HOUSE BILL REPORT
HB 1561
This analysis was prepared by non-partisan legislative staff for the use of legislative members in their deliberations. This analysis is not a part of the legislation nor does it constitute a statement of legislative intent. |
As Passed House:
March 9, 2015
Title: An act relating to consideration of information technology security matters.
Brief Description: Concerning the consideration of information technology security matters.
Sponsors: Representatives Hudgins, Scott, Stanford, Magendanz, Ormsby, Smith, S. Hunt and Wylie.
Brief History:
Committee Activity:
State Government: 2/3/15, 2/12/15 [DP].
Floor Activity:
Passed House: 3/9/15, 98-0.
Brief Summary of Bill |
|
HOUSE COMMITTEE ON STATE GOVERNMENT |
Majority Report: Do pass. Signed by 7 members: Representatives S. Hunt, Chair; Bergquist, Vice Chair; Holy, Ranking Minority Member; Van Werven, Assistant Ranking Minority Member; Appleton, Gregory and Hawkins.
Staff: Marsha Reilly (786-7135).
Background:
The Open Public Meetings Act (OPMA) requires that all meetings of the governing body of a public agency be open to the public and all persons shall be allowed to attend. For the purposes of the OPMA, a public agency is defined broadly and includes, but is not limited to, any state board, commission, department, education institution, agency, local government, and special purposes district. A governing body is defined as the multimember board, commission, committee, council, or other policy or rulemaking body of a public agency or any committee acting on behalf of the public agency.
A governing body may hold executive sessions out of the public eye for certain enumerated purposes. One of these purposes is to discuss with legal counsel litigation or potential litigation to which the body is likely to become a party, when knowledge of the discussion is likely to result in adverse legal or financial consequences.
Summary of Bill:
A governing body may consider the following information in executive session:
infrastructure and security of computer and telecommunications networks;
security and service recovery plans;
security risk assessments and security test results to the extent vulnerabilities are identified; and
other information that, if made public, may increase the risk to the confidentiality, integrity, or availability of agency security or to information technology infrastructure or assets.
Appropriation: None.
Fiscal Note: Not requested.
Effective Date: The bill takes effect 90 days after adjournment of the session in which the bill is passed.
Staff Summary of Public Testimony:
(In support) The Public Records Act includes an exemption of certain security information and computer vulnerabilities but there is no similar exemption in the OPMA. Currently security information and computer vulnerabilities must be discussed in the open. There are many cyber attacks across the county. Relegating discussion of security information for executive session will safeguard vulnerabilities and protect a citizen's information.
Some security information is exempt. Information technology professionals are hesitant to identify security information. The bill allows for an accurate view of the issue without exposing some of the security information to the public. The safety of a citizen's data is more important than allowing open information on security issues. The language in the bill is the same that was adopted by the Sunshine Committee. Providing information to the public is good to the point that it does not endanger the public.
(Opposed) None.
Persons Testifying: Representative Hudgins, prime sponsor; and Michael Cockrill, Office of Chief Information Officer.
Persons Signed In To Testify But Not Testifying: None.