Bill Text: IL HB5093 | 2017-2018 | 100th General Assembly | Chaptered


Bill Title: Creates the Illinois Information Security Improvement Act. Creates the Office of the Statewide Chief Information Security Officer within the Department of Innovation and Technology. Provides for the duties and powers of the Office. Creates the position of Statewide Chief Information Security Officer to serve as the head of the Office. Provides for the qualifications, powers, and duties of the Statewide Chief Information Security Officer, and for the appointment of the Statewide Chief Information Security Officer by the Secretary of Innovation and Technology. Defines terms. Effective January 1, 2019.

Spectrum: Bipartisan Bill

Status: (Passed) 2019-01-04 - Public Act . . . . . . . . . 100-1169 [HB5093 Detail]

Download: Illinois-2017-HB5093-Chaptered.html



Public Act 100-1169
HB5093 EnrolledLRB100 20465 RJF 35821 b
AN ACT concerning government.
Be it enacted by the People of the State of Illinois,
represented in the General Assembly:
Section 5. If and only if House Bill 5611 of the 100th
General Assembly becomes law in the form in which it passed the
House on April 23, 2018, then the Department of Innovation and
Technology Act is amended by changing Sections 1-5 and 1-30 as
follows:
(100HB5611eng, Sec. 1-5)
Sec. 1-5. Definitions. In this Act:
"Bureau of Communications and Computer Services" means the
Bureau of Communications and Computer Services, also known as
the Bureau of Information and Communication Services, created
by rule (2 Illinois Administrative Code 750.40) within the
Department of Central Management Services.
"Client agency" means each transferring agency, or its
successor. When applicable, "client agency" may also include
any other public agency to which the Department provides
service to the extent specified in an interagency contract with
the public agency "Client agency" also includes each other
public agency to which the Department provides service.
"Dedicated unit" means the dedicated bureau, division,
office, or other unit within a transferring agency that is
responsible for the information technology functions of the
transferring agency. For the Office of the Governor, "dedicated
unit" means the Information Technology Office, also known as
the Office of the Chief Information Officer. For the Department
of Central Management Services, "dedicated unit" means the
Bureau of Communications and Computer Services, also known as
the Bureau of Information and Communication Services.
"Department" means the Department of Innovation and
Technology.
"Information technology" means technology, infrastructure,
equipment, systems, software, networks, and processes used to
create, send, receive, and store electronic or digital
information, including, without limitation, computer systems
and telecommunication services and systems. "Information
technology" shall be construed broadly to incorporate future
technologies (such as sensors and balanced private hybrid or
public cloud posture tailored to the mission of the agency)
that change or supplant those in effect as of the effective
date of this Act.
"Information technology functions" means the development,
procurement, installation, retention, maintenance, operation,
possession, storage, and related functions of all information
technology.
"Information Technology Office" means the Information
Technology Office, also known as the Office of the Chief
Information Officer, within the Office of the Governor, created
by Executive Order 1999-05, or its successor.
"Legacy information technology division" means any
division, bureau, or other unit of a transferring agency which
has responsibility for information technology functions for
the agency prior to the transfer of those functions to the
Department, including, without limitation, the Bureau of
Communications and Computer Services.
"Secretary" means the Secretary of Innovation and
Technology.
"State agency" means each State agency, department, board,
and commission directly responsible to the Governor.
"Transferring agency" means the Department on Aging; the
Departments of Agriculture, Central Management Services,
Children and Family Services, Commerce and Economic
Opportunity, Corrections, Employment Security, Financial and
Professional Regulation, Healthcare and Family Services, Human
Rights, Human Services, Insurance, Juvenile Justice, Labor,
Lottery, Military Affairs, Natural Resources, Public Health,
Revenue, State Police, Transportation, and Veterans' Affairs;
the Capital Development Board; the Deaf and Hard of Hearing
Commission; the Environmental Protection Agency; the
Governor's Office of Management and Budget; the Guardianship
and Advocacy Commission; the Historic Preservation Agency; the
Illinois Arts Council; the Illinois Council on Developmental
Disabilities; the Illinois Emergency Management Agency; the
Illinois Gaming Board; the Illinois Health Information
Exchange Authority; the Illinois Liquor Control Commission;
the Illinois Student Assistance Commission; the Illinois
Technology Office; the Office of the State Fire Marshal; and
the Prisoner Review Board. "Transferring agency" does not
include a State constitutional office, the Office of the
Executive Inspector General, or any office of the legislative
or judicial branches of State government.
(Source: 100HB5611eng, Sec. 1-5.)
(100HB5611eng, Sec. 1-30)
Sec. 1-30. Information technology.
