By: Zaffirini S.B. No. 1878
(Elkins)
A BILL TO BE ENTITLED
AN ACT
relating to a study on the feasibility of implementing more secure
access requirements for certain electronically stored information
held by the state.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
SECTION 1. STUDY OF IDENTIFICATION AND ACCESS MANAGEMENT.
The Department of Information Resources shall conduct a study to
determine the feasibility of implementing new identification and
access requirements for accessing certain information that is
electronically stored by the state, including personal identifying
information and sensitive personal information, as those terms are
defined by Section 521.002, Business & Commerce Code.
SECTION 2. COLLABORATION WITH OTHER AGENCIES. In
conducting the study, the Department of Information Resources shall
collaborate with other agencies to consider the needs or concerns
specific to those agencies.
SECTION 3. SCOPE OF STUDY. The study must:
(1) examine the relative costs and benefits of various
forms of identification and access management, including
multifactor authentication; and
(2) develop a strategy by which the Department of
Information Resources may most effectively negotiate for bulk
purchase across agencies at the lowest cost to the state.
SECTION 4. REPORT AND RECOMMENDATIONS. (a) The Department
of Information Resources shall issue a written report to the
governor, the lieutenant governor, and the speaker of the house of
representatives that includes the department's evaluation of the
available identification and access management and multifactor
authentication systems and programs and provides recommendations
regarding department action or legislation that will secure
sensitive information held by the state.
(b) The report must be issued not later than November 30,
2016.
SECTION 5. EXPIRATION. This Act expires December 1, 2016.
SECTION 6. EFFECTIVE DATE. This Act takes effect September
1, 2015.