Bill Splintering Oklahoma IT Would Counter National Trends

In 2011, Oklahoma’s elected leaders told state government to consolidate their IT operations under a single agency. Eight years later, the state has saved hundreds of millions of dollars.

But new legislation from the chair of the state Senate Appropriations Committee would open up a path for Oklahoma IT to decentralize again.

Senate Bill 227, which Sen. Roger Thompson filed Jan. 10, would make several big changes to state IT. It would:

• Allow state agencies to hire their own IT personnel
• Turn the Information Services Division, currently part of the Office of Management and Enterprise Services, into its own department
• Give the CIO authority over technology across all state agencies, but also give agency heads the right to decline technology services from the new IT department
• Direct the CIO to “develop and implement a plan to utilize open-source technology and products for the information technology and telecommunication systems of all state agencies”

Given the state’s long push toward centralization, the bill would literally be a step backward for Oklahoma.

But it would also be a step backward relative to the rest of the country. A recent analysis from the Center for Digital Government* showed that most states have moved toward centralized IT structures over time, hoping to achieve the same kind of cost savings states like Oklahoma have noted. In fact, between 2016 and 2018, 13 states moved in the direction of centralization. Only two moved away from it.



Speaking with Government Technology, Thompson said the idea for the bill came from problems the state’s prisons have experienced with IT services.

“I have been working on this for several years, and what we find is that whenever you send somebody out … they may not be familiar with corrections,” he said. “In some cases, they’re afraid to go behind the wall.”

Thompson said the fact that most states are moving toward centralization doesn’t change his mind; he said he’s seen documentation suggesting that state IT agencies could achieve their technology needs at a lower cost than what the IT division is currently billing them. Government Technology has requested that documentation from Thompson’s office.

Oklahoma statute requires IT bills to be set at the cost of providing the service or technology.

In a retrospective report published in 2017, OMES attributed $372 million in cost savings to the centralization effort and highlighted which projects contributed to that overall figure.

Oklahoma CIO Bo Reese has also pointed to centralization as a way to improve the state’s cybersecurity, since it allowed his agency to standardize practices across various government offices.

But one agency, the Oklahoma Securities Commission, has resisted centralization. And just six days after Thompson filed his bill, news broke that that agency had experienced a data breach. According to The Oklahoman, the agency unwittingly left three terabytes of sensitive information — including Social Security numbers, FBI investigation records, the names of AIDS patients and user passwords — unprotected on the Internet for about a week.

Though the bill specifies that agencies could decline services from the IT department, Thompson said that would not apply to cybersecurity.

“There’s still a need for centralization and security … but the agencies need to be more involved,” he said.

Unlike the issue of staff centralization, the question of whether states are promoting IT agencies to separate departments is murkier. A review of all 50 state organization charts by Government Technology showed that 23 states have individual IT departments and 27 have IT shops that were a part of some larger department.

Even if Thompson’s bill would be looking backward on centralization, the open-source component of the bill would be a modern move for state IT. Open source technology has had some big wins in the private technology market lately, with Microsoft and IBM paying billions of dollars to acquire prominent open source companies GitHub and Red Hat, respectively. Both companies provide hardware and software to the state and local government market.

State government has also started looking more directly at open source software. New Hampshire passed a law in 2012 requiring state agencies to consider open source software. Georgia has been using open source technology for years. And last month California’s Government Operations Agency launched a new effort to promote open source technology across the state.

Thompson said he included that provision in the bill in order because state agency officials have told him they want to use more commercial-off-the-shelf software rather than pursuing custom or internally built solutions.

“We are running six, seven months behind in building computer programs sometimes … but we could just outsource that,” he said.

The bill does not include a formal definition of the term “open source,” but Sen. Thompson said he would include one in the future.

A spokesperson for OMES declined to comment for this story.

SB 227 has not yet been through committee or gone through any votes.

*The Center for Digital Government is part of e.Republic, Government Technology's parent company.