Cybersecurity statutes (background)
In plain terms. Nebraska governs state IT through an Information Management Services Administrator and the Nebraska Information Technology Commission.
Who it applies to. State agencies and their IT vendors. The state participates in StateRAMP, its baseline for vetting cloud-service security.
What it requires. State law establishes the Information Management Services Administrator, protects confidential records, and gives the Nebraska Information Technology Commission its duties, including IT purchasing.
Why it matters. Vendors serving Nebraska operate under the Information Technology Commission's standards and IT-purchasing rules.
Citation. Neb. Rev. Stat. §§ 81-1117 (Information Management Services Administrator), 84-1211 (Confidential Records Protection), 86-516 (NITC Duties), and 86-520.01 (Information Technology Purchases).
Regulations & policies (background)
In plain terms. Nebraska sets security expectations through NITC standards.
Who it applies to. State agencies and their IT vendors.
What it requires. NITC standards on planning and project management and on data security define how agencies and their vendors protect state data.
Why it matters. Expect Nebraska's NITC data-security standard to shape your contract obligations.
Citation. Nebraska Information Technology Commission standards, Article 2 (Planning and Project Management) and Article 9 (Data Security).