Bill Text: VA HB1034 | 2010 | Regular Session | Chaptered
Bill Title: Information Technology; Governor to appoint Chief Information Officer of VITA, etc.
Spectrum: Partisan Bill (Republican 2-0)
Status: (Passed) 2010-03-11 - Governor: Acts of Assembly Chapter text (CHAP0136) [HB1034 Detail]
Download: Virginia-2010-HB1034-Chaptered.html
Be it enacted by the General Assembly of Virginia: 1. That §§2.2-106, 2.2-225, 2.2-1115.1, 2.2-1509.3, 2.2-2005 through 2.2-2009, 2.2-2012, 2.2-2013, 2.2-2015, 2.2-2019, 2.2-2020, 2.2-2021, 2.2-2023, 23-38.111, and 23-77.4 of the Code of Virginia are amended and reenacted and that Code of Virginia is amended by adding in Chapter 26 of Title 2.2 an article numbered 35, consisting of sections numbered 2.2-2699.5, 2.2-2699.6, and 2.2-2699.7, as follows: §2.2-106. Appointment of agency heads; severance. A. Notwithstanding any provision of law to the contrary, the Governor shall appoint the administrative head of each agency of the executive branch of state government except the: 1. Executive Director of the Virginia Port Authority; 2. Director of the State Council of Higher Education for Virginia; 3. Executive Director of the Department of Game and Inland Fisheries; 4. Executive Director of the Jamestown-Yorktown Foundation; 5. Executive Director of the Motor Vehicle Dealer Board; 6. Librarian of Virginia; 7. Administrator of the Commonwealth's Attorneys' Services Council; 8. Executive Director of the Virginia Housing Development Authority; and 9. Executive Director of the Board of Accountancy
However, the manner of selection of those heads of agencies chosen as set forth in the Constitution of Virginia shall continue without change. Each administrative head and Secretary appointed by the Governor pursuant to this section shall (i) be subject to confirmation by the General Assembly, (ii) have the professional qualifications prescribed by law, and (iii) serve at the pleasure of the Governor. B. As part of the confirmation process for each administrative
head and Secretary, the Secretary of the Commonwealth shall provide copies of
the resumes and statements of economic interests filed pursuant to §2.2-3117
to the chairs of the House of Delegates and Senate Committees on Privileges and
Elections. For appointments made before January 1, copies shall be provided to
the chairs within 30 days of the appointment or by January 7 whichever time is
earlier; and for appointments made after January 1 through the regular session
of that year, copies shall be provided to the chairs within seven days of the
appointment. Each appointee shall be available for interviews by the Committees
on Privileges and Elections or other applicable standing committee. For the
purposes of this section and §2.2-107, there shall be a joint subcommittee of
the House of Delegates and Senate Committees on Privileges and Elections
consisting of five members of the House Committee and three members of the
Senate Committee appointed by the respective chairs of the committees to review
the resumes and statements of economic interests of gubernatorial appointees.
The members of the House of Delegates shall be appointed in accordance with the
principles of proportional representation contained in the Rules of the House
of Delegates. No appointment confirmed by the General Assembly shall be subject
to challenge by reason of a failure to comply with the provisions of this C. For the purpose of this section, "agency"
includes all administrative units established by law or by executive order that
are not (i) arms of the legislative or judicial branches of government; (ii)
institutions of higher education as classified under §§23-253.7, 22.1-346,
23-14, and 23-252 D. Severance benefits provided to any departing agency head, whether or not appointed by the Governor, shall be publicly announced by the appointing authority prior to such departure. §2.2-225. Position established; agencies for which responsible; additional powers. The position of Secretary of Technology (the Secretary) is
created. The Secretary shall be responsible to the Governor for the following
agencies, councils, and boards: Information Technology Unless the Governor expressly reserves such power to himself, the Secretary may, with regard to strategy development, planning and budgeting for technology programs in the Commonwealth: 1. Monitor trends and advances in fundamental technologies of interest and importance to the economy of the Commonwealth and direct and approve a stakeholder-driven technology strategy development process that results in a comprehensive and coordinated view of research and development goals for industry, academia and government in the Commonwealth. This strategy shall be updated biennially and submitted to the Governor, the Speaker of the House of Delegates and the President Pro Tempore of the Senate. 2. Work closely with the appropriate federal research and development agencies and program managers to maximize the participation of Commonwealth industries and universities in these programs consistent with agreed strategy goals. 3. Direct the development of plans and programs for strengthening the technology resources of the Commonwealth's high technology industry sectors and for assisting in the strengthening and development of the Commonwealth's Regional Technology Councils. 4. Direct the development of plans and programs for improving access to capital for technology-based entrepreneurs. 5. Assist the Joint Commission on Technology and Science created pursuant to §30-85 in its efforts to stimulate, encourage, and promote the development of technology in the Commonwealth. 6. Continuously monitor and analyze the technology investments and strategic initiatives of other states to ensure the Commonwealth remains competitive. 7. Strengthen interstate and international partnerships and relationships in the public and private sectors to bolster the Commonwealth's reputation as a global technology center. 8. Develop and implement strategies to accelerate and expand the commercialization of intellectual property created within the Commonwealth. 9. Ensure the Commonwealth remains competitive in cultivating and expanding growth industries, including life sciences, advanced materials and nanotechnology, biotechnology, and aerospace. 10. Monitor the trends in the availability and deployment of and access to broadband communications services, which include, but are not limited to, competitively priced, high-speed data services and Internet access services of general application, throughout the Commonwealth and advancements in communications technology for deployment potential. The Secretary shall report annually by December 1 to the Governor and General Assembly on those trends. 11. Review and approve the procurement or termination of major information technology projects, and contracts or amendments thereto proposed by the Chief Information Officer (CIO) pursuant to §2.2-2007. 