2

Note

P.L. 2023, CHAPTER 54, approved May 8, 2023

Assembly, No. 4836 (First Reprint)

An Act concerning ¹[State emergency response plans] cybersecurity incidents¹ and amending P.L.1989, c.222.

Be It Enacted by the Senate and General Assembly of the State of New Jersey:

1. Section 18 of P.L.1989, c.222 (C.App.A:9-43.1) is amended to read as follows:

18. The State Office of Emergency Management shall adopt a State Emergency Operations Plan, including rules, regulations, and guidelines, that shall be reviewed and updated at least every two years.

a. The plan shall include, but not be limited to, provisions which shall be developed in consultation with:

(1) the Department of Agriculture, to support the needs of animals and individuals with an animal under their care, including domestic livestock, a domesticated animal, or a service animal, in a major disaster or emergency; [and] ¹and¹

(2) the Department of Health, to provide for a coordinated Statewide evacuation strategy for all hospitals and other health care facilities in the State, alternative sources of care for evacuated patients, and proposed sites of temporary shelter in the event of an emergency. The Statewide evacuation strategy shall be based on evacuation plans prepared pursuant to section 19 of P.L.1989, c.222 (C.App.A:9-43.2) and submitted to the State Office of Emergency Management by each county and municipality in the State pursuant to section 21 of P.L.1989, c.222 (C.App.A:9-43.4)¹[; and

(3) the Office of Information Technology, to develop a coordinated Statewide response plan to address Internet outages caused by a cyberattack or other natural or human-made disaster]¹.

b. The plan shall:

(1) include provisions that specifically address the need for the safe and timely evacuation of the families and dependents of the emergency responders rendering major disaster or emergency services; ¹[and]¹

(2) incorporate the results of the risk assessment conducted in accordance with the county storm preparedness funding program established pursuant to section 2 of P.L.2017, c.63 (C.App.A:9-43.17) ¹; and

(3) incorporate a framework to address cybersecurity incidents that shall, at a minimum, serve as a mechanism to facilitate and coordinate preparation for detection, analysis, containment and eradication of, and recovery from, a cybersecurity incident, and to prescribe post-incident activity¹ .

c. In addition, the State Office of Emergency Management and each county and municipal emergency management agency shall take appropriate steps to educate the public regarding the resources available in the event of an emergency and the importance of emergency preparedness planning.

(cf: P.L.2017, c.63, s.3)

2. This act shall take effect immediately, but shall remain inoperative for 120 days following the date of enactment.

Requires Office of Emergency Management to incorporate into State Emergency Operations Plan framework to address cybersecurity incidents.