HF 3971

Subdivision 1.

Definitions.

For the purposes of chapter 16E, the following terms
have the meanings given them.

(a) "Information and telecommunications technology systems and services" means
all computing and telecommunications hardware and software, the activities undertaken
to secure that hardware and software, and the activities undertaken to acquire, transport,
process, analyze, store, and disseminate information electronically. "Information and
telecommunications technology systems and services" includes all proposed expenditures
for computing and telecommunications hardware and software, security for that hardware
and software, and related consulting or other professional services.

(b) "Information and telecommunications technology project" means an effort to
acquire or produce information and telecommunications technology systems and services.

(c) "Telecommunications" means voice, video, and data electronic transmissions
transported by wire, wireless, fiber-optic, radio, or other available transport technology.

(d) "Cyber security" means the protection of data and systems in networks connected
to the Internet.

(e) "State agency" means an agency in the executive branch of state government
and includes the Minnesota Higher Education Services Office, but does not include the
Minnesota State Colleges and Universities unless specifically provided elsewhere in
this chapter.

(f) "Open standards" means specifications for the encoding and transfer of computer
data that:

(1) is free for all to implement and use in perpetuity, with no royalty or fee;

(2) has no restrictions on the use of data stored in the format;

(3) has no restrictions on the creation of software that stores, transmits, receives, or
accesses data codified in such way;

(4) has a specification available for all to read, in a human-readable format, written
in commonly accepted technical language;

(5) is documented, so that anyone can write software that can read and interpret the
complete semantics of any data file stored in the data format;

(6) if it allows extensions, ensures that all extensions of the data format are
themselves documented and have the other characteristics of an open data format;

(7) allows any file written in that format to be identified as adhering or not adhering
to the format;

(8) if it includes any use of encryption, provides that the encryption algorithm is
usable on a royalty-free, nondiscriminatory manner in perpetuity, and is documented
so that anyone in possession of the appropriate encryption key or keys is able to write
software to unencrypt the data.

(g) "Restricted format" means any data format that is accessed, stored, or transferred
and is not open standards compliant.

Subd. 2.

Responsibilities.

(a) In addition to other activities prescribed by law, the
office shall carry out the duties set out in this subdivision.

(b) The office shall develop and establish a state information architecture to ensure
that state agency development and purchase of information and communications systems,
equipment, and services is designed to ensure that individual agency information systems
complement and do not needlessly duplicate or conflict with the systems of other agencies.
When state agencies have need for the same or similar public data, the chief information
officer, in coordination with the affected agencies, shall manage the most efficient and
cost-effective method of producing and storing data for or sharing data between those
agencies. The development of this information architecture must include the establishment
of standards and guidelines to be followed by state agencies. The office shall ensure
compliance with the architecture.

(c) The office shall assist state agencies in the planning and management of
information systems so that an individual information system reflects and supports the
state agency's mission and the state's requirements and functions. The office shall review
and approve agency technology plans to ensure consistency with enterprise information
and telecommunications technology strategy.

(d) The office shall review and approve agency requests for funding for the
development or purchase of information systems equipment or software before the
requests may be included in the governor's budget.

(e) The office shall review major purchases of information systems equipment to:

(1) ensure that the equipment follows the standards and guidelines of the state
information architecture;

(2) ensure the agency's proposed purchase reflects a cost-effective policy regarding
volume purchasing; and

(3) ensure that the equipment is consistent with other systems in other state agencies
so that data can be shared among agencies, unless the office determines that the agency
purchasing the equipment has special needs justifying the inconsistency.

(f) The office shall review the operation of information systems by state agencies
and ensure that these systems are operated efficiently and securely and continually meet
the standards and guidelines established by the office. The standards and guidelines must
emphasize uniformity that is cost-effective for the enterprise, that encourages information
interchange, open systems environments, and portability of information whenever
practicable and consistent with an agency's authority and chapter 13.

(g) The office shall assist state agencies to avoid the purchase or creation of data
processing devices or systems that do not comply with open standards for the accessing,
storing, or transferring of data. The office shall:

(1) ensure any new data standards which the state of Minnesota defines and to which
it owns all rights are open standards compliant;

(2) use open standards in situations where the other requirements of a project do not
make it technically impossible to do this. For a particular project involving the access,
storage, or transfer of data, a restricted data format may be chosen when satisfaction
of essential project requirements precludes the use of an open data format. Neither the
current storage format of previously collected data, nor current utilization of specific
software products, is a sufficient reason, in absence of other specific overriding functional
requirements, to use a restricted format;

(3) reexamine existing data stored in a restricted format, to which the state of
Minnesota does not own the rights, every four years to determine if the format has become
open and, if not, whether an appropriate open standard exists;

(4) make readily accessible, from a central location on the Internet, documentation
on open data formats used by the state of Minnesota. When data in open format is made
available through the state's Web site, a link shall be provided to the corresponding data
format documentation.

(h) The office shall conduct a comprehensive review at least every three years of
the information systems investments that have been made by state agencies and higher
education institutions. The review must include recommendations on any information
systems applications that could be provided in a more cost-beneficial manner by an outside
source. The office must report the results of its review to the legislature and the governor.