1. Home
  2. Offices
  3. Compliance
  4. Compliance Alerts and Headlines

Compliance Alerts and Headlines

Protecting State of Texas & UNT System Critical Infrastructure

Over the past several years the Office of the Governor and Texas Legislature have implemented measures to protect the State of Texas’ critical infrastructure from infiltration by foreign governments.  In 2021, the Texas Legislature passed the Lone Star Infrastructure Protection Act, which prohibits Texas businesses and governmental entities from contracting with companies owned or controlled by China, Russia, North Korea and Iran.

On December 7, 2022,  Governor Greg Abbott directed all Texas state agencies and public institutions of higher education, to ban TikTok on all government-issued devices. Subsequently, Governor Abbott announced a statewide model security plan to “address vulnerabilities presented by the use of TikTok and other software on personal and state-issued devices.”

In June 2023, the Texas Legislature passed Senate Bill 1893 (Tex. Government Code, Chapter 620), which prohibits governmental entities from installing or using TikTok or any successor applications or service developed or provided by ByteDance Limited or any entity owned by that company. This law is intended to protect the State’s sensitive information and critical infrastructure from access by a “foreign government, or any entity associated with a foreign government” seeking “confidential or private personal information collected by the [social media or service provider]” without certain legal protections. 

In compliance with Chapter 620, the UNT System adopted System Regulation 06.5000 – Prohibited Technologies and Covered Applications. Among other things, this regulation prohibits employees and third-party vendors from “conducting official System Business on any personal device on which Prohibited Technology [including TikTok] is installed.” 06.5004.2.c.

On November 19, 2024, Governor Greg Abbott issued Executive Order GA-48 relating to the protection of the State’s sensitive and critical infrastructures from certain entities designated as foreign adversaries: China (including Hong Kong), North Korea, Iran, Cuba, and Russia (“Designated Countries”); and Venezuelan President Nicolas Maduro.

The order directs all public institutions of higher education and other state agencies to:

  1. Require any company that submits a bid or proposal for goods or services to provide certain certifications regarding the relationship its holding companies or subsidiaries have with any of the Designated Countries (“Prohibited Company” or “Prohibited Companies”).
  2. Prohibit extensions and renewals of existing contracts, and new contracts with Prohibited Companies, unless there is a demonstrated business necessity as described in the executive order (i.e. necessary to fulfill a core function that directly benefits Texas and the good or service can be provided only by the Prohibited Company).
  3. Prohibit employees from accepting gifts from countries designated as foreign adversaries.
  4. Prohibit employees from accepting payment of business travel and engaging in business travel to these countries.
  5. Require employees to notify UNT System (or their respective component institution) before personal travel to Designated Countries, and to submit a post-travel report outlining the dates and purpose of the travel.
  6. Include a minimum qualification in all positions that conduct research on, work on, or have access to critical infrastructure that the employee/vendor is able to maintain the security and integrity of the infrastructure (“Critical Infrastructure Employees/Vendors”). Critical infrastructure is defined as communication infrastructure systems, cybersecurity systems, electric grids, hazardous waste treatment systems, or water treatment facilities).
  7. Continuously review Critical Infrastructure Employees/Vendors to ensure they remain able to maintain the security and integrity of critical infrastructure.
  8. Provide the Texas Higher Education Coordinating Board the same foreign-gift and contract disclosures as required to provide the U.S. Department of Education.
  9. Prohibit employees from participating in any foreign recruitment program by a country designated as a foreign-adversary (e.g. the People Republic of China’s Thousand Talents Program).

Also, on November 19, 2024, Governor Abbott issued Executive Order GA-49, relating to the protection of critical infrastructure against the People’s Republic of China. Among other things, the order directs the Texas Department of Emergency Management, in coordination with state agencies (including public institutions of higher education), to assess the vulnerabilities of state government, local governments, and critical infrastructure in the event of a conflict. Under this order, critical infrastructure includes, but is not limited to (oil and gas production and delivery systems; water supply, refinement, storage, and delivery systems; communications networks; electrical power delivery systems; emergency services; transportation systems and services; and personal data or otherwise classified information storage systems).

The UNT System Administration Compliance & Ethics Program and campus compliance offices are partnering with UNT System and campus officials to implement and comply with the state laws and executive orders focused on protecting the State’s and UNT System’s critical infrastructure.

The compliance programs have prepared an FAQ with more information about the executive orders. System employees should direct legal questions regarding the executive orders to the UNT System Office of General Counsel.  Campus and System Administration faculty and staff employees should direct questions about compliance with the orders to their compliance offices:

UNT Office of Integrity & Compliance https://compliance.unt.edu/index.html

New Legislation Strengthens and Demonstrates Importance of Institutional Compliance Programs

August 2023

AUSTIN - This summer, Governor Greg Abbott signed legislation that expands the confidentiality offered by public institution of higher education compliance programs.  Senate Bill 336 revised section 51.971 of the Texas Education Code to allow compliance programs to maintain the anonymity of agents and contractors who act on behalf of their institutions if they report suspected wrongdoing.  Previously, this protection only covered officers and employees of the institution.  According to the bill analysis, the purpose of the revised law is to encourage more reporting of compliance issues.

The UNT System Administration Compliance & Ethics Program encourages third-parties acting on behalf of the UNT System, as well as employees, to act in an ethical, honest and lawful manner, and reminds them of their obligation to report suspected conduct that does not comply with federal or state law, UNT System Regents Rules, UNT System Regulations, or applicable campus or System Administration policies.