Public Act 100-0040
 
HB2371 EnrolledLRB100 08806 HLH 18946 b


  
    AN ACT concerning State government.
  
 
    Be it enacted by the People of the State of Illinois,
 
represented in the General Assembly:
  


 
 
    Section 5. The Data Security on State Computers Act is 
amended  by adding Section 25 as follows:
 
    (20 ILCS 450/25 new)
    Sec. 25. Mandatory State employee training.
    (a) As used in this Section, "employee" has the meaning 
ascribed to it in Section 1-5 of the State Officials and 
Employees Ethics Act, but does not include an employee of the 
legislative branch, the judicial branch, a public university of 
the State, or a constitutional officer other than the Governor.
    (b) Every employee shall annually undergo training by the 
Department of Innovation and Technology concerning 
cybersecurity. The Department may, in its discretion, make the 
training an online course. The training shall include, but need 
not be limited to, detecting phishing scams, preventing spyware 
infections and identity theft, and preventing and responding to 
data breaches.
    (c) The Department of Innovation and Technology may adopt 
rules to implement the requirements of this Section.