Pursuant to Government Code Section
11019.9 and in adherence to the Information Practices Act
of 1977 (Title 1.8 (commencing with Section 1798) of Part
4 of Division 3 of the Civil Code) the Santa Monica Mountains
This policy incorporates the provision of the SMMC’s Records
Retention Policy adopted on September 28, 2000.
This policy applies, but without limitation, to personnel
records, job applications, personal information which may
be required for the submission of a grant application, request
for bid or request for proposal, and to personal information
submitted to or requested by the SMMC in conjunction with
making land acquisitions. SMMC does not compile personal information
other than employment applications, employee personnel records,
and mailing lists used to provide notices or otherwise to
inform the public.
Section 1: Definitions
This policy adopts by reference all of the relevant definitions
found at Government Code Section 1798.3 including but not
limited to the following:
(a) The term "personal information" means any
information that is maintained by the SMMC that identifies
or describes an individual, including, but not limited
to, his name or her name, social security number, physical
description, home address, home telephone number, education,
financial matters, and medical or employment history.
It includes statements made by, or attributed to, the
(b) The term "disclose" means to disclose,
release, transfer, disseminate, or otherwise communicate
all or any part of any record orally, in writing, or by
electronic or any other means to any person or entity.
The term "employee" means an employee of the SMMC
or an employee of the Mountains Recreation and Conservation
Authority (MRCA) provided access to records of the SMMC pursuant
to the Reciprocal Management Agreement by and between the
SMMC and MRCA.
Section 2: Policy Principles
The following principles shall apply to the disclosure, release,
transfer, dissemination or any other communication of personal
(a) Personally identifiable information shall only be
obtained through lawful means.
(b) The purposes for which personally identifiable data
are collected shall be specified at or prior to the time
of collection, and any subsequent use of the data shall
be limited to and consistent with the fulfillment of those
purposes previously specified.
(c) Personal data shall not be disclosed, made
available, or otherwise used for purposes other than those
specified, except with the consent of the subject of the
data, or as authorized by law or regulation.
(d) Personal data collected must be relevant to the purpose
for which it is collected.
(e) Personal data shall be protected against disclosure,
release, transfer, dissemination, or unauthorized disclosure
by the following general means:
(1) Each employee responsible for the
collection, use, maintenance, and/or dissemination of
public records containing personal data shall take precautions
to assure that such records are to the extent allowed
by law kept confidential.
(2) The Executive Director shall designate
be responsible for implementation of this policy. Any
employee with questions regarding implementation of this
policy, Government Code Section 11015.5, or Government
Code Section 6250 et seq. (Public Records Act)
to respond, the employee shall contact the Office of the
State Attorney General for guidance.