subparagraph 3. based on the most recent estimate of customer entity usage rates for the prior year and a projection of usage rates for the first 9 months of the next fiscal year. Such calculation must be completed before the annual budget meeting held before the beginning of the next fiscal year so that any decision to add or remove board members can be voted on at the budget meeting and become effective on July 1 of the subsequent fiscal year.

3. Each customer entity that has a projected usage rate of 4 percent or greater during the fiscal operating year of the primary data center shall have one trustee on the board.

4. The total number of votes for each trustee shall be apportioned as follows:

a. Customer entities of a primary data center whose usage rate represents 4 but less than 15 percent of total usage shall have one vote.

b. Customer entities of a primary data center whose usage rate represents 15 but less than 30 percent of total usage shall have two votes.

c. Customer entities of a primary data center whose usage rate represents 30 but less than 50 percent of total usage shall have three votes.

d. A customer entity of a primary data center whose usage rate represents 50 percent or more of total usage shall have four votes.

e. A single trustee having one vote shall represent those customer entities that represent less than 4 percent of the total usage. The trustee shall be selected by a process determined by the board.

(b) Before July 1 of each year, each board of trustees of a primary data center shall elect a chair and a vice chair to a term of 1 year or until a successor is elected. The vice chair shall serve in the absence of the chair. The chair may be elected to serve one additional successive term.

(c) Members of the board representing customer entities who fail to timely pay for data center services do not have voting rights.

(d) A majority of the members constitutes a quorum. The board shall take action by a majority vote of the members if a quorum is present. If there is a tie, the chair shall be on the prevailing side.

(e) The executive director of the Agency for Enterprise Information Technology shall be the advisor to the board.

(f) To facilitate planned data center consolidations, board membership may be adjusted as provided in the General Appropriations Act.

(3) BOARD DUTIES.—Each board of trustees of a primary data center shall:

(a) Employ an executive director, pursuant to s. 20.05, who serves at the pleasure of the board. The executive director is responsible for the daily operation of the primary data center, ensuring compliance with all laws and rules regulating the primary data center, managing primary data center employees, and the performance of the primary data center. The board shall establish an annual performance evaluation process for the executive director. The appointment of the executive director must be reconfirmed by the board biennially.

(b) Establish procedures for the primary data center to ensure that budgeting and accounting procedures, cost-recovery methodologies, and operating procedures are in compliance with laws governing the state data center system, rules adopted by the Agency for Enterprise Information Technology, and applicable federal regulations, including 2 C.F.R. part 225 and 45 C.F.R.

(c) Monitor the operation of the primary data center to ensure compliance by the executive director and employees with laws and rules governing the primary data center, and ensure that staff members are accountable for the performance of the primary data center.

(d) Provide each customer entity with full disclosure concerning plans for new, additional, or reduced service requirements, including expected achievable service levels and performance metrics.

(e) Ensure the sufficiency and transparency of the primary data center financial information by:

1. Establishing policies that ensure that cost-recovery methodologies, billings, receivables, expenditure, budgeting, and accounting data are captured and reported timely, consistently, accurately, and transparently and, upon adoption of rules by the Agency for Enterprise Information Technology, are in compliance with such rules.

2. Requiring execution of service-level agreements by the data center and each customer entity for services provided by the data center to the customer entity.

3. Requiring cost recovery for the full cost of services, including direct and indirect costs. The cost-recovery methodology must ensure that no service is subsidizing another service without an affirmative vote of approval by the customer entity providing the subsidy.

4. Establishing special assessments to fund expansions based on a methodology that apportions the assessment according to the proportional benefit to each customer entity.

5. Providing rebates to customer entities when revenues exceed costs and offsetting charges to those who have subsidized other customer entity costs based on actual prior year final expenditures. Rebates may be credited against future billings.

6. Approving all expenditures committing over $50,000 in a fiscal year.

7. Projecting costs and revenues at the beginning of the third quarter of each fiscal year through the end of the fiscal year. If in any given fiscal year the primary data center is projected to earn revenues that are below costs for that fiscal year after first reducing operating costs where possible, the board shall implement any combination of the following remedies to cover the shortfall:

a. The board may direct the primary data center to adjust current year chargeback rates through the end of the fiscal year to cover the shortfall. The rate adjustments shall be implemented using actual usage rate and billing data from the first three quarters of the fiscal year and the same principles used to set rates for the fiscal year.

b. The board may direct the primary data center to levy one-time charges on all customer entities to cover the shortfall. The one-time charges shall be implemented using actual usage rate and billing data from the first three quarters of the fiscal year and the same principles used to set rates for the fiscal year.

c. The customer entities represented by each board member may provide payments to cover the shortfall in proportion to the amounts each entity paid in the prior fiscal year.

(f) Meet as often as necessary, but not less than once per quarter, and hold the annual budget meeting between April 1 and June 30 of each year.

(g) Approve the portfolio of services offered by the data center.

(h) By July 1 of each year, submit to the Agency for Enterprise Information Technology proposed cost-recovery mechanisms and rate structures for all customer entities for the fiscal year including the cost-allocation methodology for administrative expenditures and the calculation of administrative expenditures as a percent of total costs.

(i) Consider energy-efficient products and their total cost of ownership when replacing, upgrading, or expanding:

1. Data center facilities, including, but not limited to, environmental, power, and control systems; and

2. Data center network, storage, and computer equipment. If the total cost of ownership, including initial acquisition cost, is estimated to be equal to or lower than existing infrastructure, technical specifications for energy-efficient products should be incorporated into the replacement, upgrade, or expansion planning and acquisition process.

(j) Maintain the capabilities of the primary data center’s facilities. Maintenance responsibilities include, but are not limited to, ensuring that adequate conditioned floor space, fire suppression, cooling, and power is in place; replacing aging equipment when necessary; and making decisions related to data center expansion and renovation, periodic upgrades, and improvements that are required to ensure the ongoing suitability of the facility as an enterprise data center consolidation site in the state data center system. To the extent possible, the board shall ensure that its approved annual cost-allocation plan recovers sufficient funds from its customers to provide for these needs.

