Bill Tracking - 2010 session

SEARCH SITE

VIRGINIA LAW PORTAL

SEARCHABLE DATABASES

Bills & Resolutions
session legislation
Bill Summaries
session summaries
Reports to the General Assembly
House and Senate documents
Legislative Liaisons
State agency contacts

ACROSS SESSIONS

Subject Index: Since 1995
Bills & Resolutions: Since 1994
Summaries: Since 1994

Developed and maintained by the Division of Legislative Automated Systems.

2010 SESSION

history | hilite | pdf | print version

10100757D
SENATE BILL NO. 390 Offered January 13, 2010 Prefiled January 12, 2010 A BILL to amend and reenact її 2.2-106, 2.2-225, 2.2-1115.1, 2.2-1509.3, 2.2-2005, 2.2-2006, 2.2-2007, 2.2-2008, 2.2-2009, 2.2-2015, 2.2-2019, 2.2-2020, 2.2-2021, 2.2-2023, 2.2-2033, 23-38.111, and 23-77.4 of the Code of Virginia; to amend and reenact the third enactment of Chapters 758 and 812 of the 2009 Acts of Assembly; and to repeal Article 20 (її 2.2-2457, 2.2-2458, and 2.2-2458.1) of Chapter 24 of Title 2.2 of the Code of Virginia, relating to Information Technology governance in the Commonwealth, Chief Information Officer, and the Information Technology Investment Board; emergency. ---------- Patron-- McDougle ---------- Referred to Committee on General Laws and Technology ----------

Be it enacted by the General Assembly of Virginia:

1. That її 2.2-106, 2.2-225, 2.2-1115.1, 2.2-1509.3, 2.2-2005, 2.2-2006, 2.2-2007, 2.2-2008, 2.2-2009, 2.2-2015, 2.2-2019, 2.2-2020, 2.2-2021, 2.2-2023, 2.2-2033, 23-38.111, and 23-77.4 of the Code of Virginia are amended and reenacted as follows:

ї 2.2-106. Appointment of agency heads; severance.

A. Notwithstanding any provision of law to the contrary, the Governor shall appoint the administrative head of each agency of the executive branch of state government except the:

1. Executive Director of the Virginia Port Authority;

2. Director of the State Council of Higher Education for Virginia;

3. Executive Director of the Department of Game and Inland Fisheries;

4. Executive Director of the Jamestown-Yorktown Foundation;

5. Executive Director of the Motor Vehicle Dealer Board;

6. Librarian of Virginia;

7. Administrator of the Commonwealth's Attorneys' Services Council;

8. Executive Director of the Virginia Housing Development Authority; and

9. Executive Director of the Board of Accountancy~~; and~~

~~10. Chief Information Officer of the Commonwealth~~.

However, the manner of selection of those heads of agencies chosen as set forth in the Constitution of Virginia shall continue without change. Each administrative head and Secretary appointed by the Governor pursuant to this section shall (i) be subject to confirmation by the General Assembly, (ii) have the professional qualifications prescribed by law, and (iii) serve at the pleasure of the Governor.

B. As part of the confirmation process for each administrative head and Secretary, the Secretary of the Commonwealth shall provide copies of the resumes and statements of economic interests filed pursuant to ї 2.2-3117 to the chairs of the House of Delegates and Senate Committees on Privileges and Elections. For appointments made before January 1, copies shall be provided to the chairs within 30 days of the appointment or by January 7 whichever time is earlier; and for appointments made after January 1 through the regular session of that year, copies shall be provided to the chairs within seven days of the appointment. Each appointee shall be available for interviews by the Committees on Privileges and Elections or other applicable standing committee. For the purposes of this section and ї 2.2-107, there shall be a joint subcommittee of the House of Delegates and Senate Committees on Privileges and Elections consisting of five members of the House Committee and three members of the Senate Committee appointed by the respective chairs of the committees to review the resumes and statements of economic interests of gubernatorial appointees. The members of the House of Delegates shall be appointed in accordance with the principles of proportional representation contained in the Rules of the House of Delegates. No appointment confirmed by the General Assembly shall be subject to challenge by reason of a failure to comply with the provisions of this ~~paragraph~~ subsection pertaining to the confirmation process.

C. For the purpose of this section, "agency" includes all administrative units established by law or by executive order that are not (i) arms of the legislative or judicial branches of government; (ii) institutions of higher education as classified under її 23-253.7, 22.1-346, 23-14, and 23-252~~, and~~; (iii) regional planning districts, regional transportation authorities or districts, or regional sanitation districts; and (iv) assigned by law to other departments or agencies, not including assignments to secretaries under Article 7 (ї 2.2-215 et seq.) of Chapter 2 of this title.

D. Severance benefits provided to any departing agency head, whether or not appointed by the Governor, shall be publicly announced by the appointing authority prior to such departure.

ї 2.2-225. Position established; agencies for which responsible; additional powers.

