The top performers in this year’s biennial Digital States Survey, presented by the Center for Digital Government (CDG),* stood out in two respects.
First, they showed a commitment to technology-driven government prior to the pandemic. Then, when COVID-19 introduced a range of new and urgent needs, they demonstrated the ability to shift on the fly. Despite the challenges, 10 states were actually able to raise their grades, “which means they are continuing to make progress, even in the current environment,” said CDG Executive Director Teri Takai.
She also noted that:
- States showed a continued commitment to using data in support of government efforts. “We are seeing states continue to create a chief data officer role, or to have another individual who works to organize their data. More states are really getting into using the data, trying to understand how to put that data to work,” Takai said.
- There’s an increased focus on citizen-centric service. “We are seeing lots of new applications, greater uses of artificial intelligence, all with an eye toward greater citizen service,” she explained.
- States continue the push to the cloud. “There is a steady move in that direction, with a dramatic change in attitude as a result of the pandemic,” she said. “Folks are moving much more quickly. They recognize the value of the cloud and a lot of the early concerns have been put aside because they just needed the capacity.”
“I am incredibly impressed with the CIOs and with their staffs. They did what it took to get their states to remote work, to stand up citizen services,” Takai said. “They cut down some of the bureaucratic barriers that had plagued government. They tried things that they had not tried before, and they were successful in making those moves.”
As a result, the past two years have seen state IT organization grow in status and influence as drivers of better government. “They have had more interactions with the governors and with key members in the executive branch than they ever had before,” Takai said. “The value of technology has now become quite obvious all across government. People see that technology is important, and they’ve seen the technology organization stand up when it counted.”
Utah
Before COVID-19 took center stage, Utah CTO Dave Fletcher was aggressively pursuing a path to cloud.“Some of our most important work includes our ongoing migration to cloud computing,” he said. In March 2019, the Legislature announced a plan to tear down the Utah State Office building and adjoining state data center. As a result, “we have had a goal to move 40 percent of our portfolio to the cloud.”
To make that shift, Fletcher’s office has coordinated closely with cloud providers including Amazon Web Services (AWS) and Google to ensure a smooth transition that would also support rigorous cybersecurity. “Our close cooperation with the cloud providers has been an important element,” he said. “We had a cloud strategy since 2009, so it is not new to us. We are just picking up the pace a bit.”
The IT team has also worked hand in glove with state agencies to orchestrate the move. “Some things are easier to move to the cloud, and with some things we need to do rewrites,” Fletcher said. “We wanted to identify the parts of the portfolio that we could move most effectively.”
When COVID-19 came on the scene, the IT team continued pushing toward the cloud, but with a somewhat altered focus.
“We already had a significant remote workplace initiative that was underway in 2018 and 2019, we had done a lot of testing and preparation work,” he said. “So really it was a matter of ensuring that we had secure connections and the right support model to be able to support remote workers, making sure we could do most of our support remotely rather than hands on.”
IT support needed the ability to remotely address a range of potential problems that might arise among a suddenly virtual workforce. “If people have problems with their machines, we want to be able to replace them quickly or be able to help them to continue working,” Fletcher said. “We also expanded our VPN capacity to ensure that those who work in regulated agencies, where they are managing personal information and regulated information, to ensure that data wasn’t being stored on personal machines.”
The statewide IT team of about 730 people has leveraged communications to keep its efforts on track through the pandemic. “We have a pretty trust-digital workplace,” he said. “If anything, it has become more collaborative. I have digital meetings scheduled all day. We have a collaborative management environment where our developers can work together on system projects. We have chats going on all the time.”
Looking ahead, the IT team is seeking to leverage an AI center of excellence that was stood up in 2019. “We have spent a lot of time sharing uses cases and we’ve had a lot of different projects related to AI, with 12 separate initiatives, everything from a statewide chatbot framework to a big project in connected autonomous vehicles,” he said.
Georgia
Georgia’s pre-pandemic effort to bolster cybersecurity paid off in a big way in support of the rapid and unexpected rise of remote working. “We’ve had tremendous support for the governor’s office for some enterprise-wide initiatives,” said CIO Calvin Rhodes.“We’ve done enterprise-wide IT security training for 140,000 people in response to an executive order. Just based on past experience we had seen the importance of this — securing the person as well as the perimeter,” he said. “This started before remote work, but it set a good precedent for us as we responded to COVID-19.”
Those efforts come in tandem with the 2018 opening of the Georgia Cyber Center, another indication of the state’s commitment to digital security.
“It’s an over $100 million investment by the state, in partnership with the private sector,” he said. After its initial launch the center expanded and now covers some 330,000 square feet. “It’s the first time we’ve had a Georgia cybercrime unit, it includes a cyber-range for hands-on training of our teams, and it’s also available for cities and counties around the state.”
At the same time, Rhodes’ team has been working to consolidate and coordinate state agencies’ virtual presence. Digital Services Georgia, a division of the Georgia Technology Authority, operates a state portal that now hosts 79 agency websites.
An open source platform on the Amazon cloud, the portal ensures everyone gets uniform services including accessibility as well as responsive design in support of mobile users. Implemented in 2012, it has grown from 40 to 70 agencies, and has proven especially helpful in supporting pandemic-related needs.
A state COVID-19 dashboard on the platform has drawn a nonstop flood of visitors, with cloud scalability enabling the portal to support millions of hits a day, especially from citizens seeking information on health and labor issues.
Rhodes’ team has also recently implemented a new analytics tool to enable all agencies to track their sites. “That’s another big benefit of being in the cloud,” he said. “We can see if we are driving traffic and the agencies can see things like bounce rates and time on site, which tells the agencies whether people are finding what they are looking for. Then they can design their site architectures to be more responsive.”
The IT team also rose to the challenge of standing up a mobile workforce this spring. “We had people who had never worked remote, so there was a hardware component, buying new laptops. We have an automatic refresh cycle and we were able to divert assets from that to get those into the people who needed to work from home,” he said. “We’ve also modified the VPN to support a level of capacity that we had never initially envisioned.”
Also on the COVID-19 front, the IT team has ramped up call center capacity. “We’ve contracted for 11,000 [calls] a month and we’ve been seeing 25,000 to 30,000 calls, so we have public-private agreements with our service providers where they can resolve the issue, and if they can’t fix it they can roll a truck to fix the problem. That has proven really helpful in closing that gap,” he said.
Arizona
Arizona’s aggressive investments in the cloud helped to carry the day when COVID-19 struck.“The single largest transformational initiative for the past few years has been in relation to our cloud-first initiative and cloud migration,” said CIO J.R. Sloan.
“We identified 90 ‘data centers,’ everything from formal climate-controlled rooms to people who had deployed servers in closets or under their desks,” he said. “We then looked to consolidate that footprint into one of two major locations. The state had decided to vacate the primary data center, which we did at the end of 2018, and we established a new presence in a Tier 1 facility in Phoenix.”
Primary mainframe operations and many workloads were moved to the cloud. For those systems that weren’t ready to make the leap, Sloan’s team set up a shared hosted data center where agencies could centralize their technology. “As a result, we closed 75 on-premise data center facilities over the past year, which exceeded what we thought we could get done,” he said.
The state has simultaneously been leveraging that cloud capacity to roll out G Suite for common email, calendar and collaboration among 90 different agencies with over 40,000 mailboxes, effectively eliminating some 30 different, disconnected email systems.
When COVID-19 arrived, “this put all the tools in front of us to speed the transition to telework,” Sloan said. “Everyone had cloud-based tools for collaboration and virtual meetings. Moving quickly on cloud technologies really positioned us well for that transition.”
In moving to a single cloud-based collaboration platform, he said, the state has saved over $750,000 by removing duplicative collaborative tools.
The cloud investment also helped support citizen services in the midst of the pandemic.
“The cloud technology helped those agencies that were hit hard by the pandemic, for example with unemployment insurance and the call volumes that were coming in there,” he said. “With cloud technologies, we were able to go from a volume of 15,000 applicants to over 2 million applicants. We also stood up additional cloud-based contact center tech to help us deal with the tremendous spike in call volume, at a time when we had over 800 calls per second arriving into the state’s call center systems.”
In addition to expanding the capacity, cloud enabled the IT team to implement tools that could directly relieve some of that rapidly expanded workload. “The cloud helped us to play informative messages and to direct people to resources. We were using chatbots and artificial intelligence while we got the human operators trained up and ready to assist those callers,” Sloan said.
Behind this all lay an aggressive effort to develop enterprise-level controls to cybersecurity. Launched pre-COVID, this too has helped the IT team to navigate the pandemic.
“We have a governance process and we’ve included representation from all agencies to review the controls and to advise on best processes, with standards around how we execute the various security controls,” he said. “When COVID hit, we had the relationships and the organizational infrastructure in place to facilitate communication in order to be able to respond rapidly.”
Rhode Island
Rhode Island scored low — a C rating — in the last Digital States Survey. Three years into his tenure as CIO, Bijay Kumar has turned things around.“The biggest thing was the cultural shift. We went from being reactive to being proactive,” he said.
Kumar made it a priority to recruit top IT talent and to put strong governance in place. These moves enabled him to ramp up cloud adoption, which in turn has helped to carry the state through the pandemic.
“We were heavily virtualized, but we were not on the cloud, and we have moved quite a bit on that. Today we use Amazon and some of the other providers, and we completely implemented Office 365 on the cloud, which was huge from a productivity perspective,” he said. “We did that before COVID, and now it ensures that we can be anywhere in the world and can still work on our core systems.”
The Department of Labor and Training, unemployment systems, pieces of health and human services — “all of that is on the cloud now,” he said. “We’ve also moved much of our data warehouse to the cloud.”
In the midst of the pandemic, Kumar has leveraged that cloud capacity to support a location tracking application for citizens. “Users can track their own location on their phone and can report their health,” he said. “If they contract COVID, they can use it to find out where they have been, who they have been in contact with.”
The state has also utilized Salesforce in its COVID-19 response. “We did a lot of cutting-edge work with that with case investigations, contact tracing, isolation monitoring. Now with the schools being open we are working on using that in support of education in terms of rapid testing and contact tracing,” he said.
Cloud-based applications likewise have helped Rhode Island to stand up a remote workforce. “We are using cloud for document sharing and collaboration. More importantly, we had the right leadership in place to be able to move quickly to provide those solutions,” Kumar said.
Going forward, Kumar has a number of other digital initiatives in the works. He’s working to modernize legal case management and procurement systems and the permitting process in the Department of Environmental Management. That department already has seen a shift from 20 percent online forms to 60 percent, and the effort continues.
