Bill Text: IA HF601 | 2017-2018 | 87th General Assembly | Enrolled
Bill Title: A bill for an act relating to the confidentiality of certain physical infrastructure, cyber security, and critical infrastructure information and records developed, maintained, or held by a government body. (Formerly HSB 185.) Effective 7-1-17.
Spectrum: Committee Bill
Status: (Passed) 2017-05-11 - Signed by Governor. H.J. 1149. [HF601 Detail]
Download: Iowa-2017-HF601-Enrolled.html
House File 601 - Enrolled HOUSE FILE BY COMMITTEE ON GOVERNMENT OVERSIGHT (SUCCESSOR TO HSB 185) \5 A BILL FOR \1 House File 601 AN ACT RELATING TO THE CONFIDENTIALITY OF CERTAIN PHYSICAL INFRASTRUCTURE, CYBER SECURITY, AND CRITICAL INFRASTRUCTURE INFORMATION AND RECORDS DEVELOPED, MAINTAINED, OR HELD BY A GOVERNMENT BODY. BE IT ENACTED BY THE GENERAL ASSEMBLY OF THE STATE OF IOWA: Section 1. Section 22.7, subsection 50, Code 2017, is amended to read as follows: 50. Information and records concerning physical infrastructure, cyber security, critical infrastructure, security procedures, or emergency preparednessinformationdeveloped,andmaintained, or held by a government body for the protection ofgovernmental employees, visitors to the government body, persons in the care, custody, or under the control of the government body, or property under the jurisdiction of the government bodylife or property, if disclosure could reasonably be expected to jeopardize suchemployees, visitors, persons,life or property. a. Such informationincludesand records include butisare not limited to information directly related to vulnerability assessments; information contained in records relating to security measures such as security and response plans, security codes and combinations, passwords, restricted area passes, keys, and security or response procedures; emergency response protocols; and information contained in records that if disclosed would significantly increase the vulnerability of critical physical systems or infrastructuresof a government bodyto attack.b. This subsection shall only apply to information held by a government body that has adopted a rule or policy identifying the specific records or class of records to which this subsection applies and which is contained in such a record.b. For purposes of this subsection, "cyber security information and records" include but are not limited to information and records relating to cyber security defenses, threats, attacks, or general attempts to attack cyber system operations. LINDA UPMEYER JACK WHITVER CARMINE BOAL TERRY E. BRANSTA -1-