MISSISSIPPI LEGISLATURE
2026 Regular Session
To: State Affairs
By: Representative Zuber
AN ACT TO MODERNIZE PROCUREMENT AND DIGITAL SERVICES IN THE STATE OF MISSISSIPPI; TO CREATE THE PROCUREMENT MODERNIZATION ADVISORY COUNCIL; TO PROVIDE FOR THE ESTABLISHMENT OF A STATEWIDE CLOUD STORAGE CENTER FOR STATE AGENCIES; TO IMPLEMENT STRATEGIC INITIATIVES FOR DATA INTEGRATION, CYBERSECURITY AND TECHNOLOGICAL INFRASTRUCTURE DEVELOPMENT; TO AUTHORIZE THE MISSISSIPPI DEPARTMENT OF INFORMATION TECHNOLOGY SERVICES TO IMPLEMENT STATEWIDE DIGITAL SERVICES; TO AMEND SECTIONS 25-53-255 AND 25-53-259, MISSISSIPPI CODE OF 1972, TO CONFORM WITH THE PROVISIONS OF THIS ACT; TO BRING FORWARD SECTION 25-53-257, MISSISSIPPI CODE OF 1972, FOR THE PURPOSE OF POSSIBLE AMENDMENT; AND FOR RELATED PURPOSES.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MISSISSIPPI:
SECTION 1. This act shall be known and may be cited as the "Statewide Digital Services and Procurement Modernization Act."
SECTION 2. The purpose of this act is to:
(a) Facilitate the modernization of procurement processes across state government to ensure efficiency, transparency and cost effectiveness;
(b) Establish a centralized cloud storage center to standardize and secure state data management systems;
(c) Strengthen statewide cybersecurity measures;
(d) Promote integration of data systems across state, county and municipal government to enhance interoperability; and
(e) Improve technological infrastructure and digital services to advance the efficiency of government operations.
SECTION 3. (1) There is created the Procurement Modernization Advisory Council to assist and advise on the modernization of procurement processes across state government and oversee the implementation of statewide digital services and infrastructure improvements. The council shall collaborate with the Cloud Center of Excellence with regard to cloud services. The plan's progress shall be annually measured to ensure consistent alignment with the council's established goals and continuous improvement in efficiency, transparency and vendor accessibility.
(2) The council shall consist of the following nine (9) members:
(a) The Executive Director of the Mississippi Department of Information Technology Services, who shall serve as the council's chairperson;
(b) The Director of the Mississippi Artificial Intelligence Network (MAIN), or his or her designee;
(c) The Commissioner of Revenue, or his or her designee;
(d) The Director of the Cybercrimes Division of the Attorney General's Office, or his or her designee;
(e) The Executive Director of the Department of Finance and Administration, or his or her designee;
(f) A representative from the Mississippi Association of Supervisors with expertise in technology and data systems appointed by the Governor;
(g) A representative from the Mississippi Municipal League with expertise in procurement processes appointed by the Governor;
(h) A private-sector technology expert with experience in cybersecurity or cloud systems appointed by the Governor; and
(i) A representative from an accredited Mississippi research university with expertise in system programming or data management appointed by the Governor.
(3) The attendance of five (5) members shall constitute a quorum for the purpose of conducting official business of the council. Members shall serve without compensation, but are entitled to per diem and reimbursement for mileage and actual expenses for attending official council meetings, as provided in Sections 25-3-41 and 25-3-69. The chairperson shall call the first meeting within thirty (30) days of the effective date of this act.
(4) The council shall:
(a) Oversee the transition of state agencies to the centralized cloud storage center in collaboration with the Cloud Center of Excellence;
(b) Provide recommendations for procurement modernization, including electronic procurement systems;
(c) Develop a three-year strategic plan for cybersecurity improvements across state systems; and
(d) Ensure the integration of interoperable data systems for state, county and municipal governments.
SECTION 4. (1) The Mississippi Department of Information Technology Services (ITS) shall establish a centralized cloud storage center to serve as a unified platform for all state agencies. The system must adhere to best practices for scalability, security and reliability and shall be used by the Cloud Center of Excellence in its efforts to facilitate cloud adoption across state agencies and government authorities when possible.
(2) (a) All state agencies shall transition to the centralized cloud storage system by July 1, 2031. The provisions of this act shall not be construed to prohibit any state agency from partnering with a third party cloud provider to comply with the requirements of this act.
(b) ITS shall work with county and municipal governments to support their integration into the system within three (3) years of initial implementation, subject to readiness and available resources to support so doing.
(3) ITS shall establish a competitive process to select cloud service providers based on cost, security, reliability, scale and capacity. Nothing in this act shall mandate the selection of a specific service provider for cloud storage services.
SECTION 5. (1) The Mississippi Department of Information Technology Services shall:
(a) Establish and enforce cybersecurity standards for state agencies, ensuring compliance with federal regulations and best practices;
(b) Implement 24/7 monitoring of critical state systems;
(c) Conduct regular audits of agency compliance with cybersecurity protocols;
(d) Lead efforts to integrate data systems across state, county and municipal levels of government;
(e) Establish standardized data formats to ensure interoperability; and
(f) Develop secure data-sharing platforms to facilitate efficient communication between agencies.