The IT team also is working to move an on-premise ERP system into the cloud. “It’s more secure, it’s more supportable,” Kumar said. “Instead of focusing on doing upgrades, the team can focus on business enablement, while things like security and enhancements are taken care of in the cloud.”
Solid governance has helped Rhode Island to turn the corner on digitization, paired with a keen focus on the human element that ultimately drives technology. “The biggest thing is to do a quick and thorough assessment of people, processes and technology tools,” Kumar said. “We did that, and then we made sure we had the right people and the right competencies in order to execute on our strategies. Addressing the people piece of it, the team, is extremely important.”
*The Center for Digital Government is part of e.Republic, Government Technology's parent company.
[slideshow-break]
C+ States
Nevada2020 Grade: C+
2018 Grade: C+
CIO: Alan Cunningham
While Nevada IT has faced obstacles including the absence of a permanent CIO from September 2019 to August 2020, and of course the impacts of the COVID-19 pandemic, technology in the Silver State has found places to move forward and improve outcomes for citizens and staff alike. A major focus has been ensuring state websites comply with Americans with Disabilities Act (ADA) regulations, making digital services and publicly available data accessible to all Nevadans. February 2019 saw the launch of the State of Nevada Portal to provide improved, mobile-friendly access to state agency websites. Currently in progress is a special legislative session to work on improving data transparency in health and public safety.
In December 2019, Nevada’s Enterprise Information Technology Services (EITS) worked with the Secretary of State's Office and the Department of Motor Vehicles to stand up automatic voter registration and same-day voter registration when a citizen applies for a driver’s license or ID card. The project involved overcoming issues around rural connectivity and networking security. Nevada also upgraded its security operations center and requires all state employees to complete security awareness training annually via the KnowB4 platform. Beginning in 2018, the state deployed a mobile app using DUO Security with multifactor authentication for VPN access; while the system rolled out initially to just 450 users, the solution has since been deployed to more than 9,000 state workers to facilitate telework in the face of the pandemic. To shore up resiliency, the state has updated its state network using the SWITCH superloop from the primary state computing facility to offsite data centers.
Wyoming
2020 Grade: C+
2018 Grade: C+
CIO: Gordon Knopp
For the last two rounds of the Digital State Survey, Wyoming has maintained its C+ grade — up from a solid C in 2016. This year, the state is looking ahead toward the upcoming budgetary shortfall created by the COVID-19 pandemic for efficiencies in government. IT will certainly play a part in that effort. When it comes to putting technology to work for the good of the state and its citizens, efforts like the June 2019 replacement of the Wyoming Unemployment Insurance COBOL mainframe system with a modern, cloud-hosted alternative is a good place to start — especially as the pandemic forces record levels of national unemployment.
Wyoming is also investing heavily in IT improvements like a state-owned virtual environment made up of 700 virtual servers. The project was completed in March 2018 and has reduced maintenance and hardware costs. Cybersecurity is also a priority for the state, and the addition of vulnerability management practices is helping to keep systems safe from outside attacks with automated, dynamic updates that detect new threats and adjust for increased protection. Partners across state government have also set their focus on protecting the 2020 presidential election through tabletop exercises to prepare for potential threats.
When it comes to data governance, the state has taken careful steps to ensure citizen data is protected using well-established and vetted policies and standards. An ongoing inventory of data systems and data stores is now underway. This runs parallel to the creation of the state’s financial transparency website in July 2019, which gives citizens a clear view into state spending and other fiscal information.
C States
Alaska2020 Grade: C
2018 Grade: C
CIO: Bill Smith
After some upheaval, Alaska’s Office of Information Technology is on a solid path to making significant progress in improving the state’s tech.
When Gov. Mike Dunleavy took office in December 2018, OIT went through a string of short-reigning acting and permanent CIOs until Bill Smith, a veteran of both the military and technology worlds, brought stability in November 2019. Under Smith, the state has gone full bore toward the consolidation order that predated both Smith and Dunleavy, engaging a consultancy and developing a detailed set of plans for how to move forward. They include huge, fundamental shifts such as reorganizing job roles and responsibilities, consolidating servers while migrating toward a hybrid cloud model, centralizing procurement, improving communication about IT services and re-examining chargeback rates.
There’s a lot of work to do in the next several years, but Smith told Government Technology in July that the COVID-19 pandemic has given OIT the ability to prove itself to other agencies, demonstrating the value that a central, organized technology effort can bring to the state. During the pandemic, OIT has helped enable telework for some 6,000 state employees, including increasing VPN throughput tenfold and setting up Microsoft Teams.
[slideshow-break]
B+ States
Colorado2020 Grade: B+
2018 Grade: B+
CIO: Tony Neal-Graves (interim)
Technology officials in Colorado have been busily working toward transformation goals, and there is ample tangible evidence of their efforts. The state introduced its MyColorado App late last year, boasting more than 50 thousand users as of May 2020. The app offers secure access to state services in one place, coming together as a result of a broad partnership between technology staff, the governor’s office, and key agencies, like the departments of Revenue and Motor Vehicles. Notably, the app enables Coloradans to create and use digital identification from their smartphones. Beyond that pioneering capability, the app is but one manifestation of Colorado’s recent emphasis on user-centered design. User experience staff are starting to populate agencies, ensuring emerging customer-focused practices guide the state’s technology use.
Colorado introduced a new procurement strategy, Invitation to Negotiate (ITN), in late 2018. Following a trend seen in other government purchasing agencies, the approach is less prescriptive than traditional methods, allowing more creativity in responses while encouraging broader participation and offering the state more negotiating power. The Office of Information Technology has secured two contracts using ITN to date, with another in progress. And in further evidence of a commitment to innovation, the state launched the Colorado Digital Service late last year. Modeled after the U.S. Digital Service, the program recruits external tech talent to supplement the state’s digital teams, aiming to inject agile methodologies into state business processes to optimize results for Coloradans.
As it relates to pandemic response, the state was in a good position when work-at-home orders were issued earlier this year due to investments in e-signature capabilities. Usage has increased 50 percent in 2020. Similarly, the state deployed a virtual call center for the first time in late 2019, eyeing its ability to quickly scale up as needed by spikes in demand. Since the COVID-19 outbreak, several more virtual call centers have been established.
Connecticut
2020 Grade: B+
2018 Grade: B+
CIO: Mark Raymond
Connecticut IT, led by long-standing CIO Mark Raymond, has continued to push forward with its digital efforts, particularly around effective data use and strong work in the area of citizen services. The multi-agency Connecticut Digital Services (CTDS) group was established in July 2019 to ensure citizen perspective is built into tech projects, notably including the launch of the Business One Stop page to streamline business interactions across state agencies and make it easier for established and new businesses to access services. CTDS was also involved in many responses to COVID-19, including an app to help companies apply for small business loans, as well as an app businesses use to show they are compliant with COVID-19 reopening plans. The Digital Services team has additionally managed three redesigns to Connecticut’s coronavirus Web page as citizen needs have changed over time.
The state improved its VoIP and video conferencing systems, reducing communications costs by 70 percent, which helped lower regional carbon emissions by facilitating remote connections as well as preparing the state for mass remote work. When the pandemic struck, 90 percent of state employees who could work from home were doing so within three weeks. This included expanding capacity from 800 VPN users per day to more than 30,000 connections. Connecticut’s COVID chatbot, built using IBM’s Watson technology, handled more than 38,500 interactions between March and June, and is estimated to have saved nearly four full-time employees’ worth of support.
In ongoing state work, a 75-member cybersecurity committee comprising members from the private sector and all levels of government meets monthly, and the first practice session of Connecticut’s Cyber Disruption Response Team took place in February 2020. In May of this year, the state established a cybervolunteer working group to train private citizens to help local government and schools in the event of an attack. The Office of Policy and Management created a new data and analytics policy this year to increase transparency and streamline support for data management and requests across agencies, and released a data-sharing playbook to clarify legal and ethical issues around interagency data sharing.
Delaware
Grade 2020: B+
Grade 2018: B+
CIO: Jason Clarke (acting)
In Delaware, long a strong performer in the Digital States Survey, the Department of Technology and Information (DTI) has continued its push to use technology for the public good. Fall 2019, for example, saw the launch of a new Delaware One Stop platform designed to make it easier and more efficient for business owners to interact with multiple state agencies through one website. In his 2020 State of the States address, Gov. John Carney said he hoped the next iteration of the platform would be a similar single point of entry to state services for residents.
In response to the curveball of the pandemic, Delaware stood up a website and in September 2020, in partnership with the governor’s office and the Delaware Department of Health and Social Services, DTI launched the COVID Alert DE app. Interoperable with similar apps in New York, New Jersey and Pennsylvania, COVID Alert DE allows users to track their symptoms and facilitate contact tracing. The app had more than 50,000 downloads within one month of going live. The pandemic also highlighted a strong driver of Delaware’s IT work in the past two years: extending broadband to underserved areas and narrowing the digital divide. In 2018, Gov. Carney issued an RFI looking to eliminate high-speed Internet “deserts,” and in 2019 DTI signed on with broadband company Bloosurf to get service to about 127,000 homes. Further, the state plans to spend $20 million of its funding from the Coronavirus Aid, Relief, and Economic Security (CARES) Act to invest in broadband infrastructure that would help residents during the COVID-19 crisis, particularly students who are trying to connect remotely to schools and may not already have sufficient equipment at home.
Hawaii
2020 Grade: B+
2018 Grade: B+
CIO: Douglas Murdock
Thoughtful planning has helped Hawaii navigate a changing IT environment, including the unforeseen challenges brought about by the novel coronavirus. Like governments around the world, Hawaii shuttered state offices, sending employees home to work remotely; the infrastructure in place there and reliance on cloud technologies made these drastic changes seamless.
This sort of effort speaks to Gov. David Ige’s priorities to make the state the most effective and efficient government it can be. Through modernization efforts around system modernization (HiMod) and a new ERP system initially began in 2016, Office of Enterprise Technology staff have worked diligently to further those efforts, beginning a more than $17 million payroll implementation in 2019 called HawaiiPay. The new system has saved time and money, with the additional benefit of boosting collaboration among all branches of state government where adoption is concerned.
IT staff have also been vigilant when it comes to protecting the digital assets and systems that serve the public. Faced with more than 16 billion attempted cyberattacks in 2019 alone, the adherence to best practices and additional measures has been of key importance. The creation of the State Information Security and Privacy Council (IPSC) helps craft policy and strategy across the government, while quarterly meetings develop and implement operational and technical policy. Additionally, cybersecurity training is mandatory for all executive branch staff.
