CONGRESSWOMAN ELISE STEFANIK
On Monday, July 28, 2014, the House will consider H.R. 3635, the Safe and Secure Federal Websites Act of 2014, under a suspension of the rules. H.R. 3635 was introduced on December 3, 2013 by Rep. Kerry Bentivolio (R-MI) and referred to the Committee on Oversight and Government Reform, which ordered the bill reported, as amended, by voice vote.
H.R. 3635 prohibits an agency from deploying or making available a “new Federal Personally Identifiable Information (PII) website” until a certification is sent to Congress that the website is fully functional and secure. A “new Federal PII website” is a website that: 1) is operated by (or under a contract with) an agency; 2) elicits, collects, stores, or maintains personally identifiable information of individuals and is accessible to the public; and 3) is first made accessible to the public and collects or stores personally identifiable information of individuals on or after October 1, 2012. This legislation exempts beta websites in development if users execute an agreement acknowledging the risks involved in participating. Agencies that launch websites after October 1, 2013 will be given 90 days to comply with the guidelines established by this Act. This legislation also requires the Director of the Office of Management and Budget (OMB) to establish and oversee policies and procedures for agencies to follow in the event of a breach of information security involving the disclosure of personally identifiable information. H.R. 3635 further requires the Director of the OMB to submit a yearly report to Congress on agency compliance with these policies.
CBO estimates that the cost of certifying the safety of information required in H.R. 3635 would be less than $500,000 over the next five years. CBO estimates that enacting this legislation would have no significant impact on the federal budget.
For questions or further information contact the GOP Conference at 5-5107.