SENATE, No. 2612

Report of the Senate committee on Post Audit and Oversight (under the provisions of Section 63 of Chapter 3 of the General Laws, as most recently amended by Chapter 557 of the Acts of 1986) entitled "Open Standards, Closed Government:ITD's Deliberate Disregard for Public Process" (Senate, No. 2612).


The Commonwealth of Massachusetts

Seal of the Commonwealth

In the Year Two Thousand and Six.


Open Standards, Closed Government

ITD's Deliberate Disregard for Public Process

A Report of the
Senate Committee on Post Audit and Oversight

June 2006

Massachusetts Senate
The Honorable Robert E. Travaglini
Senate President

Senator Marc R. Pacheco, Chair
Senator Susan C. Fargo, Vice Chair
Senator Robert A. Havern III
Senator Steven A. Baddour
Senator Richard T. Moore
Senator Steven C. Panagiotakos
Senator Robert L. Hedlund


Senator Marc R. Pacheco, Chairman

It shall be the duty of the Senate Committee on Post Audit and Oversight (established under Section 63 of Chapter 3 of the General Laws) to oversee the development and implementation of legislative auditing programs conducted by the Legislative Post Audit and Oversight Bureau with particular emphasis on performance auditing. The Committee shall have the power to summon witnesses, administer oaths, take testimony and compel the production of books, papers, documents and other evidence in connection with any authorized examination or review. If the Committee shall deem special studies or investigations to be necessary, they may direct their legislative auditors to undertake such studies or investigations.

Senate Post Audit and Oversight Bureau

Jesse L. Stanesa
Director

The Committee would like to acknowledge the contributions from Senator Pacheco’s office, including Mary Wasylyk, Chief of Staff; Jessica Nordstrom, Policy Analyst; Kristen Green, General Counsel, and Meghan Reilly, Communications Director.
 

The Committee would also like to acknowledge the assistance of the Information Technology Division; the Executive Office of Administration and Finance; the Office of the Auditor of the Commonwealth A. Joseph DeNucci; Office of the Secretary of the Commonwealth William Galvin; the Massachusetts Office on Disability; and various industry vendors and technologists, including Adobe, IBM, Microsoft, Red Hat, and Sun Microsystems

· Executive Summary ·

On August 29, 2005, the state’s Information Technology Division (“ITD”) issued a proposal to make sweeping changes to the state’s information technology infrastructure.  The proposal, called the Enterprise Technical Reference Manual (“ETRM”) includes a provision that would make Massachusetts the first state in the country to require that all executive branch agencies use open standards for government documents.  Open standards is a policy that increases interoperability of electronic documents and eliminates restrictive licensing agreements.  The Senate Committee on Post Audit and Oversight (“Committee”), with the mandate to review state agency operations, reviewed the process by which ITD developed the ETRM.  The Committee found that ITD was not aware of the cost of the ETRM, the impact it could have on the state’s public records, limitations on IT accessibility for persons with disabilities, that the agency excluded key governmental and advocacy groups, and that the proposal was issued in violation of state law. 

Under the ETRM, all executive branch agencies in Massachusetts, with as many as 80,000 desktops, are required to comply with the new requirements by January 1, 2007.  The Committee initiated the investigation of the ETRM in 2003 after a memo from then-Administration and Finance Secretary Eric Kriss directed ITD that “[e]ffective immediately, we will adopt… a comprehensive Open Standards, Open Source policy for all future IT investments….”  Shortly thereafter, ITD began releasing a series of open standards policies, culminating in the ETRM, with little or no collaboration with the legislature, executive branch, constitutional officers, or advocacy groups who expressed concern with the ETRM.  The Committee made the following key findings:

Key Findings

  1. ITD released the ETRM despite public testimony that the OpenDocument Format (“ODF”), an ITD approved open standard, may impair IT accessibility for thousands of workers with disabilities.  ITD, the Massachusetts Office on Disability and advocates from the disability community testified that the ODF may not be compatible with assistive technology, such as screen readers and voice recognition software, required by persons with disabilities. 
  1. After seven months of negotiations, the Information Technology Division still has not completed a Memorandum of Understanding between state agencies and the Massachusetts Office on Disability to ensure accessibility of IT applications.
  1. The Committee learned that the state has had a history of accessibility problems with IT applications, including the state’s human services website and the state’s main website, Mass.gov.
  1. ITD did not conduct a cost analysis or develop implementation documents prior to issuing the ETRM, a new statewide IT framework for 80,000 end users in the executive branch.
  1. ITD did not have the statutory authority to issue provisions in the ETRM relating to public records management.  The Secretary of the Commonwealth and the Records Conservation Board both have jurisdiction over public records in Massachusetts and did not approve the ETRM as required by Massachusetts statute. 
  1. ITD did not collaborate with other state entities involved in IT and public records policy.  During the development of the ETRM, which affects all executive branch agencies and employees, ITD cancelled nine out of ten monthly meetings of state agency Chief Information Officers and relied instead on a small working group of government technologists.  ITD never presented the ETRM to the IT Advisory Board, an entity which was created to ensure a cohesive government IT strategy.
  1. The exclusionary development process of the ETRM was initiated and led by former Administration and Finance Secretary Eric Kriss and former ITD Director Peter Quinn.  Although significant work remains, the new ITD Director and Administration and Finance Secretary have taken measures to improve collaboration and to address the accessibility concerns of the disability community. 

While the principles of open standards may offer the promise of decreased costs and greater interoperability of state documents, ITD did not pursue this policy in an open, collaborative or lawful manner.  Based on these findings, the Committee makes the following recommendations:

Key Recommendations

  1. ITD should delay the ETRM implementation date of January 1, 2007 unless the agency can demonstrate that the open standards requirement meets the needs of the disability community.  A statewide government policy that is not compliant with assistive technology will contribute to the significant problem of unemployment and underemployment for persons with disabilities.
  1. ITD should act in consultation with the Massachusetts Office on Disability to ensure that IT standards comply with state and federal disability mandates. 
  1. Prior to issuing IT architecture standards, ITD should submit a cost analysis of the proposal to the legislature and the Office of the Auditor of the Commonwealth.  Through IT Bond or the operating budgets of state agencies, the legislature authorizes and appropriates funding for all government IT expenditures.
  1. ITD should comply with existing statute that requires approval by the Secretary of the Commonwealth and the Records Conservation Board of IT standards that affect public records.
  1. ITD and the Executive Office of Administration and Finance should issue IT architecture standards with a formal public notice and public hearing process to ensure there is an open and transparent administrative process.
  1. ITD should continue to pursue the policy of developing open standards for the executive branch in collaboration with appropriate state agencies, governmental entities, and advocates as required by state statute and principles of open government.

