KBS Reference Desk: Cybersecurity Training HB 3834

Q:       I noticed several provisions related to cybersecurity during the recent legislative session; is every district employee required to complete the referenced “cybersecurity training”? If not, how do we determine which employees must complete the training?

 

A:       No, not all employees must be trained. House Bill 3834 requires training only for employees who use a computer at least 25 percent of their day to complete required duties. 

House Bill 3834, effective June 14, 2019, was enacted to ensure that sensitive information maintained by the State and local governments remains protected from unauthorized users. The Bill requires that certain employees, as well as all of the State’s elected officials, annually complete a cybersecurity training program certified by the Texas Department of Information Resources (TDPI). The determining factor as to whether a particular employee is required to complete the cybersecurity training is the individual’s job duties.  Specifically, the Bill applies to employees “who use a computer to complete at least 25 percent of [their] required duties.” Gov’t. Code Sec. 2054.5191.  

HB 3834 also requires school district contractors and subcontractors to complete a certified cybersecurity training program if the contractor or subcontractor has access to a district computer system or database. The cybersecurity training program can be selected by the school district and must be completed by the contractor during the term of the given contract, including any renewal period (such as an automatic renewal). For contracts entered into or renewed after June 14, 2019, the required completion of a cybersecurity training program must be included in the terms of the contract. HB 3834 does not apply to contracts entered into or renewed before June 14, 2019. 

TDIR indicates it will release a list of certified training programs this October. Moreover, school districts that employ a dedicated information resource cybersecurity officer may offer the training internally so long as the program meets the statutory requirements. For specific questions pertaining to cybersecurity training, please contact your local school attorney.

Related Posts

Recent Articles

KBS Reference Desk: Evaluating SPED Teachers after COVID-19
April 2, 2021
KBS Reference Desk: Pay During Closure
February 26, 2021
KBS Reference Desk: Virtual Learning and Child Find
February 5, 2021
KBS Reference Desk: American Rescue Plan
January 29, 2021
KBS Reference Desk: TOMA Suspension Extension – Additional 30 days
January 15, 2021
KBS Reference Desk: Updated FFCRA Guidance
January 8, 2021
KBS Reference Desk: New Stay-at-Home Protocols
December 18, 2020
KBS Reference Desk: Vaccine as a Requirement for School Attendance
December 11, 2020
KBS Reference Desk: Campus Closure due to COVID-19 and Funding
December 4, 2020
KBS Reference Desk: Nonexempt Volunteer Work
November 20, 2020
KBS Reference Desk: TPIA – 10-day Extension
November 6, 2020
KBS Reference Desk: Discontinue Virtual Learning
October 30, 2020
KBS Reference Desk: Political Dress
October 23, 2020
KBS Reference Desk: Emergency Safety Drills
October 16, 2020
KBS Reference Desk: Requests for Homebound Instruction During COVID
October 9, 2020
KBS Reference Desk: Mask Exception
October 2, 2020
KBS Reference Desk: UIL Football Streaming
September 26, 2020
KBS Reference Desk: Eligible Expenses Under Coronavirus Relief Fund
September 18, 2020
KBS Reference Desk: Confidentiality and the ADA
September 11, 2020
KBS Reference Desk: Threat Assessment
September 4, 2020
KBS Reference Desk: Emergency Board Meetings
August 28, 2020
KBS Reference Desk: Homebound Services
August 21, 2020
KBS Reference Desk: COVID-19 Student Privacy and Virtual Learning
August 14, 2020
KBS Reference Desk: ADA Accommodations Based on Family Member’s Disability
August 7, 2020
KBS Reference Desk: EPSL EFML
July 31, 2020