|
|
|
|
By: Zaffirini |
S.B. No. 1878 |
|
(In the Senate - Filed March 13, 2015; March 25, 2015, read |
|
first time and referred to Committee on Business and Commerce; |
|
April 20, 2015, reported adversely, with favorable Committee |
|
Substitute by the following vote: Yeas 9, Nays 0; April 20, 2015, |
|
sent to printer.) |
Click here to see the committee vote |
|
|
COMMITTEE SUBSTITUTE FOR S.B. No. 1878 |
By: Watson |
|
|
A BILL TO BE ENTITLED
|
|
AN ACT
|
|
|
relating to a study on the feasibility of implementing more secure |
|
access requirements for certain electronically stored information |
|
held by the state. |
|
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: |
|
SECTION 1. STUDY OF IDENTIFICATION AND ACCESS MANAGEMENT. |
|
The Department of Information Resources shall conduct a study to |
|
determine the feasibility of implementing new identification and |
|
access requirements for accessing certain information that is |
|
electronically stored by the state, including personal identifying |
|
information and sensitive personal information, as those terms are |
|
defined by Section 521.002, Business & Commerce Code. |
|
SECTION 2. COLLABORATION WITH OTHER AGENCIES. In |
|
conducting the study, the Department of Information Resources shall |
|
collaborate with other agencies to consider the needs or concerns |
|
specific to those agencies. |
|
SECTION 3. SCOPE OF STUDY. The study must: |
|
(1) examine the relative costs and benefits of various |
|
forms of identification and access management, including |
|
multifactor authentication; and |
|
(2) develop a strategy by which the Department of |
|
Information Resources may most effectively negotiate for bulk |
|
purchase across agencies at the lowest cost to the state. |
|
SECTION 4. REPORT AND RECOMMENDATIONS. (a) The Department |
|
of Information Resources shall issue a written report to the |
|
governor, the lieutenant governor, and the speaker of the house of |
|
representatives that includes the department's evaluation of the |
|
available identification and access management and multifactor |
|
authentication systems and programs and provides recommendations |
|
regarding department action or legislation that will secure |
|
sensitive information held by the state. |
|
(b) The report must be issued not later than November 30, |
|
2016. |
|
SECTION 5. EXPIRATION. This Act expires December 1, 2016. |
|
SECTION 6. EFFECTIVE DATE. This Act takes effect September |
|
1, 2015. |
|
|
|
* * * * * |