CHAPTER 388
S.P. 581 - L.D. 1759
An Act to Define the Responsibilities of the Chief Information Officer and to Make Membership Changes on Technical Boards
Be it enacted by the People of the State of Maine as follows:
Sec. 1. 1 MRSA §534, sub-§1, ¶E, as enacted by PL 1997, c. 713, §1, is amended to read:
E. The Director of the Bureau of Information Services within the Department Commissioner of Administrative and Financial Services or the director's commissioner's designee;
Sec. 2. 5 MRSA §354, sub-§§1 and 2, as enacted by PL 1999, c. 428, §1, are amended to read:
1. Membership. The board consists of 7 8 members. The Secretary of State and, the Director of the Bureau of Information Services and the Chief Information Officer within the Department of Administrative and Financial Services, or their designees, shall serve on the board. The President of the Senate and the Speaker of the House of Representatives shall each appoint one public member. A statewide municipal government organization shall recommend and the Governor shall appoint 2 members representing municipalities. A statewide information services group shall recommend and the Governor shall appoint one member with technical expertise in electronic communications.
2. Terms of members. The Secretary of State and, the Director of the Bureau of Information Services and the Chief Information Officer within the Department of Administrative and Financial Services, or their designees, shall serve as permanent members of the board. The members from municipalities, the member with technical expertise and the public members serve 3-year terms, except that initially one municipal member and the public member appointed by the Speaker of the House of Representatives serve 3-year terms, the member with technical expertise and one municipal member serve 2-year terms, and the public member appointed by the President of the Senate serves a one-year term. Each member may be appointed for another term upon the completion of a term on the board.
Sec. 3. 5 MRSA §1873, sub-§1-A is enacted to read:
1-A. Chief Information Officer. "Chief Information Officer" means the person who holds the lead information technology position within the executive branch that directs, coordinates and oversees information technology policy making, planning, architecture and standardization.
Sec. 4. 5 MRSA §1877-A, sub-§1, as amended by PL 1999, c. 668, §7, is further amended to read:
1. Report to the Legislature. The commissioner and the Chief Information Officer shall report to the joint standing committee of the Legislature having jurisdiction over appropriations and financial affairs at the beginning of the first regular session of each Legislature with respect to:
A. The degree of progress that has been made with respect to the coordination of data processing and computer programming within State Government:
(1) The Information Services Policy Board and the Chief Information Officer shall also evaluate the degree of progress in the coordination of data processing and computer programming within State Government and that evaluation must be included in this part of the report;
B. The problems that exist with respect to the coordination of data processing and computer programming activities within State Government:
(1) The Information Services Policy Board and the Chief Information Officer shall also describe and evaluate the problems that exist with respect to the coordination of data processing and computer programming in State Government and that evaluation must be included in this part of the report;
C. The degree to which personnel needs of state agencies are being met;
D. Any problems that exist with respect to current policies and procedures as they relate to the personnel needs of state agencies. This portion of the report must also include the evaluation of the Civil Service Policy Review Board with respect to the issue of this paragraph; and
E. All temporary and contracted positions within each agency and bureau of State Government. This information must include the duration and turnover of each position; the separate costs of each position for wages, benefits, contract fees and administration costs; and the position title or function. The costs associated with preparing this report must be absorbed utilizing existing department resources.
Sec. 5. 5 MRSA §1881, as enacted by PL 1985, c. 785, Pt. A, §78, is repealed and the following enacted in its place:
The mission of the Bureau of Information Services is to provide high-quality, responsive, cost-effective information technology services to the agencies of State Government. These services include, but are not limited to, voice and data computer and networking services, applications development and maintenance and desktop support. The bureau also provides centralized geographic information systems and data and security advice to customers.
Sec. 6. 5 MRSA §1885, as amended by PL 1991, c. 780, Pt. Y, §87, is further amended to read:
§1885. Purpose and organization
The Bureau of Information Services is under the direction of the Director of the Bureau of Information Services and is responsible for providing information and enterprise services in data processing, planning for and telecommunications and planning for the coordination of data processing throughout State Government.
