Section 4-13.1-4-5 - [Effective 7/1/2025] Adoption of technology resources policy, cybersecurity policy, and training program Each public entity may adopt the following:
(1) A policy governing use of technology resources by the public entity's employees. The policy may: (A) prohibit an employee of the public entity from using the public entity's technology resources to: (i) engage in lobbying (as defined in IC 2-7-1-9) that is outside the scope of the employee's duties;(ii) engage in illegal activity; or(iii) violate the public entity's cybersecurity policy; and(B) include disciplinary procedures for violation of the technology resources policy.(2) A cybersecurity policy. If the public entity is:(A) a political subdivision or state educational institution, the policy may be based on standards and guidelines developed by the office;(B) a school corporation, the policy may be based on cybersecurity policy standards and guidelines developed by the office, in collaboration with the department of education; and(C) a state agency, the policy is developed by the office.(3) A training program regarding the public entity's technology resources policy adopted under subdivision (1) and cybersecurity policy adopted under subdivision (2), completion of which is mandatory for the public entity's employees.Added by P.L. 108-2024,SEC. 2, eff. 7/1/2025.