12. Review and approve statewide technical and data standards for information technology and related systems, including the utilization of nationally recognized technical and data standards for health information technology systems or software purchased by a state agency of the Commonwealth, as recommended by the CIO. 13. Develop criteria and requirements defining "major information technology project" for purposes of §2.2-2006. Such criteria and requirements shall include, but are not limited to, analysis of each project's risk and complexity. §2.2-1115.1. Standard vendor accounting information. A. The Division, the Virginia Information Technologies Agency, and the State Comptroller shall develop and maintain data standards for use by all agencies and institutions for payments and purchases of goods and services pursuant to §§2.2-1115 and 2.2-2012. Such standards shall include at a minimum the vendor number, name, address, and tax identification number; commodity code, order number, invoice number, and receipt information; and other information necessary to appropriately and consistently identify all suppliers of goods, commodities, and other services to the Commonwealth. The Division, the Virginia Information Technologies Agency, and the State Comptroller shall annually review and update these standards to provide the Commonwealth information to monitor all procurement of goods and services and to implement adequate controls to pay only authorized providers of goods and services to the Commonwealth. B. The Division and the Virginia Information Technologies
Agency shall submit these standards to the Information Technology §2.2-1509.3. Budget bill to include appropriations for major information technology projects. A. For purposes of this section: "Major information technology project" means the same as that term is defined in §2.2-2006. "Major information technology project funding" means an estimate of each funding source for a major information technology project for the duration of the project. B. In "The Budget Bill" submitted pursuant to § 2.2-1509, the Governor shall provide for the funding of major information technology projects, as specified herein. Such funding recommendations shall be for major information technology projects that have or are pending project development approval as defined by §2.2-2019 or procurement approval as defined by §2.2-2020. The Governor shall include in "The Budget Bill" submitted pursuant to §2.2-1509 a biennial appropriation for major information technology projects and the following information for each such project: 1. A brief statement explaining the project, the 2. A brief explanation of the inclusion of any project in the
budget bill that has not undergone review and approval by the 3. Total estimated project costs, as defined by the Commonwealth's Project Management Standards, including the amount of the agency's or institution's operating appropriation, which will support the project, and long-term contract cost beyond the biennium; 4. Costs incurred to date, as defined by the Commonwealth's Project Management Standards, which includes both the project planning cost and internal operating costs to support the project; 5. Recommendations or comments of the Public-Private Partnership Advisory Commission, if the project is part of a proposal under the Public-Private Education Facilities and Infrastructure Act of 2002 (§56-575.1 et seq.); and 6. The C. The §2.2-2005. Creation of Agency; appointment of Chief Information Officer. A. There is hereby created the Virginia Information
Technologies Agency (VITA), which shall serve as the agency responsible for
administration and enforcement of the provisions of this Chapter B. The §2.2-2006. Definitions. As used in this chapter:
"Communications services" includes telecommunications services, automated data processing services, and management information systems that serve the needs of state agencies and institutions. "Confidential data" means information made confidential by federal or state law that is maintained by a state agency in an electronic format. "Information technology" means telecommunications,
automated data processing, databases, the Internet, management information
systems, and related information, equipment, goods, and services. "ITAC" means the Information Technology Advisory Council created in §2.2-2699.5. "Major information technology project" means any
state agency information technology project that "Noncommercial telecommunications entity" means any public broadcasting station as defined in §2.2-2427. "Public telecommunications entity" means any public broadcasting station as defined in §2.2-2427. "Public telecommunications facilities" means all apparatus, equipment and material necessary for or associated in any way with public broadcasting stations or public broadcasting services as those terms are defined in §2.2-2427, including the buildings and structures necessary to house such apparatus, equipment and material, and the necessary land for the purpose of providing public broadcasting services, but not telecommunications services. "Public telecommunications services" means public broadcasting services as defined in §2.2-2427. "Secretary" means the Secretary of Technology. "State agency" or "agency" means any agency, institution, board, bureau, commission, council, or instrumentality of state government in the executive branch listed in the appropriation act. However, the terms "state agency," "agency," "institution," "public body," and "public institution of higher education," shall not include the University of Virginia Medical Center. "Technology asset" means hardware and communications equipment not classified as traditional mainframe-based items, including personal computers, mobile computers, and other devices capable of storing and manipulating electronic data. "Telecommunications" means any origination, transmission, emission, or reception of signs, signals, writings, images, and sounds or intelligence of any nature, by wire, radio, television, optical, or other electromagnetic systems. "Telecommunications facilities" means apparatus necessary or useful in the production, distribution, or interconnection of electronic communications for state agencies or institutions including the buildings and structures necessary to house such apparatus and the necessary land. §2.2-2007. Powers of the CIO. A. In addition to such other duties as the 1. Monitor trends and advances in information technology;
develop a comprehensive, statewide, 2. Direct the formulation and promulgation of policies, guidelines, standards, and specifications for the purchase, development, and maintenance of information technology for state agencies, including, but not limited to, those (i) required to support state and local government exchange, acquisition, storage, use, sharing, and distribution of geographic or base map data and related technologies, (ii) concerned with the development of electronic transactions including the use of electronic signatures as provided in §59.1-496, and (iii) necessary to support a unified approach to information technology across the totality of state government, thereby assuring that the citizens and businesses of the Commonwealth receive the greatest possible security, value, and convenience from investments made in technology. 3. Direct the development of policies and procedures, in consultation with the Department of Planning and Budget, that are integrated into the Commonwealth's strategic planning and performance budgeting processes, and that state agencies and public institutions of higher education shall follow in developing information technology plans and technology-related budget requests. Such policies and procedures shall require consideration of the contribution of current and proposed technology expenditures to the support of agency and institution priority functional activities, as well as current and future operating expenses, and shall be utilized by all state agencies and public institutions of higher education in preparing budget requests. 4. Review budget requests for information technology from
