Bill Text: CA AB2867 | 2021-2022 | Regular Session | Amended
Bill Title: Department of Technology: contracting: background checks.
Spectrum: Partisan Bill (Democrat 1-0)
Status: (Introduced - Dead) 2022-04-19 - In committee: Set, first hearing. Hearing canceled at the request of author. [AB2867 Detail]
Download: California-2021-AB2867-Amended.html
|
Amended
IN
Assembly
March 28, 2022 |
CALIFORNIA LEGISLATURE—
2021–2022 REGULAR SESSION
Assembly Bill
No. 2867
| Introduced by Assembly Member Irwin |
February 18, 2022 |
An act to amend Section 11546.6 of the Government Code, relating to cybersecurity. background checks.
LEGISLATIVE COUNSEL'S DIGEST
AB 2867, as amended, Irwin.
Cybersecurity. Department of Technology: contracting: background checks.
Existing law establishes the Department of Technology (CDT) within the Government Operations Agency. Under existing law, the Director of Technology (director) leads the department and serves as the State Chief Information Officer. Existing law requires the director to require fingerprint images and associated information from an employee, prospective employee, contractor, subcontractor, volunteer, or vendor whose duties include, or would include, working on data center, telecommunications, or network operations, engineering, or security with access to confidential or sensitive information and data on the network or computing infrastructure.
This bill would instead require the CDT to require a criminal background check based on fingerprint
images and associated information from an employee, prospective employee, contractor, subcontractor, volunteer, or vendor if their duties would include access to confidential or sensitive information or data in any form related to the network or computing infrastructure, including, but not limited to, data center, telecommunications, engineering, or security.
Existing law requires the Department of Justice to forward requests received for federal criminal offender record information under these provisions to the Federal Bureau of Investigation.
This bill would instead require the Department of Justice to transmit fingerprint images and related information to the Federal Bureau of Investigation for the purpose of obtaining a federal criminal history records check and require the department to review the information returned from the Federal Bureau of Investigation and compile a
response.
Existing law requires the director to develop a written appeal process for those determined ineligible for employment because of their criminal offender record, and provides that individuals shall not be found to be ineligible for employment until the appeal process is in place.
This bill would remove the prohibition on employment ineligibility until the appeal process is in place.
Existing law requires the director to take under consideration any evidence of rehabilitation, including participation in treatment programs, as well as the age and specifics of the offense when considering the background information received under these provisions.
This bill would require the director to additionally consider the classification of data that the
individual may access.
Existing law requires a person or business that conducts business in California, and that owns or licenses computerized data that includes personal information, to disclose a breach of the security of the system following discovery or notification of the breach in the security of the data to a resident of California, as prescribed.
This bill would state the intent of the Legislature to enact legislation related to cybersecurity.
Digest Key
Vote: MAJORITY Appropriation: NO Fiscal Committee:Bill Text
The people of the State of California do enact as follows:
SECTION 1.
Section 11546.6 of the Government Code is amended to read:11546.6.
(a) The Director of Technology shall require a criminal history background check based on fingerprint images and associated information from an employee, prospective employee, contractor, subcontractor, volunteer, or vendor whose duties include, or would include, working on data center, telecommunications, or network operations, engineering, or security with access to confidential or sensitive information and data on the network or computing infrastructure.(b) The fingerprint images and associated information described in subdivision (a) shall be furnished
submitted to the Department of Justice for the purpose of obtaining information as to the existence and nature of any of the following:
(1) A record of state or federal convictions and the existence and nature of state or federal arrests for which the person is free on bail or on his or her the individual’s own recognizance pending trial or appeal.
(2) Being convicted of, or pleading nolo contendere to, a crime, or having committed an act involving dishonesty, fraud, or deceit, if the crime or act is substantially related to the qualifications, functions, or duties of a person employed by the state in accordance with this provision.
(3) Any conviction or arrest, for which the person is free on bail or on his or her
their own recognizance pending trial or appeal, with a reasonable nexus to the information or data to which the employee shall have access.
(c)Requests for federal criminal offender record information received
by the Department of Justice pursuant to this section shall be forwarded to the Federal Bureau of Investigation by the Department of Justice.
(c) The Department of Justice shall transmit fingerprint images and related information to the Federal Bureau of Investigation for the purpose of obtaining a federal criminal history records check. The Department of Justice shall review the information returned from the Federal Bureau of Investigation and compile a response.
(d) The Department of Justice shall respond to the Director of Technology with information as provided under subdivision (p) of Section 11105 of the Penal Code.
(e) The Director of Technology shall request subsequent arrest
notifications from the Department of Justice as provided under Section 11105.2 of the Penal Code.
(f) The Department of Justice may assess a fee sufficient to cover the processing costs required under this section, as authorized pursuant to subdivision (e) of Section 11105 of the Penal Code.
(g) If an individual described in subdivision (a) is rejected as a result of information contained in the Department of Justice or Federal Bureau of Investigation criminal offender record information response, the individual shall receive a copy of the response record from the Director of Technology. Technology, pursuant to subdivision (t) of Section 11105 of the Penal Code.
(h) The Director of Technology shall develop a written appeal process for an individual described in subdivision (a) who is determined ineligible for employment because of his or her their Department of Justice or Federal Bureau of Investigation criminal offender record. Individuals shall not be found to be ineligible for employment pursuant to this section until the appeal process is in place.
(i) When considering the background information received pursuant to this section, the Director of Technology shall take under consideration any evidence of rehabilitation, including participation in treatment programs, as
well as the age and specifics of the offense.
offense, in addition to the classification of data to which the individual may access.
It is the intent of the Legislature to enact legislation relating to cybersecurity.