1. Appointment of division director. The Director of the Bureau of Information Services shall appoint the Director of Data Processing, referred to in this section as the division director, with the approval of the commissioner and in accordance with the Civil Service Law. The division director must be a person with demonstrated knowledge, training and skills and significant experience in data processing and computer services. In addition, the division director must have a high record of achievement in providing data processing and computer programming services to multiple and diverse users.
Sec. 7. 5 MRSA §1886, as amended by PL 1997, c. 713, §2, is further amended to read:
§1886. Powers and duties of the Director of the Bureau of Information Services
1. Supervision of data processing within the State Government. The Director of the Bureau of Information Services shall supervise data processing activities within State Government.
2. Approve the acquisition and use of equipment. The director, in accordance with written standards established by this chapter shall approve acquisition and use of all data processing and telecommunications services, equipment and systems by state agencies.
2-A. Maintain central telecommunications services. The director shall maintain and operate central telecommunications services and may:
A. Employ or engage outside technical and professional services that may be necessary for telecommunications purposes;
B. Establish, through the Bureau of Accounts and Control, an Internal Telecommunications Fund Account. This fund must include, but is not limited to, appropriations made to the program, funds transferred to the program from within the Department of Administrative and Financial Services and funds received for telecommunications services rendered to system users;
C. Levy charges, according to a rate schedule based on uniform billing procedures approved by the board, against all units utilizing telecommunications services;
D. Submit a budget of estimated revenues and costs to be incurred by the program as part of the unified current services budget legislation in accordance with sections 1663 to 1666. Notwithstanding section 1583, allocations may be increased or adjusted by the State Budget Officer, with approval of the Governor, to specifically cover those adjustments determined to be necessary by the Commissioner of Administrative and Financial Services. Further, any request for adjustment to the allocation is subject to review by the joint standing committee of the Legislature having jurisdiction over appropriations and financial affairs; and
E. Require departments and agencies to be a part of the central telecommunications service network. No capital items purchased through the Internal Telecommunications Fund may be given, transferred, sold or otherwise conveyed to any other department, agency or account without authorization through the normal budgetary process. Except as authorized by the director, telecommunications services, equipment and systems are deemed to be the responsibility and property of the fund.
3. Develop training and development programs in data processing. The director is responsible for developing training and development programs for state employees in data processing and for the implementation of these programs.
4. Staff and technical assistance. The director shall provide staff and technical assistance in data processing to other state agencies.
5. Develop and administer written standards for data processing and telecommunications. The director shall develop and administer written standards for data processing and telecommunications subject to approval by the board. These written standards pertain to:
A. Acquisition of equipment;
B. Acquisition of computer programs;
C. The development of computer systems and computer programs;
D. Computer operations; and
E. Any other standards determined necessary by the director and the board.
5-A. Board approval required for written standards for data processing and telecommunications. All written standards for data processing and telecommunications are subject to final approval by the board.
6. Maintain central data processing services. The director through the Division of Data Processing shall maintain and operate central data processing services and geographic information systems pursuant to subchapter II-A.
6-A. InforME responsibilities. The director shall serve as the contracting authority under Title 1, chapter 14, and shall provide staff to the InforME Board established in Title 1, chapter 14.
7. Develop and implement strategic and departmental planning process. The director, in conjunction with the board and with the participation of the affected state agencies, shall develop and maintain strategic planning initiatives for all of State Government and specific state agencies for data processing and telecommunications. The director is responsible for assisting state agencies in implementing the planning process.
A. The director shall submit a report on the planning process to the Governor and the Legislature at the beginning of each legislative session.
8. Charges. The director may levy appropriate charges against all state agencies utilizing services provided by the bureau and for operations of the office of the Chief Information Officer. The charges must be those fixed in a schedule or schedules prepared and revised as necessary by the director and approved by the Information Services Policy Board and the commissioner. The schedule of charges must be supported and explained by accompanying information.
9. Budget. The director shall submit a budget of estimated revenues and costs to be incurred by the bureau.
10. Professional and technical services. The director may employ or engage, within funds available, outside technical or professional personnel and services as necessary for carrying out the purposes of this chapter, subject to the approval of the commissioner.
11. Other powers and duties. The director may make rules, subject to the approval of the Information Services Policy Board and the commissioner, for carrying out the purpose of this chapter.