(k) Coordinate with other primary data centers and the Agency for Enterprise Information Technology in order to consolidate purchases of goods and services and lower the cost of providing services to customer entities.

(l) Contract with other primary data centers for the provision of administrative services or with the agency within which the primary data center is housed, whichever is most cost-effective.

History.—s. 9, ch. 2008-116; s. 9, ch. 2009-80; s. 3, ch. 2010-148; s. 6, ch. 2011-50.

282.204 Northwood Shared Resource Center.—The Northwood Shared Resource Center is an agency established within the Department of Management Services for administrative purposes only.

(1) The center is a primary data center and is a separate budget entity that is not subject to control, supervision, or direction of the department in any manner, including, but not limited to, purchasing, transactions involving real or personal property, personnel, or budgetary matters.

(2) The center shall be headed by a board of trustees as provided in s. 282.203, who shall comply with all requirements of that section related to the operation of the center and with the rules of the Agency for Enterprise Information Technology related to the design and delivery of enterprise information technology services.

History.—s. 10, ch. 2008-116; s. 10, ch. 2009-80; s. 45, ch. 2010-5; s. 4, ch. 2010-148; s. 7, ch. 2011-50.

282.205 Southwood Shared Resource Center.—The Southwood Shared Resource Center is an agency established within the department for administrative purposes only.

(1) The center is designated as a primary data center and shall be a separate budget entity that is not subject to control, supervision, or direction of the department in any manner, including, but not limited to, purchasing, transactions involving real or personal property, personnel, or budgetary matters.

History.—s. 11, ch. 2008-116; s. 11, ch. 2009-80.

282.318 Enterprise security of data and information technology.—

(1) This section may be cited as the “Enterprise Security of Data and Information Technology Act.”

(2) Information technology security is established as an enterprise information technology service as defined in s. 282.0041.

(3) The Agency for Enterprise Information Technology is responsible for establishing rules and publishing guidelines for ensuring an appropriate level of security for all data and information technology resources for executive branch agencies. The agency shall also perform the following duties and responsibilities:

(a) Develop, and annually update by February 1, an enterprise information security strategic plan that includes security goals and objectives for the strategic issues of information security policy, risk management, training, incident management, and survivability planning.

(b) Develop enterprise security rules and published guidelines for:

1. Comprehensive risk analyses and information security audits conducted by state agencies.

2. Responding to suspected or confirmed information security incidents, including suspected or confirmed breaches of personal information or exempt data.

3. Agency security plans, including strategic security plans and security program plans.

4. The recovery of information technology and data following a disaster.

5. The managerial, operational, and technical safeguards for protecting state government data and information technology resources.

(d) Pursue appropriate funding for the purpose of enhancing domestic security.

(e) Provide training for agency information security managers.

(f) Annually review the strategic and operational information security plans of executive branch agencies.

(4) To assist the Agency for Enterprise Information Technology in carrying out its responsibilities, each agency head shall, at a minimum:

(a) Designate an information security manager to administer the security program of the agency for its data and information technology resources. This designation must be provided annually in writing to the Agency for Enterprise Information Technology by January 1.

(b) Submit to the Agency for Enterprise Information Technology annually by July 31, the agency’s strategic and operational information security plans developed pursuant to the rules and guidelines established by the Agency for Enterprise Information Technology.

1. The agency strategic information security plan must cover a 3-year period and define security goals, intermediate objectives, and projected agency costs for the strategic issues of agency information security policy, risk management, security training, security incident response, and survivability. The plan must be based on the enterprise strategic information security plan created by the Agency for Enterprise Information Technology. Additional issues may be included.

2. The agency operational information security plan must include a progress report for the prior operational information security plan and a project plan that includes activities, timelines, and deliverables for security objectives that, subject to current resources, the agency will implement during the current fiscal year. The cost of implementing the portions of the plan which cannot be funded from current resources must be identified in the plan.

(c) Conduct, and update every 3 years, a comprehensive risk analysis to determine the security threats to the data, information, and information technology resources of the agency. The risk analysis information is confidential and exempt from the provisions of s. 119.07(1), except that such information shall be available to the Auditor General and the Agency for Enterprise Information Technology for performing postauditing duties.

(d) Develop, and periodically update, written internal policies and procedures, which include procedures for notifying the Agency for Enterprise Information Technology when a suspected or confirmed breach, or an information security incident, occurs. Such policies and procedures must be consistent with the rules and guidelines established by the Agency for Enterprise Information Technology to ensure the security of the data, information, and information technology resources of the agency. The internal policies and procedures that, if disclosed, could facilitate the unauthorized modification, disclosure, or destruction of data or information technology resources are confidential information and exempt from s. 119.07(1), except that such information shall be available to the Auditor General and the Agency for Enterprise Information Technology for performing postauditing duties.

(e) Implement appropriate cost-effective safeguards to address identified risks to the data, information, and information technology resources of the agency.

(f) Ensure that periodic internal audits and evaluations of the agency’s security program for the data, information, and information technology resources of the agency are conducted. The results of such audits and evaluations are confidential information and exempt from s. 119.07(1), except that such information shall be available to the Auditor General and the Agency for Enterprise Information Technology for performing postauditing duties.

(g) Include appropriate security requirements in the written specifications for the solicitation of information technology and information technology resources and services, which are consistent with the rules and guidelines established by the Agency for Enterprise Information Technology.

(h) Provide security awareness training to employees and users of the agency’s communication and information resources concerning information security risks and the responsibility of employees and users to comply with policies, standards, guidelines, and operating procedures adopted by the agency to reduce those risks.

(i) Develop a process for detecting, reporting, and responding to suspected or confirmed security incidents, including suspected or confirmed breaches consistent with the security rules and guidelines established by the Agency for Enterprise Information Technology.

