Congress

Panel votes to tighten federal website security

US Capitol

A bill to tighten controls on the way federal websites capture user information won approval from the House Oversight and Government Reform Committee on March 13.

The measure would require any federal website that collects personally identifiable information from users -- including name, date of birth, Social Security number, or financial information -- must be certified as safe and secure by the agency CIO before going live.

Agency and contractor personnel with access to personal information would have to sign a non-disclosure agreement specifically covering personal data. Additionally, government agencies would be required to take "reasonable efforts" to secure multiple domain registrations to avoid confusing site visitors. For example, the bill envisions a site such as HealthCare.gov also being available at HealthCare.com and HealthCare.org.

"When entering their personal information on a federal website, Americans should have the peace of mind that it will remain private, safe, and secure from hackers," said the bill's sponsor, Michigan Republican Rep. Kerry Bentivolio.

The bill also includes an amendment from Rep. Gerry Connolly (D-Va.) that would require agencies to notify individuals whose information may have been disclosed in a security breach within 72 hours of the incident, and to report breaches to a federal cybersecurity center.

The committee also approved a bill to end the requirement that the Government Printing Office physically print the Federal Register, while easing constraints on how agencies submit notices to the GPO for inclusion in the Federal Register.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.