The position of Secretary of Technology (the Secretary) is created. The Secretary shall be responsible to the Governor for the following agencies and boards: ~~Information Technology Investment Board,~~ Innovation and Entrepreneurship Investment Authority, Virginia Information Technologies Agency, Virginia Geographic Information Network Advisory Board, and the Wireless E-911 Services Board. The Governor, by executive order, may assign any other state executive agency to the Secretary, or reassign any agency listed in this section to another Secretary.

Unless the Governor expressly reserves such power to himself, the Secretary may, with regard to strategy development, planning and budgeting for technology programs in the Commonwealth:

1. Monitor trends and advances in fundamental technologies of interest and importance to the economy of the Commonwealth and direct and approve a stakeholder-driven technology strategy development process that results in a comprehensive and coordinated view of research and development goals for industry, academia and government in the Commonwealth. This strategy shall be updated biennially and submitted to the Governor, the Speaker of the House of Delegates and the President Pro Tempore of the Senate.

2. Work closely with the appropriate federal research and development agencies and program managers to maximize the participation of Commonwealth industries and universities in these programs consistent with agreed strategy goals.

3. Direct the development of plans and programs for strengthening the technology resources of the Commonwealth's high technology industry sectors and for assisting in the strengthening and development of the Commonwealth's Regional Technology Councils.

4. Direct the development of plans and programs for improving access to capital for technology-based entrepreneurs.

5. Assist the Joint Commission on Technology and Science created pursuant to ї 30-85 in its efforts to stimulate, encourage, and promote the development of technology in the Commonwealth.

6. Continuously monitor and analyze the technology investments and strategic initiatives of other states to ensure the Commonwealth remains competitive.

7. Strengthen interstate and international partnerships and relationships in the public and private sectors to bolster the Commonwealth's reputation as a global technology center.

8. Develop and implement strategies to accelerate and expand the commercialization of intellectual property created within the Commonwealth.

9. Ensure the Commonwealth remains competitive in cultivating and expanding growth industries, including life sciences, advanced materials and nanotechnology, biotechnology, and aerospace.

10. Monitor the trends in the availability and deployment of and access to broadband communications services, which include, but are not limited to, competitively priced, high-speed data services and Internet access services of general application, throughout the Commonwealth and advancements in communications technology for deployment potential. The Secretary shall report annually by December 1 to the Governor and General Assembly on those trends.

11. Terminate any major information technology project recommended for termination by the Chief Information Officer pursuant to ї 2.2-2015.

ї 2.2-1115.1. Standard vendor accounting information.

A. The Division, the Virginia Information Technologies Agency, and the State Comptroller shall develop and maintain data standards for use by all agencies and institutions for payments and purchases of goods and services pursuant to її 2.2-1115 and 2.2-2012. Such standards shall include at a minimum the vendor number, name, address, and tax identification number; commodity code, order number, invoice number, and receipt information; and other information necessary to appropriately and consistently identify all suppliers of goods, commodities, and other services to the Commonwealth. The Division, the Virginia Information Technologies Agency, and the State Comptroller shall annually review and update these standards to provide the Commonwealth information to monitor all procurement of goods and services and to implement adequate controls to pay only authorized providers of goods and services to the Commonwealth.

B. The Division and the Virginia Information Technologies Agency shall submit these standards to the Information Technology Investment Board in accordance with ї 2.2-2458 for approval as statewide technical and data standards for information technology.

ї 2.2-1509.3. Budget bill to include appropriations for major information technology projects.

A. For purposes of this section:

"Major information technology project" means the same as that term is defined in ї 2.2-2006.

"Major information technology project funding" means an estimate of each funding source for a major information technology project for the duration of the project.

B. In "The Budget Bill" submitted pursuant to ї 2.2-1509, the Governor shall provide for the funding of major information technology projects, as specified herein. Such funding recommendations shall be for major information technology projects that have or are pending project development approval as defined by ї 2.2-2019 or procurement approval as defined by ї 2.2-2020.

The Governor shall include in "The Budget Bill" submitted pursuant to ї 2.2-1509 a biennial appropriation for major information technology projects and the following information for each such project:

1. A brief statement explaining the project, the ~~Information Technology Investment Board's~~ Chief Information Officer's ranking and recommendations on the project ~~as required by ї 2.2-2458~~, an explanation, if necessary, if the Governor informed the Chief Information Officer that an emergency existed as set forth in ї 2.2-2008, and the anticipated duration of the project;

2. A brief explanation of the inclusion of any project in the budget bill that has not undergone review and approval by the ~~Information Technology Investment Board as required by ї 2.2-2458~~ Chief Information Officer;

3. Total estimated project costs, as defined by the Commonwealth's Project Management Standards, including the amount of the agency's or institution's operating appropriation, which will support the project, and long-term contract cost beyond the biennium;

4. Costs incurred to date, as defined by the Commonwealth's Project Management Standards, which includes both the project planning cost and internal operating costs to support the project;

5. Recommendations or comments of the Public-Private Partnership Advisory Commission, if the project is part of a proposal under the Public-Private Education Facilities and Infrastructure Act of 2002 (ї 56-575.1 et seq.); and

6. The ~~Information Technology Investment Board's~~ Chief Information Officer's assessment of the project and the status as of the date of the budget bill submission to the General Assembly.