1. Suspected or confirmed information security incidents and breaches must be immediately reported to the Agency for Enterprise Information Technology.

2. For incidents involving breaches, agencies shall provide notice in accordance with s. 817.5681 and to the Agency for Enterprise Information Technology in accordance with this subsection.

(5) Each state agency shall include appropriate security requirements in the specifications for the solicitation of contracts for procuring information technology or information technology resources or services which are consistent with the rules and guidelines established by the Agency for Enterprise Information Technology.

(6) The Agency for Enterprise Information Technology may adopt rules relating to information security and to administer the provisions of this section.

History.—ss. 1, 2, 3, ch. 84-236; s. 28, ch. 87-137; s. 1, ch. 89-14; s. 7, ch. 90-160; s. 13, ch. 91-171; s. 234, ch. 92-279; s. 55, ch. 92-326; s. 22, ch. 94-340; s. 863, ch. 95-148; s. 131, ch. 96-406; s. 15, ch. 97-286; s. 25, ch. 2000-164; s. 26, ch. 2001-261; s. 18, ch. 2006-26; s. 10, ch. 2007-105; s. 12, ch. 2009-80; s. 46, ch. 2010-5; s. 9, ch. 2011-50.

282.33 Objective standards for data center energy efficiency.—

(1) By July 1, 2009, the Agency for Enterprise Information Technology shall define objective standards for:

(a) Measuring data center energy consumption and efficiency, including, but not limited to, airflow and cooling, power consumption and distribution, and environmental control systems in a data center facility.

(b) Calculating total cost of ownership of energy-efficient information technology products, including initial purchase, installation, ongoing operation and maintenance, and disposal costs over the life cycle of the product.

(2) State shared resource data centers and other data centers that the Agency for Enterprise Information Technology has determined will be recipients for consolidating data centers, which are designated by the Agency for Enterprise Information Technology, shall evaluate their data center facilities for energy efficiency using the standards established in this section.

(a) Results of these evaluations shall be reported to the Agency for Enterprise Information Technology, the President of the Senate, and the Speaker of the House of Representatives. Reports shall enable the tracking of energy performance over time and comparisons between facilities.

(b) Beginning December 31, 2010, and every 3 years thereafter, the Agency for Enterprise Information Technology shall submit to the Legislature recommendations for reducing energy consumption and improving the energy efficiency of state primary data centers.

(3) If the total cost of ownership of an energy-efficient product is less than or equal to the cost of the existing data center facility or infrastructure, technical specifications for energy-efficient products should be incorporated in the plans and processes for replacing, upgrading, or expanding data center facilities or infrastructure, including, but not limited to, network, storage, or computer equipment and software.

History.—s. 111, ch. 2008-227; s. 13, ch. 2009-80; s. 10, ch. 2011-50.

¹282.34 Statewide e-mail service.—A statewide e-mail service that includes the delivery and support of e-mail, messaging, and calendaring capabilities is established as an enterprise information technology service as defined in s. 282.0041. The service shall be designed to meet the needs of all executive branch agencies and may also be used by nonstate agency entities. The primary goals of the service are to minimize the state investment required to establish, operate, and support the statewide service; reduce the cost of current e-mail operations and the number of duplicative e-mail systems; and eliminate the need for each state agency to maintain its own e-mail staff.

(1) The Southwood Shared Resource Center, a primary data center, shall be the provider of the statewide e-mail service for all state agencies. The center shall centrally host, manage, operate, and support the service, or outsource the hosting, management, operational, or support components of the service in order to achieve the primary goals identified in this section.

(2) The Agency for Enterprise Information Technology, in cooperation and consultation with all state agencies, shall prepare and submit for approval by the Legislative Budget Commission at a meeting scheduled before June 30, 2011, a proposed plan for the migration of all state agencies to the statewide e-mail service. The plan for migration must include:

(a) A cost-benefit analysis that compares the total recurring and nonrecurring operating costs of the current agency e-mail systems, including monthly mailbox costs, staffing, licensing and maintenance costs, hardware, and other related e-mail product and service costs to the costs associated with the proposed statewide e-mail service. The analysis must also include:

1. A comparison of the estimated total 7-year life-cycle cost of the current agency e-mail systems versus the feasibility of funding the migration and operation of the statewide e-mail service.

2. An estimate of recurring costs associated with the energy consumption of current agency e-mail equipment, and the basis for the estimate.

3. An identification of the overall cost savings resulting from state agencies migrating to the statewide e-mail service and decommissioning their agency e-mail systems.

(b) A proposed migration date for all state agencies to be migrated to the statewide e-mail service. The Agency for Enterprise Information Technology shall work with the Executive Office of the Governor to develop the schedule for migrating all state agencies to the statewide e-mail service except for the Department of Legal Affairs. The Department of Legal Affairs shall provide to the Agency for Enterprise Information Technology by June 1, 2011, a proposed migration date based upon its decision to participate in the statewide e-mail service and the identification of any issues that require resolution in order to migrate to the statewide e-mail service.

(c) A budget amendment, submitted pursuant to chapter 216, for adjustments to each agency’s approved operating budget necessary to transfer sufficient budget resources into the appropriate data processing category to support its statewide e-mail service costs.

(d) A budget amendment, submitted pursuant to chapter 216, for adjustments to the Southwood Shared Resource Center approved operating budget to include adjustments in the number of authorized positions, salary budget and associated rate, necessary to implement the statewide e-mail service.

(3) Contingent upon approval by the Legislative Budget Commission, the Southwood Shared Resource Center may contract for the provision of a statewide e-mail service. Executive branch agencies must be completely migrated to the statewide e-mail service based upon the migration date included in the proposed plan approved by the Legislative Budget Commission.

(4) Notwithstanding chapter 216, general revenue funds may be increased or decreased for each agency provided the net change to general revenue in total for all agencies is zero or less.

