Translate
Public Act 100-0040
| ||||
| Public Act 100-0040 | ||||
| ||||
| ||||
AN ACT concerning State government.
| ||||
Be it enacted by the People of the State of Illinois,
| ||||
represented in the General Assembly:
| ||||
Section 5. The Data Security on State Computers Act is | ||||
amended by adding Section 25 as follows: | ||||
(20 ILCS 450/25 new) | ||||
Sec. 25. Mandatory State employee training. | ||||
(a) As used in this Section, "employee" has the meaning | ||||
ascribed to it in Section 1-5 of the State Officials and | ||||
Employees Ethics Act, but does not include an employee of the | ||||
legislative branch, the judicial branch, a public university of | ||||
the State, or a constitutional officer other than the Governor. | ||||
(b) Every employee shall annually undergo training by the | ||||
Department of Innovation and Technology concerning | ||||
cybersecurity. The Department may, in its discretion, make the | ||||
training an online course. The training shall include, but need | ||||
not be limited to, detecting phishing scams, preventing spyware | ||||
infections and identity theft, and preventing and responding to | ||||
data breaches. | ||||
(c) The Department of Innovation and Technology may adopt | ||||
rules to implement the requirements of this Section.
| ||||
Effective Date: 1/1/2018