Download Zipped Amended WP 8.0 SB0056.ZIP 11,757 Bytes
[Introduced][Status][Bill Documents][Fiscal Note][Bills Directory]
S.B. 56
1
2
3
4
5
6 AN ACT RELATING TO DIGITAL SIGNATURES AND THE CHIEF INFORMATION
7 OFFICER; PROVIDING FOR THE CREATION, MAINTENANCE, AND FUNDING OF A
8 CENTRAL REPOSITORY FOR INFORMATION RELATING TO THE ISSUANCE OF
9 DIGITAL CERTIFICATES BY GOVERNMENTAL ENTITIES; AUTHORIZING
10 GOVERNMENTAL ENTITIES, PARTICULARLY COUNTY CLERKS, TO PARTICIPATE
11 AND CHARGE FEES; h AND h ENUMERATING CHIEF INFORMATION OFFICER'S DUTIES
11a h [
12 PROVIDING AN APPROPRIATION OF $40,000 FOR FISCAL YEAR 2000-01 TO THE CHIEF
13 INFORMATION OFFICER
14 This act affects sections of Utah Code Annotated 1953 as follows:
15 AMENDS:
16 63D-1-301.5, as last amended by Chapters 18 and 307, Laws of Utah 1999
17 ENACTS:
18 46-3-601, Utah Code Annotated 1953
19 46-3-602, Utah Code Annotated 1953
20 Be it enacted by the Legislature of the state of Utah:
21 Section 1. Section 46-3-601 is enacted to read:
22
23 46-3-601. Central repository for digital certificate information -- Fee.
24 (1) The chief information officer shall:
25 (a) designate an existing state repository or create a new repository that is a secure, central
26 repository for the maintenance of any appropriate information relating to the issuance of digital
27 certificates; and
28 (b) develop policies regarding the issuance of digital certificates by governmental entities
29 as provided in Section 63D-1-301.5 .
30 (2) Any participating governmental entity may charge a fee to cover administrative costs
31 and the fee required to be remitted to the state under Subsection (3).
32 (3) Of the fee collected by a participating governmental entity pursuant to Subsection (2),
33 h [
33a be:
34 (a) remitted to the state agency maintaining the repository in Subsection (1)(a); and
35 (b) deposited in the General Fund as a dedicated credit for that state agency, to maintain
36 the repository and assist in the issuance of the digital certificates pursuant to this part and Section
37 63D-1-301.5 .
38 (4) Any money at the end of the fiscal year in excess of the dedicated credit required by
39 Subsection (3) shall lapse to the General Fund.
40 h [
41 reimbursed to the General Fund, the state agency maintaining the repository shall reevaluate the
42 fee to be remitted to it under Subsection (3) to determine whether any modification needs to be
43 made to the fee amount to be remitted by participating governmental entities.
44 h [
45 through the use of a digital certificate may establish a transaction fee, pursuant to Section
46 63-38-3.2 , a portion of which may be remitted to the licensed certification authority which issued
47 the digital certificate being used.
48 Section 2. Section 46-3-602 is enacted to read:
49 46-3-602. County clerk participation and fee authorization.
50 A county clerk may:
51 (1) participate in the issuance of digital certificates to citizens to facilitate electronic
52 transactions with governmental entities according to the digital certificate policy issued by the
53 chief information officer pursuant to Section 63D-1-301.5 ; and
54 (2) charge a fee for the service in Subsection (1), a portion of which shall be remitted to
55 the agency maintaining the state repository pursuant to Section 46-3-601 .
56 Section 3. Section 63D-1-301.5 is amended to read:
57 63D-1-301.5. Chief information officer -- Duties.
