Over the past few years Pennsylvania has suffered numerous cybersecurity problems, including the time the Department of Labor and Industry had unemployment checks going to the wrong accounts.
That’s why Sens. Kristin Phillips-Hill, R-York, and Tracy Pennycuick, R-Berks, are introducing legislation to elevate the chief information officer to a cabinet level position.
The CIO currently falls under the Office of Administration – which provides business support to state agencies – but this legislation would have them report directly to the governor.
Phillips-Hill said technology issues could be resolved faster under this structure.
“We could do away with a lot of the bureaucracy and red tape, shorten that chain of command and make sure that that individual serving in that capacity could really act quickly and efficiently when there was a challenge with either our cyber security or our information technology systems,” she said.
Multiple states, such as Delaware and Nevada, have cabinet level CIOs.
Under the legislation, the CIO would have more control over IT and cybersecurity within state agencies, commissions and departments.
The CIO would not have jurisdiction over the state courts system, which suffered a cyber attack last week.
Phillips-Hill said elevating the position is important to protecting the state’s sensitive data.
“When you look at the data that the state is responsible for, it’s incredibly important to every person in this Commonwealth, regardless of their partisan affiliation,” she said. “You know, this is data like our birth certificates and our death certificates, our tax returns and tax information. There are health records. If you’re on Medicaid, your health records are there within the state. All of our election information and so much more.”
