Call to Order and Roll Call
The fifth meeting of the Budget Review Subcommittee on General Government, Finance, and Public Protection of the Interim Joint Committee on Appropriations and Revenue was held on Monday, November 16, 2015, at 10:00 AM, in Room 149 of the Capitol Annex. Representative Rita Smart, Chair, called the meeting to order, and the secretary called the roll.
Present were:
Members: Senator Danny Carroll, Co-Chair; Representative Rita Smart, Co-Chair; Senator Dennis Parrett; Representatives Adam Koenig, Tom McKee, Brad Montell, and Tom Riner.
Guests: Marcella Wright, Director, Division of Data Management Services, Commonwealth Office of Technology and James Fowler, Chief Information Officer, Commonwealth Office of Technology.
LRC Staff: Joe Lancaster, Frank Willey, Katie Comstock, Ray Griffith, Stephanie Rich, and Jennifer Beeler.
Data Accuracy
Ms. Wright provided an overview of Kentucky Data Accuracy Initiatives within the Commonwealth Office of Technology (COT).
In response to questions from Representative McKee, Ms. Wright said some agency forms do not require the use of an individual Social Security number, even though if used more accurate data would result. Mr. Fowler added that businesses will be using a unique identification number by 2018. Ms. Wright said businesses using the Kentucky One Stop Portal will be identified by that number.
In response to questions from Representative Riner, Ms. Wright said a unique citizen identifier has been and continues to be discussed, with the possibility of the drivers’ license number or some other identifier rather than the Social Security number. Mr. Fowler said the system was constructed with that capability, but that evolution is three to five years away.
In response to a question from Senator Parrett, Ms. Wright said the system would be able to accommodate either the federal or state number.
In response to a question from Representative Koenig, Ms. Wright said the data is very secure within the current systems. Mr. Fowler said that most of the newer systems include encryption to eliminate security breaches. He said the data populating each information silo broadens the attack surface, but once master record consolidation occurs, the data can be protected with state of the art security tools.
In response to questions from Chair Smart, Mr. Fowler said COT subscribes to the National Institute for Cyber Security Standards, which requires annual compliance evaluation and rating. He said cyber security funding is sufficient, adding that cyber insurance is retained for data compromise events.
In response to a question from Representative Riner, Ms. Wright said each citizen must determine the address they use for security purposes when data is entered, such as a business rather than a home address.
Mobile Application Governance
Mr. Fowler provided an overview of Program Specific Mobile Applications and how mobile technology affects our world.
There being no further business before the subcommittee, the meeting was adjourned at 10:56 AM.