C. The ~~Information Technology Investment Board~~ Secretary of Technology shall immediately notify each member of the Senate Finance Committee and the House Appropriations Committee of any ~~Board~~ decision to terminate ~~in accordance with ї 2.2-2458~~ any major information technology project in the budget bill. Such communication shall include the ~~Information Technology Investment Board's~~ reason for such termination.

ї 2.2-2005. Creation of Agency; appointment of Chief Information Officer.

A. There is hereby created the Virginia Information Technologies Agency (VITA), which shall serve as the agency responsible for administration and enforcement of the provisions of this Chapter ~~and the rules and policies of the Board~~.

B. The ~~Board~~ Governor shall appoint, subject to confirmation by the General Assembly, a Chief Information Officer (the CIO) ~~as the chief administrative officer of the Board~~ to oversee the operation of VITA. The CIO shall ~~be employed under special contract for a term not to exceed five years and shall~~, under the direction and control of the ~~Board~~ Governor, exercise the powers and perform the duties conferred or imposed upon him by law and perform such other duties as may be required by the ~~Board~~ Governor.

ї 2.2-2006. Definitions.

As used in this chapter:

~~"Board" means the Information Technology Investment Board created in ї 2.2-2457.~~

"CIO" means the Chief Information Officer.

"Communications services" includes telecommunications services, automated data processing services, and management information systems that serve the needs of state agencies and institutions.

"Confidential data" means information made confidential by federal or state law that is maintained by a state agency in an electronic format.

"Information technology" means telecommunications, automated data processing, databases, the Internet, management information systems, and related information, equipment, goods, and services. It is in the interest of the Commonwealth that its public institutions of higher education in Virginia be in the forefront of developments in technology. Therefore, the provisions of this chapter shall not be construed to hamper the pursuit of the missions of the institutions in instruction and research.

"Major information technology project" means any state agency information technology project that (i) is mission-critical, (ii) has statewide application, or (iii) has a total estimated cost of more than $1 million.

"Noncommercial telecommunications entity" means any public broadcasting station as defined in ї 2.2-2427.

"Public telecommunications entity" means any public broadcasting station as defined in ї 2.2-2427.

"Public telecommunications facilities" means all apparatus, equipment and material necessary for or associated in any way with public broadcasting stations or public broadcasting services as those terms are defined in ї 2.2-2427, including the buildings and structures necessary to house such apparatus, equipment and material, and the necessary land for the purpose of providing public broadcasting services, but not telecommunications services.

"Public telecommunications services" means public broadcasting services as defined in ї 2.2-2427.

"Secretary" means the Secretary of Technology.

"State agency" or "agency" means any agency, institution, board, bureau, commission, council, or instrumentality of state government in the executive branch listed in the appropriation act. However, the terms "state agency," "agency," "institution," "public body," and "public institution of higher education," shall not include the University of Virginia Medical Center.

"Technology asset" means hardware and communications equipment not classified as traditional mainframe-based items, including personal computers, mobile computers, and other devices capable of storing and manipulating electronic data.

"Telecommunications" means any origination, transmission, emission, or reception of signs, signals, writings, images, and sounds or intelligence of any nature, by wire, radio, television, optical, or other electromagnetic systems.

"Telecommunications facilities" means apparatus necessary or useful in the production, distribution, or interconnection of electronic communications for state agencies or institutions including the buildings and structures necessary to house such apparatus and the necessary land.

ї 2.2-2007. Powers of the CIO.

A. In addition to such other duties as the ~~Board~~ Governor may assign, the CIO shall:

1. Monitor trends and advances in information technology; develop a comprehensive, statewide, four-year strategic plan for information technology to include specific projects that implement the plan; and plan for the acquisition, management, and use of information technology by state agencies. The statewide plan shall be updated annually ~~and submitted to the Board for approval~~.

2. Direct the formulation and promulgation of policies, guidelines, standards, and specifications for the purchase, development, and maintenance of information technology for state agencies, including, but not limited to, those (i) required to support state and local government exchange, acquisition, storage, use, sharing, and distribution of geographic or base map data and related technologies, (ii) concerned with the development of electronic transactions including the use of electronic signatures as provided in ї 59.1-496, and (iii) necessary to support a unified approach to information technology across the totality of state government, thereby assuring that the citizens and businesses of the Commonwealth receive the greatest possible security, value, and convenience from investments made in technology.