state agencies and public institutions of higher education and recommend budget
priorities to the Review of such budget requests shall include, but not be limited to, all data processing or other related projects for amounts exceeding $100,000 in which the agency or institution has entered into or plans to enter into a contract, agreement or other financing agreement or such other arrangement that requires that the Commonwealth either pay for the contract by foregoing revenue collections, or allows or assigns to another party the collection on behalf of or for the Commonwealth any fees, charges, or other assessments or revenues to pay for the project. For each project, the agency or institution, with the exception of public institutions of higher education that meet the conditions prescribed in subsection B of §23-38.88, shall provide the CIO (i) a summary of the terms, (ii) the anticipated duration, and (iii) the cost or charges to any user, whether a state agency or institution or other party not directly a party to the project arrangements. The description shall also include any terms or conditions that bind the Commonwealth or restrict the Commonwealth's operations and the methods of procurement employed to reach such terms. 5. Direct the development of policies and procedures for the
effective management of information technology investments throughout their
entire life cycles, including, but not limited to, project definition, procurement,
development, implementation, operation, performance evaluation, and enhancement
or retirement. Such policies and procedures shall include, at a minimum, the
periodic review by the CIO of agency and public institution of higher education
major information technology projects 6. Oversee and administer the Virginia Technology Infrastructure Fund created pursuant to §2.2-2023. 7. Periodically evaluate the feasibility of outsourcing information technology resources and services, and outsource those resources and services that are feasible and beneficial to the Commonwealth. 8. Have the authority to enter into contracts, and with the
approval of the 9. Report annually to the Governor, the Secretary, and the Joint Commission on Technology and Science created pursuant to §30-85 on the use and application of information technology by state agencies and public institutions of higher education to increase economic efficiency, citizen convenience, and public access to state government. The CIO shall prepare an annual report for submission to the Secretary, the Information Technology Advisory Council, and the Joint Commission on Technology and Science on a prioritized list of Recommended Technology Investment Projects based upon major information technology projects submitted for approval pursuant to this chapter. As part of this plan, the CIO shall develop and regularly update a methodology for prioritizing projects based upon the allocation of points to defined criteria. The criteria and their definitions shall be presented in the plan. For each project listed in the plan, the CIO shall indicate the number of points and how they were awarded. For each listed project, the CIO shall also indicate (i) the projected cost of the project for the next three biennia following project implementation; (ii) all projected costs of ongoing operations and maintenance activities; and (iii) whether the project fails to incorporate existing standards for the maintenance, exchange, and security of data. This report shall also include trends in current projected information technology spending by state agencies and at the enterprise level, including spending on projects, operations and maintenance, and payments to VITA. 10. Direct the development of policies and procedures that
require VITA to review major information technology projects proposed by
state agencies and institutions 11. Oversee the Commonwealth's efforts to modernize the planning, development, implementation, improvement, and retirement of Commonwealth applications, including the coordination and development of enterprise-wide or multiagency applications. 12. Develop and recommend to the Secretary statewide technical and data standards for information technology and related systems, including the utilization of nationally recognized technical and data standards for health information technology systems or software purchased by a state agency of the Commonwealth. B. Consistent with §2.2-2012, the CIO may enter into public-private partnership contracts to finance or implement information technology programs and projects. The CIO may issue a request for information to seek out potential private partners interested in providing programs or projects pursuant to an agreement under this subsection. The compensation for such services shall be computed with reference to and paid from the increased revenue or cost savings attributable to the successful implementation of the program or project for the period specified in the contract. The CIO shall be responsible for reviewing and approving the programs and projects and the terms of contracts for same under this subsection. The CIO shall determine annually the total amount of increased revenue or cost savings attributable to the successful implementation of a program or project under this subsection and such amount shall be deposited in the Virginia Technology Infrastructure Fund created in §2.2-2023. The CIO is authorized to use moneys deposited in the Fund to pay private partners pursuant to the terms of contracts under this subsection. All moneys in excess of that required to be paid to private partners, as determined by the CIO, shall be reported to the Comptroller and retained in the Fund. The CIO shall prepare an annual report to the Governor, the Secretary, and General Assembly on all contracts under this subsection, describing each information technology program or project, its progress, revenue impact, and such other information as may be relevant. C. The CIO shall strive to follow acceptable technology investment methods, such as Information Technology Investment Management (ITIM) principles developed by the United States Government Accountability Office, to ensure that all technology expenditures are an integral part of the Commonwealth's performance management system and are aligned with (i) agency strategic business objectives, (ii) the Governor's policy objectives, and (iii) the long-term objectives of the Council on Virginia's Future. D. Subject to review and approval by the Secretary, the CIO shall have the authority to enter into and amend contracts for the provision of information technology services. §2.2-2008. Additional duties of the CIO relating to project management. The CIO shall have the following duties relating to the management of information technology projects: 1. Develop an approval process for proposed major information technology projects by state agencies to ensure that all such projects conform to the statewide information management plan and the information management plans of agencies and public institutions of higher education. 