Ask AI
Bill114th CongressFiled Jul 29, 2015Emergency Management
H.R. 3361

Department of Homeland Security Insider Threat and Mitigation Act of 2016

Bill journey · stage 2 of 5

Under committee review

Filed
Comm.
Floor
Both
Law

What it doesSummary reported to senate with amendment(s) (Jul 12, 2016)

Department of Homeland Security Insider Threat and Mitigation Act of 2016

(Sec. 2) This bill amends the Homeland Security Act of 2002 (HSA) to direct the Department of Homeland Security (DHS) to establish an Insider Threat Program, which shall: (1) provide training and education for DHS employees to identify, prevent, mitigate, and respond to insider threat risks to DHS's critical assets; (2) provide investigative support regarding such threats; and (3) conduct risk mitigation activities for such threats.

DHS shall establish a Steering Committee. The Under Secretary for Intelligence and Analysis, who shall serve as the Chair of the Committee, and the Chief Security Officer, who shall serve as the Vice Chair, shall, in coordination with the Committee:

  • develop a holistic strategy for DHS-wide efforts to identify, prevent, mitigate, and respond to insider threats to DHS's critical assets;
  • develop a plan to implement the strategy across DHS components and offices;
  • document insider threat policies and controls;
  • conduct a baseline risk assessment of such threats;
  • examine programmatic and technology best practices adopted by the federal government, industry, and research institutions;
  • develop a timeline for deploying workplace monitoring technologies, employee awareness campaigns, and education and training programs related to potential insider threats;
  • consult with the the Under Secretary for Science and Technology and other stakeholders to ensure that the program is informed by current information regarding threats, best practices, and available technology; and
  • develop, collect, and report metrics on the effectiveness of DHS's insider threat mitigation efforts.

An agency employing a person who has access to classified national security information (insider employee) shall propose: (1) removing such employee whom an appropriate entity determines knowingly or recklessly engaged in insider misconduct, and (2) taking an adverse action of at least a 12-day suspension of such employee for the first instance of negligently engaging in insider misconduct and removal for any subsequent instance.

An insider employee who is notified that he or she is the subject of a proposed adverse action is entitled to 14 days to answer and furnish evidence in support of such answer. If such employee does not furnish such evidence or if the agency determines that such evidence is not sufficient for reversal, such agency shall carry out the adverse action. An agency that carries out an adverse action against an insider employee for insider misconduct under another provision of law may carry out an additional adverse action under the Insider Threat Program based on the same insider misconduct.

DHS must submit to specified congressional committees a biennial report on:

  • how DHS and its components and offices have implemented such strategy,
  • the status of DHS's risk assessment of critical assets,
  • the types of insider threat training conducted,
  • the number of DHS employees who have received such training, and
  • information on the effectiveness of the Insider Threat Program.

The Steering Committee shall not seek to, and the authorities provided under this bill shall not be used to, deter, detect, or mitigate disclosures of information by government employees or contractors that are lawful under and protected by any whistleblower statute, regulation, or policy. Any activity carried out under the bill shall be subject to provisions of the Whistleblower Protection Enhancement Act of 2012, and any activity to implement or enforce any insider threat or authority of this bill or Executive Order 13587 shall include a statement required by such Act that preserves rights under whistleblower laws and provisions protecting communications with Congress.

What just happenedJul 12, 2016

Placed on Senate Legislative Calendar under General Orders. Calendar No. 553.

Who’s behind it

Rep. King, Peter T. [R-NY-2](R-NY)Sponsor
5 cosponsors1 D4 R
Read on Congress.gov
5cosponsors2committees22actions13subjects
  1. Jul 12, 2016Calendars

    Placed on Senate Legislative Calendar under General Orders. Calendar No. 553.

  2. Jul 12, 2016Committee

    Committee on Homeland Security and Governmental Affairs. Reported by Senator Johnson with an amendment in the nature of a substitute. With written report No. 114-297.

    Homeland Security and Governmental Affairs Committee
  3. Jul 12, 2016Committee14000

    Committee on Homeland Security and Governmental Affairs. Reported by Senator Johnson with an amendment in the nature of a substitute. With written report No. 114-297.

    Homeland Security and Governmental Affairs Committee
  4. Feb 10, 2016Committee

    Committee on Homeland Security and Governmental Affairs. Ordered to be reported with an amendment in the nature of a substitute favorably.

