BILL NUMBER: AB 2203 CHAPTERED 08/26/02 CHAPTER 240 FILED WITH SECRETARY OF STATE AUGUST 26, 2002 APPROVED BY GOVERNOR AUGUST 24, 2002 PASSED THE SENATE AUGUST 8, 2002 PASSED THE ASSEMBLY MAY 2, 2002 AMENDED IN ASSEMBLY APRIL 10, 2002 INTRODUCED BY Assembly Member Florez FEBRUARY 20, 2002 An act to add Section 5029 to the Penal Code, relating to penal institutions. LEGISLATIVE COUNSEL'S DIGEST AB 2203, Florez. Penal institutions: confidentiality of personnel information. Existing law provides for penal institutions and for the personnel employed by those penal institutions. This bill would require the Director of Corrections to ensure that documents, computers, or computer accessible media containing personal information, as defined, relating to an employee of the Department of Corrections are not removed from any state prison without proper authorization. The bill would prohibit the knowing removal of employee personal information, without proper authorization, and would require notice to be given if removed personal information is lost or stolen, or can no longer be accounted for. The bill would state the intent of the Legislature that these provisions not interfere with various Whistleblower Protection provisions, the authority of the Office of the Inspector General, or the authority of the State Auditor. THE PEOPLE OF THE STATE OF CALIFORNIA DO ENACT AS FOLLOWS: SECTION 1. Section 5029 is added to the Penal Code, to read: 5029. (a) The Director of Corrections shall ensure that documents, computers, or computer accessible media containing personal information relating to an employee of the Department of Corrections are not removed from the state prison without proper authorization from the warden or his or her designee. (b) Any employee of the Department of Corrections who, without proper authorization, knowingly removes personal information relating to an employee of the Department of Corrections from the state prison in violation of subdivision (a), or who fails to provide the appropriate notice as required in subdivision (c), is subject to disciplinary action. (c) (1) An employee who removes personal information shall, once the employee is aware that the information either is lost or stolen or cannot be accounted for, make a reasonable effort to immediately notify the warden, or his or her designee, of that fact. (2) The warden, or his or her designee, shall attempt to notify the employee whose personal information either is lost or stolen or cannot be accounted for within 24 hours of receiving the notice under paragraph (1). (d) For purposes of this section, "personal information" shall have the same meaning as set forth in Section 1798.3 of the Civil Code. (e) It is not the intent of the Legislature, in enacting this section, to inhibit or prevent a person from making a disclosure of improper governmental activity that is protected by subparagraphs (A) and (B) of paragraph (2) of subdivision (a) of Section 6129, or by the California Whistleblower Protection Act, Article 3 (commencing with Section 8547) of Chapter 6.5 of Division 1 of Title 2 of the Government Code, or by the Whistleblower Protection Act, Article 10 (commencing with Section 9149.20) of Chapter 1.5 of Part 1 of Division 2 of Title 2 of the Government Code. Furthermore, nothing in this section shall be construed to interfere with the authority of the Office of the Inspector General pursuant to Section 6126.5 of this code, nor the authority of the State Auditor pursuant to Section 8545.2 of the Government Code.