The bill HB207 amends the Code of Alabama 1975 to enhance the governance and management of information technology and cybersecurity across state agencies. Key insertions include the expansion of the Office of Information Technology's responsibilities to include cybersecurity, the establishment of a Telecommunications Revolving Fund, and the creation of a technology quality assurance board. New definitions are introduced, such as "cybersecurity" and "telecommunications equipment," while the bill also grants the office the authority to conduct criminal history background checks on individuals accessing sensitive technology infrastructure. Additionally, it mandates that all telecommunications and cybersecurity equipment and services be managed under state jurisdiction, with user agencies responsible for their share of costs.

Significant deletions from current law involve the repeal of Articles related to the Division of Data Systems Management and the Telecommunications Division of the Department of Finance, streamlining the structure of state technology management. The role of the Secretary of Information Technology is redefined to also include the title of Chief Information Officer. The bill emphasizes the importance of compatibility and efficiency in technology procurement and implementation, while also ensuring that the inventory of information technology resources remains confidential to enhance security. The bill is set to take effect on October 1, 2025, following its approval by both the House and Senate.

Statutes affected:
Introduced: 41-28-1, 41-28-2, 41-28-4, 41-28-5, 41-28-11, 41-28-12, 41-28-13, 41-28-14, 41-28-15, 41-28-16, 41-28-17
Engrossed: 41-28-1, 41-28-2, 41-28-4, 41-28-5, 41-28-11, 41-28-12, 41-28-13, 41-28-14, 41-28-15, 41-28-16, 41-28-17, 41-28-18
Enrolled: 41-28-1, 41-28-2, 41-28-4, 41-28-5, 41-28-11, 41-28-12, 41-28-13, 41-28-14, 41-28-15, 41-28-16, 41-28-17, 41-28-18