 

· BACKGROUND ·

 

 

On August 29, 2005, the state’s Information Technology Division (“ITD”) issued a proposal to make sweeping changes to the state’s information technology infrastructure.  The proposal, called the Enterprise Technical Reference Manual (“ETRM”) includes a requirement that all state agencies employ open standards for government documents.  Open standards is a policy that increases interoperability of electronic documents and eliminates restrictive licensing agreements.  In 2003, the Senate Committee on Post Audit and Oversight (“Committee”) began an investigation of how the ETRM was developed and discovered concerns about cost, the impact on the state’s public records, the agency’s legal authority to unilaterally develop the ETRM, and whether the provisions in the ETRM would limit IT accessibility for persons with disabilities.    

 

The initiative to adopt open standards in Massachusetts became public on September 26, 2003 when former Administration and Finance Secretary Eric Kriss sent a memo to ITD Director Peter Quinn stating “[w]e can no longer afford a disjointed and proprietary approach that locks in legacy systems, generates excessive use of outside consultants, and creates long, often misguided project plans… Effective immediately, we will adopt, under the guidance of the Commonwealth’s Chief Information Officer Peter Quinn, a comprehensive Open Standards, Open Source policy for all future IT investments and operating expenditures.”[1]  On September 29, Secretary Kriss announced in the capital budget overview that “[i]n technology, we will adopt open standards to make systems more interoperable, and open source software, when available, to reduce licensing, programming and maintenance costs.”[2]  In November 2003, ITD released an initial draft of its Open Standards and Open Source (“OS/OS”) policy which instituted a policy preference for open source and open standards, as well as the first draft of the ETRM v. 1.0.[3] 

 

To gather additional information about the proposed policy, the Committee held an oversight hearing in December 2003.  The Committee invited Secretary Kriss to testify at the hearing but Mr. Quinn represented the Administration instead.  The Committee reviewed Secretary Kriss’s memo, the OS/OS policy, and the provision in the capital budget.  ITD had released a Request for Responses on its OS/OS policy that was still open for public comments at the time the capital budget was released.

 

Committee members inquired whether the OS/OS policy created a procurement preference favoring non-proprietary software vendors and questioned the advisability of proceeding with a policy in the IT Bond Bill while the agency was still taking public comments on the RFP.  Mr. Quinn commented that the OS/OS policy was designed to increase competition rather than exclude vendors, that the IT Commission endorsed this concept,[4] and that it would move forward conceptually while receiving public comments.  After Mr. Quinn’s comments that this policy would provide savings to taxpayers, the Committee requested a cost-benefit analysis quantifying anticipated savings.

 

The Committee heard testimony from two industry associations, Association for Competitive Technology and CompTIA, regarding the cost of the proposal and the potential exclusion of proprietary vendors in Massachusetts whose products were not compatible with the state’s open source requirements.  The Committee was urged to employ a cost analysis which measures all costs of implementation, not just acquisition costs.  The associations also expressed concerns about procurement preferences for state IT acquisitions and recommended the adoption of a level playing field for all vendors.

 

In January 2004, ITD published and adopted the Enterprise Information Technology Acquisition Policy, which required agencies making IT investments consider all possible solutions, including “open standards compliant open source and proprietary software as well as open standards compliant public sector code sharing at the local, state and federal levels.”[5]  In April 2004, ITD included an open standards requirement in the first version of the ETRM, which outlined the agency’s IT strategy, goals and tools.

 

It is important to note the distinction between open source and open standards.  While “open standards” refers to the technical specification of a document, “open source” generally defines software with a license that does not restrict its redistribution through licensing fees, royalties or other limitations.[6]  Open source software also must make available the source code, or underlying software blueprint, so that all end users are free to use, share or modify the product.[7]  While certain desktop applications can be downloaded without acquisition costs, this software is not necessarily free as many companies sell a distribution version of operating systems or applications for a fee.[8]  The original proposal by ITD required executive branch conversion to open source software and open standards, but subsequent proposals only required documents based on open standards, which is generally supported by open source software.

 

The ETRM is divided into five categories, including the Information Domain which provides the requirements for open standards.  Open standards refers to the technical specification or “make-up” for an electronic document.  An open standard is generally required to be defined by a standards organization or a consortium, resulting in a consensus from industry vendors and experts.  The standard must also be available to the public for developing compliant products, and implies that that an existing component in a system can be replaced with that of another vendor.[9]  In the ETRM, ITD defines principles for open standards as “specifications that are based on an underlying open standard, developed by an open community, affirmed and maintained by a standards body and are fully documented and publicly available. It is the policy of the Commonwealth of Massachusetts that all official records of the Commonwealth be created and saved in an acceptable format [detailed in the ETRM].”[10]

 

ITD released a second draft, the ETRM v. 2.0, in May 2004 which did not include any document format requirements.  Several months later ITD and Microsoft, a proprietary IT vendor, began negotiations on the licensing agreement to achieve a more accessible standard that complied with ITD objectives for open standards.  In a January 2005 presentation to the Massachusetts Software Council, Secretary Kriss announced a tentative agreement to include other software programs, such as Microsoft, in executive branch operations.[11]  The licensing agreement was noted in Governor Romney’s “Progress Report to the People of the Commonwealth,” which claimed that the state had reached a “groundbreaking agreement with Microsoft Corporation, [ensuring] full access to public records has been perpetually guaranteed without any license fees or restrictions.”[12]  Several months later, ITD released the ETRM v. 3.0, which included MS Office XML along with the OpenDocument Format (ODF) as acceptable open formats.[13] 

 

The ODF was specified as an acceptable standard for office documents such as text documents, spreadsheets, and presentations.  The ODF was developed in 2005 by the Organization for the Advancement of Structured Information Standards (OASIS), a non-profit consortium of IT companies and was approved by ISO/IEC international standards body in May 2006. [14]   The ODF is presently supported by several office applications, including OpenOffice, StarOffice, KOffice, and IBM Workplace.[15]

