Bill Text: TX SB820 | 2019-2020 | 86th Legislature | Enrolled
Bill Title: Relating to a requirement that a school district adopt a cybersecurity policy.
Spectrum: Bipartisan Bill
Status: (Passed) 2019-06-10 - Effective on 9/1/19 [SB820 Detail]
Download: Texas-2019-SB820-Enrolled.html
| S.B. No. 820 | ||
|
|
||
| relating to a requirement that a school district adopt a | ||
| cybersecurity policy. | ||
| BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: | ||
| SECTION 1. Subchapter D, Chapter 11, Education Code, is | ||
| amended by adding Section 11.175 to read as follows: | ||
| Sec. 11.175. DISTRICT CYBERSECURITY. (a) In this section: | ||
| (1) "Breach of system security" means an incident in which | ||
| student information that is sensitive, protected, or confidential, | ||
| as provided by state or federal law, is stolen or copied, | ||
| transmitted, viewed, or used by a person unauthorized to engage in | ||
| that action. | ||
| (2) "Cyber attack" means an attempt to damage, | ||
| disrupt, or gain unauthorized access to a computer, computer | ||
| network, or computer system. | ||
| (3) "Cybersecurity" means the measures taken to | ||
| protect a computer, computer network, or computer system against | ||
| unauthorized use or access. | ||
| (b) Each school district shall adopt a cybersecurity policy | ||
| to: | ||
| (1) secure district cyberinfrastructure against cyber | ||
| attacks and other cybersecurity incidents; and | ||
| (2) determine cybersecurity risk and implement | ||
| mitigation planning. | ||
| (c) A school district's cybersecurity policy may not | ||
| conflict with the information security standards for institutions | ||
| of higher education adopted by the Department of Information | ||
| Resources under Chapters 2054 and 2059, Government Code. | ||
| (d) The superintendent of each school district shall | ||
| designate a cybersecurity coordinator to serve as a liaison between | ||
| the district and the agency in cybersecurity matters. | ||
| (e) The district's cybersecurity coordinator shall report | ||
| to the agency any cyber attack or other cybersecurity incident | ||
| against the district cyberinfrastructure that constitutes a breach | ||
| of system security as soon as practicable after the discovery of the | ||
| attack or incident. | ||
| (f) The district's cybersecurity coordinator shall provide | ||
| notice to a parent of or person standing in parental relation to a | ||
| student enrolled in the district of an attack or incident for which | ||
| a report is required under Subsection (e) involving the student's | ||
| information. | ||
| SECTION 2. This Act takes effect September 1, 2019. | ||
| ______________________________ | ______________________________ | |
| President of the Senate | Speaker of the House | |
| I hereby certify that S.B. No. 820 passed the Senate on | ||
| April 26, 2019, by the following vote: Yeas 30, Nays 0; and that | ||
| the Senate concurred in House amendments on May 25, 2019, by the | ||
| following vote: Yeas 30, Nays 0. | ||
| ______________________________ | ||
| Secretary of the Senate | ||
| I hereby certify that S.B. No. 820 passed the House, with | ||
| amendments, on May 22, 2019, by the following vote: Yeas 133, | ||
| Nays 10, two present not voting. | ||
| ______________________________ | ||
| Chief Clerk of the House | ||
| Approved: | ||
| ______________________________ | ||
| Date | ||
| ______________________________ | ||
| Governor | ||