2. Establish a methodology for conceiving, planning, scheduling and providing appropriate oversight for information technology projects including a process for approving the planning, development and procurement of information technology projects. Such methodology shall include guidelines for the establishment of appropriate oversight for information technology projects. 3. Establish minimum qualifications and training standards for project managers. 4. 5. Direct the development of any statewide or multiagency enterprise project. 6. Develop and update a project management methodology to be used by agencies in the development of information technology. 7. Establish an information clearinghouse that identifies best practices and new developments and contains detailed information regarding the Commonwealth's previous experiences with the development of major information technology projects. 8. Determine, prior to proceeding with the development of a
major information technology project pursuant to §2.2-2019 or the procurement
of any major information technology project pursuant to §2.2-2020, that the
funding for such project has been included in the budget bill in accordance
with §2.2-1509.3. §2.2-2009. Additional duties of the CIO relating to security of government information. A. To provide for the security of state government electronic information from unauthorized uses, intrusions or other security threats, the CIO shall direct the development of policies, procedures and standards for assessing security risks, determining the appropriate security measures and performing security audits of government electronic information. Such policies, procedures, and standards will apply to the Commonwealth's executive, legislative, and judicial branches, and independent agencies and institutions of higher education. The CIO shall work with representatives of the Chief Justice of the Supreme Court and Joint Rules Committee of the General Assembly to identify their needs. B. The CIO shall also develop policies, procedures, and standards that shall address the scope of security audits and the frequency of such security audits. In developing and updating such policies, procedures, and standards, the CIO shall designate a government entity to oversee, plan and coordinate the conduct of periodic security audits of all executive branch and independent agencies and institutions of higher education. The CIO will coordinate these audits with the Auditor of Public Accounts and the Joint Legislative Audit and Review Commission. The Chief Justice of the Supreme Court and the Joint Rules Committee of the General Assembly shall determine the most appropriate methods to review the protection of electronic information within their branches. C. The CIO shall annually report to the Governor,
the Secretary, and General Assembly The CIO shall also include in this report (a) results of security audits, including those state agencies, independent agencies, and institutions of higher education that have not implemented acceptable regulations, standards, policies, and guidelines to control unauthorized uses, intrusions, or other security threats and (b) the extent to which security standards and guidelines have been adopted by state agencies. D. All public bodies subject to such audits as required by this section shall fully cooperate with the entity designated to perform such audits and bear any associated costs. Public bodies that are not required to but elect to use the entity designated to perform such audits shall also bear any associated costs. E. The provisions of this section shall not infringe upon responsibilities assigned to the Comptroller, the Auditor of Public Accounts, or the Joint Legislative Audit and Review Commission by other provisions of the Code of Virginia. F. To ensure the security and privacy of citizens of the Commonwealth in their interactions with state government, the CIO shall direct the development of policies, procedures, and standards for the protection of confidential data maintained by state agencies against unauthorized access and use. Such policies, procedures, and standards shall include, but not be limited to: 1. Requirements that any state employee or other authorized user of a state technology asset provide passwords or other means of authentication to (i) use a technology asset and (ii) access a state-owned or operated computer network or database; and 2. Requirements that a digital rights management system or other means of authenticating and controlling an individual's ability to access electronic records be utilized to limit access to and use of electronic records that contain confidential data to authorized individuals. G. The CIO shall promptly receive reports from directors of departments in the executive branch of state government made in accordance with §2.2-603 and shall take such actions as are necessary, convenient or desirable to ensure the security of the Commonwealth's electronic information and confidential data. H. The CIO shall also develop policies, procedures, and standards that shall address the creation and operation of a risk management program designed to identify information technology security gaps and develop plans to mitigate the gaps. All agencies in the Commonwealth shall cooperate with the CIO. Such cooperation includes, but is not limited to, (i) providing the CIO with information required to create and implement a Commonwealth risk management program; (ii) creating an agency risk management program; and (iii) complying with all other risk management activities. §2.2-2012. Procurement of information technology and telecommunications goods and services; computer equipment to be based on performance-based specifications. A. Information technology and telecommunications goods and services of every description shall be procured by (i) VITA for its own benefit or on behalf of other state agencies and institutions or (ii) such other agencies or institutions to the extent authorized by VITA. Such procurements shall be made in accordance with the Virginia Public Procurement Act (§ 2.2-4300 et seq.), regulations that implement the electronic and information technology accessibility standards of the Rehabilitation Act of 1973 (29 U.S.C. §794d), as amended, and any regulations as may be prescribed by VITA. In no case shall such procurements exceed the requirements of the regulations that implement the electronic and information technology accessibility standards of the Rehabilitation Act of 1973, as amended. The CIO shall disapprove any procurement that does not conform to the statewide information technology plan or to the individual plans of state agencies or public institutions of higher education. B. All statewide contracts and agreements made and entered into by VITA for the purchase of communications services, telecommunications facilities, and information technology goods and services shall provide for the inclusion of counties, cities, and towns in such contracts and agreements. Notwithstanding the provisions of §2.2-4301, VITA may enter into multiple vendor contracts for the referenced services, facilities, and goods and services.
