The bill HB207 amends the Code of Alabama 1975 to enhance the governance and management of information technology and cybersecurity within state agencies. Key insertions include the expansion of the Office of Information Technology's responsibilities to include cybersecurity, the establishment of a Telecommunications Revolving Fund, and the creation of a technology quality assurance board. New definitions are introduced, such as "cybersecurity" and "technology contract," while existing articles related to the Division of Data Systems Management and the Telecommunications Division are repealed to streamline state technology management. The bill also clarifies the powers of the Secretary of Information Technology, emphasizing collaboration among state agencies to promote efficiency and avoid redundancy.

Additionally, the bill outlines specific regulations for the procurement and operation of technology and cybersecurity equipment, requiring written approval for expenditures and allowing the office to enter contracts in compliance with state bidding laws. It mandates criminal history background checks for individuals accessing sensitive technology infrastructure and exempts certain educational institutions and branches of government from its requirements. The bill aims to modernize the state's approach to technology management, ensuring better resource utilization and improved security measures, and is set to take effect on October 1, 2025.

Statutes affected:
Introduced: 41-28-1, 41-28-2, 41-28-4, 41-28-5, 41-28-11, 41-28-12, 41-28-13, 41-28-14, 41-28-15, 41-28-16, 41-28-17
Engrossed: 41-28-1, 41-28-2, 41-28-4, 41-28-5, 41-28-11, 41-28-12, 41-28-13, 41-28-14, 41-28-15, 41-28-16, 41-28-17, 41-28-18
Enrolled: 41-28-1, 41-28-2, 41-28-4, 41-28-5, 41-28-11, 41-28-12, 41-28-13, 41-28-14, 41-28-15, 41-28-16, 41-28-17, 41-28-18