Despite these successes, the recent global calamity has not been without challenges; a crippled tourism industry has left the state with $2.3 billion shortfall and uncertain financial outlook. The coming months could see furloughs and service reductions as the pandemic wears on. The reliance on technology to support government mission will no doubt be tested in the near future.
Idaho
2020 Grade: B+
2018 Grade: B+
CIO: Greg Zickau
The story in Idaho in recent years has been consolidation: With the governor’s blessing, Information Technology Services (ITS) has been working its way through the state’s agencies, centralizing their staff and resources. But it’s more than that — as it consolidates, ITS is also modernizing legacy systems, shedding duplicative infrastructure, standardizing practices, encouraging the adoption of common tools and improving preparation for adverse events.
A great example is in the buildout of a new government campus that includes a centralized data center. In 2019, ITS migrated 341 server backups for five agencies into a single location with increased physical security and a fully redundant connection for off-site replication. As a result, it was able to eliminate the agencies’ old backup hardware and software, as well as retire four data centers. The agency has also taken a more proactive stance on technology budgeting and purchasing across the state, looking into IT activities earlier in the process. That’s allowed ITS to spot instances where agencies are trying to purchase things the state already has lying around or to start searching for a common solution when several agencies want something at once.
Centralization has also meant an enormous HR effort; ITS has quadrupled in size while reducing the state’s overall full-time position count by 20 as it reduces duplication. In the span of 14 months the agency hired 100 new positions, working with HR to make it happen efficiently. One of those new positions is the state’s first chief data officer, which brings Idaho in line with the majority of states in dedicating such a position.
All the while, the state has also scored a variety of wins such as digitizing vehicle titles for the DMV, launching a text message-based payment service for use across multiple agencies and supporting the state’s telework and unemployment insurance needs during the pandemic.
Illinois
2020 Grade: B+
2018 Grade: B+
CIO: Jennifer Ricker (acting)
The past two years for Illinois have seen the state undergo quite a bit of change, with a new governor from a new party coming in with a new approach to tech and innovation work. This led to the formation of the new Illinois Department of Innovation and Technology (DoIT). This meant that some of the past two years for the state has been spent planning and building capabilities for IT and innovation work. The investment in this change, however, has paid dividends, with the state ushering in quite a bit of progress. One project that stands out is a citizen-centric Web design approach across agencies, which has resulted in capabilities for residents such as the one-stop site to apply for and manage licenses through a singer user portal, equipped with payment processing.
DoIT is not the only new tech agency in Illinois. The state also established the Office of the Statewide CISO and a cybersecurity committee. Along with this comes mandated cybersecurity training and a related policy framework. Cybersecurity work in Illinois of late has also involved productive partnerships, with the most notable occurring between DoIT and the Illinois State Police Statewide Terrorism and Information Center, which teamed up with 108 election authorities on an electoral cybersecurity program, involving guidance as well as assistance with any necessary incident response.
Perhaps the most meaningful tech work in Illinois of late, however, has been related to a multi-year statewide K-12 broadband project aimed at expanding high-speed Internet access and security services to public schools. This includes a $20 million refresh of the state’s broadband network, all at no direct cost to the individual school districts.
Maine
2020 Grade: B+
2018 Grade: B+
CIO: Fred Brittain
The past couple years of IT innovation in Maine have focused on efficiency through staffing, data and modernization. The state formed several new groups, most prominently an IT leadership council consisting of representatives from other agencies who confer regularly with IT management, which led to several workgroups and initiatives. The state also created a data warehousing and analytics team, to create a set of standards and maintain data warehouses; a security integration services team, for disaster preparedness and recovery; several business acceleration teams, to focus on IT service management, workforce development, innovation and customer experience; and a new collaboration technologies unit to accommodate information-sharing between departments. Gov. Janet Mills established the Office of Innovation and the Future, to be proactive and innovative about digital services, while Maine has been trying to fill out its IT workforce by hiring staff for what used to be outside-contract jobs.
With the launch of new oversight groups came new policies, touching everything from security to cloud adoption, digital accessibility and, perhaps most crucially, data exchange. The need to share COVID-19 information between agencies led the formalization of the state’s first-ever data exchange policy, which established a template for agencies to set up their own specific agreements. Data was the focus of several other investments, including the Cohesity DataPlatform for archiving data in the cloud, and improvements to the state’s data warehouse that puts budget, HR and finance data on the same interface, so analysts in different departments can work with it. The state also used an ARAN (Automatic Road Analyzer) vehicle to collect imagery and data on roadway curves and signage, sparing the Department of Transportation a $1 million study.
Maine was chipping away at modernization projects before COVID-19, and if anything, the crisis accelerated some of them: expanding remote access to support to about three-quarters of the state’s 12,000 employees; creating a continuity of operations plan and telework guidance for employees; deploying 35 new websites for online services; transitioning close to 40 agency websites to the same content management system. But there was more to modernization than COVID-19. Maine concluded a massive three-year project to replace old network equipment at 600 locations and more than 35,000 connections, and it replaced a 25-year-old payroll system with a modern cloud-based platform. New applications went out to help law enforcement agencies across the state transition to electronic citations and to help the fire marshal dispatch investigators to fire incidents. There’s even an application so farmers can electronically track the sharing of produce with low-income seniors.
Maryland
2020 Grade: B+
2018 Grade: B+
CIO: Michael Leahy
Maryland’s consolidated IT services proved the state’s determination to increase transparency, efficiency and user experience in the last two years. One notable example of this is the state’s establishment of a new Department of Information Technology (DoIT) intake process, which aims to provide other state agencies with a centralized entry point to request support for their IT-related needs. This new process serves as a “no wrong door” through which an agency can start conversations with the DoIT team as needed. Essentially, this new implementation streamlined the process to service other agencies, making DoIT readily available to help.
In collaboration with the Department of Budget and Management (DBM), the two state agencies used their respective strengths to create a modernized website that reports government spending facts and patterns. The Maryland Transparency Portal, which launched in August 2019, lays out these budget-related facts and trends from any given fiscal year. Although this data is already available through DBM, the portal presents the data visually, offering greater accessibility to the public.
Perhaps one of Maryland’s greatest accomplishments this year is its leadership role and preparedness in the face of crisis. Maryland DoIT stepped up to the plate when the state’s Department of Commerce needed to quickly disseminate funding for small businesses amid the COVID-19 pandemic. A platform that launched in early 2018 called Maryland OneStop was designed with the intention of allowing multiple departments to issue certifications, licenses and permits. When the state decided to use the OneStop platform to disburse small-business grants, DoIT was quick to add the functionality to handle applications. In the short span of a few weeks, the agency had all integration points complete and the grant application process completely automated. In total, citizens now have access to three different vital applications for relief funding through the improved OneStop platform.
Massachusetts
2020 Grade: B+
2018 Grade: B
CIO: Curtis Wood
Massachusetts’ recent tech accomplishments show that improving services for citizens is a high priority for the northeastern state. After research revealed that the application process for the state’s Supplemental Nutrition Assistance Program discouraged citizens from applying for food assistance, Massachusetts rolled out a new online system called BEACON in 2019 that reduced the average application time from more than 20 minutes to about eight minutes. The system has also translated to fewer office walk-ins and lower lobby wait times. In another win for citizens, the state’s Registry of Motor Vehicles (RMV) moved beyond its 30-year-old mainframe to a virtual server system, which has led to significantly more digital transactions and shorter lines at local offices. Both projects paid off during the COVID-19 pandemic: BEACON allowed Massachusetts to be one of the first states to stand up a pandemic EBT program, and RMV was able to launch online driver’s permit services over the summer.
Aggressively moving away from aging infrastructure to the cloud was another significant theme for Massachusetts over the last couple of years. The state’s online unemployment insurance (UI), procurement and payroll systems are all now in the cloud. From a UI perspective, this change proved to be especially timely, as the cloud-based system helped the state absorb the massive impact of pandemic-related UI claims in 2020, and Massachusetts IT was also able to create a virtual call center in three days. Moreover, through a 2019 policy change, the state adopted a hybrid/multi-cloud strategy that has resulted in more competitive price offerings and varied technical approaches.
Massachusetts has also implemented substantial cybersecurity enhancements. The Executive Office of Technology Services and Security rebuilt the state’s security incident and event management (SIEM) platform, allowing for more efficient and accurate correlation of security data. The state has also worked to centralize vulnerability management and reporting. As a result, thousands of vulnerabilities have been eliminated, applications are more rigorously scanned, and consistent standards have been developed and applied.
Mississippi
2020 Grade: B+
2018 Grade: B
CIO: Michelle Blocker (interim)
Like other states, Mississippi found itself turning to tech earlier this year to help it respond to the coronavirus pandemic. The state updated its award-winning chatbot, MISSI, with real-time information about school closures, COVID-19 testing and guidance from state agencies. MISSI fielded 1,158 coronavirus-related questions in the last two weeks of March alone. At the same time, the state was fortunately just wrapping up the rollout of a centrally managed virtual private network (VPN) to all state agencies to boost teleworking operations. This solution was designed to improve cybersecurity by providing a single point of access for teleworking employees, rather than a host of separate VPNs for each agency, as those were found to be bypassing state cybersecurity measures.
Also, in the interest of boosting cybersecurity, Mississippi purchased its first cyberliability insurance policy that covers most state agencies, boards and commissions. The new policy covers first- and third-party damages from a confirmed breach of confidential data, which includes personally identifiable information, financial information and private health information. The state also looked to improve physical security, encouraging its counties to a no-cost software solution for public safety answering points (PSAPs) from RapidSOS. This new software allows PSAPs in Mississippi to better pinpoint the location of 911 callers, especially when they use cellphones or are in rural areas.
Mississippi also looked to improve its virtual infrastructure in the last two years, moving to adopt a hyper-converged managed services solution. With the new system, most of the state’s mission-critical applications are hosted in its Primary Data Center, though they appear to the user to be in the cloud. The solution is mirrored at the Ancillary Data Center, 120 miles from the primary one, so that in the event of a disaster at one data center, everything can be recovered from the other.
Montana
2020 Grade: B+
2018 Grade: B
CIO: Tim Bottenfield
Montana knows one can never be too careful given the ever-evolving tactics of cybercriminals. Earlier in 2020, the state beefed up its Web application firewall technology to protect its websites. Within the last year, Montana overhauled its email security system, which not only eliminated most malicious emails but also improved the ability of agencies to communicate effectively with business partners and citizens. The state also implemented a behavior-based antivirus solution that allows IT to have a holistic view of workstations across agencies. Montana has made substantial commitments to its cybersecurity workforce, with plans to double the size of its security staff and to continue providing raises and more training opportunities as it did in 2019.
