BEST: Design Guidelines for Municipalities

{image of computers}
 
Freedom of Information Guidelines for State Agencies and Municipalities
 
 
 

 

 

System Design Guidelines

C.G.S. 1-211 (c) requires the State of Connecticut Department of Administrative Services, Bureau of Enterprise Systems and Technology to adopt written guidelines to assist municipal agencies in carrying out the purposes of C.G.S. 1-211 (c):

On and after July 1, 1992, before any public agency acquires any computer system, equipment or software to store or retrieve nonexempt public records, it shall consider whether such proposed system, equipment or software adequately provides for the rights of the public under the Freedom of Information Act at the least cost possible to the agency and to persons entitled to access to nonexempt public records under the Freedom of Information Act.

In meeting its obligations under this subsection, each state public agency shall consult with the Department of Administrative Services, Bureau of Enterprise Systems and Technology as part of the agency's design analysis prior to acquiring any such computer system, equipment or software. The Department of Administrative Services, Bureau of Enterprise Systems and Technology shall adopt written guidelines to assist municipal agencies in carrying out the purposes of this subsection.

The following guidelines have been published to provide municipalities with guidance and some important items for consideration when considering new computer system development.

Guidelines

Agencies should ensure decisions about new computer system development, whatever the cost and scope, carefully weigh the public interest in making subject information available to the general public under FOIA conveniently and at a reasonable cost.

To ensure availability and lowest cost over the life of the application, the agency or entity should identify in the planning process preceding the acquisition the following characteristics of the proposed application:
 
    1. Ability to access, manipulate and report data currently available in any applications which are being replaced with a minimum of “translation” or modification of tables, parameters, or other factors;
    2. Clear identification of that information in the database which is not exempt from FOIA;
    3. Use of separate tables for exempt and non-exempt data;
    4. Use of a database which allows security at a field level;
    5. Use of non-proprietary data structures and reporting tools;
    6. Data “backups” which ensure availability, including catastrophic loss of primary data, disaster or business interruption;
    7. Permanent copies of data stored on optical or other non destructible media where possible;
    8. Compliance with any applicable standards-setting body for data creation, data sharing, management or communication in the field;
    9. (State Agencies Only) Compliance with current State of Connecticut Department of Administrative Services, Bureau of Enterprise Systems and Technology Enterprise Wide Technology Standards;
    10. Source code ownership by the municipality or the State of Connecticut and source code escrow by the vendor;  
These considerations should be incorporated into any Requests for Proposals, Invitations to Bid or Requests for Information as Evaluation Criteria to ensure that they are known and understood by responding vendors as they develop their proposals or bids.

 

Discussion:

In general, application development best practices mandate consideration of the current and future cost and complexity of retrieving stored data for agency and peer use. They also ensure that data which is being stored will continue to be available even if the vendor of the software or the software modifier is no longer available or engaged in business. It is an additional benefit that these principles also support the mandate that records stored in state systems must be available to the public unless specifically exempted.