2017 ORS 276A.365¹
Information management by state agencies

(1) A state agency shall manage information as a strategic asset throughout the information’s life cycle. To improve the management of information resources and reinforce the state’s presumption of openness, an agency shall:

(a) Collect or create information in a way that supports downstream processing and dissemination activities, including:

(A) Using machine-readable and open formats;

(B) Using data standards approved by the Chief Data Officer in the collection and creation of information in order to promote data interoperability and openness;

(C) Ensuring information stewardship through the use of open licenses; and

(D) Using common core and extensible metadata.

(b) Build information systems to support interoperability and information accessibility.

(c) Strengthen data management and release practices to ensure agency data assets are managed and maintained throughout the assets’ life cycle by:

(A) Adopting effective data asset portfolio management approaches.

(B) Creating and maintaining an inventory of agency information resources to be included in the enterprise data inventory.

(C) Creating and maintaining a public data listing, including datasets that can be made publicly available but that have not yet been released.

(D) Establishing a process to engage with customers and the public to help facilitate and prioritize data release.

(E) Clarifying roles and responsibilities for promoting efficient and effective data release practices.

(d) Strengthen measures to ensure that privacy and confidentiality are fully protected and that data are properly secured.

(e) Account for the mosaic effect of data aggregation.

(f) Incorporate new interoperability and openness requirements into core agency processes.

(2) A state agency shall integrate the following minimum requirements into the project planning documentation and technical design for all new information systems and systems preparing for modernization, as appropriate:

(a) System designs must be scalable and flexible and must facilitate the extraction of data in multiple formats, using standards and specifications in the system design that promote industry best practices for data sharing, and separation of data from the application layer to maximize data reuse opportunities;

(b) All data outputs of the associated system must meet the requirements described in paragraph (a) of this subsection; and

(c) Data schemata and dictionaries must be documented and shared with internal partners and the State Chief Information Officer.

(3)(a) A state agency’s use of proprietary software may not diminish the ability of the public to inspect and copy a public record.

(b) A state agency may not enter into a contract for the creation of a public records database that impairs the ability of the public to inspect or copy the public records of the state agency, including but not limited to the documentation described in subsection (2)(c) of this section. [2017 c.720 §6]

Note: 276A.365 (Information management by state agencies) becomes operative May 1, 2019. See section 12, chapter 720, Oregon Laws 2017.

Note: Section 13, chapter 720, Oregon Laws 2017, provides:

Sec. 13. Section 6 (3)(b) of this 2017 Act [276A.365 (Information management by state agencies) (3)(b)] applies to contracts entered into on or after the effective date of this 2017 Act [January 1, 2018]. [2017 c.720 §13]

1 Legislative Counsel Committee, CHAPTER 276A—Information Technology, https://­www.­oregonlegislature.­gov/­bills_laws/­ors/­ors276A.­html (2017) (last ac­cessed Mar. 30, 2018).
2 OregonLaws.org contains the con­tents of Volume 21 of the ORS, inserted along­side the per­tin­ent statutes. See the preface to the ORS An­no­ta­tions for more information.
3 OregonLaws.org assembles these lists by analyzing references between Sections. Each listed item refers back to the current Section in its own text. The result reveals relationships in the code that may not have otherwise been apparent.