AZ HB2416

Requires the Department to develop standards and guidelines within 30 days for state agencies, contractors, and public institutions of higher education to remove covered applications from state information technology and restrict their use on personal devices conducting state business.

Prohibits state employees and contractors from conducting state business on personal electronic devices containing covered applications or using communications equipment on the federal communications commission's covered communications equipment list deemed a national security risk.

Requires state agencies and institutions to implement network-based security restrictions preventing prohibited technologies, and mandates employees sign annual confirmation of understanding these standards with potential disciplinary action including termination for violations.

Defines "covered application" as social networking services developed or provided by entities founded, headquartered or located in designated countries of concern including China, Cuba, Iran, North Korea, Russia, and others.

Permits limited exceptions approved by agency heads for law enforcement investigations and other appropriate uses, and allows higher education institutions to accommodate student use of institutional email accounts on personal devices with network security protections.