(a)
(1) The Director of the Division of Information Systems shall select an individual to serve as the Chief Data Officer of the Division of Information Systems and the Chief Privacy Officer of the Division of Information Systems.
(2) The Chief Data Officer of the Division of Information Systems and the Chief Privacy Officer of the Division of Information Systems shall not be the same person.
(b) The Chief Data Officer of the Division of Information Systems shall:
(1)
(A) Provide master data management by facilitating standardization, deduplication, sharing, and integration of critical data between systems and state agencies.
(B) Master data management may include without limitation a shared master citizen record;
(2) Establish and promote data architecture management by developing an integrated set of specifications and documents that define the blueprint for managing data resources;
(3) Provide data quality management by:
(A) Applying data quality management concepts and practices that include without limitation:
(i) Policies;
(ii) Measurement;
(iii) Process improvement; and
(iv) Education; and
(B) Leveraging data warehouse, business intelligence, and master data management solutions;
(4) Provide data governance by:
(A) Exercising authority, control, and decision-making over the management of data assets; and
(B) Introducing accountability for data asset management through formalized data stewardship;
(5) Support open data exchanges based on standardized and published application programming interfaces that:
(A) Facilitate standardized access to data within, between, or outside systems or state agencies; and
(B) Establish a data catalog of data housed, maintained, and utilized by each state agency;
(6) Utilize business intelligence that includes without limitation embedded business intelligence and advanced analytics that maximize the value of data in this state in order to facilitate access to and the analysis of data; and
(7) Direct and oversee the Data and Transparency Panel.
(c) The Chief Privacy Officer of the Division of Information Systems shall:
(1) Oversee, develop, and implement methods to ensure that all state agencies comply with federal and state laws governing the privacy of and access to protected data;
(2) Assure that the use of technology sustains, and does not erode, privacy protections relating to the use, collection, and disclosure of personal information;
(3) Assure that personal information contained in privacy act systems of records complies with the Privacy Act of 1974, 5 U.S.C. § 552(a);
(4) Review regulatory proposals and procedures involving the collection, use, and disclosure of personal information by the federal government, state government, and local government; and
(5)
(A) Prepare and submit an annual report to the Joint Committee on Advanced Communications and Information Technology concerning activities that affect privacy.
(B) Activities that affect privacy may include without limitation complaints of privacy violations, implementation of the Privacy Act of 1974, 5 U.S.C. § 552(a), and internal controls.