|
|
|
|
AN ACT
|
|
relating to cybersecurity of voter registration lists and other |
|
election-related documents, systems, and technology. |
|
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: |
|
SECTION 1. Title 16, Election Code, is amended by adding |
|
Chapter 279 to read as follows: |
|
CHAPTER 279. CYBERSECURITY OF ELECTION SYSTEMS |
|
Sec. 279.001. DEFINITIONS. In this chapter: |
|
(1) "County election officer" means an individual |
|
employed by a county as an elections administrator, voter |
|
registrar, county clerk, or other officer with responsibilities |
|
relating to the administration of elections. |
|
(2) "Election data" means information that is created |
|
or managed in the operation of an election system. |
|
(3) "Election system" means a voting system and the |
|
technology used to support the conduct of an election, including |
|
the election data processed or produced in the course of conducting |
|
an election, such as voter registration information, ballot |
|
information, collected and tabulated votes, election management |
|
processes and procedures, and other election-related documents and |
|
election data. |
|
Sec. 279.002. ELECTION CYBERSECURITY: SECRETARY OF STATE. |
|
(a) The secretary of state shall adopt rules defining classes of |
|
protected election data and establishing best practices for |
|
identifying and reducing risk to the electronic use, storage, and |
|
transmission of election data and the security of election systems. |
|
(b) The secretary of state shall offer training on best |
|
practices: |
|
(1) on an annual basis, to all appropriate personnel |
|
in the secretary of state's office; and |
|
(2) on request, to county election officers in this |
|
state. |
|
(c) If the secretary of state becomes aware of a breach of |
|
cybersecurity that impacts election data, the secretary shall |
|
immediately notify the members of the standing committees of each |
|
house of the legislature with jurisdiction over elections. |
|
Sec. 279.003. ELECTION CYBERSECURITY: COUNTY ELECTION |
|
OFFICERS. (a) A county election officer shall annually request |
|
training on cybersecurity from the secretary of state. The |
|
secretary of state shall pay the costs associated with the training |
|
with available state funds. |
|
(b) A county election officer shall request an assessment of |
|
the cybersecurity of the county's election system from a provider |
|
of cybersecurity assessments if the secretary of state recommends |
|
an assessment and the necessary funds are available. |
|
(c) If a county election officer becomes aware of a breach |
|
of cybersecurity that impacts election data, the officer shall |
|
immediately notify the secretary of state. |
|
(d) To the extent that state funds are available for the |
|
purpose, a county election officer shall implement cybersecurity |
|
measures to ensure that all devices with access to election data |
|
comply to the highest extent possible with rules adopted by the |
|
secretary of state under Section 279.002. |
|
SECTION 2. This Act takes effect September 1, 2019. |
|
|
|
______________________________ |
______________________________ |
|
President of the Senate |
Speaker of the House |
|
|
|
I certify that H.B. No. 1421 was passed by the House on April |
|
16, 2019, by the following vote: Yeas 121, Nays 15, 1 present, not |
|
voting; and that the House concurred in Senate amendments to H.B. |
|
No. 1421 on May 23, 2019, by the following vote: Yeas 115, Nays 23, |
|
1 present, not voting. |
|
|
|
______________________________ |
|
Chief Clerk of the House |
|
|
I certify that H.B. No. 1421 was passed by the Senate, with |
|
amendments, on May 21, 2019, by the following vote: Yeas 31, Nays |
|
0. |
|
|
|
______________________________ |
|
Secretary of the Senate |
|
APPROVED: __________________ |
|
Date |
|
|
|
__________________ |
|
Governor |