Code Section Group

Education Code - EDC

TITLE 2. ELEMENTARY AND SECONDARY EDUCATION [33000 - 65001]

  ( Title 2 enacted by Stats. 1976, Ch. 1010. )

DIVISION 3. LOCAL ADMINISTRATION [35000 - 45500]

  ( Division 3 enacted by Stats. 1976, Ch. 1010. )

PART 21. LOCAL EDUCATIONAL AGENCIES [35000 - 35787]

  ( Part 21 enacted by Stats. 1976, Ch. 1010. )

CHAPTER 2. Governing Boards [35100 - 35401]

  ( Chapter 2 enacted by Stats. 1976, Ch. 1010. )

ARTICLE 8.5. Cybersecurity [35265 - 35267]
  ( Article 8.5 added by Stats. 2022, Ch. 498, Sec. 1. )

35265.
  

For purposes of this article, the following definitions apply:

(a) “California Cybersecurity Integration Center” or “Center” means the California Cybersecurity Integration Center established by the Office of Emergency Services pursuant to Section 8586.5 of the Government Code.

(b) “Cyberattack” means either of the following:

(1) Any alteration, deletion, damage, or destruction of a computer system, computer network, computer program, or data caused by unauthorized access.

(2) The unauthorized denial of access to legitimate users of a computer system, computer network, computer program, or data.

(c) “Local educational agency” means a school district, county office of education, or charter school.

(Added by Stats. 2022, Ch. 498, Sec. 1. (AB 2355) Effective January 1, 2023. Repealed as of January 1, 2027, pursuant to Section 35267.)

35266.
  

(a) A local educational agency shall report any cyberattack impacting more than 500 pupils or personnel to the California Cybersecurity Integration Center.

(b) (1) The California Cybersecurity Integration Center shall establish a database that tracks reports of cyberattacks submitted by local educational agencies pursuant to this section. The Center shall annually, by January 1, provide a report to the Governor and the relevant policy committees of the Legislature summarizing the types and number of cyberattacks on local educational agencies, the types and number of data breaches affecting local educational agencies that have been reported to the Attorney General pursuant to Sections 1798.29 and 1798.82 of the Civil Code, any activities provided by the Center to prevent cyberattacks or data breaches of a local educational agency, and support provided by the Center following a cyberattack or data breach of a local educational agency.

(2) The Attorney General shall share sample copies of data breach notifications received from local educational agencies pursuant to Sections 1798.29 and 1798.82 of the Civil Code, excluding any personally identifiable information, with the Center for the purpose of compiling this report.

(c) Nothing in this section shall be construed to affect any disclosure or notification requirements pursuant to Sections 1798.29 and 1798.82 of the Civil Code.

(Added by Stats. 2022, Ch. 498, Sec. 1. (AB 2355) Effective January 1, 2023. Repealed as of January 1, 2027, pursuant to Section 35267.)

35267.
  

This article shall remain in effect only until January 1, 2027, and as of that date is repealed.

(Added by Stats. 2022, Ch. 498, Sec. 1. (AB 2355) Effective January 1, 2023. Repealed as of January 1, 2027, by its own provisions. Note: Repeal affects Article 8.5, commencing with Section 35265.)

EDCEducation Code - EDC8.5.