SEARCH SITE

VIRGINIA LAW PORTAL

SEARCHABLE DATABASES

ACROSS SESSIONS

Developed and maintained by the Division of Legislative Automated Systems.

2017 SESSION

17103578D
HOUSE BILL NO. 2047
Offered January 11, 2017
Prefiled January 10, 2017
A BILL to amend the Code of Virginia by adding in Article 1 of Chapter 6 of Title 2.2 a section number 2.2-614.5, relating to the review of existing contracts; security of government information, including citizen data.
----------
Patrons-- Murphy, Boysko, Krizek, Lindsey, Plum and Simon
----------
Referred to Committee on Science and Technology
----------

Be it enacted by the General Assembly of Virginia:

1. That the Code of Virginia is amended by adding in Article 1 of Chapter 6 of Title 2.2 a section number 2.2-614.5, as follows:

§ 2.2-614.5.  Periodic review of contracts; adherence to contract terms relating to the security of government information, including citizen data.

A. As used in this act:

"Contractor" means the same as that term is defined in § 2.2-4200 of the Code of Virginia.

"Executive branch agency" means the same as that term is defined in § 2.2-2006 of the Code of Virginia.

B. The Chief Information Officer of the Commonwealth (the CIO), in accordance with § 2.2-2009, the Director of the Department of General Services, and the Office of the Attorney General shall conduct a periodic review of existing contracts of executive branch agencies with contractors to ensure that such contract terms are being adhered to as they relate to the security of government information, including citizen data, and that appropriate precautions are being taken to address any cybersecurity vulnerabilities of such information and data.

C. Such review shall include review of existing contract terms and conditions to ensure that consistent levels of monitoring, reporting, and accountability of contractors and of any subcontractor thereof is contained therein.

D. If any such review reveals that the requirements of subsection C are not being met or that such contractors or subcontractors are not in compliance with applicable terms or conditions, the CIO, the Director of the Department of General Services, and the Office of the Attorney General, as appropriate, shall require such agencies to take action to modify, as is practicable, any existing contract or to modify such contracts that are renewable at the option of the agency.

E. The initial review required by this section shall be completed on or before January 1, 2018, and a written report shall be submitted to the Governor and the General Assembly by February 1, 2018. Thereafter, a periodic review shall be conducted at such times as deemed appropriate by the CIO, the Director of the Department of General Services, and the Office of the Attorney General.

2. That the provisions of this act shall apply to contracts entered into on or after July 1, 2017 and shall include any renewal of contracts on or after July 1, 2017.