58 (1) The chief information officer shall:
59 (a) develop specific information technology objectives, policies, procedures, and standards
60 to guide the development of information systems within state government to achieve maximum
61 economy and quality while preserving optimum user flexibility, including:
62 (i) policies, standards, and procedures for appropriate interchange of information, optimum
63 service, and minimum costs;
64 (ii) policies for costing all information technology services performed by any state
65 information technology cost recovery center so that every cost recovery center charges its users a
66 rate for services that is both equitable and sufficient to recover all the costs of its operation,
67 including the cost of capital equipment and facilities;
68 (iii) policies governing coordination, cooperation, joint efforts, working relationships, and
69 cost accounting relative to the development and maintenance of information technology and
70 information systems; and
71 (iv) policies to ensure the protection of individual privacy and guarantee the exclusive
72 control to a user of its own data;
73 (b) coordinate the preparation of agency information technology plans within state
74 government, encompassing both short-term and long-term needs that support the agency's and the
75 state's strategic plans, including Utah Tomorrow;
76 (c) require each state agency to submit semiannually an agency information technology
77 plan containing the information required by Subsection (2) before the legislative session in which
78 the budget request will be heard and no later than the June 15 after the legislative session in which
79 the budget request was authorized to the chief information officer;
80 (d) upon receipt of a state agency's information technology plan:
81 (i) provide a complete copy of that plan to the director of the Division of Information
82 Technology Services;
83 (ii) review and approve or disapprove agency information technology plans to ensure that
84 these plans are the most economically viable and are the best solution to the agency's needs and
85 the state's needs; and
86 (iii) approve or disapprove of and coordinate the acquisition of information technology
87 equipment, telecommunications equipment, and related services for all agencies of state
88 government;
89 (e) facilitate the implementation of agency plans;
90 (f) establish priorities in terms of both importance and time sequencing for the
91 development and implementation of information systems;
92 (g) monitor information systems development to promote maximum use of existing state
93 information resources;
94 (h) advise the governor on information technology policy and make recommendations to
95 the governor regarding requests for appropriations for information technology equipment and
96 personnel;
97 (i) maintain liaison with the legislative and judicial branches, the Board of Regents, the
98 State Board of Education, local government, federal government, business and industry, and
99 consumers to promote cooperation and make recommendations regarding information resources;
100 (j) conduct performance audits of state information technology management, planning, and
101 the use of information technology resources and distribute copies of the audit reports as provided
102 in Subsection (3);
103 (k) prepare an annual report to the governor and to the Legislature's Public Utilities and
104 Technology Interim Committee and the Information Technology Commission that:
105 (i) summarizes the state's current and projected use of information technology; and
106 (ii) includes a description of major changes in state policy and a brief description of each
107 state agency's plan;
108 (l) inform each state entity of the requirements of Section 63D-1-105 ; [
109 (m) as permitted by law, coordinate the efforts of state government to provide services and
110 transactions through the Internet[
111 (n) designate an existing state repository or create a new repository that is secure and
112 central for the maintenance of any appropriate information relating to the issuance of digital
113 certificates as provided in Section 46-3-601 ; and
114 (o) develop a digital certificate policy pursuant to Subsection (6).
115 (2) (a) Each state agency information technology plan shall include information about
116 planned information technology objectives and expenditures for the next year in the level of detail
117 and format specified by the chief information officer.
118 (b) The plans in Subsection (2)(a) shall include the progress of each state agency toward
119 making the agency's services available on the Internet as provided in Section 63D-1-105 .
120 (3) (a) Upon completion of an audit report produced under authority of Subsection (1)(j),
121 the chief information officer shall:
122 (i) provide copies of all audit reports to:
123 (A) the agency audited;
124 (B) the governor;
125 (C) the Office of Legislative Fiscal Analyst;
126 (D) the Public Utilities and Technology Interim Committee; and
127 (E) the Information Technology Commission; and
128 (ii) present the performance audit findings to the Information Technology Policy and
129 Strategy Committee at their next meeting.
130 (b) Each state agency shall provide the chief information officer with complete access to
131 all information technology records, documents, and reports, including electronic, analog, or digital,
132 when requested for the purpose of a performance audit.
133 (4) The rate for services established by an information technology cost recovery center,
134 and reviewed by the chief information officer, may be lowered if the Legislature appropriates
135 monies to the cost recovery center for the specific purpose of lowering rates.
136 (5) (a) The chief information officer shall receive reports from the director of the Division
137 of Information Technology Services regarding the division's:
138 (i) budget;
139 (ii) strategic plans, including services the division is or plans to offer agencies;
140 (iii) major expenditure plans; and
141 (iv) any other items determined jointly by the executive director and the chief information
142 officer.
143 (b) The chief information officer shall have authority to approve or disapprove any of the
144 items listed in Subsection (5)(a).
145 (6) The chief information officer shall:
146 (a) develop a digital certificate policy which includes:
147 (i) indicating the level of identity S [
147a certificates issued by any
148 governmental entity to be valid for transacting business online with state agencies and political
149 subdivisions;
150 (ii) requiring any certification authority from which the digital certificates are acquired to
151 be licensed in the state pursuant to Title 46, Chapter 3, Utah Digital Signature Act;
152 (iii) providing for the security of the information in the repository, including who is
153 permitted access to the information; and
154 (iv) indicating the appropriate use and retention of the information in the repository;
155 (b) assist governmental entities desiring to transact business with citizens electronically
156 to develop programs using digital certificates; and
157 (c) designate the state repository pursuant to Section 46-3-601 .
158 h [
159 (1) For fiscal year 2000-01 only, there is appropriated from the General Fund $40,000 to
160 the office of the chief information officer.
161 (2) It is the intent of the Legislature that the chief information officer shall transfer this
162 money to the agency designated pursuant to Sections 46-3-601 and 63D-1-301.5 to create or
163 maintain the state repository for appropriate information relating to the issuance of digital
164 certificates
Legislative Review Note
as of 2-8-00 12:45 PM
A limited legal review of this legislation raises no obvious constitutional or statutory concerns.