 

No state government in the United States has adopted the ODF standard.  There are dozens of public and private sector applications that support the ODF, both in the United States and internationally.[16]  The Library of Congress has expressed support for using the standard in electronic records projects.  The Administrative Office for the Massachusetts Trial Courts recently implemented OpenOffice, a desktop application which supports the ODF, and has reported relative success with the application.[17]  The experience of the Trial Courts is unique, however, as the agency only has approximately 2,000 seats (compared with as many as 80,000 proposed by the ETRM) and migrated to OpenOffice from the Corel Wordperfect Office, a non-Microsoft legacy system, which mitigated some of the transitional difficulties and risks.[18]

 

After publishing the ETRM v. 3.0, ITD received a “firestorm of negative comments” from the vendor community about the inclusion of Office XML as an open standard and subsequently deleted the entire section on data formats from the ETRM.[19]  Linda Hamel, ITD General Counsel, noted that while Microsoft made significant progress towards meeting ITD’s requirements for an open standard, the agency determined that it was not “open enough.”[20]  On August 29, 2005, ITD released the ETRM v. 3.5, which included the ODF but not Office XML as an acceptable format.  Following a two-week public comment period,[21] ITD made “minor changes” to the ETRM and published the final standard on September 21, 2005, just two weeks before Secretary Kriss’s departure from state government.[22] 

 

The Committee reviewed the final standard and public comments and met with various industry groups, including Adobe, IBM, Microsoft, Red Hat, Sun Microsystems and other trade and advocacy groups.  At the October 31, 2005 oversight hearing, Chairman Pacheco expressed his support for open standards generally, but reiterated that the parameters of the hearing and investigation were to review the cost of the proposal, the legal authority for issuance of IT standards, the process by which the ETRM was developed and whether the standard meets the needs of the disability community.  The Committee invited testimony from the following persons:

 

 


· COST ·

 

During the December 2003 oversight hearing, the Committee invited testimony from several industry groups and met with others to discuss, among other things, the cost of the proposal.  All parties interviewed, including ITD, agreed that a Total Cost of Ownership (“TCO”) analysis was an appropriate mechanism to gauge the true cost of ETRM.[23]

 

TCO is an analysis that measures the comparative costs of an IT platform over its useful life. This examination considers both direct acquisition costs and indirect costs associated with the application.  Indirect costs include consulting, staffing, training, system downtime and maintenance.  TCO is a valuable measurement for the ETRM, which invites participation of non-proprietary software companies that may not have acquisition costs, but require additional costs, such as training and consulting, associated with the customization of the application and migration from a legacy system.

 

At the 2003 hearing, the Committee requested that Mr. Quinn provide a cost analysis of the proposed ETRM.  The Committee received no response and again requested a cost analysis when the ETRM v. 3.5 was issued in August 2005.  The Committee received a letter from Mr. Quinn on September 19, 2005 with a two-page financial impact analysis indicating that Open Office Total Transition Costs would be $8,000,000 and Office 12 Total Transition Costs would be $34,000,000, a savings of $26,000,000.[24] 

 

The Committee reviewed the document and questioned certain assumptions used in the analysis, including seemingly conservative estimates of training and consulting costs.  The ETRM proposes an enterprise-wide implementation of technology that had never been deployed in a statewide branch of government and with which state agency Chief Information Officers (“CIOs”), who would likely lead the implementation, were not familiar.[25]  The 2003 memo by Secretary Kriss to Mr. Quinn acknowledged that the “policy will take time, energy, and money. We have a large installed base of systems, many using obsolete technology, which cannot be quickly converted or replaced.”[26]  In written testimony to ITD about the ETRM, Mr. John Beveridge, Deputy Auditor, IT Audit Division, Office of the Auditor of the Commonwealth, noted that “[t]he effort, considering the current IT environment, would be substantial” and inquired whether ITD had “considered starting this on a pilot basis, possibly something where the value could be tested?”[27]  Committee research indicates that implementations of this scale carry risk for state governments and can cause operating problems and financial loss.[28] 

 

The ETRM requires state agencies to develop implementation plans that will allow them to configure existing applications to save office documents in the ODF by January 1, 2007.  The Committee requested all ETRM implementation documents developed prior to the issuance of the standard and was advised by ITD that there “were no written implementation plans prior to [September 21, 2005], although implementation issues were certainly discussed.  Implementation plans for forward-looking target architectures are often (not always) appropriate subsequent to articulating the target date.”[29]  While agencies may use implementation dates as a means to initiate action, detailed implementation planning is useful in ascertaining project costs as it considers factors such as the compatibility of legacy systems, the number of desktops, and training.    

 

The Committee had additional concerns about the cost analysis, including a lack of licensing costs for legacy Microsoft programs in the proposed parallel IT systems, potentially high training cost projections for the new Microsoft Office 12 upgrade, ITD’s uncertainty about the number of desktops subject to the ETRM, and a lack of consultation with all state agencies about training costs.[30]  The Committee also had questions about the cost and productivity comparisons of the two applications.  Specifically, how will government performance be affected if Office 12 increases user functionality, while under the ETRM, ITD would eliminate excess functionality by tailoring desktop programs to the specific needs of the employees.[31] 

 

Based on these concerns, the Committee forwarded ITD’s analysis to the Information Technology Division in the Office of the Auditor of the Commonwealth and requested an independent review of the proposal.  This matter is presently under investigation by the Office of the State Auditor.  Separately, ITD engaged a consulting firm in January 2006 to conduct a cost analysis of the ETRM and this investigation is also currently in progress.


· COST ·

 

Findings

 

1.      ITD did not perform a cost analysis prior to the issuance of the ETRM v. 3.5 or prior versions of the ETRM.  ITD did not respond to the Committee’s request in December 2003 for a cost analysis of the proposal.

 

2.      ITD did not have any implementation documents prior to publishing the ETRM v. 3.5 on September 21, 2005.

 

3.      The issuance of architecture standards can impact state spending, through IT Bond spending or agency operating budget, by tens of millions of dollars. 

 

4.      Cost analysis of IT applications should be based on the Total Cost of Ownership of the application to appropriately measure all potential expenditures and savings. 