(5) Subsequent to the approval of the consolidated budget amendment to reflect budget adjustments necessary to migrate to the statewide e-mail service, an agency may make adjustments subject to s. 216.177, notwithstanding provisions in chapter 216 which may require such adjustments to be approved by the Legislative Budget Commission.

(6) No agency may initiate a new e-mail service or execute a new e-mail contract or amend a current e-mail contract, other than with the Southwood Shared Resource Center, for nonessential products or services unless the Legislative Budget Commission denies approval for the Southwood Shared Resource Center to enter into a contract for the statewide e-mail service.

(7) The Agency for Enterprise Information Technology shall work with the Southwood Shared Resource Center to develop an implementation plan that identifies and describes the detailed processes and timelines for an agency’s migration to the statewide e-mail service based on the migration date approved by the Legislative Budget Commission. The agency may establish and coordinate workgroups consisting of agency e-mail management, information technology, budget, and administrative staff to assist the agency in the development of the plan.

(8) Each executive branch agency shall provide all information necessary to develop the implementation plan, including, but not limited to, required mailbox features and the number of mailboxes that will require migration services. Each agency must also identify any known business, operational, or technical plans, limitations, or constraints that should be considered when developing the plan.

History.—s. 14, ch. 2009-80; s. 6, ch. 2010-148; s. 11, ch. 2011-50; s. 124, ch. 2011-142.

¹Note.—Section 14, ch. 2011-50, provides that “[t]he Agency for Enterprise Information Technology, in coordination with the Southwood Shared Resource Center, shall provide a written status report to the Executive Office of the Governor and to the chairs of the legislative appropriations committees detailing the progress made by the agencies required to migrate to the statewide e-mail service by the required migration date. The status report must be provided every 6 months, beginning September 1, 2011, until implementation is complete.”

PART II

ACCESSIBILITY OF INFORMATION
AND TECHNOLOGY

282.601 Accessibility of electronic information and information technology.

282.602 Definitions.

282.603 Access to electronic and information technology for persons with disabilities; undue burden; limitations.

282.604 Adoption of rules.

282.605 Exceptions.

282.606 Intent.

282.601 Accessibility of electronic information and information technology.—

(1) In order to improve the accessibility of electronic information and information technology and increase the successful education, employment, access to governmental information and services, and involvement in community life, the executive, legislative, and judicial branches of state government shall, when developing, competitively procuring, maintaining, or using electronic information or information technology acquired on or after July 1, 2006, ensure that state employees with disabilities have access to and are provided with information and data comparable to the access and use by state employees who are not individuals with disabilities, unless an undue burden would be imposed on the agency.

(2) Individuals with disabilities who are members of the public seeking information or services from state agencies that are subject to this part shall be provided with access to and use of information and data comparable to that provided to the public who are not individuals with disabilities, unless an undue burden would be imposed on the agency.

History.—s. 73, ch. 2006-227.

282.602 Definitions.—As used in this part, the term:

(1) “Accessible electronic information and information technology” means electronic information and information technology that conforms to the standards for accessible electronic information and information technology as set forth by s. 508 of the Rehabilitation Act of 1973, as amended, and 29 U.S.C. s. 794(d), including the regulations set forth under 36 C.F.R. part 1194.

(2) “Alternate methods” means a different means of providing information to people with disabilities, including product documentation. The term includes, but is not limited to, voice, facsimile, relay service, TTY, Internet posting, captioning, text-to-speech synthesis, and audio description.

(3) “Electronic information and information technology” includes information technology and any equipment or interconnected system or subsystem of equipment that is used in creating, converting, or duplicating data or information. The term includes, but is not limited to, telecommunications products such as telephones, information kiosks and transaction machines, Internet websites, multimedia systems, and office equipment such as copiers and facsimile machines. The term does not include any equipment that contains embedded information technology that is an integral part of the product if the principal function of the technology is not the acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information.

(4) “Information technology” means any equipment or interconnected system or subsystem of equipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. The term includes computers, ancillary equipment, software, firmware and similar procedures, services, and support services, and related resources.

(5) “Undue burden” means significant difficulty or expense. In determining whether an action would result in an undue burden, a state agency shall consider all agency resources that are available to the program or component for which the product is being developed, procured, maintained, or used.

(6) “State agency” means any agency of the executive, legislative, or judicial branch of state government.

History.—s. 73, ch. 2006-227.

282.603 Access to electronic and information technology for persons with disabilities; undue burden; limitations.—

(1) Each state agency shall develop, procure, maintain, and use accessible electronic information and information technology acquired on or after July 1, 2006, that conforms to the applicable provisions set forth by s. 508 of the Rehabilitation Act of 1973, as amended, and 29 U.S.C. s. 794(d), including the regulations set forth under 36 C.F.R. part 1194, except when compliance with this section imposes an undue burden; however, in such instance, a state agency must provide individuals with disabilities with the information and data involved by an alternative method of access that allows the individual to use the information and data.

(2) This section does not require a state agency to install specific accessibility-related software or attach an assistive technology device at a work station of a state employee who is not an individual with a disability.

(3) This section does not require a state agency, when providing the public with access to information or data through electronic information technology, to make products owned by the state agency available for access and use by individuals with disabilities at a location other than the location at which the electronic information and information technology are normally provided to the public. This section does not require a state agency to purchase products for access and use by individuals with disabilities at a location other than at the location where the electronic information and information technology are normally provided to the public.

History.—s. 73, ch. 2006-227.

282.604 Adoption of rules.—The Department of Management Services shall, with input from stakeholders, adopt rules pursuant to ss. 120.536(1) and 120.54 for the development, procurement, maintenance, and use of accessible electronic information technology by governmental units.

History.—s. 73, ch. 2006-227.

282.605 Exceptions.—

(1) This part does not apply to electronic information and information technology of the Department of Military Affairs or the Florida National Guard if the function, operation, or use of the information or technology involves intelligence activities or cryptologic activities related to national security, the command and control of military forces, equipment that is an integral part of a weapon or weapons system, or systems that are critical to the direct fulfillment of military or intelligence missions. Systems that are critical to the direct fulfillment of military or intelligence missions do not include a system that is used for routine administrative and business applications, including, but not limited to, payroll, finance, logistics, and personnel management applications.