3. Direct the development of policies and procedures, in consultation with the Department of Planning and Budget, that are integrated into the Commonwealth's strategic planning and performance budgeting processes, and that state agencies and public institutions of higher education shall follow in developing information technology plans and technology-related budget requests. Such policies and procedures shall require consideration of the contribution of current and proposed technology expenditures to the support of agency and institution priority functional activities, as well as current and future operating expenses, and shall be utilized by all state agencies and public institutions of higher education in preparing budget requests.

4. Review budget requests for information technology from state agencies and public institutions of higher education and recommend budget priorities to the ~~Information Technology Investment Board~~ Governor.

Review of such budget requests shall include, but not be limited to, all data processing or other related projects for amounts exceeding $100,000 in which the agency or institution has entered into or plans to enter into a contract, agreement or other financing agreement or such other arrangement that requires that the Commonwealth either pay for the contract by foregoing revenue collections, or allows or assigns to another party the collection on behalf of or for the Commonwealth any fees, charges, or other assessments or revenues to pay for the project. For each project, the agency or institution, with the exception of public institutions of higher education that meet the conditions prescribed in subsection B of ї 23-38.88, shall provide the CIO (i) a summary of the terms, (ii) the anticipated duration, and (iii) the cost or charges to any user, whether a state agency or institution or other party not directly a party to the project arrangements. The description shall also include any terms or conditions that bind the Commonwealth or restrict the Commonwealth's operations and the methods of procurement employed to reach such terms.

5. Direct the development of policies and procedures for the effective management of information technology investments throughout their entire life cycles, including, but not limited to, project definition, procurement, development, implementation, operation, performance evaluation, and enhancement or retirement. Such policies and procedures shall include, at a minimum, the periodic review by the CIO of agency and public institution of higher education information technology projects estimated to cost $1 million or more or deemed to be mission-critical or of statewide application by the CIO. The CIO shall provide technical guidance to the Department of General Services in the development of policies and procedures for the recycling and disposal of computers and other technology assets. Such policies and procedures shall include the expunging, in a manner as determined by the CIO, of all state confidential data and personal identifying information of citizens of the Commonwealth prior to such sale, disposal, or other transfer of computers or other technology assets.

6. Oversee and administer the Virginia Technology Infrastructure Fund created pursuant to ї 2.2-2023.

7. Periodically evaluate the feasibility of outsourcing information technology resources and services, and outsource those resources and services that are feasible and beneficial to the Commonwealth.

8. Have the authority to enter into contracts, and with the approval of the ~~Board~~ Governor for any contracts over $1 million, with one or more other public bodies, or public agencies or institutions or localities of the several states, of the United States or its territories, or the District of Columbia for the provision of information technology services.

9. Report annually to the Governor and the Joint Commission on Technology and Science created pursuant to ї 30-85 on the use and application of information technology by state agencies and public institutions of higher education to increase economic efficiency, citizen convenience, and public access to state government.

10. Direct the development of policies and procedures that require VITA to review information technology projects proposed by state agencies and institutions exceeding $100,000, and recommend whether such projects be approved or disapproved. The CIO shall disapprove projects between $100,000 and $1 million that do not conform to the statewide information plan or to the individual plans of state agencies or institutions of higher education.

B. Consistent with ї 2.2-2012, the CIO may enter into public-private partnership contracts to finance or implement information technology programs and projects. The CIO may issue a request for information to seek out potential private partners interested in providing programs or projects pursuant to an agreement under this subsection. The compensation for such services shall be computed with reference to and paid from the increased revenue or cost savings attributable to the successful implementation of the program or project for the period specified in the contract. The CIO shall be responsible for reviewing and approving the programs and projects and the terms of contracts for same under this subsection. The CIO shall determine annually the total amount of increased revenue or cost savings attributable to the successful implementation of a program or project under this subsection and such amount shall be deposited in the Virginia Technology Infrastructure Fund created in ї 2.2-2023. The CIO is authorized to use moneys deposited in the Fund to pay private partners pursuant to the terms of contracts under this subsection. All moneys in excess of that required to be paid to private partners, as determined by the CIO, shall be reported to the Comptroller and retained in the Fund. The CIO shall prepare an annual report to the Governor and General Assembly on all contracts under this subsection, describing each information technology program or project, its progress, revenue impact, and such other information as may be relevant.

ї 2.2-2008. Additional duties of the CIO relating to project management.

The CIO shall have the following duties relating to the management of information technology projects:

1. Develop an approval process for proposed major information technology projects by state agencies to ensure that all such projects conform to the statewide information management plan and the information management plans of agencies and public institutions of higher education.

2. Establish a methodology for conceiving, planning, scheduling and providing appropriate oversight for information technology projects including a process for approving the planning, development and procurement of information technology projects. Such methodology shall include guidelines for the establishment of appropriate oversight for information technology projects.

3. Establish minimum qualifications and training standards for project managers.

4. Review and approve all procurement solicitations involving major information technology projects.

5. Direct the development of any statewide or multiagency enterprise project.

6. Develop and update a project management methodology to be used by agencies in the development of information technology.