    Homeland Security and Governmental Affairs Committee
  5. Nov 3, 2015IntroReferral

    Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.

    Homeland Security and Governmental Affairs Committee
  6. Nov 2, 2015FloorH38310

    Motion to reconsider laid on the table Agreed to without objection.

  7. Nov 2, 2015FloorH37300

    On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote. (text: CR H7351-7352)

  8. Nov 2, 2015Floor8000

    Passed/agreed to in House: On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote.(text: CR H7351-7352)

  9. Nov 2, 2015FloorH8D000

    DEBATE - The House proceeded with forty minutes of debate on H.R. 3361.

  10. Nov 2, 2015FloorH30000

    Considered under suspension of the rules. (consideration: CR H7351-7353)

  11. Nov 2, 2015FloorH30300

    Mr. King (NY) moved to suspend the rules and pass the bill, as amended.

  12. Nov 2, 2015CalendarsH12410

    Placed on the Union Calendar, Calendar No. 244.

  13. Nov 2, 2015CommitteeH12200

    Reported (Amended) by the Committee on Homeland Security. H. Rept. 114-321.

    Homeland Security Committee
  14. Nov 2, 2015Committee5000

    Reported (Amended) by the Committee on Homeland Security. H. Rept. 114-321.

    Homeland Security Committee
  15. Sep 30, 2015Committee

    Ordered to be Reported (Amended) by Voice Vote.

    Homeland Security Committee
  16. Sep 30, 2015Committee

    Committee Consideration and Mark-up Session Held.

    Homeland Security Committee
  17. Sep 17, 2015Committee

    Forwarded by Subcommittee to Full Committee (Amended) by Voice Vote .

    Counterterrorism, Law Enforcement, and Intelligence Subcommittee
  18. Sep 17, 2015Committee

    Subcommittee Consideration and Mark-up Session Held.

    Counterterrorism, Law Enforcement, and Intelligence Subcommittee
  19. Aug 11, 2015Committee

    Referred to the Subcommittee on Counterterrorism and Intelligence.

    Counterterrorism, Law Enforcement, and Intelligence Subcommittee
  20. Jul 29, 2015IntroReferralH11100

    Referred to the House Committee on Homeland Security.

    Homeland Security Committee
  21. Jul 29, 2015IntroReferralIntro-H

    Introduced in House

  22. Jul 29, 2015IntroReferral1000

    Introduced in House

Reported to Senate with amendment(s)Jul 12, 20161

Department of Homeland Security Insider Threat and Mitigation Act of 2016

(Sec. 2) This bill amends the Homeland Security Act of 2002 (HSA) to direct the Department of Homeland Security (DHS) to establish an Insider Threat Program, which shall: (1) provide training and education for DHS employees to identify, prevent, mitigate, and respond to insider threat risks to DHS's critical assets; (2) provide investigative support regarding such threats; and (3) conduct risk mitigation activities for such threats.

DHS shall establish a Steering Committee. The Under Secretary for Intelligence and Analysis, who shall serve as the Chair of the Committee, and the Chief Security Officer, who shall serve as the Vice Chair, shall, in coordination with the Committee:

  • develop a holistic strategy for DHS-wide efforts to identify, prevent, mitigate, and respond to insider threats to DHS's critical assets;
  • develop a plan to implement the strategy across DHS components and offices;
  • document insider threat policies and controls;
  • conduct a baseline risk assessment of such threats;
  • examine programmatic and technology best practices adopted by the federal government, industry, and research institutions;
  • develop a timeline for deploying workplace monitoring technologies, employee awareness campaigns, and education and training programs related to potential insider threats;
  • consult with the the Under Secretary for Science and Technology and other stakeholders to ensure that the program is informed by current information regarding threats, best practices, and available technology; and
  • develop, collect, and report metrics on the effectiveness of DHS's insider threat mitigation efforts.

An agency employing a person who has access to classified national security information (insider employee) shall propose: (1) removing such employee whom an appropriate entity determines knowingly or recklessly engaged in insider misconduct, and (2) taking an adverse action of at least a 12-day suspension of such employee for the first instance of negligently engaging in insider misconduct and removal for any subsequent instance.

An insider employee who is notified that he or she is the subject of a proposed adverse action is entitled to 14 days to answer and furnish evidence in support of such answer. If such employee does not furnish such evidence or if the agency determines that such evidence is not sufficient for reversal, such agency shall carry out the adverse action. An agency that carries out an adverse action against an insider employee for insider misconduct under another provision of law may carry out an additional adverse action under the Insider Threat Program based on the same insider misconduct.