 

5.      The IT Audit Division of the Office of the Auditor of the Commonwealth is presently reviewing ITD’s cost analysis submitted to the Committee in September 2005.

 

6.      New Information Technology Division Director Louis Gutierrez engaged a consulting firm in January 2006 to develop a cost model and analysis to ascertain the costs of the ETRM v. 3.5.

 

 

Recommendations

 

1.      ITD should include the IT Audit Division of the Office of the Auditor of the Commonwealth in the cost analysis review to add expertise and ensure objectivity of the engagement.

 

2.      Prior to the issuance of future IT architecture standards, ITD should conduct a cost analysis and submit a copy to the Joint Committee on Technology and Economic Development, the House and Senate Committees on Ways and Means, the House and Senate Committees on Post Audit and Oversight, and the IT Audit Division of the Office of the Auditor of the Commonwealth.  


· ACCESSIBILITY·

 

 

The citizens and businesses of Massachusetts communicate electronically with state agencies on a daily basis for basic government functions such as health insurance, driver’s licenses and state taxes.  As applications that support the ODF have not been implemented statewide in any other state government, the Committee reviewed the ETRM to ensure there would be no disruption of taxpayer services.

 

Following conversations with ITD and members of the IT vendor community and a program demonstration, the Committee was assured that taxpayers with applications that do not support the ODF would be able to correspond with executive branch agencies through an apparently simple conversion process.  While training would be required, it is the understanding of the Committee that executive branch employees would save ODF documents in a different format[32] that would allow compatibility with other common software programs used by most citizens and businesses.  ITD and industry vendors explained that this conversion process may create minor formatting changes, such as a logo or font, but will not affect document content.  In circumstances where a conversion process could potentially interfere with the communication, including legal contracts, the user will maintain a parallel Microsoft application.[33] 

 

During the review of the effect of the ETRM on citizen services, the Committee learned of potential adverse consequences for persons with disabilities.  In Massachusetts there are thousands of persons with disabilities working in the executive branch of government, many requiring some type of accommodation for technology use.[34]  These employees may require assistive technology, such as screen readers or voice recognition software, for cognitive, hearing, manual or visual impairment.  Assistive technology programs are generally developed by small software vendors based on established operating systems such as Microsoft Windows and desktop software such as Microsoft Office or Corel Wordperfect and have not yet been designed to interface with applications such as OpenOffice that support the ODF format.[35]  Consequently, the ETRM created uncertainty in the disability community because the ODF is not sufficiently mature to attract assistive technology vendors to develop compatible applications.  

 

The Committee did not raise the question of whether ITD violated disability law by issuing the ETRM, as presented in ITD’s brief, but rather it reviewed the processes to ensure the state’s technology is compliant with disability law.  Presently, there is no requirement for ITD to collaborate with advocates or state agencies representing disabled persons.  As a result, persons with disabilities in Massachusetts have experienced a history of problems with state IT initiatives.  In 2004, the Executive Office of Health and Human Services deployed the Virtual Gateway, an electronic clearinghouse of state health and human service programs for providers and agencies.  Advocates have claimed that parts of the Virtual Gateway, including applications and other forms that require electronic “tags,” are not accessible for certain employees with visual disabilities.[36]  Also, the website does not recognize keystroke navigational commands, which are necessary for workers that are unable to use a mouse because of visual or motor skills impairments.  In November 2005, New England INDEX, a group within UMass Medical School, recently reported that a pilot business services segment of the site “does not comply with EOHHS Site Policy on Accessibility” and recommended that these issues be addressed before the site goes public.[37]  Additionally, the state website, Mass.gov, holds documents such as the state budgets, which cannot be opened using assistive technology.[38] 

 

After posting the ETRM, ITD received public comments from members of the disability community, including Myra Berloff, Director of the Massachusetts Office on Disability (“MOD”), the Disability Policy Consortium (“DPC”), the Bay State Council for the Blind and more than a dozen workers with disabilities, expressing their concerns about the ETRM.  MOD is the Commonwealth’s Americans with Disabilities Act coordinating agency with the mandate “to bring about full and equal participation of people with disabilities in all aspects of life.”[39]  In testimony submitted to ITD, Ms. Berloff noted that she was not aware of the ETRM proposal until it was published for public comment in August.[40]  Ms. Berloff commended ITD’s overall objectives, but stated:

 

The proposed migration to an XML-based open standards approach, however, concerns us.  We are concerned that in reality it may be an unintended step backward toward closing off access to government information and government jobs for people with disabilities.  As state government, we are obligated to ensure that we can effectively communicate with people with disabilities.  Although the open source/open standards arena is no doubt making progress toward ensuring access for people with disabilities, it is our understanding that it is currently far less than fully usable for people who employ screen readers, speech recognition and other complex alternative interfaces.[41]  

 

Mr. Berrier, President of the Bay State Council for the Blind, submitted testimony on September 6, 2005 that stated:

 

I [am] deeply concerned at the potential effect open source programming would have on the ability of people who are blind to access and use state systems and documents.  It is imperative that the effect on people with disabilities be considered before such a change is made.  I am blind and I rely heavily on a screen reader called JAWS and on Microsoft applications such as Word and Excel.  As a blind person, I do not have the luxury of switching to other applications.  These work well with JAWS only because scripts have been meticulously written to make them work.[42]

 

These comments were echoed in testimony submitted to ITD by other state employees with disabilities who expressed concerns about the compatibility of assistive technology with changes proposed by the ETRM.  One such employee, Mr. Gerard Boucher, stated that “[w]e believe these changes would fly in the face of the Americans with Disabilities Act, possibly leading to a loss of employment for some state employees who are blind.”[43]  Despite these public comments from MOD and the disability community, ITD made no accessibility related changes or policy announcements prior to the ETRM v. 3.5 publishing.  ITD did make other “minor changes” to the standard and has in the past shown a willingness to respond to certain public comments, as it made its decision to exclude Office XML from ETRM v. 3.0 based on negative comments from the vendor community.