7. Establish an information clearinghouse that identifies best practices and new developments and contains detailed information regarding the Commonwealth's previous experiences with the development of major information technology projects.

8. Determine, prior to proceeding with the development of a major information technology project pursuant to ї 2.2-2019 or the procurement of any major information technology project pursuant to ї 2.2-2020, that the funding for such project has been included in the budget bill in accordance with ї 2.2-1509.3. ~~Notwithstanding the~~ The provisions of this subdivision, shall not apply upon determination by the Governor that an emergency exists and a major information technology project is necessary to address the emergency~~, the CIO shall refer such project directly to the Information Technology Investment Board~~.

ї 2.2-2009. Additional duties of the CIO relating to security of government information.

A. To provide for the security of state government electronic information from unauthorized uses, intrusions or other security threats, the CIO shall direct the development of policies, procedures and standards for assessing security risks, determining the appropriate security measures and performing security audits of government electronic information. Such policies, procedures, and standards will apply to the Commonwealth's executive, legislative, and judicial branches, and independent agencies and institutions of higher education. The CIO shall work with representatives of the Chief Justice of the Supreme Court and Joint Rules Committee of the General Assembly to identify their needs.

B. The CIO shall also develop policies, procedures, and standards that shall address the scope of security audits and the frequency of such security audits. In developing and updating such policies, procedures, and standards, the CIO shall designate a government entity to oversee, plan and coordinate the conduct of periodic security audits of all executive branch and independent agencies and institutions of higher education. The CIO will coordinate these audits with the Auditor of Public Accounts and the Joint Legislative Audit and Review Commission. The Chief Justice of the Supreme Court and the Joint Rules Committee of the General Assembly shall determine the most appropriate methods to review the protection of electronic information within their branches.

C. The CIO shall report to the Governor and General Assembly by December 2008 and annually thereafter, those executive branch and independent agencies and institutions of higher education that have not implemented acceptable policies, procedures, and standards to control unauthorized uses, intrusions, or other security threats. For any executive branch and independent agency or institution of higher education whose security audit results and plans for corrective action are unacceptable, the CIO shall report such results to the (i) ~~Information Technology Investment Board~~ Secretary of Technology, (ii) any other affected cabinet secretary, (iii) Governor, and (iv) Auditor of Public Accounts. Upon review of the security audit results in question, the ~~Information Technology Investment Board~~ CIO may take action to suspend the public ~~bodies~~ body's information technology projects pursuant to ~~subdivision 3 of ї 2.2-2458~~ ї 2.2-2015, limit additional information technology investments pending acceptable corrective actions, and recommend to the Governor any other appropriate actions.

D. All public bodies subject to such audits as required by this section shall fully cooperate with the entity designated to perform such audits and bear any associated costs. Public bodies that are not required to but elect to use the entity designated to perform such audits shall also bear any associated costs.

E. The provisions of this section shall not infringe upon responsibilities assigned to the Comptroller, the Auditor of Public Accounts, or the Joint Legislative Audit and Review Commission by other provisions of the Code of Virginia.

F. To ensure the security and privacy of citizens of the Commonwealth in their interactions with state government, the CIO shall direct the development of policies, procedures, and standards for the protection of confidential data maintained by state agencies against unauthorized access and use. Such policies, procedures, and standards shall include, but not be limited to:

1. Requirements that any state employee or other authorized user of a state technology asset provide passwords or other means of authentication to (i) use a technology asset and (ii) access a state-owned or operated computer network or database; and

2. Requirements that a digital rights management system or other means of authenticating and controlling an individual's ability to access electronic records be utilized to limit access to and use of electronic records that contain confidential data to authorized individuals.

G. The CIO shall promptly receive reports from directors of departments in the executive branch of state government made in accordance with ї 2.2-603 and shall take such actions as are necessary, convenient or desirable to ensure the security of the Commonwealth's electronic information and confidential data.

ї 2.2-2015. Authority of CIO to modify or suspend major information technology projects; project termination.

The CIO may direct the modification or suspension of any major information technology project that, as the result of a periodic review authorized by subdivision A 5 of ї 2.2-2007, has not met the performance measures agreed to by the CIO and the sponsoring agency or public institution of higher education or if he otherwise deems such action appropriate and consistent with the terms of any affected contracts. The CIO may recommend to the ~~Board~~ Secretary of Technology the termination of such project. Nothing in this section shall be construed to supersede the responsibility of a board of visitors for the management and operation of a public institution of higher education.

The provisions of this section shall not apply to research projects, research initiatives or instructional programs at public institutions of higher education. However, technology investments in research projects, research initiatives or instructional programs at such institutions estimated to cost $1 million or more of general fund appropriations may be reviewed as provided in subdivision A 5 of ї 2.2-2007 if the projects are deemed mission-critical by the institution or of statewide application by the CIO. The CIO and the Secretary of Education, in consultation with public institutions of higher education, shall develop and provide to such institution criteria to be used in determining whether projects are mission-critical.