(2) This part does not apply to electronic information and information technology of a state agency if the function, operation, or use of the information or technology involves criminal intelligence activities. Such activities do not include information or technology that is used for routine administrative and business applications, including, but not limited to, payroll, finance, logistics, and personnel management applications.

(3) This part does not apply to electronic information and information technology that is acquired by a contractor and that is incidental to the contract.

(4) This part applies to competitive solicitations issued or new systems developed by a state agency on or after July 1, 2006.

History.—s. 73, ch. 2006-227.

282.606 Intent.—It is the intent of the Legislature that, in construing this part, due consideration and great weight be given to the interpretations of the federal courts relating to comparable provisions of s. 508 of the Rehabilitation Act of 1973, as amended, and 29 U.S.C. s. 794(d), including the regulations set forth under 36 C.F.R. part 1194, as of July 1, 2006.

History.—s. 73, ch. 2006-227.

PART III

COMMUNICATION INFORMATION
TECHNOLOGY SERVICES

282.701 Short title.

282.702 Powers and duties.

282.703 SUNCOM Network; exemptions from the required use.

282.704 Use of state SUNCOM Network by municipalities.

282.705 Use of state SUNCOM Network by nonprofit corporations.

282.706 Use of SUNCOM Network by libraries.

282.707 SUNCOM Network; criteria for usage.

282.708 Emergency assumption of control.

282.709 State agency law enforcement radio system and interoperability network.

282.7101 Statewide system of regional law enforcement communications.

282.711 Remote electronic access services.

282.701 Short title.—This part may be cited as the “Communication Information Technology Services Act.”

History.—s. 16, ch. 2009-80.

282.702 Powers and duties.—The Department of Management Services shall have the following powers, duties, and functions:

(1) To publish electronically the portfolio of services available from the department, including pricing information; the policies and procedures governing usage of available services; and a forecast of the department’s priorities for each telecommunications service.

(2) To adopt technical standards by rule for the state telecommunications network which ensure the interconnection and operational security of computer networks, telecommunications, and information systems of agencies.

(3) To enter into agreements related to information technology and telecommunications services with state agencies and political subdivisions of the state.

(4) To purchase from or contract with information technology providers for information technology, including private line services.

(5) To apply for, receive, and hold authorizations, patents, copyrights, trademarks, service marks, licenses, and allocations or channels and frequencies to carry out the purposes of this part.

(6) To purchase, lease, or otherwise acquire and to hold, sell, transfer, license, or otherwise dispose of real, personal, and intellectual property, including, but not limited to, patents, trademarks, copyrights, and service marks.

(7) To cooperate with any federal, state, or local emergency management agency in providing for emergency telecommunications services.

(8) To control and approve the purchase, lease, or acquisition and the use of telecommunications services, software, circuits, and equipment provided as part of any other total telecommunications system to be used by the state or its agencies.

(9) To adopt rules pursuant to ss. 120.536(1) and 120.54 relating to telecommunications and to administer the provisions of this part.

(10) To apply for and accept federal funds for the purposes of this part as well as gifts and donations from individuals, foundations, and private organizations.

(11) To monitor issues relating to telecommunications facilities and services before the Florida Public Service Commission and the Federal Communications Commission and, if necessary, prepare position papers, prepare testimony, appear as a witness, and retain witnesses on behalf of state agencies in proceedings before the commissions.

(12) Unless delegated to the agencies by the department, to manage and control, but not intercept or interpret, telecommunications within the SUNCOM Network by:

(a) Establishing technical standards to physically interface with the SUNCOM Network.

(b) Specifying how telecommunications are transmitted within the SUNCOM Network.

(d) Establishing standards, policies, and procedures for access to and the security of the SUNCOM Network.

(e) Ensuring orderly and reliable telecommunications services in accordance with the service level agreements executed with state agencies.

(13) To plan, design, and conduct experiments for telecommunications services, equipment, and technologies, and to implement enhancements in the state telecommunications network if in the public interest and cost-effective. Funding for such experiments must be derived from SUNCOM Network service revenues and may not exceed 2 percent of the annual budget for the SUNCOM Network for any fiscal year or as provided in the General Appropriations Act. New services offered as a result of this subsection may not affect existing rates for facilities or services.

(14) To enter into contracts or agreements, with or without competitive bidding or procurement, to make available, on a fair, reasonable, and nondiscriminatory basis, property and other structures under departmental control for the placement of new facilities by any wireless provider of mobile service as defined in 47 U.S.C. s. 153(27) or s. 332(d) and any telecommunications company as defined in s. 364.02 if it is practical and feasible to make such property or other structures available. The department may, without adopting a rule, charge a just, reasonable, and nondiscriminatory fee for the placement of the facilities, payable annually, based on the fair market value of space used by comparable telecommunications facilities in the state. The department and a wireless provider or telecommunications company may negotiate the reduction or elimination of a fee in consideration of services provided to the department by the wireless provider or telecommunications company. All such fees collected by the department shall be deposited directly into the Law Enforcement Radio Operating Trust Fund, and may be used by the department to construct, maintain, or support the system.

(15) Establish policies that ensure that the department’s cost-recovery methodologies, billings, receivables, expenditures, budgeting, and accounting data are captured and reported timely, consistently, accurately, and transparently and are in compliance with all applicable federal and state laws and rules. The department shall annually submit to the Governor, the President of the Senate, and the Speaker of the House of Representatives a report that describes each service and its cost, the billing methodology for recovering the cost of the service, and, if applicable, the identity of those services that are subsidized.