(2) ITS shall establish a dedicated division for statewide digital services to all state agencies, with support systems for the integration of county and municipal political subdivisions. The division shall:
(a) Provide technical assistance to agencies during the transition to cloud services in collaboration with the Cloud Center of Excellence;
(b) Offer training programs for agency personnel to effectively use new systems; and
(c) Develop and maintain systems for electronic procurement and other modernized processes.
(3) ITS is authorized to employ personnel with expertise in cloud systems, cybersecurity and data integration.
(4) ITS shall provide annual progress reports to the Legislature no later than November 15 of each year on the implementation of the cloud storage center and modernization efforts, detailing:
(a) Progress on cloud storage implementation;
(b) Cybersecurity enhancements; and
(c) Cost savings achieved through procurement modernization.
SECTION 6. Section 25-53-255, Mississippi Code of 1972, is amended as follows:
25-53-255. (1) There is established within the Mississippi Department of Information Technology Services (ITS) a centralized Cloud Center of Excellence (CCOE) to facilitate cloud adoption across state agencies and governing authorities, enhance technological infrastructure, improve security and scalability, and streamline cloud migrations in a cost-effective and efficient manner.
(2) Using existing resources, ITS may review the process for the coordinated development, hosting and management of computer software for state agencies that use cloud computing services. The Cloud Center of Excellence (CCOE) shall:
(a) Develop and implement a statewide strategy for cloud adoption and management;
(b) Provide guidance, best practices, and governance frameworks to state agencies and governing authorities for the adoption and use of cloud services;
(c) Establish standardized processes for cloud migrations, resource optimization, and workload assessments;
(d) Enhance cybersecurity protocols and ensure compliance with state and federal security standards;
(e) Monitor and report on the scalability, cost efficiency, and performance of cloud infrastructure;
(f) Offer training and
support to agency personnel to promote cloud literacy and effective
utilization; * * *
(g) Coordinate with
state agencies and governing authorities to ensure a phased implementation
schedule as required by the provision of Section 25-53-257 * * *; and
(h) Assist in the transition of state agencies to the centralized cloud storage center in coordination with the Procurement Modernization Advisory Council and the division established in subsection (2) of Section 5 of this act.
SECTION 7. Section 25-53-259, Mississippi Code of 1972, is amended as follows:
25-53-259. (1) In addition
to the annual progress reports required under subsection (5) of Section 5 of
this act, not later than November 15 of each even-numbered year, ITS, using
existing resources, shall submit a report to the Governor, Lieutenant Governor
and Speaker, the Chairpersons of the House and Senate Committees on Technology
and of the House State Affairs Committee on the use of cloud computing service
options by state agencies and governing authorities, detailing the progress of
the implementation plan, challenges encountered, and recommendations for
improvement; however, the information required to be reported under this
section may be included in the report required under subsection (5) of Section
5 of this act rather than in a separate report. The report must include * * * cases that provided cost savings and other
benefits, including security enhancements. All state agencies and governing
authorities shall cooperate with ITS in the creation of the report by providing
timely and accurate information and any assistance required by the department.
SECTION 8. Section 25-53-257, Mississippi Code of 1972, is brought forward as follows:
25-53-257. (1) The Cloud Center of Excellence (CCOE) shall establish a two-year phased implementation plan, which shall accomplish the following benchmarks by July 1, 2027:
(a) Conduct statewide readiness assessments and develop detailed cloud migration plans for pilot agencies;
(b) Initiate pilot migrations for selected state agencies, establish key performance indicators (KPIs) and refine processes based on feedback;
(c) Expand cloud adoption to additional state agencies, focusing on optimizing resource utilization and ensuring adherence to best practices;
(d) Integrate governing authorities into the cloud ecosystem and provide support for local governments, postsecondary educational institutions and school districts; and
(e) Achieve full statewide adoption of cloud services, with ongoing monitoring, training, and optimization provided by the CCOE for all state agencies and governing authorities.
(2) During the implementation described in subsection (1), each state agency and governing authority integrated into the CCOE at that time shall consider:
(a) Cloud computing service options, including any security benefits and cost savings associated with purchasing those service options from a cloud computing service provider and from a statewide technology center established by the department, when making purchases; and
(b) Cloud computing service options and compatibility with cloud computing services in the development of new information technology software applications.
(3) (a) Except as provided by paragraph (b) of this subsection, a state agency or governing authority shall ensure, when making purchases for an automated information system, that the system is capable of being deployed and run on cloud computing services.
(b) When making a purchase for an automated information system, a state agency or governing authority may determine that, due to integration limitations with legacy systems, security risks or costs, the state agency or governing authority is unable to purchase a system capable of being deployed and run on cloud computing services.
(c) At least fourteen (14) days before the date a state agency or governing authority solicits bids, proposals, offers or other applicable expressions of interest for a purchase described by paragraph (b) of this subsection, the state agency or governing authority shall submit a report that describes the purchase and the agency's reasoning for making the purchase of an automated information system to the Mississippi Department of Information Technology Services (ITS).
(4) The department shall provide administrative support and oversight to the CCOE and ensure compliance with Sections 25-53-251 through 25-53-263.
(5) The department is authorized to:
(a) Enter into agreements with cloud service providers to facilitate cost-effective procurement of cloud solutions;
(b) Develop and enforce statewide cloud security and compliance standards;
(c) Establish funding mechanisms, including interagency agreements, to support the operations of the CCOE; and
(d) Promulgate rules and regulations necessary to carry out the provisions of Sections 25-53-251 through 25-53-263.
SECTION 9. This act shall take effect and be in force from and after July 1, 2026.