Congress

Panel votes to tighten federal website security

US Capitol

A bill to tighten controls on the way federal websites capture user information won approval from the House Oversight and Government Reform Committee on March 13.

The measure would require any federal website that collects personally identifiable information from users -- including name, date of birth, Social Security number, or financial information -- must be certified as safe and secure by the agency CIO before going live.

Agency and contractor personnel with access to personal information would have to sign a non-disclosure agreement specifically covering personal data. Additionally, government agencies would be required to take "reasonable efforts" to secure multiple domain registrations to avoid confusing site visitors. For example, the bill envisions a site such as HealthCare.gov also being available at HealthCare.com and HealthCare.org.

"When entering their personal information on a federal website, Americans should have the peace of mind that it will remain private, safe, and secure from hackers," said the bill's sponsor, Michigan Republican Rep. Kerry Bentivolio.

The bill also includes an amendment from Rep. Gerry Connolly (D-Va.) that would require agencies to notify individuals whose information may have been disclosed in a security breach within 72 hours of the incident, and to report breaches to a federal cybersecurity center.

The committee also approved a bill to end the requirement that the Government Printing Office physically print the Federal Register, while easing constraints on how agencies submit notices to the GPO for inclusion in the Federal Register.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Featured

  • Cybersecurity
    CISA chief Chris Krebs disusses the future of the agency at Auburn University Aug. 22 2019

    Shared services and the future of CISA

    Chris Krebs, the head of the Cybersecurity and Infrastructure Security Agency at DHS, said that many federal agencies will be outsourcing cyber to a shared service provider in the future.

  • Telecom
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA softens line on looming EIS due date

    Think of the September deadline for agencies to award contracts under the General Services Administration's $50-billion telecommunications contract as a "yellow light," said GSA's telecom services director.

  • Defense
    Shutterstock photo id 669226093 By Gorodenkoff

    IC looks to stand up a new enterprise IT program office

    The intelligence community wants to stand up a new program executive office to help develop new IT capabilities.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.