History.—s. 22, ch. 69-106; s. 1, ch. 70-327; s. 36, ch. 83-334; s. 11, ch. 87-137; s. 220, ch. 92-279; s. 55, ch. 92-326; s. 16, ch. 95-143; s. 1, ch. 96-357; s. 9, ch. 96-390; s. 11, ch. 97-286; s. 65, ch. 98-279; s. 5, ch. 2000-164; s. 11, ch. 2001-261; s. 36, ch. 2002-1; s. 18, ch. 2007-105; s. 17, ch. 2009-80; s. 48, ch. 2010-5; s. 10, ch. 2010-148.

Note.—Former s. 287.25; s. 282.102.

282.703 SUNCOM Network; exemptions from the required use.—

(1) The SUNCOM Network is established within the department as the state enterprise telecommunications system for providing local and long-distance communications services to state agencies, political subdivisions of the state, municipalities, and nonprofit corporations pursuant to this part. The SUNCOM Network shall be developed to transmit all types of telecommunications signals, including, but not limited to, voice, data, video, image, and radio. State agencies shall cooperate and assist in the development and joint use of telecommunications systems and services.

(2) The department shall design, engineer, implement, manage, and operate through state ownership, commercial leasing, contracted services, or some combination thereof, the facilities, equipment, and contracts providing SUNCOM Network services, and shall develop a system of equitable billings and charges for telecommunications services.

(3) The department shall own, manage, and establish standards for the telecommunications addressing and numbering plans for the SUNCOM Network. This includes distributing or revoking numbers and addresses to authorized users of the network and delegating or revoking the delegation of management of subsidiary groups of numbers and addresses to authorized users of the network.

(4) The department shall maintain a directory of information and services which provides the names, phone numbers, and e-mail addresses for employees, agencies, and network devices that are served, in whole or in part, by the SUNCOM Network. State agencies and political subdivisions of the state shall cooperate with the department by providing timely and accurate directory information in the manner established by the department.

(5) All state agencies shall use the SUNCOM Network for agency telecommunications services as the services become available; however, an agency is not relieved of responsibility for maintaining telecommunications services necessary for effective management of its programs and functions. The department may provide such communications services to a state university if requested by the university.

(a) If a SUNCOM Network service does not meet the telecommunications requirements of an agency, the agency must notify the department in writing and detail the requirements for that service. If the department is unable to meet an agency’s requirements by enhancing SUNCOM Network service, the department may grant the agency an exemption from the required use of specified SUNCOM Network services.

(b) Unless an exemption has been granted by the department, effective October 1, 2010, all customers of a state primary data center, excluding state universities, must use the shared SUNCOM Network telecommunications services connecting the state primary data center to SUNCOM services for all telecommunications needs in accordance with department rules.

1. Upon discovery of customer noncompliance with this paragraph, the department shall provide the affected customer with a schedule for transferring to the shared telecommunications services provided by the SUNCOM Network and an estimate of all associated costs. The state primary data centers and their customers shall cooperate with the department to accomplish the transfer.

2. Customers may request an exemption from this paragraph in the same manner as authorized in paragraph (a).

(6) This section may not be construed to require a state university to use SUNCOM Network communication services.

History.—s. 22, ch. 69-106; s. 13, ch. 87-137; s. 3, ch. 91-171; s. 222, ch. 92-279; s. 55, ch. 92-326; s. 10, ch. 96-390; s. 66, ch. 98-279; s. 6, ch. 2000-164; s. 12, ch. 2001-261; s. 935, ch. 2002-387; s. 19, ch. 2007-105; s. 18, ch. 2009-80; s. 6, ch. 2010-78; s. 11, ch. 2010-148.

Note.—Former s. 287.27; s. 282.103.

282.704 Use of state SUNCOM Network by municipalities.—Any municipality may request the department to provide any or all of the SUNCOM Network’s portfolio of communications services upon such terms and conditions as the department may establish. The requesting municipality shall pay its share of installation and recurring costs according to the published rates for SUNCOM Network services and as invoiced by the department. Such municipality shall also pay for any requested modifications to existing SUNCOM Network services, if any charges apply.

History.—s. 3, ch. 82-56; s. 1, ch. 83-70; s. 14, ch. 87-137; s. 11, ch. 96-390; s. 67, ch. 98-279; s. 7, ch. 2000-164; s. 13, ch. 2001-261; s. 19, ch. 2009-80.

Note.—Former s. 287.251; s. 282.104.

282.705 Use of state SUNCOM Network by nonprofit corporations.—

(1) The department shall provide a means whereby private nonprofit corporations under contract with state agencies or political subdivisions of the state may use the state SUNCOM Network, subject to the limitations in this section. In order to qualify to use the state SUNCOM Network, a nonprofit corporation shall:

(a) Expend the majority of its total direct revenues for the provision of contractual services to the state, a municipality, or a political subdivision; and

(b) Receive only a small portion of its total revenues from any source other than a state agency, a municipality, or a political subdivision during the time SUNCOM Network services are requested.

(2) Each nonprofit corporation seeking authorization to use the state SUNCOM Network shall provide to the department, upon request, proof of compliance with subsection (1).

(3) Nonprofit corporations established pursuant to general law and an association of municipal governments which is wholly owned by the municipalities are eligible to use the state SUNCOM Network, subject to the terms and conditions of the department.

(4) Institutions qualified to participate in the William L. Boyd, IV, Florida Resident Access Grant Program pursuant to s. 1009.89 are eligible to use the state SUNCOM Network, subject to the terms and conditions of the department. Such entities are not required to satisfy the other criteria of this section.

(5) Private, nonprofit elementary and secondary schools are eligible for rates and services on the same basis as public schools if such schools do not have an endowment in excess of $50 million.

History.—s. 1, ch. 80-107; s. 2, ch. 82-56; s. 3, ch. 83-70; s. 15, ch. 87-137; s. 223, ch. 92-279; s. 55, ch. 92-326; s. 197, ch. 95-148; s. 12, ch. 96-390; s. 19, ch. 97-296; s. 68, ch. 98-279; s. 36, ch. 99-399; s. 8, ch. 2000-164; s. 14, ch. 2001-261; s. 936, ch. 2002-387; s. 20, ch. 2009-80.