§2.2-2013. Internal service funds; Automated Services Internal Service Fund; Computer Services Internal Service Fund; Telecommunication Services Internal Service Fund. A. There are established the following internal service funds to be administered by VITA: 1. The Automated Services Internal Service Fund to be used to finance automated systems design, development and testing services and staff of VITA; 2. The Computer Services Internal Service Fund to be used to finance computer operations and staff of VITA; and 3. The Telecommunication Services Internal Service Fund to be used to finance telecommunications operations and staff of VITA. B. There is established the Acquisition Services Special Fund to be administered by VITA and used to finance procurement and contracting activities and programs unallowable for federal fund reimbursement. C. All users of services provided for in this chapter administered by VITA shall be assessed a surcharge, which shall be deposited in the appropriate fund. This charge shall be an amount sufficient to allow VITA to finance the operations and staff of the services offered. D. Additional moneys necessary to establish these funds or provide for the administration of the activities of VITA may be advanced from the general account of the state treasury. E. The CIO shall direct that the following activities be conducted with respect to VITA's internal service funds: 1. VITA shall establish fee schedules for the collection of fees from users when general fund appropriations are not available for the services rendered. 2. VITA shall develop and implement information, billing, and collections methods that will assist state agencies in analyzing and effectively managing their use of VITA's services, and which will allow VITA to forecast service demands and balances of its internal service funds. 3. By September 1 of each year, VITA shall submit biennial projections of future revenues and expenditures for each internal service fund and estimates of any anticipated changes to fee schedules to the Joint Legislative Audit and Review Commission and the Department of Planning and Budget. 4. In the event that changes to fee schedules or rates are required, the CIO shall submit documentation to the Joint Legislative Audit and Review Commission and the Department of Planning and Budget no later than September 1 prior to the fiscal year in which the new or revised rates are to take effect so that the impact of the rate changes can be considered for inclusion in the executive budget submitted to the General Assembly pursuant to §2.2-1508. In emergency circumstances, deviations from this approach shall be approved in advance by the Joint Legislative Audit and Review Commission. §2.2-2015. Authority of CIO to modify or suspend major information technology projects; project termination. The CIO may direct the modification or suspension of any major
information technology project that, as the result of a periodic review
authorized by subdivision A 5 of §2.2-2007, has not met the performance
measures agreed to by the CIO and the sponsoring agency or public institution
of higher education or if he otherwise deems such action appropriate and
consistent with the terms of any affected contracts. The CIO may recommend to the The provisions of this section shall not apply to research projects, research initiatives or instructional programs at public institutions of higher education. However, technology investments in research projects, research initiatives or instructional programs at such institutions estimated to cost $1 million or more of general fund appropriations may be reviewed as provided in subdivision A 5 of §2.2-2007 if the projects are deemed mission-critical by the institution or of statewide application by the CIO. The CIO and the Secretary of Education, in consultation with public institutions of higher education, shall develop and provide to such institution criteria to be used in determining whether projects are mission-critical. §2.2-2019. Project development approval. A. Upon approval of the CIO of the project plan, an agency shall submit to the Division a project development proposal containing (i) a detailed business case including a cost-benefit analysis; (ii) a business process analysis, if applicable; (iii) system requirements, if known; (iv) a proposed development plan and project management structure; and (v) a proposed resource or funding plan. The project management specialist may require the submission of additional information necessary to meet the criteria developed by the Division. B. The project management specialist assigned to review the
project development proposal shall recommend its approval or rejection to the
CIO. §2.2-2020. Procurement approval for major information technology projects. Upon approval of the §2.2-2021. Project oversight. A. Whenever an agency has received approval from the B. Whenever a statewide or multiagency project has received
approval from the §2.2-2023. Virginia Technology Infrastructure Fund created; contributions. A. The Virginia Technology Infrastructure Fund (the Fund) is created in the state treasury. The Fund is to be used to fund major information technology projects or to pay private partners as authorized in subsection B of §2.2-2007. B. The Fund shall consist of: (i) the transfer of general and
nongeneral fund appropriations from state agencies which represent savings that
accrue from reductions in the cost of information technology and communication
services, (ii) the transfer of general and nongeneral fund appropriations from
state agencies which represent savings from the implementation of information
technology enterprise projects, (iii) funds identified pursuant to subsection B
of §2.2-2007, (iv) such general and nongeneral fund fees or surcharges as may
be assessed to agencies for enterprise technology projects, (v) gifts, grants,
or donations from public or private sources, and (vi) such other funds as may
be appropriated by the General Assembly. Savings shall be as identified by the
