cover
TO: Mayor and City Council
FROM: Richard J. Veenstra
Corporation Counsel
DATE: October 28, 2024
SUBJECT:
Agreements for obtaining data from other governmental entities
PURPOSE:
To authorize the execution of agreements with other governmental entities providing for access to the other entity's data.
BACKGROUND:
From time-to-time it is necessary for a City Department to obtain information from another governmental entity in order to perform its duties on behalf of the City. Just as the City has required its partners to demonstrate the presence of robust cybersecurity matters prior to allowing access to the data it maintains, other governmental entities are asking the City do the same prior to granting staff access to their data.
Recently, the Secretary of State's Office has requested that the City, rather than its Law Department, authorize the execution of an agreement that would allow our prosecutors and support staff access to the Secretary of State's driving and vehicle registration data of defendants charged under local ordinances. Since department heads current possess very limited authority beyond purchasing to bind the City, the City Council must 1) approve each of these agreements on a case-by-case basis or 2) delegate limited additional authority to Department Heads to execute them on the City's behalf.
DISCUSSION:
The proposed resolution follows the second path - and affords limited authority to Department Heads, and only to Department Heads, to execute these agreements on behalf of the City after 1) review and approval by the Law Department, and 2) review by the Chief Information Security Officer. The CISO's review shall include verification that the City has the technical capabilities to fully comply with the obligations placed on it by the proposed agreement and confirmation that any reciprocal data sharing obligation placed on the City by the agreement are governed by the City's own policies and that the counter party has the techni...
Click here for full text