Bill requires CIOs to sign-off on website security before launch

Federal websites will have to become more secure if Congress gets its way.

Under a bill recently passed by the House, any new federal websites that collect personally identifiable information will need to be deemed secure by the agency’s chief information officer before they go live to the public.

Personally identifiable information includes social security numbers, dates and places of birth, a mother’s maiden name, and biometric records. It also includes such things as medical, educational, financial and employment records.

In the event of a breach, agencies would be forced to notify individuals within 72 hours that their personal info might have been compromised. The Safe and Secure Federal Websites Act also sets up specific reporting requirements for agencies to adhere to when attacks occur.