HB 487 - AS INTRODUCED
2021 SESSION
21-0822
04/08
HOUSE BILL 487
AN ACT establishing an information technology supply chain risk authority.
SPONSORS: Rep. Somssich, Rock. 27; Rep. Meuse, Rock. 29; Rep. Woods, Merr. 23; Rep. Hamblet, Rock. 31; Rep. Gould, Hills. 7; Rep. Ward, Rock. 28; Rep. Ammon, Hills. 40
COMMITTEE: Science, Technology and Energy
-----------------------------------------------------------------
ANALYSIS
This bill establishes an information technology supply chain risk authority.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Explanation: Matter added to current law appears in bold italics.
Matter removed from current law appears [in brackets and struckthrough.]
Matter which is either (a) all new or (b) repealed and reenacted appears in regular type.
21-0822
04/08
STATE OF NEW HAMPSHIRE
In the Year of Our Lord Two Thousand Twenty One
AN ACT establishing an information technology supply chain risk authority.
Be it Enacted by the Senate and House of Representatives in General Court convened:
1 Department of Information Technology; Subdivision Heading Amended. Amend the subdivision heading preceding RSA 21-R:15 to read as follows:
[Cybersecurity Software]
Information Technology Supply Chain Risk Authority
2 Department of Information Technology; Information Technology Supply Chain Risk Authority RSA 21-R:15 is repealed and reenacted to read as follows:
21-R:15 Information Technology Supply Chain Risk Authority Established.
I. There is hereby created an information technology supply chain risk authority ("authority") within the department of information technology.
II. The members of the authority shall be as follows:
(a) Three members of the house of representatives, appointed by the speaker of the house of representatives.
(b) Two senators, appointed by the president of the senate.
(c) Four members with expertise in information technology supply chain security, appointed by the governor.
(d) The chief justice of the superior court, or designee.
(e) The attorney general, or designee.
(f) The commissioner of the department of information technology, or designee.
(g) The commissioner of the department of administrative services, or designee.
III. Legislative members of the authority shall receive mileage at the legislative rate when attending to the duties of the authority. Members of the authority shall serve terms coterminous with their terms in office, except that the member appointed under subparagraph (c) shall serve 3-year terms and may be reappointed. Vacancies shall be filled in the same manner as the original appointment.
IV. The members of the commission shall elect a chairperson from among the members. The first named house member shall call the first meeting of the commission. Seven members of the commission shall constitute a quorum.
V. The authority shall develop policies to govern and approve or deny all information technology acquisitions and procurements statewide for all branches of state government and all state departments and agencies, including the purchase or acquisition of any software, hardware, or telecommunication services to ensure security and minimize risk. The authority may veto an acquisition or purchase request if it determines that it would present a security risk to the state's information technology infrastructure. The authority shall only review acquisitions or purchases proposed or made on or after the effective date of this section.
VI. Beginning November 1, 2022, and annually thereafter, the authority shall submit an annual report of its activities for the year, including any findings and recommendations for proposed legislation to the president of the senate, the speaker of the house of representatives, the senate clerk, the house clerk, the governor, and the state library.
3 Effective Date. This act shall take effect 60 days after its passage.
| Date | Body | Type |
|---|---|---|
| Feb. 12, 2021 | House | Hearing |
| House | Floor Vote | |
| Feb. 12, 2021 | House | Hearing |
April 7, 2021: Reconsider (Rep. Osborne): MF VV 04/07/2021 HJ 5 P. 50
April 7, 2021: Reconsider (Rep. Osborne): MF VV 04/07/2021 HJ 5 P. 50
April 7, 2021: Inexpedient to Legislate: MA VV 04/07/2021 HJ 5 P. 47
April 7, 2021: Inexpedient to Legislate: MA VV 04/07/2021 HJ 5 P. 47
: Committee Report: Inexpedient to Legislate (Vote 20-0; CC) HC 18 P. 23
March 6, 2021: Committee Report: Inexpedient to Legislate (Vote 20-0; CC) HC 18 P. 23
Feb. 12, 2021: Public Hearing: 02/12/2021 10:00 am Members of the public may attend using the following link: To join the webinar: https://www.zoom.us/j/98218369454 / Executive session on pending legislation may be held throughout the day (time permitting) from the time the committee is initially convened.
Feb. 3, 2021: Public Hearing: 02/12/2021 10:00 am Members of the public may attend using the following link: To join the webinar: https://www.zoom.us/j/98218369454 / Executive session on pending legislation may be held throughout the day (time permitting) from the time the committee is initially convened.
Jan. 11, 2021: Introduced (in recess of) 01/06/2021 and referred to Science, Technology and Energy HJ 2 P. 50
Jan. 6, 2021: Introduced (in recess of) 01/06/2021 and referred to Science, Technology and Energy HJ 2 P. 50