Various agencies in Montana have taken strategic steps to bolster the state’s understanding and utilization of administrative data. The Office of Public Instruction is adding partners for its statewide longitudinal data system, which will inform educational policies and priorities moving forward, and has already implemented an early warning system that triggers interventions for at-risk students. The state’s health and human services and corrections agencies have launched their own public dashboards, increasing transparency and reducing workloads for data staff. Meanwhile, late last year the Transportation Department hired a data governance officer, who is crafting policies and procedures in conjunction with all stakeholders in the organization.
In recent years, Montana has invested in and relied on emerging technologies to a noteworthy degree. The state has now outfitted all its counties’ law-enforcement agencies with biometric fingerprint devices. Montana’s motor vehicles department has seen reduced calls from citizens, thanks to a chatbot feature on its website. The state has also found different novel uses for drones, such as its livestock agency using the devices to efficiently rescue lost cattle during severe weather in 2018. Just as impressive, Montana’s drone vehicle crash investigation program has led to shorter roadway delays, greater accuracy in evidence collection and reduced costs.
Pennsylvania
2020 Grade: B+
2018 Grade: B+
CIO: John MacMillan
Pennsylvania introduced a number of initiatives in the last two years to improve state employees’ cybersecurity awareness. The state implemented two new end-user training courses: statewide Fraud Prevention and Awareness, and IT Administrator Awareness. Both courses ensured participant engagement and retention by incorporating gamification, and the state has since seen improved security awareness among employees. Pennsylvania also sought to improve cybersecurity with a new screensaver that displays security-related tips and messages. After a successful pilot among IT staff in 2019, the screensaver solution was rolled out statewide and is now live on more than 80,000 computers across 40 state agencies. It was so successful that it has since been expanded to include messages on other topics like HR announcements.
On Jan. 28 of last year, the state Department of Revenue launched a state-of-the-art solution to modernize its legacy tax administration systems. The new solution, called the My Pennsylvania Tax Hub (MyPATH), uses the GenTax commercial off-the-shelf solution to create a one-stop shop for all the taxes the department administers. Since implementation, the department has seen a 90 percent reduction in error rates for International Fuel Tax Agreement customer returns.
In February 2018, the state sought to help non-custodial parents search for jobs by integrating the Pennsylvania Child Support and Enforcement System and the Pennsylvania Labor and Industry JobGateway system. Between February 2018 and December of last year, there were 8,343 verified job placements through the new system, and payroll deductions for child support payments were automatically set up for those parents. The state also implemented a Protection From Abuse (PFA) Database last year, in response to legislation mandating a system be established that tracked PFA orders that required a relinquishment of firearms within 24 hours. The state was able to build the new database using its pre-existing PFA tracking system.
Rhode Island
2020 Grade: B+
2018 Grade: C
CIO: Bijay Kumar
Over the past year, Rhode Island has made a number of significant accomplishments — most notably its movement toward a more citizen-centric governance model. COVID-19 tested many governments, but not all rose to the challenge. In April, Rhode Island proved it could, by launching Crush COVID RI, a privacy-centric mobile app designed to help the state monitor and contain the pandemic. The app, which encourages symptom reporting to assist state officials with contact tracing, was launched in approximately a month and saw some 40,000 downloads within the first few weeks. Its beta version was also fielded for citizen feedback to better customize the product to consumer satisfaction.
The state also recently redesigned the website for its Children’s Cabinet to make it more “parent-focused.” Redesigned in October 2019, the state used recent branding and experience guidelines to provide a website that more intuitively provided resources to families on issues like prenatal care and early childhood education.
At the same time that Rhode Island has focused on citizen experience, it has also continued to impress with its investment in cybersecurity. The state continues to execute an inclusive security model that prioritizes multi-stakeholder engagement, including with federal partners like National Guard, DHS, FBI, the private sector and others. In 2019, the Division of Information Technology also launched a new security awareness training program — a monthly, year-long course that includes ongoing phishing trainings and other strategies to bring wide risk awareness to government staff in executive agencies. In May 2019, the state also used a federal grant to launch the nation’s first-ever statewide cybercrime hotline. The line supports residents who want to report crimes like cyberstalking, identity theft and financial fraud.
Tennessee
2020 Grade: B+
2018 Grade: B+
CIO: Stephanie Dedmon
The state of Tennessee has, over the last two years, leaned heavily into successfully developing IT consolidation and subsequently creating a new organizational culture. During the consolidation, Strategic Technology Solutions (STS) grew from about 300 employees to about 1,300, forcing the building of new relationships with an eye on organizational culture and a more customer-minded approach. The resulting OneSTS consists of eight guiding principles, and each employee throughout 2018-2020 underwent appropriate training and participated in team workshops to that end. The result was improved customer service satisfaction scores, which improved from a 3.0 average to 4.06 on a five-point scale.
The state also put an increased emphasis on cybersecurity, and with IT consolidation, cybersecurity was centralized under the CIO and chief information security officer (CISO) to protect confidentiality and integrity of data. The state formed the Tennessee Cybersecurity Advisory Council in September 2019, which includes membership representing all branches of state government and includes the chief of staff, state CISO, and commissioner of Safety and Homeland Security, among others. Further, the state enhanced its patch management significantly. The CISO was granted funding to expand the scanning program for all servers on state data centers. Previously, the patch management practice was to rely on system administrators to follow policy. Implementing a set of protocols (Domain Name System Security Extensions) added a layer of security to the domain name system lookup and exchange processes, addressing a huge gap in security.
In citizen-facing work, February 2020 saw the launch of the MyTN app, a mobile app that gives residents a single access point for a growing list of state services including driver’s license applications and renewals, felony offender lookup services, and locations of local farmers’ markets.
B States
Arkansas2020 Grade: B
2018 Grade: B
CIO: Yessica Jones
Under the policy leadership of Gov. Asa Hutchinson, who has held the office since 2015, and IT leadership of CIO Yessica Jones, Arkansas has undergone steady improvement and transformation in the last several years. In 2019, Hutchinson reorganized his cabinet from 42 directors to 15 secretary positions and created the Office of Transformation. That office is being led by Chief Transformation Officer Amy Fecher. At the time, the move was heralded to streamline state government and increase collaboration across the agencies.
“I believe the governor’s plan in putting the Department of Information Systems within [the Department of] Transformation and Shared Services is to elevate it and to show the other departments that he feels that this can be a major component of our transformation,” Jones said at the time.
Jones, one of Government Technology’s Top 25 Doers, Dreamers and Drivers in 2020, has pushed for broadband to all K-12 schools in the state, cybersecurity assessments and improvements, as well as efforts to connect government to the public via mobile devices. That push is warranted, as a reported 68 percent of those visiting state websites do so from a mobile device.
Growth can also be seen in the state’s use and consideration of data and best practices. In February, Joshua McGee was named as the state’s chief data officer, a role he holds in concert with a professor position at the University of Arkansas.
Florida
2020 Grade: B
2018 Grade: B
CIO: Jamie Grant
The history of IT in Florida state government in recent years has been turbulent. The state defunded its IT agency twice between 2005 and 2012, after which there was no CIO for two years. The successor agency, the Agency for State Technology, lasted five years before Gov. Ron DeSantis signed a bill last year rolling it into the Department of Management Services. A year later, he signed another bill creating a new successor agency called the Florida Digital Service, and appointed state legislator Jamie Grant as its new CIO.
The direction of the agency is promising; it takes inspiration from the U.S. Digital Service and is planning on “tours of service” where external tech talent helps the state advance its IT posture. It’s tasked with supporting the state’s cloud-first policy, as well as modernization, cybersecurity, procurement and infrastructure.
Outside the new IT agency, the state has other forward-looking projects in the hopper, including a digital driver's license pilot project at the Department of Highway Safety and Motor Vehicles planned to start late this year as well as a new “FinTech sandbox” within the Office of Financial Regulation to test out new technology and ideas.
Iowa
2020 Grade: B
2018 Grade: B
CIO: Annette Dunn
The state of Iowa’s disaster recovery capabilities were tested in a big way in both 2018 and 2019 when the main data center flooded. Since then, the state has built upon its resilience capabilities and is now in the process of outsourcing its primary facility to a third party — a move CIO Annette Dunn employs in various areas when it makes sense for the state. The IT organization has elements of both federated and centralized structures, but a couple recent moves demonstrate a turn toward central management: The Office of the Chief Information Officer (OCIO) now approves all technology purchasing, and agencies must draft five-year technology spending plans for OCIO review. A rate increase for centrally provided IT services is in the works, which will help pay for necessary upgrades to IT infrastructure.
Priority investment areas for Iowa include broadband, which is pointing millions toward connecting unserved and underserved areas through Gov. Kim Reynolds’ Future Ready program. A Master Data Management initiative, fueled by the addition of the state’s first chief data officer last year, is evidence that Iowa is moving aggressively in the direction of data-driven decision-making. Similarly, Iowa’s progress on cybersecurity continues with additional strategic planning, resource deployment, staff training and an established internship program that helps bring fresh talent to the state. When it comes to citizen engagement, the state’s myriad efforts are guided by a citizen engagement subcommittee that produces recommendations for new tools. For example, Iowa deployed a chatbot in late 2018, and it continues to add capabilities, including a live chat function. Seventeen agencies now use the chatbot, the state reports, and in May 2020, the combined chat/chatbot tools saved an estimated 1,700 hours in staff time that would have been spent answering those same inquiries using traditional tools.
Kentucky
2020 Grade: B
2018 Grade: B
CIO: Ruth Day
Since the 2018 Digital States Survey, Kentucky has continued to use IT to advance administrative initiatives, particularly in light of the COVID-19 pandemic. The state has been particularly effective in data governance, having launched a Data and Analytics work group comprised of members from all executive cabinets, as well as creating a master data sharing agreement across those cabinets. An Enterprise Data Management Policy published in February 2019 has helped to reduce risk around sharing and maximize ROI. By encouraging enterprise-wide data sharing, and creating agency-level data officers, Kentucky has brought together previously siloed information and gotten agencies to use data effectively. The state’s Cabinet for Heath and Family Services (CHFS) launched a Division of Telehealth Services within its Office of Health Data and Analytics to improve and promote telehealth services, which of course has seen great payoff during the pandemic.
In 2019, Kentucky completed a move to a converged data center with Dell VxBlock as part of a five-year investment, replacing existing physical servers and backups with a single solution. The state has also aligned all its cyberpolicies with the NIST framework, and has found that clearly defined requirements for security have led to more consistent enforcement. The CISO’s office uses a combination of SOC 2 type-2 and third-party risk assessments to get a full picture of any gaps and vulnerabilities in state systems, and IT has implemented additional endpoint defenses to push security measures out closer to where data is actually used.
