NC S792

Establishes a presumptive liability cap of two times the contract value for all state information technology procurement contractors, covering damages from any cause including data loss or unauthorized disclosure.

Allows the State CIO to increase the liability cap to three times the contract value if a risk assessment determines increased protection is necessary and the bid solicitation discloses the higher requirement.

Requires the State CIO to report annually to the Joint Legislative Commission on Governmental Operations and Joint Legislative Oversight Committee on Information Technology regarding contracts with liability amounts exceeding two times the contract value.

Exempts from liability caps cases involving contractor intentional or willful misconduct, damage to tangible property, physical injuries, and notification costs required by data breach notification law.

Requires state departments to verify that contractors have sufficient financial resources or insurance coverage to satisfy the agreed liability limits before entering into contracts.