|Posted:||July 6, 2017 01:11 PM|
|From:||Representative Seth M. Grove and Rep. Kristin Hill, Rep. Jason Ortitay|
|To:||All House members|
|Subject:||Strengthening State Government Cybersecurity and Consolidation of IT Services|
|In the near future, I intend to introduce legislation to create in statute the Office of Information Technology under the Office of Administration and consolidate all of the executive branch’s information technology (IT) services, funding and oversight into this single office.
Pennsylvania has plenty of examples of our aging, inadequate, and costly IT infrastructure. For instance, the Department of Revenue received funds specifically for IT modernization over the past 18 years. Despite this dedicated fund, the Department of Revenue is constantly in need of new funds for IT upgrades. And most recently, an audit of Pennsylvania’s Unemployment Compensation Call Centers revealed the state mismanaged hundreds of millions of taxpayer dollars in the effort to upgrade their system. The system has still not been upgraded.
Unfortunately, this problem transcends individual state departments and administrations to encapsulate all of state government.
In order to address this problem, my proposal will codify the Office of Information created by Governor Wolf under Executive Order E0 2016-6. This legislation mirrors the executive order by providing the newly established office with broad necessary powers to consolidate and oversee all IT systems and contracts within the executive branch. These powers include:
The Office of Information Technology would be administered by the Director, who will be given broad powers concerning the state’s IT infrastructure including:
Additionally, the director will have the power to approve or deny IT contracts based on the money available for the project and the department’s current IT capabilities. Further, the director may suspend any IT project that does not meet the Office’s standards for quality or has exceeded the estimated cost.
To improve financial oversight of IT projects and capabilities, my proposal requires annual reports and a bi-annual IT plan to be submitted to the General Assembly.
Finally, as cyber-attacks become more prevalent, the bill requires numerous steps to be taken to improve our overall cyber security including:
Introduced as HB1704