The Kentucky Business One Stop Portal is continually updated based on user feedback, and 2019 saw the implementation of a single sign-on upgrade with access to 200 services that added functionality for users looking to interact with multiple state agencies. The Commonwealth Office of Technology is also looking toward AI and 5G to improve both citizen services and internal operations.
Nebraska
2020 Grade: B
2018 Grade: B
CIO: Ed Toner
Since the last survey in 2018, Nebraska has made several pushes to modernize and streamline its technology profile. These efforts have come in the form of design and consolidation of State Enterprise Network Architecture, a significant data center consolidation and the elimination of nearly a quarter of state servers.
In 2019, an onboarding and out-boarding system for identity management was developed for IT employees coming and going from state service. Working with HR, the system was subsequently expanded to serve the entire state workforce. Similar multi-agency cooperation can also be seen in the use of GIS to help the Nebraska Department of Transportation respond to recent historic flooding. The tools were used to monitor changes in real time as well as story map the situation for public consumption. Also in 2019, the state completed an upgrade of its Enterprise Resource Planning system on the heels of an earlier failed attempt. The solution provides capital management for all state agencies, the university and college systems and has a 100 percent redundancy between two data centers.
When it comes to cybersecurity, Nebraska has adopted a “security first” mentality, focusing on responsive technical support across all government agencies and consolidation and standardization to ease implementation and maintenance of best practices.
New Hampshire
2020 Grade: B
2018 Grade: C+
CIO: Denis Goulet
New Hampshire is in the midst of an epic, years-long march toward an “enterprise first” approach where departments share platforms rather than custom-building or buying a patchwork of solutions. In recent history, that’s meant adopting Drupal for website content management and performing website refreshes across many agencies, as well as Tableau and Informatica for business intelligence work that has allowed for automated report generation, COVID-19 contact tracing, opioid monitoring and a state dashboard to illustrate statistics during the pandemic.
The state IT department reacted quickly during the pandemic, turning around projects originally scheduled for 2021 in a matter of weeks, such as rolling out a new VPN appliance and increasing firewall throughput to support an increase from 200 telework users to 12,000. The team also rapidly rolled out new technology for softphones, collaboration, Web conferencing and helping to support a huge increase in unemployment claims.
Another big achievement has been the rollout of the new Revenue Information Management System, which gives residents the ability to pay taxes, schedule automatic payments, check on payment status and review documents online. The state has kept the project on schedule in spite of the pandemic, having just wrapped up the second phase in October. The third and final phase is scheduled for completion next year.
New Jersey
2020 Grade: B
2018 Grade: C
CIO: Chris Rein
New Jersey has shown tangible progress over the course of the past two years, during which the governor appointed the state’s first chief innovation officer while also establishing the New Jersey Office of Innovation, centralizing innovation work. It is that office taking point on helping New Jersey’s state agencies inventory and refresh the content for all their public-facing websites. One great example of this is the Motor Vehicle Commission’s interactive map of locations where residents can get vehicles inspected.
Perhaps the area where New Jersey made the most progress is all things data, including data governance, data transparency and data-driven decision-making. The New Jersey Office of GIS oversaw adoption of GIS across all state agencies, while also bolstering data discovery via a searchable catalog of metadata. That same office partnered with GIS agencies and public safety departments at the local level to build a statewide 911 database that meets the National Emergency Number Association GIS data standards. In addition, after the pandemic the state was able to launch a data hub to provide up-to-date information for residents. That site demonstrated something that New Jersey has put at the center of much of its tech and innovation work — collaboration across state agencies, as well as with outside partners. The COVID-19 site, for example, represented a partnership with the Federation of American Scientists. Looking ahead, New Jersey has also created Data.NJ.Gov, which makes it easy for developers to include data in their applications.
If New Jersey still has progress to make, it is in its efforts to centralize the entirety of its IT infrastructure, which has come a long way but does not yet include all agencies.
New Mexico
2020 Grade: B
2018 Grade: B
CIO: John Salazar
John Salazar started work as the new chief information officer for New Mexico at the beginning of March, stepping up at a particularly challenging time, pandemic-wise. Bringing with him experience in technical leadership at the agency level, as well as work with government through a private-sector role, Salazar noted a great need for modernization as he took the helm. But some of that likely took a back seat as the state prioritized transitioning 20,000 members of its workforce to working from home. Like so many of its peers, though, the state leaned on cloud solutions in standing up its response, like a dashboard featuring data from multiple agencies for a snapshot view of how the state was faring relative to COVID-19.
As for other priorities, New Mexico is also devoting money toward broadband, with gaps being felt even more acutely due to exponential needs stemming from remote learning. Cybersecurity attention is also needed, proven by the surge in costly ransomware attacks on public institutions in the state. In one recent win, New Mexico is moving forward with an investment in a cloud solution to modernize its foster care systems with <a href=’https://www.govtech.com/100/2020/Binti.html’ target='_blank'>Binti</a>, a solution that streamlines the process of applying to be a foster care family, replacing time-consuming manual processes with a more user-friendly approach.
Oklahoma
2020 Grade: B
2018 Grade: B
CIO: Jerry Moore
Involved with much of Oklahoma’s technological progress over the past two years were the state’s first chief operating officer, its first secretary of digital transformation and a new chief information officer, appointed by Gov. Kevin Stitt. Under their direction, security was a major focus at the Oklahoma Office of Management and Enterprise Services (OMES), which set up the Oklahoma Information Sharing and Analysis Center (OK-ISAC), a private-public partnership with telecom companies, schools, and state and local agencies. OMES also recently updated the state’s security policy, started a compliance team under the CISO focused exclusively on security requirements and procedures, moved the state’s mainframe to an outside service so it would be more secure and adaptable in a disaster, deployed a new threat detection tool and a new spam filter, and conducted continuity of operations training with the Department of Emergency Management. Law enforcement agencies, except the State Bureau of Investigation, are moving their data to the OMES Data Center, and public safety agencies are transferring their communications equipment to FirstNet.
Citizen-facing projects were just as many and far-ranging, and several are available on the online services portal my.ok.gov. Built with Granicus’ govServices platform, it hosts 26 non-DMV licensing services for 18 agencies, from occupational licensing to driver’s license renewals, and more than 32 digitized forms upgraded from paper or PDF. The platform sees 54,000 users per month. The state also worked with OpenGov on a public website to display state agency spending, launched an online portal for food benefits and child services, started a long-term project to build an intelligent transportation system with strategically placed cameras and other sensors, and used a CARES Act Grant to put 50,000 Verizon hot spots in school districts throughout the state for students who didn’t have Wi-Fi at home.
Oregon
2020 Grade: B
2018 Grade: B
CIO: Terrence Wood
Oregon IT officials have had their hands full in the last two years, combatting unwanted cyberdisruptions. A targeted phishing attack on the Department of Human Services in early 2019 led to various measures to fortify the state’s cyberdefenses. Actions taken include the hiring of Chief Information Security Officer Gary Johnson, who along with other officials has worked closely with state agencies to implement cybersecurity protections and educate staff on best privacy practices since the incident.
To continue maturing IT services, Oregon’s overarching focus is to increase standardization and centralized oversight of IT processes. In support of this vision, CIO Terrance Woods reorganized and renamed the Oregon Office of the State CIO to Enterprise Information Services (EIS) during the summer of 2019. EIS is made up of six nuanced programs operating under a unified mission — project portfolio performance, shared services, data center services, cybersecurity services, strategy and design, and data governance and transparency.
Looking to the future, the state’s 2020-2023 Strategic Framework and Gov. Kate Brown’s action plan envision a modernized state IT system that transforms service delivery and emphasizes user-friendliness, reliability, and security. These guidelines put together by EIS reflect Gov. Brown’s commitment to providing essential government services to the state’s residents, especially during the COVID-19 pandemic.
South Carolina
2020 Grade: B
2018 Grade: B
CIO: Keith Osman
The 2018-2020 Statewide Strategic IT Plan in South Carolina established the IT Shared Services Initiative, which yielded cost savings, increased security and transparency, in part, by consolidating IT infrastructure into a centralized data center. This move allowed old on-site infrastructure to be decommissioned, increasing efficiency and resiliency.
At the start of the COVID-19 crisis the Division of Technology Operations began talks with existing vendors and suppliers of cloud services to enable remote work environments. Prior to these moves, many South Carolina Department of Motor Vehicles employees, for example, had no way to perform their jobs away from the office. Also part of the state’s pandemic response is the accelerateSC initiative, which includes a citizen-centric Web platform that offers information on trending topics. The site also includes a chatbot named Axel which has had some 700 conversations addressing more than 2,600 questions, earning it an 82 percent “happy” rating by users.
The state’s jobs portal NeoGov has been updated and rebranded with improvements like allowing candidates to upload resumes and other features, as well as an improved ability to communicate job openings via social media sites like Facebook and LinkedIn. In other examples of modernization, the South Carolina Department of Public Safety deployed SmartCop, a case management system which allows police documents like collision reports and citations to be easily shared with related agencies like the South Carolina Department of Motor Vehicles, State Courts or the Department of Transportation. Similarly, the South Carolina Law Enforcement Division (SLED) transitioned away from mainframe to Web services from July 2019 to May 2020, a move that brought increased capabilities.
When it comes to cybersecurity, South Carolina deployed a new mandatory employee Security Awareness Training (SAT) program in 2018. The program represents a unified training effort as opposed to the previous decentralized cybersecurity curriculum. Also, in 2019 the Division of Information Security initiated multi-factor authentication for both enterprise and agency-managed technologies.
Vermont
2020 Grade: B
2018 Grade: B-
CIO: John Quinn
Vermont has made strong efforts to modernize — both before and during the pandemic. Fresh off the heels of the consolidation of its Agency of Digital Services in 2017, the state last year consolidated a dozen data centers into one primary center and also virtualized all of its state-hosted servers.
Key to this modernization effort is a parallel effort to increase statewide cybersecurity. In 2020, as part of the broader consolidation efforts, the state replaced over $1 million in outdated network and security components with updated, “state-of-the-art” devices, in a bid to better secure its infrastructure. At the same time, Vermont’s 2019 procurement of a statewide endpoint detection, response, and prevention system added a powerful tool to its defense arsenal, demonstrating a willingness to invest in automation to augment human analyst capabilities.
Similarly, the state’s creation of a threat intelligence sharing group in early 2019 means that the state has better pathways for collaboration with federal authorities like DHS, FBI, and CISA. Meanwhile, the state is working to expand its cybertalent pool through a university pipeline, maintaining a commitment to workforce development and retainment — no easy task in a state as rural as Vermont.
