|
| | HB2371 Enrolled | | LRB100 08806 HLH 18946 b |
|
|
| 1 | | AN ACT concerning State government.
|
| 2 | | Be it enacted by the People of the State of Illinois,
|
| 3 | | represented in the General Assembly:
|
| 4 | | Section 5. The Data Security on State Computers Act is |
| 5 | | amended by adding Section 25 as follows:
|
| 6 | | (20 ILCS 450/25 new) |
| 7 | | Sec. 25. Mandatory State employee training. |
| 8 | | (a) As used in this Section, "employee" has the meaning |
| 9 | | ascribed to it in Section 1-5 of the State Officials and |
| 10 | | Employees Ethics Act, but does not include an employee of the |
| 11 | | legislative branch, the judicial branch, a public university of |
| 12 | | the State, or a constitutional officer other than the Governor. |
| 13 | | (b) Every employee shall annually undergo training by the |
| 14 | | Department of Innovation and Technology concerning |
| 15 | | cybersecurity. The Department may, in its discretion, make the |
| 16 | | training an online course. The training shall include, but need |
| 17 | | not be limited to, detecting phishing scams, preventing spyware |
| 18 | | infections and identity theft, and preventing and responding to |
| 19 | | data breaches. |
| 20 | | (c) The Department of Innovation and Technology may adopt |
| 21 | | rules to implement the requirements of this Section.
|