(a) The Secretary shall be the Chief Information Officer
for the State and the steward of State data with respect to
those agencies under the jurisdiction of the Governor. It shall
be the duty of the Department and the policy of the State of
Illinois to manage or delegate the management of the
procurement, retention, installation, maintenance, and
operation of all information technology used by client
agencies, so as to achieve maximum economy consistent with
development of appropriate and timely information in a form
suitable for management analysis, in a manner that provides for
adequate security protection and back-up facilities for that
equipment, the establishment of bonding requirements, and a
code of conduct for all information technology personnel to
ensure the privacy of information technology information as
provided by law.
(b) The Department shall be responsible for providing the
Governor with timely, comprehensive, and meaningful
information pertinent to the formulation and execution of
fiscal policy. In performing this responsibility the
Department shall have the power to do the following:
(1) Control the procurement, retention, installation,
maintenance, and operation, as specified by the
Department, of information technology equipment used by
client agencies in such a manner as to achieve maximum
economy and provide appropriate assistance in the
development of information suitable for management
analysis.
(2) Establish principles and standards of information
technology-related reporting by client agencies and
priorities for completion of research by those agencies in
accordance with the requirements for management analysis
specified by the Department.
(3) Establish charges for information technology and
related services requested by client agencies and rendered
by the Department. The Department is likewise empowered to
establish prices or charges for all information technology
reports purchased by agencies and individuals not
connected with State government.
(4) Instruct all client agencies to report regularly to
the Department, in the manner the Department may prescribe,
their usage of information technology, the cost incurred,
the information produced, and the procedures followed in
obtaining the information. All client agencies shall
request from the Department assistance and consultation in
securing any necessary information technology to support
their requirements.
(5) Examine the accounts and information
technology-related data of any organization, body, or
agency receiving appropriations from the General Assembly,
except for a State constitutional office, the Office of the
Executive Inspector General, or any office of the
legislative or judicial branches of State government. For a
State constitutional office, the Office of the Executive
Inspector General, or any office of the legislative or
judicial branches of State government, the Department
shall have the power to examine the accounts and
information technology-related data of the State
constitutional office, the Office of the Executive
Inspector General, or any office of the legislative or
judicial branches of State government when requested by
those offices that office.
(6) Install and operate a modern information
technology system utilizing equipment adequate to satisfy
the requirements for analysis and review as specified by
the Department. Expenditures for information technology
and related services rendered shall be reimbursed by the
recipients. The reimbursement shall be determined by the
Department as amounts sufficient to reimburse the
Technology Management Revolving Fund for expenditures
incurred in rendering the services.
(c) In addition to the other powers and duties listed in
subsection (b), the Department shall analyze the present and
future aims, needs, and requirements of information
technology, research, and planning in order to provide for the
formulation of overall policy relative to the use of
information technology and related equipment by the State of
Illinois. In making this analysis, the Department shall
formulate a master plan for information technology, utilizing
information technology most advantageously, and advising
whether information technology should be leased or purchased by
the State. The Department shall prepare and submit interim
reports of meaningful developments and proposals for
legislation to the Governor on or before January 30 each year.
The Department shall engage in a continuing analysis and
evaluation of the master plan so developed, and it shall be the
responsibility of the Department to recommend from time to time
any needed amendments and modifications of any master plan
enacted by the General Assembly.
(d) The Department may make information technology and the
use of information technology available to units of local
government, elected State officials, State educational
institutions, the judicial branch, the legislative branch, and
all other governmental units of the State requesting them. The
Department shall establish prices and charges for the
information technology so furnished and for the use of the
information technology. The prices and charges shall be
sufficient to reimburse the cost of furnishing the services and
use of information technology.
(e) The Department may establish standards to provide
consistency in the operation and use of information technology.
(Source: 100HB5611eng, Sec. 1-30.)
feedback