Also forward-thinking are Vermont’s efforts to secure its supply chain via a 2019 issued directive that bans the procurement or use of products from vendors that had been flagged by the federal government as security risks. This is an area not many states have yet recognized as a significant security threat.
West Virginia
2020 Grade: B
2018 Grade: B
CTO: Joshua Spence
West Virginia turned to tech earlier this year to respond to demands caused by the coronavirus pandemic, quickly standing up a Web-based grants application system to manage federal funds from the CARES Act. This system eliminated paperwork and streamlined the grants process, allowing the governor’s office to rapidly disburse funds. The initial system went live May 15, and a small business component was rolled out in July.
In December 2019, West Virginia embarked on a project to refresh its statewide network infrastructure, as much of the hardware was aging and struggling to keep up with increasing demand. The end result will be a high-speed, high-capacity network that can provide the services users expect in our increasingly online world. The state also sought to upgrade its websites and Web applications, contracting with West Virginia Interactive (WVI), a division of NIC, to design and maintain those systems. Most state agency sites now have a universal design and theme, and work is currently underway to bring this same consistency to agencies’ citizen-facing applications.
The state also looked to tech to make a few other improvements to citizen interactions with state government. The Division of Motor Vehicles (DMV) implemented the Gov2Go Vehicle Registration Renewals platform in May 2018. This online platform provides a one-stop shop for West Virginians to track and complete vehicle registration renewals. Since its launch, more than 153,000 residents have registered to use this service. And the West Virginia Secretary of State’s Office looked to voice assistants to foster citizen engagement, launching an Alexa Skill in April of this year. This custom skillallows state residents to ask a number of government-related questions of their Amazon Echo devices, such as “Who is my county clerk?” and “How do I register to vote?”
B- States
Alabama2020 Grade: B-
2018 Grade: B-
CIO: Marty Redden
The past two years have seen a shift in Alabama’s IT leadership, but the state remains committed to addressing many of the basics of using technology to doing the people’s business. Gov. Kay Ivey cited broadband as a top priority for her administration, noting in her State of the State address in early 2020 that nearly 220,000 residents in the state did not have high-speed Internet access. This builds on the 2018 establishment of the Alabama Broadband Accessibility Fund. Funding was anticipated to come from the U.S. Department of Agriculture’s ReConnect Program, which put $62.3 million toward four broadband projects in Alabama in 2019, as well as $9.5 million in grants from the Accessibility Fund that Gov. Ivey awarded to nine broadband providers this past April.
The COVID-19 pandemic further emphasized the disadvantages for Alabama residents who lacked broadband. To remedy this, Ivey created Alabama Broadband Connectivity for Students, which used $100 million in federal coronavirus relief funds to create vouchers for eligible families to use for Internet service through the end of 2020. To shore up telemedicine efforts as people were encouraged to stay home, the Federal Communications Commission announced two grants totaling $800,000 going toward Birmingham-based health-care providers to expand remote services.
In forward-looking work, 2019 state legislation established the Alabama Commission on Artificial Intelligence and Associated Technologies, a task force charged with looking at how automation could help spur economic growth in the state, and what potential impacts it could have on citizens.
Kansas
2020 Grade: B-
2018 Grade: B-
CIO: DeAngela Burns-Wallace
The state executive branch in Kansas operates in a decentralized manner but is connected via one network. While in the past there has been duplication of effort across agencies and the central state IT office, that is beginning to disappear as new, more positive relationships being facilitated by leadership are creating a more common direction. A new leadership reporting structure was implemented and has developed a more collaborative culture, maximized efficiency, and facilitated improvements in costs, resources and contracts.
The last two years saw a realignment of IT leadership, and each agency CIO began reporting directly to a branch chief information technology officer, a move that has helped streamline direction and prioritize projects and funding. The executive IT branch will continue to focus on centralization, leaving specific application and development support with individual agencies.
Kansas sees additional opportunities for data sharing in the future. Data is currently managed by each agency and data sharing has been successful between agencies including the Department of Health and Environment and the Department for Children and Families, which also partnered in early 2020 to move HHS’s Eligibility Enforcement System to an Oracle Cloud Platform. The state is working on categorizing data and identifying privacy requirements to facilitate additional data sharing relationships.
Louisiana
2020 Grade: B-
2018 Grade: B
CIO: Dickie Howze
It has been a busy two years for the Louisiana Office of Information Technology, which has grappled with some cyberchallenges that are unfortunately familiar to many IT leaders in the public sector. A coordinated ransomware hit on five school districts in July led to an emergency declaration from the governor, which marshalled a multi-agency response effort. Later in the year, another ransomware attack targeted state servers (https://www.govtech.com/pcio/How-Louisiana-Responded-to-Its-Recent-Ransomware-Attacks.html), taking websites temporarily offline and forcing closures of many public-facing offices like the Office of Motor Vehicles.
Outside of the cyber-realm, the state launched a redesigned website in 2019, reflecting upgrades like responsive design and adherence to the latest accessibility standards. Louisiana also deployed a chatbot, enabling round-the-clock customer service, and made a state quiz available via Amazon Echo devices. Notable digital service additions for Louisiana include a digital drivers’ license that citizens have been able to use since 2018, as well as what the state believes is the country’s first app to enroll citizens in Medicaid. On the networking front, June 2020 saw the first rollouts of a major upgrade to software-defined technology for Louisiana, improving bandwidth, redundancy and security while simplifying management of network resources. Available speeds at many sites increased from two to 100 times what was previously available.
South Dakota
2020 Grade: B-
2018 Grade: B-
CIO: Jeffrey Clines
South Dakota maintained its B- grade for the third survey in a row. The steady grade seems to be a sign that the state’s IT efforts are holding course, even amid the chaos wrought by the novel coronavirus. Earlier this year, in March, the state named a permanent CIO in Jeffrey Clines, who formerly served as the director of information technology with the Illinois Secretary of State’s Office. The move signaled permanence after the 2018 departure of CIO David Zolnowsky and a string of interim replacements leading the Bureau of Information Technology.
The state has made considerable investments in expanding rural connectivity. In 2019, Gov. Kristi Noem announced that $5 million in grants would be allocated for “shovel ready” projects through the Connect South Dakota program. In her 2020 State of the State address, Noem spoke about the importance of connecting the underserved and referenced $25 million in investment for broadband in the years to come.
A nearly $3 million matching state and federal investment in Dakota State University signaled a growing focus on bolstering the cybersecurity workforce in the state after the National Security Agency tapped the college as a Center of Academic Excellence in Cyber Operations. At the time of her address, Noem said she hoped the investment would help position the state as a leader in cybersecurity.
[slideshow-break]
A States
Georgia2020 Grade: A
2018 Grade: A
CIO: Calvin Rhodes
Before and during the pandemic, Georgia has been making some big strides in modernizing its technology infrastructure and deploying new services to make state workers more efficient and offer more self-serve options to its growing population. At the core of that work is GovHub, Georgia’s new website and digital services platform, which it rolled out in April 2019. Using the platform, along with tools for monitoring accessibility issues and other pitfalls, the state has embarked on a project to migrate websites to a new content management system while improving security. Meanwhile, the state has engaged helpful new communications channels to help citizens, including chatbots that helped people answer questions during the pandemic and digital assistants like Siri, Alexa and Google Assistant. New digital services include a school bus safety monitoring system that makes problems with buses and drivers more visible through automation of formerly manual processes; a new statistics dashboard for prison management that auto-generates text and email alerts to staff when critical incidents occur; and new additions to an app for early childhood care that allows providers to pay fees and report information from mobile devices. Many of those services, including the early childhood care app, feed data to websites that help citizens answer their own questions, such as which child-care facilities remained open during the pandemic.
The state has also been making progress on cybersecurity, supporting a new initiative to train all executive branch workers, a new managed security services contract that includes a variety of technological upgrade options, and the implementation of an active directory system for applying policy based on the user rather than the network. Ongoing research and training work at the state’s nationally prominent Cyber Center included a three-day exercise in 2019 with several partners, including the country of Georgia.
Michigan
2020 Grade: A
2018 Grade: A
CIO: Brom Stibitz
Michigan is once again a top achiever in the Digital States Survey, and there are some commonalities as well between its strong performance two years ago and what it has accomplished now. Namely, in 2018 Michigan had added a new Office of Performance Transformation to do exactly what the name implies; now, the state has added an Office of Continuous Improvement. Part of what the latter has done is work to ensure that a lean process improvement methodology is applied prior to any investment in new IT work, thereby helping all IT work to net positive results. This is perhaps an extension of a previous move the state made to combine its tech department with that of management and budget to ensure efficiency.
But it’s not all about the money in Michigan — it’s also about data. The state has now required all agencies to have a chief data steward, a dedicated staffer that supports the implementation of data classification within each office. This, it should be noted, even extends to email communications, which is a rarity and should be commended. Taking that work a step further was the implementation of enterprise-wide master data management aimed at creating a share-first culture. Finally, the state also built an enterprise-wide analytics center.
Finally, Michigan is one of the states leading the way when it comes to applying human-centered design principals to outward-facing tech products. The list of new customer-centric work in Michigan with online components includes a Customer and Automotive Records System, a mobile app for communicating directly with the state police commissioner, and the automated selling of hunting and fishing licenses.
Missouri
2020 Grade: A
2018 Grade: A
CIO: Jeff Wann
Over the past couple years, Missouri led several internal and citizen-facing projects to make both its staff and services more effective. Since it was formed in May 2018, the state’s Cabinet IT Governance Council (CITGC) has become a forum for collective decision-making on IT projects, focusing departments on specific goals in line with the governor’s priorities and reviewing IT projects above $500,000 to assess their benefit to citizens. Over past two years, the CITGC has created statewide strategies for ERP planning, cloud, chatbots, citizen experience, data governance and call center transformation. Also prioritizing workforce education, the Information Technology Services Division had employees train for two hours per week on tools such as Pluralsight, and it set up onboarding and professional development programs to boost staff retention and skills.
Citizen engagement and education have also been priorities for Missouri. The Department of Higher Education and Workforce Development launched an online platform to help students navigate the path to college, from financial aid information to school and major selection. In 2019, the state launched a slew of projects aimed at efficiency and cost savings: an application to simplify the transfer of surplus property from one state agency to another, which saved more than $242,000 in new equipment purchases; a portal for citizens to pay driver’s license reinstatement fees online; a contract with Accenture for a chatbot to answer citizen questions about taxes, motor vehicles and driver’s licenses; and a crash-mapping tool to help assess which highways need work, to name a few.
