75-7239 Kansas information security office; establishment and administration; separate state agency; powers and duties.
75-7239. Kansas information security office; establishment and administration; separate state agency; powers and duties. (a) There is hereby established within and as a part of the office of information technology services the Kansas information security office. The Kansas information security office shall be administered by the CISO and be staffed appropriately to effect the provisions […]
75-7240 Executive branch agency heads; responsibilities; reports; training; breach protocol.
75-7240. Executive branch agency heads; responsibilities; reports; training; breach protocol. The executive branch agency heads shall: (a) Be solely responsible for security of all data and information technology resources under such agency’s purview, irrespective of the location of the data or resources. Locations of data may include: (1) Agency sites; (2) agency real property; (3) […]
75-7241 Fingerprints; criminal history record check; certain employees or contractors.
75-7241. Fingerprints; criminal history record check; certain employees or contractors. (a) An executive branch agency head, with input from the CISO, may require employees or contractors of executive branch agencies, whose duties include collection, maintenance or access to personal information, to be fingerprinted and to submit to a state and national criminal history record check […]
75-7242 Information collected placing organization at risk confidential; exceptions.
75-7242. Information collected placing organization at risk confidential; exceptions. Information collected to effectuate this act shall be considered confidential by the executive branch agency and KISO unless all data elements or information that specifically identifies a target, vulnerability or weakness that would place the organization at risk have been redacted, including: (a) System information logs; […]
75-7243 Cybersecurity service costs; special assessments and fees; rules and regulations.
75-7243. Cybersecurity service costs; special assessments and fees; rules and regulations. Executive branch agencies may pay for cybersecurity services from existing budgets, from grants or other revenues, or through a special assessment to offset costs. Any executive branch agency’s increase in fees or charges related to this act, including cybersecurity fees charged by the KISO, […]
75-7226 Same; annual report.
75-7226. Same; annual report. (a) On or before January 15 of each year, the board shall publish an annual report and shall present the report to the legislature, governor and department of education. The report shall set forth in detail the operations and transactions conducted by the board pursuant to this act. The annual report […]
75-7227 Same; severability.
75-7227. Same; severability. If any provision of this act or the application thereof to any person or circumstances is held invalid, the invalidity shall not affect other provisions or applications of the act which can be given effect without the invalid provision or application. To this end the provisions of this act are severable. History: […]
75-7236 Kansas cybersecurity act.
75-7236. Kansas cybersecurity act. K.S.A. 75-7236 through 75-7243, and amendments thereto, shall be known and may be cited as the Kansas cybersecurity act. History: L. 2018, ch. 97, § 1; July 1.
75-7237 Definitions.
75-7237. Definitions. As used in K.S.A. 75-7236 through 75-7243, and amendments thereto: (a) “Act” means the Kansas cybersecurity act. (b) “Breach” or “breach of security” means unauthorized access of data in electronic form containing personal information. Good faith access of personal information by an employee or agent of an executive branch agency does not constitute […]
75-7238 Chief information security officer; duties.
75-7238. Chief information security officer; duties. (a) There is hereby established the position of executive branch chief information security officer. The CISO shall be in the unclassified service under the Kansas civil service act, shall be appointed by the governor and shall receive compensation in an amount fixed by the governor. (b) The CISO shall: […]