New Baker bill creates Cabinet position for technology

Citing security, privacy and economic considerations, Gov. Charlie Baker is proposing the creation of a new secretariat in his administration to oversee information technology services and security.

Under legislation Baker’s office announced Thursday, the existing Massachusetts Office of Information Technology (MassIT) would be re-established as the Executive Office of Technology Services and Security, led by a new secretary of technology.

“The pace of technology innovation is accelerating, led by many of the world-class IT and cybersecurity organizations that call Massachusetts home,” Baker said in a statement. “To better serve our constituents and secure their information, we are pleased to file legislation elevating the mission of MassIT and streamlining the digital platforms and services state government provides.”

The bill marks the second time in the past two years Baker has sought to elevate the status of the technology office.

In March 2016, Baker established a new MassIT executive director post, reporting directly to him. Mark Nunnelly, formerly the commissioner of revenue and Baker’s special advisor for technology and innovation competitiveness, began serving in the role on April 4, 2016.

A Baker spokesman on Thursday did not answer when asked if the administration had Nunnelly in mind to serve as the new Cabinet secretary for technology and said Nunnelly was not available for an interview.

Nunnelly said in a press release that the proposed secretariat will make state government more secure and efficient through “an enterprise approach to our technology architecture and procurement.”

The last time a new Cabinet secretary was established was in 2008, when Gov. Deval Patrick created the Executive Office of Education.

Baker filed the bill under Article 87 of the state Constitution, which authorizes the reorganization of executive branch agencies. Such bills are handled under special processes and require a legislative hearing within 30 days of being filed, a committee vote within 10 days of the hearing, and an up-or-down vote from the Legislature, without amendment, within 60 days or the action takes effect.

The bill will likely be reviewed by the State Administration and Regulatory Oversight Committee, which is co-chaired by Rep. Peter Kocot of Northampton and Sen. Walter Timilty of Milton.

Baker wrote in his bill that ensuring data security and privacy “requires a commonwealth-wide strategy, first class talent, best in class technologies and a modern, dynamic organizational structure.”

The new secretariat, according to Baker’s office, would “centralize IT infrastructure service across the executive department and review and update policies and procedures governing state cybersecurity, digital platforms and data management.”

Among the powers the bill lays out for the new secretary are the abilities to require as needed the “consolidation of IT functions into a centralized service delivery model“; to oversee business relationships between state agencies and private-sector IT providers; review IT budget requests and spending priorities of state agencies; and establish special requirements for IT service vendors to state agencies.

The secretary would also be tasked with appointing an enterprise chief information security officer to advise the office on “preventing data loss and fraud and protecting privacy.” The secretary would also be able to appoint a chief data officer, a chief privacy officer and a chief digital officer.

Each other Cabinet secretary would be required to appoint a “secretariat