Note.—Former s. 287.272; s. 282.105.

282.706 Use of SUNCOM Network by libraries.—The department may provide SUNCOM Network services to any library in the state, including libraries in public schools, community colleges, state universities, and nonprofit private postsecondary educational institutions, and libraries owned and operated by municipalities and political subdivisions. This section may not be construed to require a state university library to use SUNCOM Network services.

History.—s. 2, ch. 96-357; s. 9, ch. 2000-164; s. 15, ch. 2001-261; s. 937, ch. 2002-387; s. 21, ch. 2009-80; s. 7, ch. 2010-78.

Note.—Former s. 282.106.

282.707 SUNCOM Network; criteria for usage.—

(1) The department and customers served by the department shall periodically review the qualifications of subscribers using the state SUNCOM Network and terminate services provided to a facility not qualified under this part or rules adopted hereunder. In the event of nonpayment of invoices by subscribers whose SUNCOM Network invoices are paid from sources other than legislative appropriations, such nonpayment represents good and sufficient reason to terminate service.

(2) The department shall adopt rules for implementing and operating the state SUNCOM Network, which include procedures for withdrawing and restoring authorization to use the state SUNCOM Network. Such rules shall provide a minimum of 30 days’ notice to affected parties before terminating voice communications service.

(3) This section does not limit or restrict the ability of the Florida Public Service Commission to set jurisdictional tariffs of telecommunications companies.

History.—s. 1, ch. 82-56; s. 2, ch. 83-70; s. 16, ch. 87-137; s. 13, ch. 96-390; s. 33, ch. 2000-152; s. 10, ch. 2000-164; s. 20, ch. 2007-105; s. 22, ch. 2009-80; s. 12, ch. 2010-148.

Note.—Former s. 287.255; s. 282.107.

282.708 Emergency assumption of control.—In the event of an emergency, the Governor may direct emergency management assumption of control over all or part of the state communications system.

History.—s. 22, ch. 69-106; s. 37, ch. 83-334; s. 23, ch. 2009-80.

Note.—Former s. 287.28; s. 282.109.

282.709 State agency law enforcement radio system and interoperability network.—

(1) The department may acquire and administer a statewide radio communications system to serve law enforcement units of state agencies, and to serve local law enforcement agencies through mutual aid channels.

(a) The department shall, in conjunction with the Department of Law Enforcement and the Division of Emergency Management, establish policies, procedures, and standards to be incorporated into a comprehensive management plan for the use and operation of the statewide radio communications system.

(b) The department shall bear the overall responsibility for the design, engineering, acquisition, and implementation of the statewide radio communications system and for ensuring the proper operation and maintenance of all common system equipment.

(c)1. The department may rent or lease space on any tower under its control and refuse to lease space on any tower at any site.

2. The department may rent, lease, or sublease ground space as necessary to locate equipment to support antennae on the towers. The costs for the use of such space shall be established by the department for each site if it is determined to be practicable and feasible to make space available.

3. The department may rent, lease, or sublease ground space on lands acquired by the department for the construction of privately owned or publicly owned towers. The department may, as a part of such rental, lease, or sublease agreement, require space on such towers for antennae as necessary for the construction and operation of the state agency law enforcement radio system or any other state need.

4. All moneys collected by the department for rents, leases, and subleases under this subsection shall be deposited directly into the State Agency Law Enforcement Radio System Trust Fund established in subsection (3) and may be used by the department to construct, maintain, or support the system.

5. The positions necessary for the department to accomplish its duties under this subsection shall be established in the General Appropriations Act and funded by the Law Enforcement Radio Operating Trust Fund or other revenue sources.

(d) The department shall exercise its powers and duties under this part to plan, manage, and administer the mutual aid channels in the statewide radio communication system.

1. In implementing such powers and duties, the department shall consult and act in conjunction with the Department of Law Enforcement and the Division of Emergency Management, and shall manage and administer the mutual aid channels in a manner that reasonably addresses the needs and concerns of the involved law enforcement agencies and emergency response agencies and entities.

2. The department may make the mutual aid channels available to federal agencies, state agencies, and agencies of the political subdivisions of the state for the purpose of public safety and domestic security.

(e) The department may allow other state agencies to use the statewide radio communications system under terms and conditions established by the department.

(2) The Joint Task Force on State Agency Law Enforcement Communications is created adjunct to the department to advise the department of member-agency needs relating to the planning, designing, and establishment of the statewide communication system.

(a) The Joint Task Force on State Agency Law Enforcement Communications shall consist of eight members, as follows:

1. A representative of the Division of Alcoholic Beverages and Tobacco of the Department of Business and Professional Regulation who shall be appointed by the secretary of the department.

2. A representative of the Division of Florida Highway Patrol of the Department of Highway Safety and Motor Vehicles who shall be appointed by the executive director of the department.

3. A representative of the Department of Law Enforcement who shall be appointed by the executive director of the department.

4. A representative of the Fish and Wildlife Conservation Commission who shall be appointed by the executive director of the commission.

5. A representative of the Division of Law Enforcement of the Department of Environmental Protection who shall be appointed by the secretary of the department.

6. A representative of the Department of Corrections who shall be appointed by the secretary of the department.

7. A representative of the Division of State Fire Marshal of the Department of Financial Services who shall be appointed by the State Fire Marshal.

8. A representative of the Department of Transportation who shall be appointed by the secretary of the department.

(b) Each appointed member of the joint task force shall serve at the pleasure of the appointing official. Any vacancy on the joint task force shall be filled in the same manner as the original appointment. A joint task force member may, upon notification to the chair before the beginning of any scheduled meeting, appoint an alternative to represent the member on the task force and vote on task force business in his or her absence.

