Information Security

Policy, Regulation and Law

The resources listed below shape the way we use technology securely in our daily duties; they create a framework from which we provide information services to the citizens of Kansas. These documents should be considered the minimum standard and any system, process, or application developed for delivery of these services must conform.


The goal of policy, in the context of Information Security and this Web site, is to create a minimum standard that must be met by all State Agencies and to also provide a minimum security standard for any other entity connecting/using KANWIN.

OITS Policies

State Policies

State Statutes

75-7201 Definitions; As used in K.S.A. 1998 Supp. 75-7201 through 75-7212.

75-7202 Information Technology Executive Council; membership and organization.

75-7203 Information Technology Executive Council; powers and duties.

75-4703 Rules and regulations concerning rates and charges; priorities for services, standards for data submission and security.

75-4704 Data processing services for state agencies; charges, collection and disposition

75-4705 Central processing of data by computer for all state agencies, exceptions; preparation of data for processing; support services; section inapplicable to state universities

75-4709 Telecommunications services of certain state agencies; extension to certain private, nonprofit agencies or governmental entities; records of services.

16-1601 Electronic Transactions

21-3755 Crimes and Punishments, Prohibited Conduct, Crimes Against Property, Computer Crime; computer password disclosure; computer trespass

21-4018 - Identity Theft/Fraud

50-7a01 and 50-7a02 Security Breach (disclosure)

Federal Law

15-1117 Trade-marks, Recovery for violation of rights

35-281 Patents, Remedy for infringement of patent

17-1101 Copyrights, Sound recordings and videos

26-7213 and 26-7213a IRS, Sanctions for unauthorized disclosure of Federal Tax Information

26-7431 IRS, Civil damages for unauthorized disclosure of Federal Tax Information

42-1320d-6 HIPAA, Wrongful disclosure of individually identifiable health information

18-2721 Release and use of personal information form State motor vehicle records

18-1030 Fraud and related activity in connection with computers