Ask Reggi Your Question Now

Reggi is the free generative AI assistance for regulatory compliance
Ask a Question

Can I use third-party project management tools that collect personal information in Texas? What are the requirements?

Based on the context documents, if you are a state agency in Texas, you can use third-party project management tools that collect personal information. However, you must comply with applicable laws and regulations related to data privacy and security, such as the Texas Identity Theft Enforcement and Protection Act and the Texas Privacy Protection Act. Additionally, state agencies must classify the data produced from or used in the project and determine appropriate data security and applicable retention requirements for each classification [2.1].

State agencies must manage information resources projects based on project management practices that meet the criteria found in 1 TXAC 216.11. These practices must include a standardized and repeatable method for delivery of information resources projects that solve business problems, a method for governing application of project management practices, and a project classification method that differentiates and categorizes projects according to level of complexity and risk [2.4].

State agencies must develop a project plan for each major information resources project and file the project plan with the quality assurance team before the agency spends more than 10 percent of allocated funds for the project [3.1].

For each contract for the development or implementation of a major information resources project with a value of at least $10 million, a state agency shall submit the proposed terms of the contract to the quality assurance team before the start of negotiations and submit the final negotiated unsigned contract to the quality assurance team for review under Section 2054.158(b)(4) [2.3].

Therefore, to answer your question, if you are a state agency in Texas, you can use third-party project management tools that collect personal information, but you must comply with applicable laws and regulations related to data privacy and security, classify the data produced from or used in the project, and determine appropriate data security and applicable retention requirements for each classification. Additionally, you must manage information resources projects based on project management practices that meet the criteria found in 1 TXAC 216.11, develop a project plan for each major information resources project, and file the project plan with the quality assurance team before the agency spends more than 10 percent of allocated funds for the project. Finally, for each contract for the development or implementation of a major information resources project with a value of at least $10 million, you must submit the proposed terms of the contract to the quality assurance team before the start of negotiations and submit the final negotiated unsigned contract to the quality assurance team for review under Section 2054.158(b)(4) [2.1][3.1][2.3][2.4].

Source(s):
Jurisdiction

Texas