CIO through a methodology Interest earned on the Fund shall be credited to the Fund. The Fund shall be permanent and nonreverting. Any unexpended balance in the Fund at the end of the biennium shall not be transferred to the general fund of the state treasury. §2.2-2699.5. Information Technology Advisory Council; membership; terms; quorum; compensation; staff. A. The Information Technology Advisory Council (ITAC) is established as an advisory council, within the meaning of §2.2-2100, in the executive branch of state government. The ITAC shall be responsible for advising the CIO and the Secretary of Technology on the planning, budgeting, acquiring, using, disposing, managing, and administering of information technology in the Commonwealth. B. The ITAC shall consist of not more than 14 members as follows: (i) one representative from an agency under each of the Governor's Secretaries, as set out in Chapter 2 (§2.2-200 et seq.), to be appointed by the Governor and serve with voting privileges; (ii) the Secretary of Technology and the CIO who shall serve ex officio with voting privileges; and (iii) at the Governor's discretion, not more than two nonlegislative citizen members to be appointed by the Governor and serve with voting privileges. Nonlegislative citizen members shall be appointed for terms of four years. Appointments to fill vacancies, other than by expiration of a term, shall be for the unexpired terms. All members may be reappointed. However, no nonlegislative citizen member shall serve more than two consecutive four-year terms. The remainder of any term to which a member is appointed to fill a vacancy shall not constitute a term in determining the member's eligibility for reappointment. Vacancies shall be filled in the same manner as the original appointments. C. The Secretary of Technology shall serve as chairman of the ITAC. The CIO shall serve as vice-chairman. A majority of the members shall constitute a quorum. The ITAC shall meet at least quarterly each year. The meetings of the ITAC shall be held at the call of the chairman or whenever the majority of the members so request. D. Nonlegislative citizen members shall receive compensation and shall be reimbursed for all reasonable and necessary expenses incurred in the performance of their duties, as provided in §§2.2-2813 and 2.2-2825. Funding for the costs of compensation and expenses of the members shall be provided by the Virginia Information Technologies Agency. E. The disclosure requirements of subsection B of § 2.2-3114 of the State and Local Government Conflict of Interests Act shall apply to citizen members of the ITAC. F. The Virginia Information Technologies Agency shall serve as staff to the ITAC. §2.2-2699.6. Powers and duties of the ITAC. The ITAC shall have the power and duty to: 1. Adopt rules and procedures for the conduct of its business; 2. Advise the CIO on the development of all major information technology projects as defined in §2.2-2006; 3. Advise the CIO on strategies, standards, and priorities for the use of information technology for state agencies in the executive branch of state government; 4. Advise the CIO on developing the two-year plan for information technology projects; 5. Advise the CIO on statewide technical and data standards for information technology and related systems, including the utilization of nationally recognized technical and data standards for health information technology systems or software purchased by a state agency of the Commonwealth; 6. Advise the CIO on statewide information technology architecture and related system standards; 7. Advise the CIO on assessing and meeting the Commonwealth's business needs through the application of information technology; and 8. Advise the CIO on the prioritization, development, and implementation of enterprise-wide technology applications; annually review all agency technology applications budgets; and advise the CIO on infrastructure expenditures. For purposes of this section, technology applications include, but are not limited to, hardware, software, maintenance, facilities, contractor services, goods, and services that promote business functionality and facilitate the storage, flow, use or processing of information by agencies of the Commonwealth in the execution of their business activities. §2.2-2699.7. Health Information Technology Standards Advisory Committee. The ITAC may appoint an advisory committee of persons with expertise in health care and information technology to advise the ITAC on the utilization of nationally recognized technical and data standards for health information technology systems or software pursuant to subdivision 5 of § 2.2-2699.6. The ITAC, in consultation with the Secretary of Health and Human Resources, may appoint up to five persons to serve on the advisory committee. Members appointed to the advisory committee shall serve without compensation, but shall be reimbursed for all reasonable and necessary expenses incurred in the performance of their duties as provided in §2.2-2825. The CIO, the Secretary of Technology, and the Secretary of Health and Human Resources, or their designees, may also serve on the advisory committee. §23-38.111. Information technology. Subject to the terms of the management agreement, covered
institutions may be exempt from the provisions governing the Virginia
Information Technologies Agency, Chapter 20.1 (§2.2-2005 et seq.) of Title
2.2., and the provisions governing the Information Technologies §23-77.4. Medical center management. A. The General Assembly recognizes and finds that the economic viability of the University of Virginia Medical Center, hereafter referred to as the Medical Center, together with the requirement for its specialized management and operation, and the need of the Medical Center to participate in cooperative arrangements reflective of changes in health care delivery, as set forth in §23-77.3, are dependent upon the ability of the management of the Medical Center to make and implement promptly decisions necessary to conduct the affairs of the Medical Center in an efficient, competitive manner. The General Assembly also recognizes and finds that it is critical to, and in the best interests of, the Commonwealth that the University continue to fulfill its mission of providing quality medical and health sciences education and related research and, through the presence of its Medical Center, continue to provide for the care, treatment, health-related services, and education activities associated with Virginia patients, including indigent and medically indigent patients. Because the General Assembly finds that the ability of the University to fulfill this mission is highly dependent upon revenues derived from providing health care through its Medical Center, and because the General Assembly also finds that the ability of the Medical Center to continue to be a reliable source of such revenues is heavily dependent upon its ability to compete with other providers of health care that are not subject to the requirements of law applicable to agencies of the Commonwealth, the University is hereby authorized to implement the following modifications to the management and operation of the affairs of the Medical Center in order to enhance its economic viability: B. Capital projects; leases of property; procurement of goods, services and construction. 