House
File
651
-
Introduced
HOUSE
FILE
651
BY
COMMITTEE
ON
INFORMATION
TECHNOLOGY
(SUCCESSOR
TO
HSB
111)
A
BILL
FOR
An
Act
relating
to
the
office
of
the
chief
information
officer,
1
including
procurement
preferences
and
a
report
detailing
2
state
information
technology
assets,
budgetary
reporting,
3
and
including
effective
date
provisions.
4
BE
IT
ENACTED
BY
THE
GENERAL
ASSEMBLY
OF
THE
STATE
OF
IOWA:
5
TLSB
1409HV
(3)
89
jda/rn
H.F.
651
DIVISION
I
1
CLOUD
COMPUTING
2
Section
1.
Section
8B.1,
Code
2021,
is
amended
by
adding
the
3
following
new
subsections:
4
NEW
SUBSECTION
.
2A.
“Cloud
computing”
means
the
same
as
5
defined
in
the
United
States
national
institute
of
standards
6
and
technology’s
special
publication
800-145.
7
NEW
SUBSECTION
.
5A.
“Foreign
government”
means
a
government
8
other
than
the
government
of
the
United
States,
its
states,
9
territories,
or
possessions.
10
Sec.
2.
Section
8B.9,
Code
2021,
is
amended
by
adding
the
11
following
new
subsection:
12
NEW
SUBSECTION
.
5A.
An
annual
report
regarding
the
cloud
13
computing
solutions
the
office
procured
pursuant
to
section
14
8B.24,
subsection
5A.
The
annual
report
shall
include
all
of
15
the
following:
16
a.
The
cost,
security,
and
capacity
of
the
cloud
computing
17
solutions.
18
b.
The
compatibility
of
the
cloud
computing
solutions
with
19
associated
state
information
technology
applications.
20
c.
The
cloud
computing
solutions’
compliance
with
state
21
and
federal
laws,
regulations,
and
standards
for
information
22
technology.
23
Sec.
3.
Section
8B.9,
subsection
6,
Code
2021,
is
amended
24
to
read
as
follows:
25
6.
Beginning
October
1,
2019,
a
quarterly
an
annual
report
26
regarding
the
status
of
technology
upgrades
or
enhancements
27
for
state
agencies,
submitted
to
the
general
assembly
and
to
28
the
chairpersons
and
ranking
members
of
the
senate
and
house
29
committees
on
appropriations.
The
quarterly
annual
report
30
shall
also
include
a
listing
of
state
agencies
coordinating
or
31
working
with
the
office
and
a
listing
of
state
agencies
not
32
coordinating
or
working
with
the
office.
33
Sec.
4.
Section
8B.24,
Code
2021,
is
amended
by
adding
the
34
following
new
subsection:
35
-1-
LSB
1409HV
(3)
89
jda/rn
1/
6
H.F.
651
NEW
SUBSECTION
.
5A.
a.
The
office
shall,
when
feasible,
1
procure
from
cloud
computing
service
providers
that
meet
or
2
exceed
applicable
state
and
federal
laws,
regulations,
and
3
standards
for
information
technology,
cloud
computing
solutions
4
and
other
information
technology
and
related
services
that
are
5
not
hosted
on
premises
by
the
state.
6
b.
The
office
shall
contract
with
multiple
cloud
computing
7
service
providers.
8
c.
The
control
and
ownership
of
state
data
stored
with
cloud
9
computing
service
providers
shall
remain
with
the
state.
The
10
office
shall
ensure
the
portability
of
state
data
stored
with
11
cloud
computing
service
providers.
12
d.
Cloud
computing
service
providers
shall
store
state
data
13
on
servers
located
within
the
United
States.
The
servers
on
14
which
state
data
is
stored
shall
not
be
under
the
control
of
a
15
foreign
government.
16
e.
For
purposes
of
this
subsection,
“cloud
computing
service
17
provider”
includes
third-party
vendors,
the
state
and
its
18
political
subdivisions,
and
any
other
person
that
meets
or
19
exceeds
applicable
state
and
federal
laws,
regulations,
and
20
standards
for
information
technology.
21
Sec.
5.