ї 2.2-2019. Project development approval.

A. Upon approval of the CIO of the project plan, an agency shall submit to the Division a project development proposal containing (i) a detailed business case including a cost-benefit analysis; (ii) a business process analysis, if applicable; (iii) system requirements, if known; (iv) a proposed development plan and project management structure; and (v) a proposed resource or funding plan. The project management specialist may require the submission of additional information necessary to meet the criteria developed by the Division.

B. The project management specialist assigned to review the project development proposal shall recommend its approval or rejection to the CIO. ~~If the CIO determines that the proposal be approved, he shall recommend such approval to the Board.~~

ї 2.2-2020. Procurement approval for major information technology projects.

Upon approval of the ~~Board~~ CIO of the project development proposal involving a major information technology project that requires the procurement of goods or services, the agency shall submit a copy of any Invitation for Bid (IFB) or Request for Proposal (RFP) to the Division. The project management specialist shall review the IFB or RFP and recommend its approval or rejection to the CIO. The CIO shall have the final authority to approve the IFB or RFP prior to its release and shall approve the proposed contract for the award of the project.

ї 2.2-2021. Project oversight.

A. Whenever an agency has received approval from the ~~Board~~ CIO to proceed with the development and acquisition of a major information technology project, an internal agency oversight committee shall be established by the CIO. The internal agency oversight committee shall provide ongoing oversight for the project and have the authority to approve or reject any changes in the project's scope, schedule, or budget. The CIO shall ensure that the project has in place adequate project management and oversight structures for addressing major issues that could affect the project's scope, schedule or budget and shall address issues that cannot be resolved by the internal agency oversight committee.

B. Whenever a statewide or multiagency project has received approval from the ~~Board~~ CIO, the primary project oversight shall be conducted by a committee composed of representatives from agencies impacted by the project, which shall be established by the CIO.

ї 2.2-2023. Virginia Technology Infrastructure Fund created; contributions.

A. The Virginia Technology Infrastructure Fund (the Fund) is created in the state treasury. The Fund is to be used to fund major information technology projects or to pay private partners as authorized in subsection B of ї 2.2-2007.

B. The Fund shall consist of: (i) the transfer of general and nongeneral fund appropriations from state agencies which represent savings that accrue from reductions in the cost of information technology and communication services, (ii) the transfer of general and nongeneral fund appropriations from state agencies which represent savings from the implementation of information technology enterprise projects, (iii) funds identified pursuant to subsection B of ї 2.2-2007, (iv) such general and nongeneral fund fees or surcharges as may be assessed to agencies for enterprise technology projects, (v) gifts, grants, or donations from public or private sources, and (vi) such other funds as may be appropriated by the General Assembly. Savings shall be as identified by the CIO through a methodology approved by ~~the Board and~~ the Secretary of Finance. The Auditor of Public Accounts shall certify the amount of any savings identified by the CIO. For public institutions of higher education, however, savings shall consist only of that portion of total savings that represent general funds. The State Comptroller is authorized to transfer cash consistent with appropriation transfers. Appropriated funds from federal sources are exempted from transfer. Except for funds to pay private partners as authorized in subsection B of ї 2.2-2007, moneys in the Fund shall only be expended as provided by the appropriation act.

Interest earned on the Fund shall be credited to the Fund. The Fund shall be permanent and nonreverting. Any unexpended balance in the Fund at the end of the biennium shall not be transferred to the general fund of the state treasury.

ї 2.2-2033. Division of Enterprise Applications established; appointment of Virginia Chief Applications Officer.

A. There is hereby established within VITA a Division of Enterprise Applications (the Division) to oversee the Commonwealth's efforts to modernize the planning, development, implementation, improvement, and retirement of Commonwealth applications, including the coordination and development of enterprise-wide or multi-agency applications. The Division shall exercise the powers and duties conferred in this article.

B. The Division shall be headed by a Virginia Chief Applications Officer (CAO), appointed by and reporting to the CIO ~~with the advice and consent of the Board~~. The ~~Board shall provide the~~ CAO ~~with~~ shall have the powers necessary to direct the Commonwealth's efforts to modernize and oversee the planning, development, implementation, improvement, and retirement of enterprise-wide or multi-agency applications; to manage the Commonwealth portal; and to approve and oversee annual agency technology application budgets and contractor-based personnel IT services expenditures ~~for presentation to and approval by the Board~~.

ї 23-38.111. Information technology.

Subject to the terms of the management agreement, covered institutions may be exempt from the provisions governing the Virginia Information Technologies Agency, Chapter 20.1 (ї 2.2-2005 et seq.) of Title 2.2~~., and the provisions governing the Information Technologies Investment Board, Article 20 of Chapter 24 (ї 2.2-2457 et seq.) of Title 2.2~~; provided, however, that the governing body of a covered institution shall adopt, and the covered institution shall comply with, policies for the procurement of information technology goods and services, including professional services, that are consistent with the requirements of ї 23-38.110 and that include provisions addressing cooperative arrangements for such procurement as described in ї 23-38.110, and shall adopt and comply with institutional policies and professional best practices regarding strategic planning for information technology, project management, security, budgeting, infrastructure, and ongoing operations.

