The bill amends the Clean and Renewable Energy and Energy Waste Reduction Act by adding a new section that establishes security requirements for operators of battery energy storage systems. It mandates that these operators implement security measures to protect against cyberattacks, physical attacks, and cyber disruptions affecting critical functions such as cooling and fire suppression. Additionally, operators are required to develop a risk-based cybersecurity and resilience program aligned with nationally recognized frameworks, and to utilize specific safety systems, including thermal runaway mitigation and redundant cooling controls.

Furthermore, the bill requires operators to maintain an incident response plan and a disaster recovery plan that outlines roles, communication procedures, and system restoration priorities. Violations of these requirements can result in civil fines of up to $25,000 per day, with each day of non-compliance considered a separate violation. The bill also defines key terms such as "battery energy storage facility" and "safety-critical systems" to clarify the scope of the regulations. The provisions of this amendatory act will take effect 90 days after being enacted into law.

Statutes affected:
House Introduced Bill: 460.1001, 460.1232