KBS Reference Desk: Cybersecurity Training HB 3834

Q:       I noticed several provisions related to cybersecurity during the recent legislative session; is every district employee required to complete the referenced “cybersecurity training”? If not, how do we determine which employees must complete the training?

 

A:       No, not all employees must be trained. House Bill 3834 requires training only for employees who use a computer at least 25 percent of their day to complete required duties. 

House Bill 3834, effective June 14, 2019, was enacted to ensure that sensitive information maintained by the State and local governments remains protected from unauthorized users. The Bill requires that certain employees, as well as all of the State’s elected officials, annually complete a cybersecurity training program certified by the Texas Department of Information Resources (TDPI). The determining factor as to whether a particular employee is required to complete the cybersecurity training is the individual’s job duties.  Specifically, the Bill applies to employees “who use a computer to complete at least 25 percent of [their] required duties.” Gov’t. Code Sec. 2054.5191.  

HB 3834 also requires school district contractors and subcontractors to complete a certified cybersecurity training program if the contractor or subcontractor has access to a district computer system or database. The cybersecurity training program can be selected by the school district and must be completed by the contractor during the term of the given contract, including any renewal period (such as an automatic renewal). For contracts entered into or renewed after June 14, 2019, the required completion of a cybersecurity training program must be included in the terms of the contract. HB 3834 does not apply to contracts entered into or renewed before June 14, 2019. 

TDIR indicates it will release a list of certified training programs this October. Moreover, school districts that employ a dedicated information resource cybersecurity officer may offer the training internally so long as the program meets the statutory requirements. For specific questions pertaining to cybersecurity training, please contact your local school attorney.

Related Posts

Recent Articles

KBS Reference Desk: On Call Employees over 4th of July Holiday
July 1, 2022
KBS Reference Desk: Employment of Students
June 24, 2022
KBS Reference Desk: TOMA Social Gatherings Conventions
June 17, 2022
KBS Reference Desk: Volunteers Under Guardian Plan
June 10, 2022
KBS Reference Desk: DOI and Certification
June 3, 2022
KBS Reference Desk: FML Leave Over the Summer
May 27, 2022
KBS Reference Desk: Decrease in Compensation
May 20, 2022
KBS Reference Desk: Participation in Graduation Ceremonies
May 13, 2022
KBS Reference Desk: Temporary Custodians of Record – TPIA
May 6, 2022
KBS Reference Desk: Driving Students to Polls
April 29, 2022
KBS Reference Desk: Authority to Create New Position
April 22, 2022
KBS Reference Desk: Booster Club Raffle
April 15, 2022
KBS Reference Desk: Returning a Teacher to Probationary Status
April 8, 2022
KBS Reference Desk: Termination of Probationary Contract While On Leave
April 1, 2022
KBS Reference Desk: Long COVID and Special Education Referrals
March 25, 2022
KBS Reference Desk: Pay During Weather Closure
March 18, 2022
KBS Reference Desk: Nepotism
March 11, 2022
KBS Reference Desk: New SBOE Rules on Contract Abandonment
March 4, 2022
KBS Reference Desk: Web Accessibility
February 25, 2022
KBS Reference Desk: Political Advocacy Prohibitions
February 18, 2022
KBS Reference Desk: Pay During Weather Closure
February 11, 2022
KBS Reference Desk: House Bill 2581 Procurement Updates
February 4, 2022
KBS Reference Desk: CDL Waivers for Bus Drivers
January 28, 2022
KBS Reference Desk: Interstate Travel Liability and Travel Forms Best Practices
January 21, 2022
KBS Reference Desk: Updated Stay at Home Periods
January 14, 2022