ї 23-77.4. Medical center management.

A. The General Assembly recognizes and finds that the economic viability of the University of Virginia Medical Center, hereafter referred to as the Medical Center, together with the requirement for its specialized management and operation, and the need of the Medical Center to participate in cooperative arrangements reflective of changes in health care delivery, as set forth in ї 23-77.3, are dependent upon the ability of the management of the Medical Center to make and implement promptly decisions necessary to conduct the affairs of the Medical Center in an efficient, competitive manner. The General Assembly also recognizes and finds that it is critical to, and in the best interests of, the Commonwealth that the University continue to fulfill its mission of providing quality medical and health sciences education and related research and, through the presence of its Medical Center, continue to provide for the care, treatment, health-related services, and education activities associated with Virginia patients, including indigent and medically indigent patients. Because the General Assembly finds that the ability of the University to fulfill this mission is highly dependent upon revenues derived from providing health care through its Medical Center, and because the General Assembly also finds that the ability of the Medical Center to continue to be a reliable source of such revenues is heavily dependent upon its ability to compete with other providers of health care that are not subject to the requirements of law applicable to agencies of the Commonwealth, the University is hereby authorized to implement the following modifications to the management and operation of the affairs of the Medical Center in order to enhance its economic viability:

B. Capital projects; leases of property; procurement of goods, services and construction.

1. Capital projects.

a. For any Medical Center capital project entirely funded by a nongeneral fund appropriation made by the General Assembly, all post-appropriation review, approval, administrative, and policy and procedure functions performed by the Department of General Services, the Division of Engineering and Buildings, the Department of Planning and Budget and any other agency that supports the functions performed by these departments are hereby delegated to the University, subject to the following stipulations and conditions: (i) the Board of Visitors shall develop and implement an appropriate system of policies, procedures, reviews and approvals for Medical Center capital projects to which this subdivision applies; (ii) the system so adopted shall provide for the review and approval of any Medical Center capital project to which this subdivision applies in order to ensure that, except as provided in clause (iii), the cost of any such capital project does not exceed the sum appropriated therefor and that the project otherwise complies with all requirements of the Code of Virginia regarding capital projects, excluding only the post-appropriation review, approval, administrative, and policy and procedure functions performed by the Department of General Services, the Division of Engineering and Buildings, the Department of Planning and Budget and any other agency that supports the functions performed by these departments; (iii) the Board of Visitors may, during any fiscal year, approve a transfer of up to a total of 15 percent of the total nongeneral fund appropriation for the Medical Center in order to supplement funds appropriated for a capital project or capital projects of the Medical Center, provided that the Board of Visitors finds that the transfer is necessary to effectuate the original intention of the General Assembly in making the appropriation for the capital project or projects in question; (iv) the University shall report to the Department of General Services on the status of any such capital project prior to commencement of construction of, and at the time of acceptance of, any such capital project; and (v) the University shall ensure that Building Officials and Code Administrators (BOCA) Code and fire safety inspections of any such project are conducted and that such projects are inspected by the State Fire Marshal or his designee prior to certification for building occupancy by the University's assistant state building official to whom such inspection responsibility has been delegated pursuant to ї 36-98.1. Nothing in this section shall be deemed to relieve the University of any reporting requirement pursuant to ї 2.2-1513. Notwithstanding the foregoing, the terms and structure of any financing of any capital project to which this subdivision applies shall be approved pursuant to ї 2.2-2416.

b. No capital project to which this subdivision applies shall be materially increased in size or materially changed in scope beyond the plans and justifications that were the basis for the project's appropriation unless: (i) the Governor determines that such increase in size or change in scope is necessary due to an emergency or (ii) the General Assembly approves the increase or change in a subsequent appropriation for the project. After construction of any such capital project has commenced, no such increase or change may be made during construction unless the conditions in (i) or (ii) have been satisfied.

2. Leases of property.

a. The University shall be exempt from the provisions of ї 2.2-1149 and from any rules, regulations and guidelines of the Division of Engineering and Buildings in relation to leases of real property that it enters into on behalf of the Medical Center and, pursuant to policies and procedures adopted by the Board of Visitors, may enter into such leases subject to the following conditions: (i) the lease must be an operating lease and not a capital lease as defined in guidelines established by the Secretary of Finance and Generally Accepted Accounting Principles (GAAP); (ii) the University's decision to enter into such a lease shall be based upon cost, demonstrated need, and compliance with guidelines adopted by the Board of Visitors which direct that competition be sought to the maximum practical degree, that all costs of occupancy be considered, and that the use of the space to be leased actually is necessary and is efficiently planned; (iii) the form of the lease is approved by the Special Assistant Attorney General representing the University; (iv) the lease otherwise meets all requirements of law; (v) the leased property is certified for occupancy by the building official of the political subdivision in which the leased property is located; and (vi) upon entering such leases and upon any subsequent amendment of such leases, the University shall provide copies of all lease documents and any attachments thereto to the Department of General Services.

b. Notwithstanding the provisions of її 2.2-1155 and 23-4.1, but subject to policies and procedures adopted by the Board of Visitors, the University may lease, for a purpose consistent with the mission of the Medical Center and for a term not to exceed 50 years, property in the possession or control of the Medical Center.

c. Notwithstanding the foregoing, the terms and structure of any financing arrangements secured by capital leases or other similar lease financing agreements shall be approved pursuant to ї 2.2-2416.

