HB 5301 — State Agency Information Technology Reorganization
by Government Operations and Technology Appropriations Subcommittee and Rep. Ingoglia
This summary is provided for information only and does not represent the opinion of any Senator, Senate Officer, or Senate Office.
Prepared by: Appropriations Committee (AP)
The bill revises the experience required for the Agency for State Technology (AST) executive director, data center director, and chief information security officer and deletes the following positions: deputy executive director, chief planning officer, chief operations officer, and chief technology officer. Additionally, some technology definitions are added, revised, and deleted.
Changes to agency duties
The bill revises the AST’s duties related to project oversight to review and provide recommendations to the Governor, President, and Speaker. The AST will review project oversight deliverables and provide recommendations for state agencies’ projects costing over $10 million and for cabinet agencies’ projects costing over $25 million. The AST, with the Department of Management Services, will establish best practices for the procurement of cloud computing services. The AST’s current duties to review technology purchases over $250,000 and to develop data center standards are eliminated.
Eliminates expired requirements
The bill deletes expired language that authorizes the Agency for State Technology (AST) to transfer funds, after notice, for technology migrations to cloud computing services in Fiscal Year 2015-2016 only, deletes intent language for data center consolidation, and deletes the expired state agency data center consolidation schedule and requirements.
Technology Policy modification
The bill directs the State Data Center to provide services on premise or through a third party cloud computing provider based on the best cost and service, verified by the customer, and directs the state data center to use third party cloud computing services instead of utilizing existing infrastructure when costs are reduced and services are the same or improved. The AST state data center must submit a biennial report on cloud computing usage.
Impact to State Agencies
The bill directs state agencies to submit an annual plan to the Governor, President, and Speaker by November 1 that includes an inventory of the applications supported by the state data center, identifies applications that can migrate to a third party cloud computing service, and requires a project plan and estimated costs. The cloud computing service shall meet or exceed the applicable state and federal standards for security.
Creates a Task Force
The bill creates the Florida Cybersecurity Task Force consisting of six members from the Department of Law Enforcement (FDLE), Agency for State Technology, Department of Management Services, Division of Emergency Management in the Office of the Governor, and the Chief Inspector General in the Office of the Governor. The task force shall recommend:
- Methods to improve security for the state’s network system and data;
- Improvements to threat detection;
- Process to assess cybersecurity infrastructure and identify gaps;
- Improvements in emergency management and disaster response; and
- Improvements in response to cybersecurity attacks.
The task force final report is due by November 1, 2018, to the Governor, President and Speaker. The FDLE is appropriated $100,000 nonrecurring General Revenue to support the task force.
If approved by the Governor, these provisions take effect July 1, 2017.
Vote: Senate 38-0; House 109-2