HB 487 - AS INTRODUCED
HOUSE BILL 487
SPONSORS: Rep. Somssich, Rock. 27; Rep. Meuse, Rock. 29; Rep. Woods, Merr. 23; Rep. Hamblet, Rock. 31; Rep. Gould, Hills. 7; Rep. Ward, Rock. 28; Rep. Ammon, Hills. 40
COMMITTEE: Science, Technology and Energy
This bill establishes an information technology supply chain risk authority.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Explanation: Matter added to current law appears in bold italics.
Matter removed from current law appears [in brackets and struckthrough.]
Matter which is either (a) all new or (b) repealed and reenacted appears in regular type.
STATE OF NEW HAMPSHIRE
In the Year of Our Lord Two Thousand Twenty One
Be it Enacted by the Senate and House of Representatives in General Court convened:
Information Technology Supply Chain Risk Authority
21-R:15 Information Technology Supply Chain Risk Authority Established.
I. There is hereby created an information technology supply chain risk authority ("authority") within the department of information technology.
II. The members of the authority shall be as follows:
(a) Three members of the house of representatives, appointed by the speaker of the house of representatives.
(b) Two senators, appointed by the president of the senate.
(c) Four members with expertise in information technology supply chain security, appointed by the governor.
(d) The chief justice of the superior court, or designee.
(e) The attorney general, or designee.
(f) The commissioner of the department of information technology, or designee.
(g) The commissioner of the department of administrative services, or designee.
III. Legislative members of the authority shall receive mileage at the legislative rate when attending to the duties of the authority. Members of the authority shall serve terms coterminous with their terms in office, except that the member appointed under subparagraph (c) shall serve 3-year terms and may be reappointed. Vacancies shall be filled in the same manner as the original appointment.
IV. The members of the commission shall elect a chairperson from among the members. The first named house member shall call the first meeting of the commission. Seven members of the commission shall constitute a quorum.
V. The authority shall develop policies to govern and approve or deny all information technology acquisitions and procurements statewide for all branches of state government and all state departments and agencies, including the purchase or acquisition of any software, hardware, or telecommunication services to ensure security and minimize risk. The authority may veto an acquisition or purchase request if it determines that it would present a security risk to the state's information technology infrastructure. The authority shall only review acquisitions or purchases proposed or made on or after the effective date of this section.
VI. Beginning November 1, 2022, and annually thereafter, the authority shall submit an annual report of its activities for the year, including any findings and recommendations for proposed legislation to the president of the senate, the speaker of the house of representatives, the senate clerk, the house clerk, the governor, and the state library.
|Feb. 12, 2021||House||Hearing|
Feb. 12, 2021: Public Hearing: 02/12/2021 10:00 am Members of the public may attend using the following link: To join the webinar: https://www.zoom.us/j/98218369454 / Executive session on pending legislation may be held throughout the day (time permitting) from the time the committee is initially convened.
Jan. 6, 2021: Introduced (in recess of) 01/06/2021 and referred to Science, Technology and Energy HJ 2 P. 50