Data Security Management Council -- Membership -- Duties.

  1. Law
  2. Utah Code
  3. Utah Government Operations Code
  4. Utah Technology Governance Act
  5. Data Security Management Council
  6. Data Security Management Council -- Membership -- Duties.

Checkout our iOS App for a better way to browser and research.

Affected by 63I-1-263 on 7/1/2025

Effective 7/1/2021
63A-16-701. Data Security Management Council -- Membership -- Duties.
  • (1) There is created the Data Security Management Council comprising eight members as follows:
    • (a) the chief information officer appointed under Section 63A-16-201, or the chief information officer's designee;
    • (b) one individual appointed by the governor;
    • (c) one individual appointed by the speaker of the House of Representatives and the president of the Senate; and
    • (d) the highest ranking information technology official, or the highest ranking information technology official's designee, from each of:
      • (i) the Judicial Council;
      • (ii) the Utah Board of Higher Education;
      • (iii) the State Board of Education;
      • (iv) the State Tax Commission; and
      • (v) the Office of the Attorney General.
  • (2) The council shall elect a chair of the council by majority vote.
  • (3)
    • (a) A majority of the members of the council constitutes a quorum.
    • (b) Action by a majority of a quorum of the council constitutes an action of the council.
  • (4) The Division of Technology Services shall provide staff to the council.
  • (5) The council shall meet quarterly, or as often as necessary, to:
    • (a) review existing state government data security policies;
    • (b) assess ongoing risks to state government information technology;
    • (c) create a method to notify state and local government entities of new risks;
    • (d) coordinate data breach simulation exercises with state and local government entities; and
    • (e) develop data security best practice recommendations for state government that include recommendations regarding:
      • (i) hiring and training a chief information security officer for each government entity;
      • (ii) continuous risk monitoring;
      • (iii) password management;
      • (iv) using the latest technology to identify and respond to vulnerabilities;
      • (v) protecting data in new and old systems; and
      • (vi) best procurement practices.
  • (6) A member who is not a member of the Legislature may not receive compensation or benefits for the member's service but may receive per diem and travel expenses as provided in:
    • (a) Section 63A-3-106;
    • (b) Section 63A-3-107; and
    • (c) rules made by the Division of Finance under Sections 63A-3-106 and 63A-3-107.




Download our app to see the most-to-date content.