(c) The joint task force shall elect a chair from among its members to serve a 1-year term. A vacancy in the chair of the joint task force must be filled for the remainder of the unexpired term by an election of the joint task force members.

(d) The joint task force shall meet as necessary, but at least quarterly, at the call of the chair and at the time and place designated by him or her.

(e) The per diem and travel expenses incurred by a member of the joint task force in attending its meetings and in attending to its affairs shall be paid pursuant to s. 112.061, from funds budgeted to the state agency that the member represents.

(f) The department shall provide technical support to the joint task force.

¹(3)(a) The State Agency Law Enforcement Radio System Trust Fund is established in the department and funded from surcharges collected under ss. 318.18, 320.0802, and 328.72. Upon appropriation, moneys in the trust fund may be used by the department to acquire by competitive procurement the equipment, software, and engineering, administrative, and maintenance services it needs to construct, operate, and maintain the statewide radio system. Moneys in the trust fund from surcharges shall be used to help fund the costs of the system. Upon completion of the system, moneys in the trust fund may also be used by the department for payment of the recurring maintenance costs of the system.

(b) Funds from the State Agency Law Enforcement Radio System Trust Fund may be used by the department to fund mutual aid buildout maintenance and sustainment as appropriated by law. This paragraph expires July 1, 2012.

(4) The department may create and administer an interoperability network to enable interoperability between various radio communications technologies and to serve federal agencies, state agencies, and agencies of political subdivisions of the state for the purpose of public safety and domestic security.

(a) The department shall, in conjunction with the Department of Law Enforcement and the Division of Emergency Management, exercise its powers and duties pursuant to this chapter to plan, manage, and administer the interoperability network. The office may:

1. Enter into mutual aid agreements among federal agencies, state agencies, and political subdivisions of the state for the use of the interoperability network.

2. Establish the cost of maintenance and operation of the interoperability network and charge subscribing federal and local law enforcement agencies for access and use of the network. The department may not charge state law enforcement agencies identified in paragraph (2)(a) to use the network.

3. In consultation with the Department of Law Enforcement and the Division of Emergency Management, amend and enhance the statewide radio communications system as necessary to implement the interoperability network.

(b) The department, in consultation with the Joint Task Force on State Agency Law Enforcement Communications, and in conjunction with the Department of Law Enforcement and the Division of Emergency Management, shall establish policies, procedures, and standards to incorporate into a comprehensive management plan for the use and operation of the interoperability network.

History.—s. 1, ch. 88-144; s. 1, ch. 92-72; s. 224, ch. 92-279; s. 55, ch. 92-326; s. 30, ch. 94-218; s. 111, ch. 94-356; s. 860, ch. 95-148; s. 5, ch. 95-283; s. 1, ch. 96-312; s. 5, ch. 96-357; s. 10, ch. 96-388; s. 14, ch. 96-390; s. 6, ch. 98-251; s. 69, ch. 98-279; s. 81, ch. 99-245; s. 3, ch. 99-289; s. 37, ch. 99-399; s. 11, ch. 2000-164; s. 16, ch. 2001-261; s. 2, ch. 2003-153; s. 308, ch. 2003-261; s. 24, ch. 2009-80; s. 24, ch. 2011-47; s. 125, ch. 2011-142.

¹Note.—Section 24, ch. 2011-47, amended subsection (3), “[i]n order to implement Specific Appropriation 2701A of the 2011-2012 General Appropriation Act.”

Note.—Former s. 282.1095.

282.7101 Statewide system of regional law enforcement communications.—

(1) It is the intent and purpose of the Legislature that a statewide system of regional law enforcement communications be developed whereby maximum efficiency in the use of existing radio channels is achieved in order to deal more effectively with the apprehension of criminals and the prevention of crime. To this end, all law enforcement agencies within the state are directed to provide the department with any information the department requests for the purpose of implementing the provisions of subsection (2).

(2) The department is hereby authorized and directed to develop and maintain a statewide system of regional law enforcement communications. In formulating such a system, the department shall divide the state into appropriate regions and shall develop a program that includes, but is not limited to:

(a) The communications requirements for each county and municipality comprising the region.

(b) An interagency communications provision that depicts the communication interfaces between municipal, county, and state law enforcement entities operating within the region.

(c) A frequency allocation and use provision that includes, on an entity basis, each assigned and planned radio channel and the type of operation, simplex, duplex, or half-duplex, on each channel.

(3) The department shall adopt any necessary rules and regulations for administering and coordinating the statewide system of regional law enforcement communications.

(4) The secretary of the department or his or her designee is designated as the director of the statewide system of regional law enforcement communications and, for the purpose of carrying out the provisions of this section, may coordinate the activities of the system with other interested state agencies and local law enforcement agencies.

(5) A law enforcement communications system may not be established or expanded without the prior approval of the department.

(6) Within the limits of its capability, the Department of Law Enforcement is encouraged to lend assistance to the department in the development of the statewide system of regional law enforcement communications proposed by this section.

History.—ss. 1, 2, 3, 4, 5, 6, ch. 72-296; s. 1, ch. 77-174; s. 12, ch. 79-8; s. 225, ch. 92-279; s. 55, ch. 92-326; s. 11, ch. 96-388; s. 15, ch. 96-390; s. 7, ch. 98-251; s. 70, ch. 98-279; s. 42, ch. 99-399; s. 12, ch. 2000-164; s. 17, ch. 2001-261; s. 25, ch. 2009-80.

Note.—Former s. 287.29; s. 282.111.

282.711 Remote electronic access services.—The department may collect fees for providing remote electronic access pursuant to s. 119.07(2). The fees may be imposed on individual transactions or as a fixed subscription for a designated period of time. All fees collected under this section shall be deposited in the appropriate trust fund of the program or activity that made the remote electronic access available.

History.—s. 13, ch. 97-241; s. 14, ch. 2000-164; s. 19, ch. 2001-261; s. 37, ch. 2004-335; s. 26, ch. 2009-80.

Note.—Former s. 282.21.