 

The Committee invited Ms. Berloff, Mr. Winske of the DPC, and Mr. Berrier to testify at the October 2005 oversight hearing.  Ms. Berloff testified that she was concerned about the impact of ETRM on the disabled community, but that ITD has since included MOD in ETRM discussions.  Ms. Berloff testified that Microsoft had become a good partner for assistive technology, but cautioned that the company required encouragement from MOD and there was a difficult transition period in the early 1990s.  Ms. Berloff expressed similar concerns about the ETRM and the January 2007 deadline, but that she expected to be a partner in the ETRM development and implementation process to address the needs of the disability community.

 

At the hearing, Mr. Berrier and Mr. Winske testified in opposition to the ETRM and provided a demonstration of assistive technology and how implementation of the ETRM will prohibit accessibility to these applications for workers with disabilities.  Mr. Berrier testified that this policy would increase unemployment among this group of workers.  Mr. Berrier’s current level of access “far exceeds anything that has been available in the past…. While the computer may be an option for others, in many cases the technology represents the only way people with disabilities have of accomplishing tasks, be they simple office tasks or more complicated things.”  Based on prior experiences with ITD, Mr. Berrier cautioned the committee about proceeding with a policy without assurances that it will meet the needs of the disability community.  “[L]ooking at accessibility after a change has already taken placed [sic] is kind of like building a house, and then deciding to put a wheelchair ramp in after you have already built the porch, the driveway, the concrete steps, etc…. This relates to people's ability to hold jobs; it speaks to our livelihoods.  This issue relates directly to the civil rights of people with disabilities.”[44]

 

During the hearing, Mr. Quinn acknowledged that ITD has “learned from the well informed community of persons with disabilities that there are currently no office applications supporting ODF that meet the current standards for the accessibility of such applications.  We will not disenfranchise the community of the persons with disabilities.”[45]  Mr. Quinn pledged to improve communication with the disability community in the continued development and implementation of the ETRM.  While an accessibility working group did convene, ITD did not agree to meet with the DPC for several months until the Committee forwarded a letter on the DPC’s behalf to Secretary Trimarco in January 2006. 

 

In November 2005, ITD drafted a Memorandum of Understanding (“MOU”) with MOD to ensure that the state’s IT policies incorporated the needs of the disabled community.  For the past seven months, however, this MOU has been under review by ITD and, at the date of this report, has not been signed by all parties.  While new ITD Director Louis Gutierrez informed the Committee that all sides are still working towards completion, the absence of this binding agreement provides no assurances of improved IT accessibility for the disabled community.

 

On January 13, 2006, Secretary Trimarco sent a letter to dozens of members of the disability community in Massachusetts recognizing “the persistence of barriers to accessibility” in implementing the ETRM and that the Administration is “committed to fulfilling our legal and moral obligations to the community of persons with disabilities.  If necessary to accomplish this, the Administration is prepared to delay our targeted implementation date.”[46]  Recently, Mr. Gutierrez created a Manager of Assistive Technology position in ITD to manage all aspects of ITD software, hardware, telephony and procurements and has committed key staff in ITD to resolving the Mass.gov website accessibility issues.  In May, ITD released a Request for Information for a “plug-in” that would allow Microsoft Office users, including those in the disability community, compatibility with the ODF.


· ACCESSIBILITY ·

 

Findings

1.      Despite public comments by the Massachusetts Office on Disability, advocates and state employees expressing accessibility concerns with the ETRM v. 3.5, the Information Technology Division did not delay its release, or make any changes or policy announcements prior to publishing the standard.

 

2.      At the Committee’s October 2005 hearing, the Information Technology Division, the Massachusetts Office on Disability and representatives from the disability community testified that assistive technology is not readily compatible with applications that support the OpenDocument Format.

 

3.      The Information Technology Division is not required to consult the Massachusetts Office on Disability and other disability advocacy groups in the development of the IT standards.  The Massachusetts Office on Disability, which oversees compliance with state and federal disability laws, does not have authority to demand compliance of state IT standards or applications.

 

4.      While no state agency tracks disability information on state employees, the Massachusetts Office on Disability “conservatively” reported that there are at least 1,400 state workers with disabilities, more than 1,000 of whom require some form of assistive technology.  The Disability Policy Consortium testified that approximately 18-20% of the population has some form of disability, which would indicate there could be as many as 14,400 to 16,000 executive branch employees with disabilities.

 

5.      There is approximately 70% unemployment, and an even greater problem of underemployment, among persons with disabilities in Massachusetts.  As technology is vital to employment opportunities for the disabled, any policy that limits assistive technology will likely increase the problem of unemployment and underemployment in the Commonwealth. 

 

6.      The state has had a history of problems providing IT accessibility for persons with disabilities.  The Virtual Gateway, the state’s web portal for health and human services, is not compatible with certain assistive technology.  The state’s website, Mass.gov, contains documents and features that are not accessible for persons with disabilities.

 

7.      After more than seven months of negotiations, ITD has not finalized a Memorandum of Understanding with the Massachusetts Office on Disability and other human services agencies to ensure that future state IT policies do not adversely affect the needs or rights of the disabled.  Without an MOU or legislation, there is no guarantee that state information technology applications in the Commonwealth will be accessible for persons with disabilities.

 

 

8.      Although significant work remains, the new agency leaders have demonstrated a more collaborative approach to the implementation of IT policy.  New ANF Secretary, Thomas Trimarco, has engaged the disability community to address the impact of the ETRM on assistive technology and has provided assurances that the state will not adopt IT policies that neglect the needs of persons with disabilities.  New ITD Director, Louis Gutierrez, has dedicated ITD staff exclusively to making IT in Massachusetts accessible for persons with disabilities.  Mr. Gutierrez has informed the Committee that ITD is committed to finalizing a Memorandum of Understanding to ensure that state IT standards and policies meet the needs of the disabled community. 

 

 

Recommendations

 

1.      ITD should delay the ETRM implementation date of January 1, 2007 unless the agency can demonstrate that the open standards requirement meets the needs of the disability community.  The state should not switch from an IT strategy that supports assistive technology to one that will contribute to the significant problem of unemployment and underemployment for persons with disabilities.

 

2.      To protect the rights of persons with disabilities and to prevent litigation, ITD should act in consultation with the MOD to ensure that IT standards comply with state and federal disability mandates.  This should be accomplished either through legislation or a Memorandum of Understanding between MOD, the ITD and other appropriate state human service agencies. 

 

3.      To ensure accessibility for persons with disabilities, MOD should report to the Office of the State Auditor and the Attorney General on compliance of the state’s information technology systems with state and federal disability laws.


