(1) Public.--Records or portions thereof subject to the provisions of the act of June 21, 1957 (P.L. 390, No. 212),¹ referred to as the Right-to-Know Law.

(2) Confidential.--Records or portions thereof requested to be treated as containing confidential security information and not subject to the Right-to-Know Law.

(1) Written notification to the public utility by the agency of the request to examine records containing confidential security information or challenge of its designation.

(2) An opportunity for agency review of the public utility's designation.

(3) During the review or any appeal of the agency's decision, the agency shall continue to honor the confidential security information designation by the public utility.

(4) Agency review of the public utility's designation or request to examine records containing confidential security information shall be based on consistency with the definition of confidential security information contained in this act or when there are reasonable grounds to believe disclosure may result in a safety risk, including the risk of harm to any person, or mass destruction.

(5) Written notification of the agency's decision on confidentiality to the public utility and member of the public that requested to examine the records containing confidential security information or challenged the designation made by the public utility shall occur within 60 days. In the same writing, the agency shall affirmatively state whether the disclosure would compromise the public utility's security against sabotage or criminal or terrorist acts.

(6) Following written notification by the agency of its decision on confidentiality, the public utility and member of the public shall be given 30 days to file an appeal in Commonwealth Court where the court may review the records containing confidential security information in camera to determine if they are protected from disclosure under this act. During pendency of the in camera review, the records subject to the in camera review shall not be made part of the public court filing.

(1) Each copy of a record or portion thereof containing confidential security information is clearly marked as confidential and not subject to the provisions of the Right-to-Know Law.

(2) Each copy of a record or portion thereof containing confidential security information is kept on site in a secure location, separate from the general records relating to the public utility, where it is available for inspection by authorized individuals.

(3) Only authorized individuals, as designated by the agency, may have access to records or copies thereof containing confidential security information.

(4) Authorized individuals, as designated by the agency, shall undergo training and sign an access agreement which summarizes responsibilities and personal liabilities if confidential security information is knowingly or recklessly released, published or otherwise disclosed.

(5) A document tracking system is established to allow for records or copies thereof containing confidential security information to be traceable at all times to a single person.