SB0472: A BILL FOR AN ACT to amend the Indiana Code concerning state offices and administration and to make an appropriation.

Page last updated: Sunday, April 20, 2025 at 7:53 PM (America/Indianapolis).

General Information

Stage: Senate Bill (S)
Current Chamber: senate
Origin Chamber: senate
Description: Cybersecurity.

Legislators

Authors (2)

Coauthors (1)

Senator Lonnie Randolph (Democratic)

Sponsors (1)

Representative Matt Lehman (Republican)

Cosponsors (3)

Advisors (0)

Conferees (0)

Actions (21 total)

Apr 16, 2025, 11:52 AM: Motion to concur filed
Apr 16, 2025, 4:02 AM: Returned to the Senate with amendments
Apr 15, 2025, 11:21 AM: Third reading: passed; Roll Call 454: yeas 97, nays 0
Apr 14, 2025, 12:24 PM: Second reading: ordered engrossed
Apr 10, 2025, 7:23 AM: Committee report: amend do pass, adopted
Mar 24, 2025, 10:15 AM: Recommitted to Committee on Ways and Means pursuant to House Rule 126.3
Mar 24, 2025, 9:51 AM: Committee report: amend do pass, adopted
Mar 17, 2025, 10:08 AM: Representative O'Brien added as cosponsor
Mar 3, 2025, 7:22 AM: First reading: referred to Committee on Government and Regulatory Reform
Feb 21, 2025, 3:46 AM: Referred to the House
Feb 20, 2025, 8:40 AM: Cosponsors: Representatives Morris and Lopez
Feb 20, 2025, 8:40 AM: House sponsor: Representative Lehman
Feb 20, 2025, 8:33 AM: Third reading: passed; Roll Call 200: yeas 47, nays 2
Feb 17, 2025, 10:04 AM: Second reading: amended, ordered engrossed
Feb 17, 2025, 10:04 AM: Amendment #1 (Brown L) prevailed; voice vote
Feb 13, 2025, 11:56 AM: Senator Randolph added as coauthor
Feb 13, 2025, 9:09 AM: Committee report: amend do pass, adopted
Jan 23, 2025, 8:40 AM: Committee report: amend do pass adopted; reassigned to Committee on Appropriations
Jan 16, 2025, 6:31 AM: Senator Buchanan added as second author
Jan 13, 2025, 7:05 AM: First reading: referred to Committee on Commerce and Technology
Jan 13, 2025, 7:05 AM: Authored by Senator Brown L

Digest

Requires political subdivisions, state agencies, school corporations, and state educational institutions (public entities), with the exception of specified categories of hospitals and the Indianapolis department of public utilities (department), to adopt not later than December 31, 2027, a: (1) technology resources policy; and (2) cybersecurity policy; that meet specified requirements. Provides the department is not required to report a cybersecurity incident to the office of technology (office). Requires the office to develop: (1) standards and guidelines regarding cybersecurity for use by political subdivisions and state educational institutions; and (2) a uniform cybersecurity policy for use by state agencies. Requires the office to develop, in collaboration with the department of education: (1) a uniform technology resources policy governing use of technology resources by the employees of school corporations; and (2) a uniform cybersecurity policy for use by school corporations. Requires: (1) a public entity to biennially submit to the office the cybersecurity policy adopted by the public entity; and (2) the office to establish a procedure for collecting and maintaining a record of submitted cybersecurity policies. Requires a public entity that engages a third party to conduct an assessment of the public entity's cybersecurity policy to provide the results of the assessment to the office.