In the interest of public health, Missouri worked with the state highway patrol and the Department of Social Services on a website for anonymous tips to prevent mass shootings and other violence at school. It also implemented a new Medicaid payment system for behavioral health services that led to a 20 percent increase in the number of people receiving those services, and an 83 percent increase in the number of people receiving medication for substance-use disorders. The MO HealthNet Division, which administers the state’s Medicaid program, reduced opioid use across the state with data analytics to monitor use and inform decisions by Medicaid partners on granting prescriptions to residents. Data dashboards in general have become more popular in Missouri since its Department of Conservation used Tableau to visualize data and better understand the impact of state programs, so staff would know what to address.
Ohio
2020 Grade: A
2018 Grade: A
CIO: Ervan Rogers
Over the last two years, Gov. Mike DeWine, Lt. Gov. Jon Husted and CIO Ervan Rodgers have been quite busy with technological solutions in Ohio. Perhaps the most impressive accomplishment is the deliberate integration of citizen services, data governance and data transparency through the InnovateOhio Platform (IOP), which was established by executive order in 2019. The vision behind IOP is all-encompassing: Without losing ownership of their information, agencies are required to share data for use case projects, citizen-centric services and better decision-making. The platform also has single sign-on capability for both staff and citizens. By summer 2020, 500 data sets had been uploaded, eight data and analytics projects had been completed, 46 citizen-focused websites had been released, and 154 applications had been integrated. Additionally, all state agencies have migrated their systems to the cloud as part of the IOP initiative.
The IOP team also played a huge role in the state’s coronavirus response, launching a COVID-19 information site on March 5. Then in April, the team, along with the Governor’s Office of Workforce Transformation, rolled out COVID-19 Job Search. This site helps essential businesses connect with individuals who are willing to perform essential jobs during the pandemic. Roughly 200,000 employers and job seekers have utilized this site.
Ohio has also recently leveraged technology to take aim at some of its most pressing social problems. With one of the highest opioid use rates in the country, the state has embarked on a multiagency data analysis project to identify factors that can predict opioid abuse and evaluate the effectiveness of different treatments for addiction. And in addition to being a hotbed for autonomous and connected vehicle testing, Ohio has installed virtual driver assessment tools at driver examination sites and driving schools as part of a response to the high number of teenagers and young adults who die in car crashes in the state. Through nonidentifiable driver data, this project will evolve its curriculum based on the outcomes of those who take the virtual training.
Utah
2020 Grade: A
2018 Grade: A
CIO: Mike Hussey
Without fail, Utah ranks at the top of the list of states with practices others should consider adopting. With solid governance in place, backed by structural investments in innovative technologies and business practices, Utah proves a consistent commitment to data-driven service delivery and practical experimentation.
Zeroing in on a few notable efforts, the state developed a new engagement model in 2019 that clearly outlines how technology staff will work with agency customers, offering a clear path to consistent evaluation and improvement. As for its core infrastructure, Utah will continue to look to as-a-service technologies to help absorb budget reductions and take advantage of the cloud’s ability to scale according to changing needs. The state notes recent increases in its use of infrastructure-as-a-service offerings from AWS and Google, with direct network connections that include full redundancy to both.
Utah is leading the way in its development of a single sign-on central identity platform, streamlining the citizen experience across nearly a thousand applications and services. UtahID uses the OpenID standard, and multifactor authentication was added this year to maximize security. All 26 state agencies use UtahID both internally and externally, as does the statewide Business Portal. In addition, the next iteration of the state website (Utah’s Next Generation Portal) will leverage UtahID.
A timely telework initiative launched in September 2018 piloted working from home a full year and a half before the pandemic hit. More than 130 employees from four agencies worked remotely three days a week while the state tracked their performance and other metrics, noting productivity gains and other benefits. The experiment created temporary shared workspaces aimed at being more efficient with government office space and led to investments in virtual capabilities that prepared the workforce well for its eventual shift to 70 percent work-from-home this past March.
The state also leads in its use of emerging technologies, creating a center for excellence focused on AI in 2019. The work is bolstered by an innovation fund, which allows for investments in vetted technologies that offer a proven return on investment. In one of many examples, the state is using drones to better evaluate avalanche risk and to collect more lidar data at a lower cost than previous methods.
A- States
Arizona2020 Grade: A-
2018 Grade: B
CIO: J.R. Sloan
Arizona has upped its score since the last Digital States Survey, garnering an A- this year. Big, bulky servers, and other on-premise equipment in Arizona state government is gradually disappearing as more of the state’s IT infrastructure migrates to the cloud. This includes the closure of data centers, server rooms and more. Statewide cloud spending reached $40 million as part of the Statewide Cloud First program. The state also consolidated some 75 agency data centers to a managed Shared Hosted Data Center (SHDC) in August 2019 following the collapse of the roof of the state data center, prompting its demolition and the movement of 1,076 devices to the cloud, resulting in millions of dollars in savings.
IT security stepped up when the Arizona Department of Administration/Arizona Strategic Enterprise Technology Office (ADOA-ASET) security team reviewed the current technology around the Web Application Firewall (WAF) — a critical enterprise security tool — and reviewed new technologies and vendor demonstrations, which led to a new solution being launched in January 2020. Cybersecurity funding in the state has increased 150 percent, with a continued focus on maintenance of programs.
Some of the citizen-centered improvements include the Arizona Lottery’s new website in February 2019. Launching alongside the newly designed website was a new Lottery Players Club app, which has been downloaded by more than 171,000 devices, and remote kiosks. The kiosks have led to more than $20 million in increased revenue. The lottery reached $1 billion in sales, a record. Also, with the help of the Enterprise Security Program Advisory Council (ESPAC), the lottery expanded its statewide security funding 150 percent. The lottery also launched Qlik in 2019, a “far-reaching data tracking system,” making it easier for lottery staff to analyze sales or develop new games.
Professional licensing is now easier thanks to a new e-licensing platform that allows any citizen who possesses a license to work, or those who have the qualifications to apply for a new license or renewal online. The Arizona Department of Health Services partnered with Salesforce to develop a digital medical marijuana system, allowing for the digital issuance of Arizona medical marijuana cards in December 2019, streamlining the processing and renewing of the documents.
California
2020 Grade: A-
2018 Grade: A-
CIO: Amy Tong
Under Gov. Gavin Newsom, sworn in January 2019, and CIO Amy Tong, whom Newsom reappointed in April 2020, the state has steadily implemented technological, innovation, policy and process improvements. Via Executive Order, state agencies developed the flexible, iterative Innovation Procurement Sprint and wielded Requests for Innovative Ideas (RFI2) to obtain leading-edge solutions without traditional RFPs. As a result, the California Department of Forestry and Fire Protection contracted with vendor Technosylva on a cloud-based subscription product to help firefighters predict the path of a wildfire. The Department of Motor Vehicles now accepts credit cards, has implemented the Virtual Field Office in response to the COVID-19 pandemic, stood up an Online Service Portal, added a chatbot and live chat, and deployed an upgraded identity management system. The department has also held two DMV Vendor Days to seek new solutions. In July 2019, Newsom established the Office of Digital Innovation in the Government Operations Agency to reimagine and redesign digital services and information; it has since hired its first director. The alpha team of technologists from several agencies worked three months on alpha.ca.gov, a reimagining of ca.gov. The team then partnered with state technology and health and human services agencies on the state’s official coronavirus response website. The CA COVID Assessment Tool released in July offers current COVID-19 data and future models.
In October 2018, officials stood up a Web portal to be the main public information source on services and status of emerging and emergency efforts, response.ca.gov. Building on the success of 2015’s California Cyber Security Integration Center and 2017’s Security Operations Center, officials at the latter assembled a cybersecurity incident response team last year. To stave off funding loss, the California Department of Technology is partnering with states including Alaska, Washington and Oregon, achieving up to $4 million in savings.
Indiana
2020 Grade: A-
2018 Grade: A-
CIO: Tracy Barnes
The Indiana Office of Technology (IOT) continues to excel in a number of areas, including data-driven governance and data transparency. The state’s data agency, the Management Performance Hub, publicly launched its Indiana Data Partnership Portal in May, allowing for multi-sector collaboration between nonprofits, the private sector and government on data-driven initiatives. Those initiatives have lately focused on a number of vital issues — namely COVID-19, the opioid epidemic, and education and workforce development.
In the area of cybersecurity, Indiana has also made a lot of progress over the past two years. In 2019, IOT centralized its cyber-resources by launching its Information Security Office as a Service (ISOaaS) program, a hub to help agencies shore up their defenses. The ISOaaS helps agencies with a wide range of security-related issues, including assessing agency maturity, defining security strategy and identifying gaps in mission objectives, as well as developing action plans to address said gaps.
At the same time, an ongoing cybersecurity program developed by the Department of Education has continued to leverage federal funds from the Department of Homeland Security to improve security for K-12 schools throughout the state. This is an especially valuable program considering the ongoing onslaught that schools have faced from hackers since the pandemic began. Indiana has also continued to develop a cybersecurity ecosystem through public-private partnerships involving higher education entities, such as Indiana University and Purdue University.
Minnesota
2020 Grade: A-
2018 Grade: A-
CIO: Tarek Tomes
When the coronavirus pandemic forced the majority of Minnesota’s workforce to transition to telework in early March, Minnesota IT Services (MNIT) went into overdrive to respond. The agency facilitated rapid deployment and training for remote work tools such as video conferencing platforms — by April 17, 3,064 individuals had been trained on the Microsoft Teams, Webex and Intercall platforms. Meanwhile, MNIT’s procurement division stepped up to the plate in order to meet the demands of a remote workforce, purchasing an unprecedented volume of hardware, software and contracts in a short period of time. In one case, they were able to increase user capacity on a Virtual Private Network (VPN) from 10,000 users to 30,000 users in just one weekend by purchasing hardware from local resellers and then setting up temporary licenses.
In the last two years, Minnesota launched a number of efforts to improve citizen engagement with the state government. When the coronavirus pandemic struck, the state quickly realized that it needed a way to get information out to residents, and fast. So, it rapidly stood up two websites that put all the data it was releasing on the pandemic (governor’s daily briefings and executive orders, citizen FAQs, etc.) into a single location where constituents could access it at any time. These websites are updated daily and have a chatbot function powered by IBM so visitors can ask questions.
COVID-19 was not the only thing that Minnesota had information to share with constituents about in the last two years. MNIT partnered with a slew of state agencies in order to develop a standardized set of guidelines for developing accessible digital maps. The results, published online in October 2019, have been widely adopted by state agencies and vendors, and webpages where they have been adopted have seen a corresponding increase in traffic.