12. Protection of information files. The director, with the advice of the board, shall develop rules regarding the safeguarding, maintenance and use of information files relating to data processing required by law to be kept confidential, subject to the approval of the commissioner. The bureau is responsible for the enforcement of those rules. All data files are the property of the agency or agencies responsible for their collection and utilization.
13. Assist the board. The director shall assist the board and the Chief Information Officer in its duties and responsibilities. The director shall make recommendations to the board and the Chief Information Officer with respect to the coordination of data processing, telecommunications and computer programming systems.
14. Report to the Legislature. The director shall report to the joint standing committee of the Legislature having jurisdiction over appropriations and financial affairs by January 31st of each year with respect to the achievements, the problems and the procedures planned for resolving the problems of the office and its mission. This report must include a complete compilation of written standards for data processing and telecommunications that have been approved by the board.
Sec. 8. 5 MRSA §1887, as amended by PL 1999, c. 165, §§1 and 2, is further amended to read:
§1887. Bureau of Information Services
The Bureau of Data Processing Information Services shall provide the major data processing and telecommunications services in State Government, including computer operations and programming and applications systems. The bureau, as authorized by the commissioner, shall work to assure consistency in programming services, stability in data processing functions, reliability in the operation and maintenance of systems throughout State Government and responsiveness and flexibility to react to changing situations and needs.
1. Director. The Director of Data Processing shall be Information Services is appointed as provided in section 1885 1884, subsection 1.
2. Service agency. The bureau shall serve as a service agency to meet the needs of client agencies in a timely, efficient and cost effective manner.
A. The bureau shall assure a high quality of service to all users.
B. The bureau shall allocate resources as necessary to meet peak demands and to best use available resources.
C. The bureau shall assure adequate backup for all information services.
3. Assist the commissioner and the Chief Information Officer. The bureau shall assist the commissioner and the Chief Information Officer in carrying out the commissioner's their duties and responsibilities.
Sec. 9. 5 MRSA §1888, as amended by PL 1999, c. 165, §3, is repealed.
Sec. 10. 5 MRSA §1890-B, as repealed and replaced by PL 1995, c. 703, §1, is repealed.
Sec. 11. 5 MRSA §1891, as amended by PL 1999, c. 165, §5, is further amended to read:
§1891. Information Services Policy Board established; purpose of board
The Information Services Policy Board, as authorized by chapter 379, is established to assist the commissioner and the Chief Information Officer to meet the purpose and mission of this chapter.
Sec. 12. 5 MRSA §1893, sub-§§3, 4 and 6, as amended by PL 1999, c. 165, §7, are further amended to read:
3. Develop strategic and departmental planning process. The board shall assist the commissioner and the Chief Information Officer in the development of the strategic and departmental planning process as defined in subchapter II.
4. Investigate and establish priorities. The board, with the commissioner and the Chief Information Officer, shall investigate and establish priorities within the scope of the strategic and departmental planning process. For the purpose of this subsection, the priorities are goals and objectives with associated target dates.
6. Provide for regular review. The board with the commissioner and the Chief Information Officer shall provide for a regular review of information processing and telecommunications operations in State Government and make recommendations to the Governor, commissioner and other affected agency heads for improving service and efficiency and for reducing costs.
Sec. 13. 5 MRSA §1896, as corrected by RR 1995, c. 1, §4, is amended to read:
Any state agency or semiautonomous state agency disagreeing with an action or decision of the Bureau of Information Services or the deputy commissioner Chief Information Officer as it affects that agency may appeal the decision in accordance with the provisions of this section.
1. Appeal. A state agency may appeal the decision or action of the deputy commissioner or Office of Information Services Chief Information Officer to:
A. The Information Services Policy Board.
Sec. 14. 5 MRSA c. 163 is enacted to read:
CHAPTER 163
OFFICE OF THE CHIEF INFORMATION OFFICER
§1971. Chief Information Officer; appointment; qualifications
The Commissioner of Administrative and Financial Services shall appoint the Chief Information Officer. The Chief Information Officer must be a qualified professional person who shall direct, coordinate and oversee information technology policy making, planning, architecture and standardization.
As used in this chapter, unless the context otherwise indicates, the following terms have the following meanings.