Section
8B.24,
subsection
6,
Code
2021,
is
amended
22
to
read
as
follows:
23
6.
The
office
shall
adopt
rules
pursuant
to
chapter
17A
to
24
implement
the
procurement
methods
and
procedures
provided
for
25
in
subsections
2
through
5
5A
.
26
Sec.
6.
INVENTORY
OF
INFORMATION
TECHNOLOGY
ASSETS,
CURRENT
27
CLOUD
COMPUTING
ADOPTION,
AND
CLOUD
COMPUTING
MIGRATION
PLAN
28
——
REPORT.
By
November
1,
2021,
the
office
of
the
chief
29
information
officer,
in
collaboration
with
other
state
agencies
30
and
departments,
shall
provide
a
report
to
the
general
assembly
31
that
includes
all
of
the
following:
32
1.
An
inventory
of
all
state
information
technology
33
applications,
including
the
date
a
state
agency
or
department
34
began
using
each
information
technology
application,
the
life
35
-2-
LSB
1409HV
(3)
89
jda/rn
2/
6
H.F.
651
expectancy
of
each
information
technology
application,
and
the
1
percentage
of
the
information
technology
applications
that
are
2
cloud-based
applications.
3
2.
Recommendations
regarding
state
information
technology
4
applications
that
should
migrate
to
cloud-based
applications.
5
Each
such
recommendation
shall
include
a
description
of
6
workloads
and
information
technology
applications
that
are
best
7
suited
to
migrate
to
cloud-based
applications
given
all
of
the
8
following
considerations:
9
a.
Whether
the
information
technology
application
has
10
underlying
storage,
networks,
or
infrastructure
that
supports
11
another
information
technology
application,
and
whether
the
12
information
technology
application
is
supported
by
another
13
information
technology
application.
14
b.
How
critical
the
information
technology
application
is
15
to
the
mission
of
the
state
agency
or
department.
16
c.
The
difficulty
of
migrating
the
information
technology
17
application
to
a
cloud-based
application.
18
d.
The
total
cost
of
ownership
of
the
target
environment
in
19
which
the
information
technology
application
shall
operate
if
20
migrated
to
a
cloud-based
application.
21
DIVISION
II
22
BUDGETARY
INFORMATION
23
Sec.
7.
Section
8.6,
subsection
16,
paragraph
b,
Code
2021,
24
is
amended
to
read
as
follows:
25
b.
The
department
of
revenue,
the
department
of
26
administrative
services,
the
office
of
the
chief
information
27
officer,
the
institutions
governed
by
the
state
board
of
28
regents
pursuant
to
section
262.7
,
each
judicial
district’s
29
department
of
correctional
services,
and
the
state
department
30
of
transportation
shall
provide
salary
data
to
the
department
31
of
management
and
the
legislative
services
agency
to
operate
32
the
state’s
salary
model.
The
format
and
frequency
of
33
provision
of
the
salary
data
shall
be
determined
by
the
34
department
of
management
and
the
legislative
services
agency.
35
-3-
LSB
1409HV
(3)
89
jda/rn
3/
6
H.F.
651
Sec.
8.
Section
8.35A,
subsection
1,
Code
2021,
is
amended
1
to
read
as
follows:
2
1.
By
July
1,
the
director
of
the
department
of
management,
3
in
conjunction
with
the
director
of
the
department
of
4
administrative
services
and
the
chief
information
officer
of
5
the
state
,
shall
provide
a
projected
expenditure
breakdown
6
of
each
appropriation
for
the
beginning
fiscal
year
to
the
7
legislative
services
agency
in
the
form
and
level
of
detail
8
requested
by
the
legislative
services
agency.
By
the
fifteenth
9
of
each
month,
the
director,
in
conjunction
with
the
director
10
of
the
department
of
administrative
services
and
the
chief
11
information
officer
of
the
state
,
shall
transmit
to
the
12
legislative
services
agency
a
record
for
each
appropriation
13
of
actual
expenditures
for
the
prior
month
of
the
fiscal
year
14
and
the
fiscal
year
to
date
in
the
form
and
level
of
detail
15
as
requested
by
the
legislative
services
agency.
