HB2371 EngrossedLRB100 08806 HLH 18946 b

1    AN ACT concerning State government.
 
2    Be it enacted by the People of the State of Illinois,
3represented in the General Assembly:
 
4    Section 5. The Data Security on State Computers Act is
5amended by adding Section 25 as follows:
 
6    (20 ILCS 450/25 new)
7    Sec. 25. Mandatory State employee training.
8    (a) As used in this Section, "employee" has the meaning
9ascribed to it in Section 1-5 of the State Officials and
10Employees Ethics Act, but does not include an employee of the
11legislative branch, the judicial branch, a public university of
12the State, or a constitutional officer other than the Governor.
13    (b) Every employee shall annually undergo training by the
14Department of Innovation and Technology concerning
15cybersecurity. The Department may, in its discretion, make the
16training an online course. The training shall include, but need
17not be limited to, detecting phishing scams, preventing spyware
18infections and identity theft, and preventing and responding to
19data breaches.
20    (c) The Department of Innovation and Technology may adopt
21rules to implement the requirements of this Section.