1. Board. "Board" means the Information Services Policy Board established under section 1891.
2. Chief Information Officer. "Chief Information Officer" means the person who holds the lead information technology position within the executive branch that directs, coordinates and oversees information technology policy making, planning, architecture and standardization.
3. Commissioner. "Commissioner" means the Commissioner of Administrative and Financial Services.
4. Computer system. "Computer system" has the same meaning as in Title 17-A, section 431.
5. Leadership positions. "Leadership positions" means the presiding officers of each House of the Legislature, party leaders, the Clerk of the House, the Assistant Clerk of the House, the Secretary of the Senate and the Assistant Secretary of the Senate.
§1973. Responsibilities of the Chief Information Officer
1. Information technology leadership. The Chief Information Officer shall:
A. Provide central leadership and vision in the use of information and telecommunications technology on a statewide basis;
B. Set policies and standards for the implementation and use of information and telecommunications technologies, including privacy and security standards and standards of the federal Americans with Disabilities Act, for information technology. The policies and standards are subject to final approval by the board under section 1891;
C. Assist the Governor's Office and the commissioner with development and support of information technology-related legislation;
D. Identify and implement information technology best business practices and project management; and
E. Facilitate research and development activities to identify and establish effective information technology service delivery in State Government.
2. Information technology communications. The Chief Information Officer shall provide information technology communications by serving:
A. As the lead advocate for information and telecommunications technology directions, policies, standards and plans for the executive branch and independent units of State Government, constitutional offices, the media and the general public;
B. As information technology liaison to the Governor's office;
C. As information technology liaison to the judicial branch;
D. As information technology liaison to the legislative branch; and
E. On boards and committees as appropriate and as needed.
3. Information technology planning. In assisting with the development of an information technology plan, the Chief Information Officer shall:
A. Establish and manage the process for strategic information technology planning, including the approval of all departments' information technology plans;
B. Submit a report on the information technology planning process to the Governor and the Legislature at the beginning of each legislative session;
C. Ensure integration of the enterprise strategic plan with unit-level information technology planning processes; and
D. Develop, implement and monitor compliance with statewide standards and architecture.
4. Information technology financial performance management. The Chief Information Officer shall develop an information technology financial performance management process to:
A. Protect current and future investments in information and telecommunications technologies in State Government;
B. Identify ways to use information and telecommunications technologies to reduce cost of government and improve service to customers;
C. Identify business process improvement priorities that will yield the greatest cost benefits to the State;
D. Develop and administer a statewide information technology financial management and budget planning process; and
E. Establish performance and other outcomes measures and cost benefit analyses for information technology.
5. Information technology procurement and contract management. The Chief Information Officer shall:
A. Approve all major or nonstandard information and telecommunications technology initiatives, contracts and acquisitions, including enterprise initiatives; and
B. Approve the Division of Purchases' standards and evaluation procedures for standard information and telecommunications technology acquisitions and contracts.
6. Information technology resource management. The Chief Information Officer shall establish a professional development plan with incentives and opportunities for the recruitment, retention, skill development and career advancement for information and telecommunications technology personnel.
§1974. Other powers and duties of Chief Information Officer
1. Approve the acquisition and use of equipment. The Chief Information Officer, working with the Division of Purchases and in accordance with written standards established by this chapter, shall approve acquisition and use of all data processing and telecommunications services, equipment and systems by state agencies.
2. Develop training and development programs in data processing. The Chief Information Officer is responsible for developing training and development programs for state employees in data processing and for the implementation of these programs.
3. Develop and administer written standards for data processing and telecommunications. The Chief Information Officer shall develop and administer written standards for data processing and telecommunications subject to approval by the board. These written standards pertain to:
A. Acquisition of equipment;
B. Acquisition of computer software and systems;
C. Development of computer systems and computer programs;
D. Computer operations; and
E. Any other standards determined necessary by the Chief Information Officer and the board.
4. Board approval required for written standards for data processing and telecommunications. All written standards for data processing and telecommunications are subject to final approval by the board.
5. Develop and implement strategic and departmental planning process. The Chief Information Officer, in conjunction with the board and with the participation of the affected state agencies, shall develop and maintain strategic planning initiatives for all of State Government and specific state agencies for data processing and telecommunications. The Chief Information Officer is responsible for assisting state agencies in implementing the planning process.