3. Procurement of goods, services and construction.

Contracts awarded by the University in compliance with this section, on behalf of the Medical Center, for the procurement of goods; services, including professional services; construction; and information technology and telecommunications, shall be exempt from (i) the Virginia Public Procurement Act (ї 2.2-4300 et seq.), except as provided below; (ii) the requirements of the Division of Purchases and Supply of the Department of General Services as set forth in Article 3 (ї 2.2-1109 et seq.) of Chapter 11 of Title 2.2; (iii) the requirements of the Division of Engineering and Buildings as set forth in Article 4 (ї 2.2-1129 et seq.) of Chapter 11 of Title 2.2; and (iv) the authority of the Chief Information Officer and the Virginia Information Technologies Agency as set forth in Chapter 20.1 (ї 2.2-2005 et seq.) of Title 2.2 ~~and the Information Technology Investment Board created pursuant to ї 2.2-2457~~ regarding the review and approval of contracts for (a) the construction of Medical Center capital projects and (b) information technology and telecommunications projects; however, the provisions of this subdivision may not be implemented by the University until such time as the Board of Visitors has adopted guidelines generally applicable to the procurement of goods, services, construction and information technology and telecommunications projects by the Medical Center or by the University on behalf of the Medical Center. Such guidelines shall be based upon competitive principles and shall in each instance seek competition to the maximum practical degree. The guidelines shall implement a system of competitive negotiation for professional services; shall prohibit discrimination because of race, religion, color, sex, or national origin of the bidder or offeror in the solicitation or award of contracts; may take into account in all cases the dollar amount of the intended procurement, the term of the anticipated contract, and the likely extent of competition; may implement a prequalification procedure for contractors or products; may include provisions for cooperative procurement arrangements with private health or educational institutions, or with public agencies or institutions of the several states, territories of the United States or the District of Columbia; shall incorporate the prompt payment principles of її 2.2-4350 and 2.2-4354; and may implement provisions of law. The following sections of the Virginia Public Procurement Act shall continue to apply to procurements by the Medical Center or by the University on behalf of the Medical Center: її 2.2-4311, 2.2-4315, and 2.2-4342 (which section shall not be construed to require compliance with the prequalification application procedures of subsection B of ї 2.2-4317), 2.2-4330, 2.2-4333 through 2.2-4341, and 2.2-4367 through 2.2-4377.

C. Subject to such conditions as may be prescribed in the budget bill under ї 2.2-1509 as enacted into law by the General Assembly, the State Comptroller shall credit, on a monthly basis, to the nongeneral fund operating cash balances of the University of Virginia Medical Center the imputed interest earned by the investment of such nongeneral fund operating cash balances, including but not limited to those balances derived from patient care revenues, on deposit with the State Treasurer.

2. That the third enactment of Chapter 758 of the Acts of Assembly of 2009 is amended and reenacted as follows:

3. That the Department of General Services, the Virginia Information Technologies Agency, and the State Comptroller shall submit to the Information Technology Investment Board the standards required pursuant to ї 2.2-1115.1 of this act by December 1, 2009. The Department of General Services and the Virginia Information Technologies Agency shall undertake to use these standards in the Commonwealth's enterprise electronic procurement system upon approval by the ~~Information Technology Investment Board~~ Secretary of Technology and make the standards available for use by all agencies and institutions by July 1, 2010. After July 1, 2010, the Department of General Services shall provide purchasing data from the Commonwealth's enterprise electronic procurement system, to the extent it is available, at least quarterly for inclusion in the Auditor of Public Accounts' searchable database established pursuant to ї 30-133 of the Code of Virginia. All agencies and institutions that use the standards developed pursuant to this act that have not previously reported data to the Auditor of Public Accounts through the Commonwealth's enterprise electronic procurement system shall, to the extent practicable, provide such data to the Auditor of Public Accounts at least quarterly beginning after July 1, 2010.

3. That the third enactment of Chapter 812 of the Acts of Assembly of 2009 is amended and reenacted as follows:

4. That Article 20 (її 2.2-2457, 2.2-2458, and 2.2-2458.1) of Chapter 24 of Title 2.2 of the Code of Virginia is repealed.

5. That an emergency exists and this act is in force from its passage.