1. Capital projects. a. For any Medical Center capital project entirely funded by a nongeneral fund appropriation made by the General Assembly, all post-appropriation review, approval, administrative, and policy and procedure functions performed by the Department of General Services, the Division of Engineering and Buildings, the Department of Planning and Budget and any other agency that supports the functions performed by these departments are hereby delegated to the University, subject to the following stipulations and conditions: (i) the Board of Visitors shall develop and implement an appropriate system of policies, procedures, reviews and approvals for Medical Center capital projects to which this subdivision applies; (ii) the system so adopted shall provide for the review and approval of any Medical Center capital project to which this subdivision applies in order to ensure that, except as provided in clause (iii), the cost of any such capital project does not exceed the sum appropriated therefor and that the project otherwise complies with all requirements of the Code of Virginia regarding capital projects, excluding only the post-appropriation review, approval, administrative, and policy and procedure functions performed by the Department of General Services, the Division of Engineering and Buildings, the Department of Planning and Budget and any other agency that supports the functions performed by these departments; (iii) the Board of Visitors may, during any fiscal year, approve a transfer of up to a total of 15 percent of the total nongeneral fund appropriation for the Medical Center in order to supplement funds appropriated for a capital project or capital projects of the Medical Center, provided that the Board of Visitors finds that the transfer is necessary to effectuate the original intention of the General Assembly in making the appropriation for the capital project or projects in question; (iv) the University shall report to the Department of General Services on the status of any such capital project prior to commencement of construction of, and at the time of acceptance of, any such capital project; and (v) the University shall ensure that Building Officials and Code Administrators (BOCA) Code and fire safety inspections of any such project are conducted and that such projects are inspected by the State Fire Marshal or his designee prior to certification for building occupancy by the University's assistant state building official to whom such inspection responsibility has been delegated pursuant to §36-98.1. Nothing in this section shall be deemed to relieve the University of any reporting requirement pursuant to §2.2-1513. Notwithstanding the foregoing, the terms and structure of any financing of any capital project to which this subdivision applies shall be approved pursuant to §2.2-2416. b. No capital project to which this subdivision applies shall be materially increased in size or materially changed in scope beyond the plans and justifications that were the basis for the project's appropriation unless: (i) the Governor determines that such increase in size or change in scope is necessary due to an emergency or (ii) the General Assembly approves the increase or change in a subsequent appropriation for the project. After construction of any such capital project has commenced, no such increase or change may be made during construction unless the conditions in (i) or (ii) have been satisfied. 2. Leases of property. a. The University shall be exempt from the provisions of § 2.2-1149 and from any rules, regulations and guidelines of the Division of Engineering and Buildings in relation to leases of real property that it enters into on behalf of the Medical Center and, pursuant to policies and procedures adopted by the Board of Visitors, may enter into such leases subject to the following conditions: (i) the lease must be an operating lease and not a capital lease as defined in guidelines established by the Secretary of Finance and Generally Accepted Accounting Principles (GAAP); (ii) the University's decision to enter into such a lease shall be based upon cost, demonstrated need, and compliance with guidelines adopted by the Board of Visitors which direct that competition be sought to the maximum practical degree, that all costs of occupancy be considered, and that the use of the space to be leased actually is necessary and is efficiently planned; (iii) the form of the lease is approved by the Special Assistant Attorney General representing the University; (iv) the lease otherwise meets all requirements of law; (v) the leased property is certified for occupancy by the building official of the political subdivision in which the leased property is located; and (vi) upon entering such leases and upon any subsequent amendment of such leases, the University shall provide copies of all lease documents and any attachments thereto to the Department of General Services. b. Notwithstanding the provisions of §§2.2-1155 and 23-4.1, but subject to policies and procedures adopted by the Board of Visitors, the University may lease, for a purpose consistent with the mission of the Medical Center and for a term not to exceed 50 years, property in the possession or control of the Medical Center. c. Notwithstanding the foregoing, the terms and structure of any financing arrangements secured by capital leases or other similar lease financing agreements shall be approved pursuant to §2.2-2416. 3. Procurement of goods, services and construction. Contracts awarded by the University in compliance with this
section, on behalf of the Medical Center, for the procurement of goods;
services, including professional services; construction; and information