The Chief Information Officer shall submit a report on the planning process to the Governor and the Legislature at the beginning of each legislative session.
6. Report to the Legislature. The Chief Information Officer shall report to the joint standing committee of the Legislature having jurisdiction over appropriations and financial affairs by January 31st of each year with respect to the achievements, the problems and the procedures planned for resolving the problems of the office and its mission. This report must include a complete compilation of written standards for data processing and telecommunications that have been approved by the board.
The purchase of data processing equipment, software or services or internal systems development efforts may not be made except in accordance with this subchapter. An agency may not purchase any data processing equipment, software or services without the prior written approval of the commissioner or the Chief Information Officer. The State Controller may not authorize payment for data processing equipment, software or services without evidence of prior approval of the purchases by the commissioner or the Chief Information Officer.
1. Noncompliance defined. A state agency is in noncompliance with this chapter if the agency:
A. Purchases data processing equipment, software or services in noncompliance with this chapter;
B. Fails to adhere to the data processing standards established by the commissioner, the Chief Information Officer and the board.
2. Penalty. Any state agency found to be in noncompliance as defined in this section is prohibited from acquiring or purchasing data processing equipment, software and services until the commissioner or the Chief Information Officer determines that the state agency is in compliance with this subchapter.
Notwithstanding the provisions of this section, the commissioner or the Chief Information Officer may act to acquire or purchase data processing equipment, software and services to maintain or meet the emergency needs of a state agency.
§1976. Misuse of State Government computer system
1. Confidentiality. Computer programs, technical data, logic diagrams and source code related to data processing or telecommunications are confidential and are not public records, as defined in Title 1, section 402, subsection 3, to the extent of the identified trade secrets. To qualify for confidentiality under this subsection, computer programs, technical data, logic diagrams and source code must:
A. Contain trade secrets, as defined in Title 10, section 1542, subsection 4, held in private ownership; and
B. Have been provided to a state agency by an authorized independent vendor or contractor under an agreement by which:
(1) All trade secrets that can be protected are identified without disclosing the trade secret;
(2) The vendor or contractor retains all intellectual property rights in those trade secrets; and
(3) The state agency agrees to hold and use the programs, data, diagrams or source code without disclosing any identified trade secrets.
2. Public records. Except as provided in subsection 1, any document created or stored on a State Government computer is a public record and must be made available in accordance with Title 1, chapter 13 unless specifically exempted by that chapter.
3. Violation. A person is guilty of misuse of a State Government computer system if that person knowingly uses a computer system operated by a state department or agency, the Judicial Department or the Legislature:
A. To prepare materials with the intent to expressly advocate, to those eligible to vote, for the election or defeat of any candidate for a federal office, a constitutional office or any candidate for elective municipal, county or state office, including leadership positions in the Senate and the House of Representatives; or
B. With the intent to solicit contributions reportable under Title 21-A, chapter 13.
4. Penalty. Misuse of a State Government computer system is a Class C crime.
Sec. 15. 16 MRSA §633, as amended by PL 1999, c. 451, §2, is further amended to read:
§633. Policy board established; membership
There is established the Maine Criminal Justice Information System Policy Board, referred to in this subchapter as the "board." The board consists of 13 14 members that include the Attorney General, the Commissioner of Public Safety, the Commissioner of Corrections, the State Court Administrator, the Chief of the State Police, the Associate Commissioner for Adult Services within the Department of Corrections, the Director of the Bureau of Information Services, the Chief Information Officer, a representative of the Maine Prosecutors Association appointed by the Attorney General, a representative of the Maine Chiefs of Police Association appointed by the Commissioner of Public Safety, a representative of the Maine Sheriff's Association appointed by the Commissioner of Public Safety, a representative of a federal criminal justice agency appointed by the Governor, a representative of a nongovernmental agency that provides services to victims of domestic violence appointed by the Governor and a public member who represents private users of criminal offender record information appointed by the Governor.
Effective September 21, 2001, unless otherwise indicated.
Revisor of Statutes Homepage | Subject Index | Search | Laws of Maine | Maine Legislature |