By
October
16
1,
the
director,
in
conjunction
with
the
director
of
the
17
department
of
administrative
services
and
the
chief
information
18
officer
of
the
state
,
shall
transmit
the
total
record
of
an
19
appropriation,
including
reversions
and
transfers
for
the
prior
20
fiscal
year
ending
June
30,
to
the
legislative
services
agency.
21
Sec.
9.
EFFECTIVE
DATE.
This
division
of
this
Act,
being
22
deemed
of
immediate
importance,
takes
effect
upon
enactment.
23
EXPLANATION
24
The
inclusion
of
this
explanation
does
not
constitute
agreement
with
25
the
explanation’s
substance
by
the
members
of
the
general
assembly.
26
This
bill
relates
to
the
office
of
the
chief
information
27
officer,
including
procurement
preferences
and
a
report
28
detailing
state
information
technology
assets.
29
The
bill
defines
“cloud
computing”
by
reference
to
the
30
United
States
national
institute
of
standards
and
technology’s
31
special
publication
800-145,
which
defines
the
term
as
a
model
32
for
enabling
ubiquitous,
convenient,
on-demand
network
access
33
to
a
shared
pool
of
configurable
computing
resources
that
can
34
be
rapidly
provisioned
and
released
with
minimal
management
35
-4-
LSB
1409HV
(3)
89
jda/rn
4/
6
H.F.
651
effort
or
service
provider
interaction.
The
bill
defines
1
“foreign
government”
as
a
government
other
than
the
government
2
of
the
United
States,
its
states,
territories,
and
possessions.
3
The
bill
requires
the
office
to
submit
an
annual
report
4
regarding
the
cloud
computing
solutions
procured
by
the
office
5
containing
information
required
in
the
bill.
6
Current
law
requires
the
office
to
submit
a
quarterly
report
7
regarding
the
status
of
technology
upgrades
or
enhancements
for
8
state
agencies.
The
bill
requires
this
report
to
be
submitted
9
annually.
10
The
bill
requires
the
office
to,
when
feasible,
procure
11
cloud
computing
solutions
and
other
information
technology
and
12
related
services
that
are
not
hosted
on
premises
by
the
state
13
from
cloud
computing
service
providers
that
meet
or
exceed
14
applicable
state
and
federal
laws,
regulations,
and
standards
15
for
information
technology.
For
purposes
of
this
requirement,
16
the
bill
defines
“cloud
computing
service
provider”
to
include
17
third-party
vendors,
the
state
and
its
political
subdivisions,
18
and
any
other
person
that
meets
or
exceeds
applicable
laws
and
19
standards
for
information
technology.
20
The
bill
provides
the
office
shall
contract
with
multiple
21
cloud
computing
service
providers.
22
The
bill
establishes
that
control
and
ownership
of
state
23
data
stored
with
cloud
computing
service
providers
shall
remain
24
with
the
state.
The
bill
requires
the
office
to
ensure
the
25
portability
of
state
data
stored
with
cloud
computing
service
26
providers.
Additionally,
the
bill
requires
cloud
computing
27
service
providers
to
store
data
on
servers
located
within
the
28
United
States
and
requires
those
servers
to
not
be
controlled
29
by
a
foreign
government.
30
The
bill
requires
the
office
to
provide
a
report
to
the
31
general
assembly
by
November
1,
2021,
that
includes
an
32
inventory
of
all
state
information
technology
applications,
33
and
recommendations
regarding
state
information
technology
34
applications
that
should
migrate
to
cloud-based
applications.
35
-5-
LSB
1409HV
(3)
89
jda/rn
5/
6
H.F.
651
The
bill
requires
the
office
to
provide
salary
data
to
the
1
department
of
management
and
the
legislative
services
agency
to
2
operate
the
state’s
salary
model.
3
Additionally,
the
bill
requires
the
chief
information
4
officer
to
provide
information
related
to
expenditures
and
5
appropriations
to
the
legislative
services
agency.
This
6
provision,
related
to
the
chief
information
officer
providing
7
information
related
to
expenditures
and
appropriates,
takes
8
effect
upon
enactment.
9
-6-
LSB
1409HV
(3)
89
jda/rn
6/
6