WeVote

Bill

Bill

SB 1542

DOIT-POWERS AND DUTIES

104th Regular Session Introduced by Ram Villivalam

DOIT gains broader authority to provide and charge for centralized IT services across state agencies, expands local cybersecurity coordination, and updates IT structures.

Referred to Assignments
0
WeVote Research Nonpartisan
Bill Summary · SB 1542

SB 1542 — DOIT: Powers and Duties (summary)

Status: Enacted as Public Act 25‑163 (2025) — Amends the Department of Innovation and Technology Act and related information‑security law.

Purpose / Intent

The bill updates and reorganizes the statutory structure governing the Illinois Department of Innovation and Technology (DOIT). It (1) revises defined terms and the list of agencies whose IT functions were transferred to DOIT, (2) broadens DOIT’s statutory authority over the scope and recipients of technology services, (3) authorizes DOIT to charge fees to more state entities, and (4) relocates and expands certain local cybersecurity‑coordination duties into the Illinois Information Security Improvement Act.

Key provisions

  • Definitions and terminology

    • Repeals the defined term “client agency” and replaces references to “transferring agency” with “transferred agency.”
    • Revises definitions such as “dedicated unit,” “State agency,” and “information technology” to reflect current practice and scope.
  • Transfers and scope of DOIT authority

    • Confirms that the powers, duties, personnel, records, contracts, appropriations, and other assets related to transferred information‑technology functions are vested in DOIT.
    • Updates or restates the statutory list of agencies whose IT functions were transferred (examples include Departments of Aging, Corrections, Revenue, Transportation, Illinois State Police, Capital Development Board, Environmental Protection Agency, and others).
  • Fees for services

    • Authorizes DOIT to charge fees for technology services to all State agencies under the Governor’s jurisdiction (broadening fee authority beyond the former “client agencies” construct).
  • Cybersecurity coordination and local contacts

    • Moves a provisioning requirement from the DOIT Act into the Illinois Information Security Improvement Act requiring principal executive officers of specified units of local government to designate a local official/employee as the primary point of contact for local cybersecurity issues.
    • Requires those local contact names and information be provided to the Statewide Chief Information Security Officer (Statewide CISO).
  • Duties of CISO and Secretary

    • Modifies duties and responsibilities of the Office of the Statewide CISO and the Secretary of Innovation and Technology (specific duties updated in statute text).

Who is affected

  • State entities: DOIT; the numerous state agencies whose IT functions are transferred or administered by DOIT; and all state agencies under the Governor (now explicitly subject to DOIT fee schedules).
  • Local governments: specified units of local government (required to designate cybersecurity points of contact).
  • State employees and vendor/contract relationships: transfers of personnel, contracts, appropriations, records, and IT assets are confirmed to be within DOIT.

Procedural / timeline notes

  • The bill amends multiple sections of the Department of Innovation and Technology Act (20 ILCS 1370) and adds/relocates provisions into the Illinois Information Security Improvement Act.
  • Legislative history in the file shows passage through both chambers and enactment as Public Act 25‑163 in 2025.

Potential impacts / considerations

  • Centralizes and modernizes statutory authority for state IT functions and fees, potentially increasing DOIT’s operational and financial control over statewide IT services.
  • Broadening fee authority may affect agency budgets (fees for centralized services).
  • Requiring local cybersecurity contacts may improve state‑local coordination but imposes an administrative compliance step on designated local governments.
  • Changes to definitions and duties clarify statutory footing for DOIT operations, but may require rulemaking or internal policy changes to implement specific service models, fee structures, and CISO responsibilities.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.