· Legal Authority ·

 

The enabling statute for the Senate Committee on Post Audit and Oversight mandates performance auditing “for the particular purpose of making an appraisal or evaluation of the … faithfulness of administrative compliance with the intent of legislation and administrative regulations affecting a specified agency of the commonwealth.”[47]  Accordingly, the Committee reviewed the authority of agencies presently involved in setting IT policy for the Commonwealth, including ITD, the Secretary of the Commonwealth, and the Records Conservation Board (“RCB”).

 

In the October 2005 oversight hearing, Mr. Quinn and Ms. Hamel of ITD and Mr. Alan Cote, Supervisor of Public Records, Secretary of the Commonwealth, disagreed on ITD’s legal authority to unilaterally issue the ETRM.  Generally, ITD is responsible for the ongoing IT operations in the executive branch and the Secretary of the Commonwealth and the RCB are responsible for, among other things, public records creation, retention, and preservation policies.  As public records are increasingly created in electronic format, information technology and document management policies have become intermingled, creating uncertain legal authority for state agencies. 

 

The Secretary is the state’s mandated keeper of public records and employs the state Supervisor of Public Records (“Supervisor”).  The Supervisor was established in 1892 to “take necessary measures to put the records of the commonwealth, counties, cities or towns required by law and to secure their preservation”[48] and administers and enforces the state’s Public Record Law.[49]  The Supervisor is arbiter of the manner in which public records are recorded and stored.[50] 

 

The Records Conservation Board, created in 1920, is comprised of the state librarian, the Attorney General, the state comptroller, the Commissioner of Administration, the Supervisor of Public Records and the state archivist.[51]  The RCB may “require all departments of the commonwealth to report to it what series of records they hold, to set standards for the management and preservation of such records, and to establish schedules for the destruction, in whole, or in part, and transfer to the archives or another appropriate division within the office of the state secretary, in whole, or in part, of records no longer needed for current business.” (Emphasis added).[52]  The RCB’s authority applies to all documentary materials, “regardless of physical form or characteristics,” made by any state agency or governmental subdivision.[53]

 

The Information Technology Division has the mandate to carry out “the efficient and economical administration of [IT] systems within the executive departments including, but not limited to, setting information technology standards… reviewing and approving the planning, design, acquisition and operation of information technology systems, assessing the performance of information technology systems and operations…. ”[54]  ITD has also been authorized to expend funds appropriated by the legislature in IT Bond bills, requiring any executive branch agency requesting new IT hardware or software to seek the approval of ITD. 

 

The Supervisor, the RCB and ITD are granted identical authority in the Massachusetts Uniform Electronic Transactions Act (MUETA).  The MUETA was adopted from a national model to ensure a uniform application of law for transactions between parties that rely on electronic means such as email and electronic signature.[55]  Despite numerous meetings with the Mr. Cote about the ETRM, ITD issued the standard without the approval of the Secretary and without ever formally presenting it to the RCB[56], let alone receiving its approval.  In a brief to the Committee, ITD asserted that it has “clear” legal authority for adoption of standards pertaining to electronic document formats for the executive branch.  ITD’s claims may broadly be categorized as the following:

 

1.      Legal Construction: ITD claims the legal construction of the three agencies, ITD, the Secretary of the Commonwealth, and the Records Conservation Board, favors authority of a more recently created centralized agency that oversees technology standards for the Commonwealth.

 

2.      Lack of Jurisdiction: ITD claims that the Archivist, Secretary and RCB have no authority over the ETRM because the standard does not affect document creation, maintenance or destruction.

 

3.      MUETA: ITD claims the MUETA was adopted to ensure collaboration on IT policies that affect state public records (which the ETRM does not) and was not a reorganization of the agencies that altered existing legal authority.

 

The Committee reviewed the brief, met with ITD’s General Counsel on several occasions and analyzed the enabling statutes and supporting case law for the three agencies and found questionable legal authority for ITD’s issuance of the ETRM standard based on the following:

 

Legal Construction

ITD argues that it has the authority to set standards that may affect public records because it was created subsequent to the Secretary and the RCB and the principles of legal construction hold that the more recent and more specific statute governs.  The Committee has several concerns about this contention.  First, the legal construction of a more recent, more specific statute superseding a general rule applies when two or more statutes conflict.  Doe v. Attorney General, 425 Mass. 210, 215 (1997).[57]  ITD’s enabling legislation makes no reference to public records and does not conflict with the Secretary of the Commonwealth’s authority.  While there have been overlapping actions by the agencies, ITD’s enabling statute makes no provision for altering public records and does not conflict with the Secretary’s authority.  Therefore, Mass. G. L. c. 7, § 4A does not supersede the explicit authority given to the Secretary.  

 

Second, a more specific statute does not repeal an underlying authority.  Doe, 425 Mass. at 216.  ITD claims that it does not want to intrude on the Secretary’s public records authority,[58] however, it concedes that “ITD has adopted hundreds of information technology standards, almost all of which affect public records in some way”[59] and that it is impossible to manage the state’s IT environment without having the “authority and discretion to issue policies and standards that profoundly affect the creation and storage of public records within the Executive Department by Executive Department agencies, including their formats.”[60]  ITD’s enabling statute permits the issuance of state IT standards, but does not diminish or replace the Secretary’s underlying authority to oversee public records for the Commonwealth.

 

Third, ITD argues that it has power to issue IT standards for the executive branch, which have inherent affect on public records and that the “[l]egislature must be assumed to have know [sic] that it had [granted the agency this power].” [61]  Importantly, ITD’s statute does not provide any authority over public records.  The legislature is presumed to understand existing statutes and the Massachusetts Supreme Judicial Court “will not add words that the legislature did not put there, either by inadvertent omission or by design.” Commonwealth v. Callahan, 440 Mass. 436, 443 (2003), citing Commonwealth v. McLeod, 437 Mass. 286, 294 (2002).  The courts generally interpret statutes to be harmonious and where ITD has no explicit authority to affect public records it should not be presumed that the legislature had intended to confer such power that would conflict with that of the Secretary.  Adoption of Marlene, 443 Mass. 494, 500 (2005).