DHS must submit to specified congressional committees a biennial report on:

  • how DHS and its components and offices have implemented such strategy,
  • the status of DHS's risk assessment of critical assets,
  • the types of insider threat training conducted,
  • the number of DHS employees who have received such training, and
  • information on the effectiveness of the Insider Threat Program.

The Steering Committee shall not seek to, and the authorities provided under this bill shall not be used to, deter, detect, or mitigate disclosures of information by government employees or contractors that are lawful under and protected by any whistleblower statute, regulation, or policy. Any activity carried out under the bill shall be subject to provisions of the Whistleblower Protection Enhancement Act of 2012, and any activity to implement or enforce any insider threat or authority of this bill or Executive Order 13587 shall include a statement required by such Act that preserves rights under whistleblower laws and provisions protecting communications with Congress.

Passed House amendedNov 2, 201536

Department of Homeland Security Insider Threat and Mitigation Act of 2015

(Sec. 2) This bill amends the Homeland Security Act of 2002 to direct the Department of Homeland Security (DHS) to establish an Insider Threat Program, which shall: (1) provide training and education for DHS personnel to identify, prevent, mitigate, and respond to insider threat risks to DHS's critical assets; (2) provide investigative support regarding such threats; and (3) conduct risk mitigation activities for such threats.

DHS shall establish a Steering Committee. The Under Secretary for Intelligence and Analysis shall serve as the Chair and the Chief Security Officer as the Vice Chair of the Committee.

The Under Secretary and the Chief Security Officer, in coordination with the Steering Committee, shall:

  • develop a holistic strategy for DHS-wide efforts to identify, prevent, mitigate, and respond to insider threats to DHS's critical assets;
  • develop a plan to implement the strategy across DHS components and offices;
  • document insider threat policies and controls;
  • conduct a baseline risk assessment of such threats;
  • examine existing programmatic and technology best practices adopted by the federal government, industry, and research institutions;
  • develop a timeline for deploying workplace monitoring technologies, employee awareness campaigns, and education and training programs related to potential insider threats;
  • consult with the the Under Secretary for Science and Technology and other stakeholders to ensure that the Insider Threat Program is informed by current information regarding threats, best practices, and available technology; and
  • develop, collect, and report metrics on the effectiveness of DHS's insider threat mitigation efforts.

DHS must submit to specified congressional committees biennial reports over the next six years on:

  • how DHS and its components and offices have implemented such strategy;
  • the status of DHS's risk assessment of critical assets;
  • the types of insider threat training conducted;
  • the number of DHS employees who have received such training; and
  • information on the effectiveness of the Insider Threat Program, based on such metrics.
Introduced in HouseJul 29, 2015

Department of Homeland Security Insider Threat and Mitigation Act of 2015

This bill amends the Homeland Security Act of 2002 to direct the Department of Homeland Security (DHS) to establish an Insider Threat Program, which shall: (1) provide training and education for DHS personnel to identify, prevent, mitigate, and respond to insider threat risks to DHS's critical assets; (2) provide investigative support regarding such threats; and (3) conduct risk mitigation activities for such threats.

DHS shall establish a Steering Committee. The Under Secretary for Intelligence and Analysis shall serve as the Chair and the Chief Security Officer as the Vice Chair of the Committee.

The Under Secretary and the Chief Security Officer, in coordination with the Steering Committee, shall:

  • develop a holistic strategy for DHS-wide efforts to identify, prevent, mitigate, and respond to insider threats to DHS's critical assets;
  • develop a plan to implement the strategy across DHS components and offices;
  • document insider threat policies and controls;
  • conduct a baseline risk assessment of such threats;
  • examine existing programmatic and technology best practices adopted by the federal government, industry, and research institutions;
  • develop a timeline for deploying workplace monitoring technologies, employee awareness campaigns, and education and training programs related to potential insider threats;
  • consult with the the Under Secretary for Science and Technology and other stakeholders to ensure that the Insider Threat Program is informed by current information regarding threats, best practices, and available technology; and
  • develop, collect, and report metrics on the effectiveness of DHS's insider threat mitigation efforts.
Department of Homeland Security Insider Threat and Mitigation Act of 2016 — Informed