technology and telecommunications, shall be exempt from (i) the Virginia Public
Procurement Act (§2.2-4300 et seq.), except as provided below; (ii) the requirements
of the Division of Purchases and Supply of the Department of General Services
as set forth in Article 3 (§2.2-1109 et seq.) of Chapter 11 of Title 2.2;
(iii) the requirements of the Division of Engineering and Buildings as set
forth in Article 4 (§2.2-1129 et seq.) of Chapter 11 of Title 2.2; and (iv)
the authority of the Chief Information Officer and the Virginia
Information Technologies Agency as set forth in Chapter 20.1 (§2.2-2005 et
seq.) of Title 2.2 C. Subject to such conditions as may be prescribed in the budget bill under §2.2-1509 as enacted into law by the General Assembly, the State Comptroller shall credit, on a monthly basis, to the nongeneral fund operating cash balances of the University of Virginia Medical Center the imputed interest earned by the investment of such nongeneral fund operating cash balances, including but not limited to those balances derived from patient care revenues, on deposit with the State Treasurer. 2. That Article 7 (§§2.2-2033 and 2.2-2034) of Chapter 20.1 of Title 2.2 and Article 20 (§§2.2-2457, 2.2-2458, and 2.2-2458.1) of Chapter 24 of Title 2.2 of the Code of Virginia are repealed. 3. That the third enactment of Chapter 758 of the Acts of Assembly of 2009 is amended and reenacted as follows: 3. That the Department of General Services, the Virginia Information
Technologies Agency, and the State Comptroller shall submit to the Information
Technology Investment Board the standards required pursuant to §2.2-1115.1 of
this act by December 1, 2009. The Department of General Services and the
Virginia Information Technologies Agency shall undertake to use these standards
in the Commonwealth's enterprise electronic procurement system upon approval by
the 4. That the third enactment of Chapter 812 of the Acts of Assembly of 2009 is amended and reenacted as follows: 3. That the Department of General Services, the Virginia
Information Technologies Agency, and the State Comptroller shall submit to the
Information Technology Investment Board the standards required pursuant to §
2.2-1115.1 of this act by December 1, 2009. The Department of General Services
and the Virginia Information Technologies Agency shall undertake to use these
standards in the Commonwealth's enterprise electronic procurement system upon
approval by the 5. That on or before October 1, 2010, the Chief Information Officer, in consultation with the Joint Legislative Audit and Review Commission and any other parties as directed by the Secretary of Technology, shall develop a new review, approval, and monitoring process for information technology projects to replace the process required by §§2.2-2008 and 2.2-2017 through 2.2-2021 of the Code of Virginia. The new process shall be operational by January 1, 2011, and shall be implemented and regularly updated by the Division of Project Management. The process shall be designed to ensure that information technology projects conform to the statewide information management plan and the information management plans of agencies and public institutions of higher education. The process shall also be designed to ensure that projects are provided with appropriate levels of oversight once they are under execution. The level of review and oversight shall vary depending upon defined risk factors including, but not limited to, the cost of the project. In order to achieve the above goals, the process shall describe a methodology for agencies to follow in conceiving, planning, developing, scheduling and executing information technology projects, including procurements related to those projects. 6. That on or before October 1, 2010, the Chief Information Officer shall, in consultation with the Joint Legislative Audit and Review Commission and the Department of Planning and Budget, develop standard documentation and information to be used as part of any requests for changes to the Virginia Information Technologies Agency's fee schedules and rates. 7. That as of the effective date of this act, the Secretary of Technology shall be deemed the successor in interest to the Information Technology Investment Board. Without limiting the foregoing, all right, title, and interest in and to any real or tangible personal property or contract vested in the Information Technology Investment Board as of the effective date of this act shall be transferred to and taken as standing in the name of the Secretary of Technology. 8. That as of the effective date of this act, the Secretary of Technology shall be deemed the successor in interest to the Division of Enterprise Applications and Virginia Chief Applications Officer. Without limiting the foregoing, all right, title, and interest in and to any real or tangible personal property or contract vested in the Division of Enterprise Applications and Virginia Chief Applications Officer as of the effective date of this act shall be transferred to and taken as standing in the name of the Secretary of Technology. 9. That the Secretary of Technology shall provide in writing the criteria and requirements defining "major information technology project" to the chairs of the House Committee on General Laws, the Senate Committee on General Laws and Technology, the House Committee on Appropriations, the Senate Finance Committee, and the House Committee on Science and Technology. 10. That the Virginia Information Technologies Agency shall continue following the definition of "major information technology project" in effect prior to the passage of this act until the Secretary of Technology develops criteria and requirements defining "major information technology project" pursuant to the provisions of this act. 11. That the Information Technology Advisory Council shall develop a technology business plan for the Commonwealth in consultation with the Council on Virginia's Future, and that on or before December 31, 2011, such technology business plan shall be provided in writing to the chairs of the House Committee on General Laws, the Senate Committee on General Laws and Technology, the House Committee on Appropriations, the Senate Finance Committee, and the House Committee on Science and Technology. 12. That an emergency exists and this act is in force from its passage. |