 

Lack of Jurisdiction

ITD states that the Secretary and the RCB have no jurisdiction over the ETRM because it is an architectural blueprint that contains no provisions for the creation, maintenance or preservation of electronic documents.  The ODF is part of the ETRM’s principles for open standards and is strictly a technology decision regarding executive branch documents and has no effect on the authority of the Secretary of the Commonwealth and the Records Conservation Board.  First, ITD claims that the Secretary’s office only administers non-current records, which are not affected by the ETRM and that the Supervisor of Public Records has already allowed agencies to play a role in archiving electronic records.  Second, the RCB’s authority extends only to non-current records and cannot affect the existing authority of the Executive Office of Administration and Finance.[62]     

 

Currently, when a record is deemed public and necessary for long-term preservation, the State Archivist converts the record, regardless of type (paper, electronic, etc.), into a format that guarantees the record’s accessibility and readability into the future. The hardware and software used in the process is jointly selected by the Supervisor, the state archivist, and the RCB.  In developing document standards in the ETRM, ITD was aware of the conflict with public records jurisdiction and removed any specific provisions relative to the creation, preservation or destruction of public records.[63]  ITD still concedes, however, that it can’t function without issuing standards that “that profoundly affect the creation and storage of public records.”[64]  

 

Mr. Cote maintains that the ETRM still infringes on the Secretary’s authority.  Specifically, Mr. Cote asserts and ITD admits that the Supervisor is responsible for the proposal to build the state’s digital archive,[65] a central storage facility for all electronic documents created by state and local government entities in Massachusetts.  There is a presumption that documents, including electronic records,[66] created by executive branch employees are public records.[67]  Accordingly, documents created in the ODF (such as an employment file or official agency communication) will be preserved in the state’s digital archive.  Therefore, by adopting open standards and specifically the ODF, Mr. Cote maintains that ITD has set an IT standard that affects the storage of electronic public records without the approval of the Secretary. 

 

Mr. Cote has acknowledged that he finds promise in the ODF,[68] but has expressed two concerns about its impact on public records.  First, the ODF, while endorsed by certain archival agencies, at this time is not sufficiently mature to guarantee the storage of public records.  Mr. Cote maintains this is not a technology decision for ITD, because if such a standard proves unworkable for the Secretary’s proposed digital archive, then it has public records creation and preservation implications.  Second, Mr. Cote argues that many state agencies with whom his office works to develop document storage programs, have made significant financial investments in IT systems that operate efficiently and securely, and will no longer be available under the ETRM.[69]  Consequently, ITD has issued a standard that the Secretary will be required to manage under the digital archive and has removed an existing public records storage option for municipalities and state agencies without the approval of the Secretary of the Commonwealth or the RCB.     

 

ITD claims that the RCB has no jurisdiction over the ETRM because the enabling statute pertains to non-current records and shall not lessen the authority of the Executive Office for Administration and Finance.  In a public meeting on April 4, 2006, the RCB discussed a communication from the Committee concerning ITD’s authority to unilaterally issue the ETRM and decided that it disagreed with ITD’s interpretation of the statute, that the ETRM would impact public records in the Commonwealth and that it would review these jurisdictional issues at a future public meeting.[70]

 

MUETA

 

Recognizing the intersection of document management and information technology, the MUETA, among other things, requires ITD, the Secretary, and the RCB to jointly administer decisions about the creation, preservation and destruction of electronic documents.  The MUETA, in relevant part, provides the following:

 

Section 17. (a) The supervisor of records under section 1 of chapter 66 and clause Twenty-sixth of section 7 of chapter 4, the records conservation board under section 42 of chapter 30, and the information technology division under section 7 of chapter 4A, shall determine whether, the extent to which and the manner by which each executive department agency shall create, maintain and preserve electronic records, signatures and contracts and the method of converting paper government records to electronic format.  Nothing in this chapter shall affect the existing authority of the supervisor of records, the records conservation board or the information technology division under the cited sections. (Emphasis added).[71] [72]

 

In determining the validity of administrative compliance with legislative mandates, the Massachusetts Supreme Court first looks at the clarity of the statutory language, which is the “principal source of insight into Legislative purpose.”  Massachusetts Hosp. Ass’n v. Department of Medical Sec., 412 Mass. 340, 346 (1992), citing Simon v. State Examiners of Electricians, 395 Mass. 238, 242 (1985). See also Atlantic Medical Center v. Commissioner of the Division of Medical Assistance, 439 Mass. 1,6 (2003);  In the Matter of a Grand Jury Subpoena.  09914, SJC (Mass. June 22, 2006).   The MUETA clearly requires collaboration of the Supervisor of Public Records, the RCB and ITD and makes no provision for one of the entities to unilaterally issue a standard affecting public records.  The Massachusetts Supreme Judicial Court has held that “[a] fundamental principle of statutory interpretation ‘is that a statute must be interpreted according to the intent of the Legislature ascertained from all its words construed by the ordinary and approved usage of the language, considered in connection with the cause of its enactment, the mischief or imperfection to be remedied and the main object to be accomplished to the end that the purpose of its framers may be effectuated.’”  Harvard Crimson, Inc. v. President and Fellows of Harvard College, 445 Mass. 745, 749 (2006) citing Hanlon v. Rollins, 286 Mass. 444 (1934).  Had the legislature intended ITD to issue these standards unilaterally, it could have easily removed the authority of the other agencies.  McCarty’s Case, 445 Mass. 361, 365 (2005).  The language of the MUETA clearly requires collaboration between the agencies and the Massachusetts Supreme Court “may reject a regulation that is ‘contrary to the plain language of the statute and its underlying purpose.’”  Smith v. Commissioner of Transitional Assistance, 431 Mass. 638 (2000) citing Massachusetts Hosp. Ass’n, 412 Mass. 340, 346.

 

In recent years, the legislature has placed limits on ITD’s authority to independently develop IT policy.  The 2002 capital outlay bill, referred to as IT Bond III, was originally proposed by then Acting Governor Jane Swift, to provide $300 million in funding for development of IT strategies and projects under ITD discretion with no mandated collaboration with other state agencies.[73]  During deliberation, however, the legislature amended the bill to require ITD to collaborate with Secretary of the Commonwealth, Department of Transitional Assistance and Department of Social Services on projects within the jurisdiction of each agency.[74]  The legislature also required ITD to report to the legislature relative to strategy, cost and implementation timelines.  The legislature added the 2002 IT Commission which mandated the collaboration of legislators, executive branch officials, and private sector experts to develop an “enterprise-wide strategy, including all 3 branches of government and the constitutional offices, for the commonwealth's information technology infrastructure, system development and governance.”[75]  Most recently, the Senate engrossed Senate Bill 2385, the 2006 Information Technology Bond Bill, which required ITD to promulgate procurement procedures, subject to the approval of the State Auditor, to “ensure an open and fair competitive process.”

