The bill HB207 amends the Code of Alabama 1975 to enhance the governance and management of information technology and cybersecurity within state agencies. Key insertions include the expansion of the Office of Information Technology's responsibilities to include cybersecurity, the establishment of a Telecommunications Revolving Fund, and the creation of a technology quality assurance board. New definitions are introduced, such as "cybersecurity" and "technology contract," while existing articles related to the Division of Data Systems Management and the Telecommunications Division are repealed to streamline state technology management. The bill also clarifies the powers of the Secretary of Information Technology, emphasizing the development of a comprehensive strategic plan for state information technology.

Additionally, the bill outlines specific regulations for the procurement and operation of telecommunications and cybersecurity equipment, requiring written approval for expenditures and mandating background checks for individuals with access to sensitive information. It also emphasizes the importance of compatibility and efficiency in technology systems across state agencies. Notably, the term "regulations" is replaced with "adopt," and the inventory of information technology resources is exempt from public disclosure. The bill is set to take effect on October 1, 2025, following its certification by the House of Representatives and passage by the Senate.

Statutes affected:
Introduced: 41-28-1, 41-28-2, 41-28-4, 41-28-5, 41-28-11, 41-28-12, 41-28-13, 41-28-14, 41-28-15, 41-28-16, 41-28-17
Engrossed: 41-28-1, 41-28-2, 41-28-4, 41-28-5, 41-28-11, 41-28-12, 41-28-13, 41-28-14, 41-28-15, 41-28-16, 41-28-17, 41-28-18
Enrolled: 41-28-1, 41-28-2, 41-28-4, 41-28-5, 41-28-11, 41-28-12, 41-28-13, 41-28-14, 41-28-15, 41-28-16, 41-28-17, 41-28-18