New York
2020 Grade: A-
2018 Grade: A-
CIO: Jeremy Goldberg (interim)
The past year has been a period of transition for IT leadership in New York state, with chief information officer Bob Samson stepping down in mid-August 2019 after two years in the role. Samson was replaced in an interim capacity by Joseph Rabito for a period of three months, only to be replaced by Jeremy Goldberg, who also serves the state in an interim capacity. A veteran of local government IT work, Goldberg worked as deputy CIO in New York City, and was instrumental in launching the Startup in Residence program in San Francisco years earlier.
In addition to the consolidation work the state has undergone over the past several years, which involved a substantial migration to the cloud, policymakers have made significant investments in expanding connectivity options throughout the state. Gov. Cuomo also convened a task force to help address spotty cellular coverage in rural areas upstate last year, pointing to a direct link between substandard coverage and economic opportunity in the region.
A larger all-hands-on-deck approach is evident in the state’s response to COVID-19, which constituted a major effort from the state’s technology team. Early in the virus outbreak, the state put out the call for people and services to help in response, resulting in 7,300 volunteers from 3,500 organizations banding together on tech solutions like informational websites, technical training for state employees and screening applications. The Office of Information Technology Services reported that the massive public-private partnership led to tens of millions of digital interactions between the state and its citizens, supported by approximately 25,000 volunteer hours.
North Carolina
2020 Grade: A-
2018 Grade: B
CIO: Thomas Parrish (acting)
North Carolina’s strong showing in this year’s Digital States Survey comes from investment in foundational technologies that are largely aligned with executive leadership priorities. The state operates as a relatively federated model, but IT works to bridge any gaps among agencies. The Information Technology Strategy Board, established in 2019 and chaired by the state CIO, comprises members from government, academia and the private sector. The board helps the Department of Information Technology (DIT) coordinate between state agencies and other organizations to guide large technology projects.
To better serve all North Carolinians, the Growing Rural Economies with Access to Technology (GREAT) grants program is an effort to get broadband to 40 underserved communities in the state, and the Broadband Committee is working with the General Assembly to utilize emerging technologies like low-orbit satellites to improve connectivity in the western part of the state. A similar initiative, thanks to a 2019 grant, is intended to expand broadband to improve telehealth services in conjunction with the Office of Rural Health. Since that program was in place before the onset of the COVID-19 pandemic, North Carolina was already well-situated to get online medical services to citizens. To improve service delivery to all North Carolinians, DIT established a Digital Governance Committee that prioritizes user experience in tech deployments, and the state takes an “omni-channel” approach to developing tools so that services can be accessed anytime, anywhere, from any device.
Other forward-thinking initiatives include the rollout of a digital wallet to allow online payment for DMV services that will be expanding to other agencies. Drones are also used in environmental data collection and mapping, which has reduced pollutants and increased acreage covered in a day by 5,900 percent versus traditional methods. Because DIT had the foresight to pilot Microsoft Teams in limited use in October 2019 and January 2020, to just 7,000 users, they were able to make a smooth transition to remote work due to COVID-19, increasing to 23,000 users by June.
North Dakota
2020 Grade: A-
2018 Grade: A-
CIO: Shawn Riley
Under the leadership of Gov. Doug Burgum, North Dakota has maintained its A- grade since 2018, even amid the ongoing novel coronavirus pandemic. Burgum, a former tech executive, has said himself that he sees North Dakota as an up and coming rival to Silicon Valley, with major players like Microsoft and Amazon putting down roots in the state. This year, Burgum was also named as one of Government Technology’s Top 25 Doers, Dreamers and Drivers, so it should come as no surprise that the state is on the right path when it comes to citizen-focused IT.
The state’s adherence to IT best practices in several key areas make it a solid model for other states. Under the leadership of CIO Shawn Riley, the North Dakota Information Technology (NDIT) department has honed it’s focus on innovative service delivery under the constraints of limited resources. In addition to centralizing its cybersecurity efforts across the state, NDIT has worked toward a shared services model that benefits not only state agencies, but also local government entities, as well as courts and educational institutions. Amid the pandemic, NDIT has played a central role in developing analytical resources to support response and recovery efforts. This included the integration of a contact tracing app and other tools with existing systems where process automation could streamline response. Where data governance is concerned, North Dakota has made substantial strides with its formal State Longitudinal Data System governance model, completed in June 2020. The model outlined data privacy and ethical uses for data and addressed long-standing policy gaps.
A “whole of government” and enterprise approach to cybersecurity — and other IT areas — has been a cornerstone in the state’s defensive strategy. The passage of Senate Bill 2110 into law in April 2019 established a framework for strategic guidance and standardization of cybersecurity across all state agencies. Prior to the passage of SB2110, roughly 400 state and local agencies were operating autonomously with varying degrees of cybersophistication. During the COVID-19 pandemic, IT staff managed to successfully transition around 7,000 state employees to secure off-site locations. In the months since the pandemic upended normal life, the state is reportedly re-evaluating its need for leased office space in the capital city of Bismarck with an eye toward significant savings.
Texas
2020 Grade: A-
2018 Grade: B
CIO: John Hoffman (interim)
Responding quickly to urgent situations has become something of a regular thing for Texas’ state IT workers. In August 2019, more than 20 local governments were targeted in a coordinated ransomware attack that took the security community by surprise. The state Department of Information Resources (DIR) jumped into action, putting its incident response plan into practice and heading out to the affected places to help assess the damage and begin eliminating the malware. Within a week, they had cleared all of them for remediation and recovery.
Three months later, a chemical plant exploded in Port Neches, forcing evacuations in the area. In a time when quick, accurate information was critical, the state set up a “story map” linked with data from a variety of sources in order to inform the public, including aerial photos, maps, and real-time air and water quality data in the nearby neighborhoods.
Four months after that, COVID-19 hit. DIR quickly doubled connection capacity to the enterprise network, optimized apps for increased demand, increased processing power and helped set up tools to support telework. It also launched a website to help share PPE and gather volunteers and donations, and another to help essential workers find childcare.
When it hasn’t been responding to emergencies, DIR has made many other accomplishments, setting up digital services for hurricane aid, construction project registration and IT staff augmentation bids. Cybersecurity’s been another bright spot. In March the state launched the Texas Information Sharing and Analysis Organization to share threat information between participating entities. For two years, Texas has been working with AT&T and the Secretary of State to assess and improve election security in all 254 of the state’s counties. And a new cybersecurity training certification program has led to more than 3,000 state and local government entities training every one of their employees.
Virginia
2020 Grade: A-
2018 Grade: A-
CIO: Nelson Moe
Virginia has been a fully consolidated state for some time, with all agencies there getting IT infrastructure from the central authority, the Virginia Information Technologies Agency (VITA). Now, VITA has also moved from a lone provider for its infrastructure services to a multi-supplier model, making it just one of three states in the country to have done so. This has allowed the state a greater degree of flexibility with new technologies, as well as more competition and an increase in partnerships. This multi-supplier model was especially useful earlier this year when the governor declared a state of emergency during the pandemic, which necessitated roughly 55,000 state employees to work from home. Virgina’s CISO was able to build a command center that used the multi-supplier model to rapidly build an embedded framework for cyber.
Virginia also had a bit of fortunate timing as it related to the pandemic. In early 2020, it rolled out a new state portal website on virginia.gov. The site was built with input from analytics and from user feedback being put to use for meaningful changes. That site was quickly put to the test with the onset of the pandemic, serving as a central online location for residents to get vital information from their state government during the crisis. Virginia's Department of Motor Vehicles also migrated many of its services online, accomplishing the rare feat of offering a fee reduction for online users that was put into law.
Washington
2020 Grade: A-
2018 Grade: A-
CIO: Jim Weaver
Identifying technology solutions that work for a number of programs, rather than individual agencies, is one of the top goals for the Washington Office of the Chief Information Officer (OCIO), along with improving data privacy and security, and developing protections to preserve net neutrality. The state invested more than $1.7 billion in IT during fiscal year 2019.
In other areas, the state’s threat intelligence is monitored through the Washington Cyber Intelligence Exchange, made up of more than 90 representatives from cities, counties, schools, state agencies and colleges looking for suspicious activity, or trends that could be missed in an effort to make more informed decisions about cyber threats. The Department of Licensing rolled out a $63.2 millionupgrade to eliminate an antiquated system with commercial off-the-self software to provide an integrated system with new efficiencies, reliability and security.
However, the IT solutions that are the most public-facing tend to have the largest impact on how residents engage with the state. Washington’s new Paid Family and Medical Leave program allows most workers in the state up to 12 weeks of paid time off following the birth of a child, a serious health condition for the worker or certain close family members, and some forms of military service. The program, one of the most generous in the United States, is being administered by the Employee Security Department (ESD) in collaboration with OCIO. More than 30,000 applications were filed in the first six weeks of launching.
Another public-facing technology improvement includes the revamped eComments application for the Department of Ecology, allowing the state to more efficiently manage the more than 400 public comment sessions every year. The new system makes it easier for residents to file comments, and easier for staff to sort and manage them. Open government and ensuring the public has access to state data are facilitated through the IT Project Dashboard, where the public and agencies can access information about state projects approved by OCIO.
Wisconsin
2020 Grade: A-
2018 Grade: A-
CIO: Trina Zanow
Earlier this year, Wisconsin found that some of the technology services it had recently implemented were quite helpful when the state was suddenly called upon to respond to the coronavirus pandemic. Among them was the Department of Corrections’ new Electronic Medical Record (EMR) solution, which had been rolled out to 39 sites across the state. The department found the EMR to be very helpful in tracking COVID-19 cases among its facilities and in sharing that information with the Centers for Disease Control and Prevention and the World Health Organization. Wisconsin also found that its new MyACCESS mobile app for benefit services was helpful in eliminating the need for citizens to visit state offices in person. The app, launched last year, allows citizens to remotely manage their access to state benefits, including Medicaid, SNAP, TANF/W-2 and childcare.
Wisconsin focused on improving data transparency in the last two years, releasing a number of improvements to its public-facing financial transparency site OpenBook Wisconsin. In addition to expenditure data, the site now provides data on the state’s spending on contracts, payroll and procurement. The data is reviewed biweekly to make sure it is correct and up to date.
Wisconsin also moved to improve its internal services, consolidating some of the state’s IT network shared services from multiple agencies under a standardized Secured Network Services model. This eliminated agency-specific networks and gave the state the opportunity to modernize much of its network equipment, reducing costs and resources. An estimated one-third of network components in state facilities were no longer needed and removed entirely as a result.