 

If the statute is unclear or provides discretion, a state agency has latitude to interpret statutory construction, but “[an] incorrect interpretation of a statute… is not entitled to deference.”  Massachusetts Hospital Ass’n, 412 Mass 340, 346 citing Kszepka’s Case, 408 Mass. 843, 847 (1990).  The language of the MUETA and the legislature’s intent to require collaboration in the development of IT policy is plain.  The legislature had placed a series of limitations and reporting requirements on ITD to ensure that it collaborated with other affected state agencies.  ITD’s issuance of the ETRM with knowledge of the Supervisor’s express opposition to the standard and without making a formal presentation to the RCB or receiving its approval is in clear violation of the statutory requirement for collaboration.[76]  

 

In reviewing the legal authority of these agencies, the Committee notes the public policy importance of the Secretary’s role in preserving public records.  “The commitment to maintaining the availability of such records is one of state government's most fundamental and vital responsibilities.”[77]  Public records are accessed each day by hundreds of thousands of citizens relying on basic government services.  In addition to documenting the state’s history, these records help taxpayers with health benefits, voting information, housing deeds, automobile registration, and basic corporate operations.  The state public records law permits citizens the absolute right of access to public information, including the right to inspect or copy public records from government agencies.[78]  Any policies that potentially compromise public records standards must be done with the approval of the Secretary of Commonwealth.

 


· Legal Authority ·

 

 

Findings

 

1.      ITD did not have the statutory authority to issue provisions in the ETRM relating to public records management.  The Secretary of the Commonwealth and the Records Conservation Board both have jurisdiction over public records in Massachusetts and did not approve the ETRM as required by Massachusetts statute. 

 

2.      The Secretary of the Commonwealth, the state’s keeper of public records, has expressed opposition to the ETRM.  The Supervisor of the Public Records claims that if such a standard proves unworkable for the Secretary’s proposed public records digital archive, then it has public records creation and preservation implications.

 

3.      The Records Conservation Board stated that the ETRM will affect the state’s public records and it was never provided a formal presentation of the standard let alone endorsed it.

 

4.      The language of the MUETA clearly requires collaboration with the Secretary of the Commonwealth and the Records Conservation Board.  This interpretation is consistent with legislative intent that ITD collaborate with other bodies in the development of certain IT policy.

 

5.      The legislature has limited the authority of ITD on several occasions since 2002.  Specifically, the legislature has required ITD to obtain the approval of other agencies that may be affected by IT strategic decisions as well as reporting requirements to the various legislative committees and state agencies.

 

6.      The maintenance and preservation of public records is an essential function of state government.  Hundreds of thousands of citizens rely on public records each day for the administration of basic government services such as health care, voting information, housing deeds and corporate operations.  The Secretary of the Commonwealth is responsible for ensuring citizens have the absolute right to these documents.

 

Recommendations

 

1.      To ensure the protection of the state’s public records, the Secretary of the Commonwealth and the Records Conservation Board should maintain authority to approve IT standards that affect public records.

 

2.      The legislature should adopt legislation proposed by Secretary William Galvin to include the Information Technology Division on the Records Conservation Board.


· Process ·

 

 

The 2002 IT Commission, in its mission statement, recommended that “[e]nterprise IT reform in Massachusetts, to the extent appropriate, should encompass all three branches of state government, state agencies, state authorities, cities and towns, and the Commonwealth’s university and research community.”[79]  The Committee reviewed the process by which ITD developed the ETRM including interaction with legislators, other state agencies, members of the public, and industry vendors. 

 

Over a two year period, ITD put significant effort into drafting the ETRM, including legal research, vendor forums, and communication with state CIOs.  Despite these efforts, the Committee’s investigation revealed that ITD did not have a sufficiently open process during the ETRM development period and excluded important constituencies, including state agencies, legislators and advocates.

 

ITD normally conducts monthly meetings for all state agency CIOs “to ensure information is accessible to all who could benefit [and] the intent to publish agendas, presentations, and handouts, and to provide meeting minutes.”[80]  In the development of the ETRM, however, ITD relied on a series of “kitchen cabinet” meetings that included a small group of executive branch CIOs[81] and did not release meeting minutes or make meeting information public.  From December 2004 until August 2005, a period in which two versions of the ETRM were released, ITD cancelled nine of the ten scheduled monthly CIO meetings and did not discuss the ETRM in the one meeting it did hold. 

 

In the October 2005 oversight hearing, MOD Director Myra Berloff testified that she was unaware of the ETRM until it was published.  ITD subsequently confirmed that “some of the disability agency IT people were left off of the CIO meeting list (inadvertently)” but have since [after release of the ETRM v. 3.5] been included in discussions.[82]  In November, the Committee learned that the DPC had been unable to schedule a meeting with ITD despite numerous requests, and forwarded a letter to Secretary Thomas Trimarco.  A meeting was scheduled on January 9, 2006, and the DPC discussed concerns about assistive technology, public sector employment, and inadequate access to the agency.[83]  Subsequently, ITD committed to several action items including assurances for improved communication and recognition of the needs of the disability community.[84]

 

There is disagreement between ITD and the Supervisor of Public Records about the level of collaboration between the agencies in the development of the ETRM.  ITD claims it provided the Secretary special deference on the matter, while Mr. Cote asserted that he repeatedly expressed his reservations about the standard and his concerns were not addressed.  Mr. Cote claims that he was not aware the ETRM would contain document format standards until June 2005.[85]  Also, while ITD did communicate with Mr. Cote, a member of the RCB, the agency did not collaborate with the RCB in the development of the ETRM, and did not seek the approval of or even make a formal presentation to the RCB prior to its issuance.[86]

 

INFORMATION TECHNOLOGY ADVISORY BOARD

In 2004, the legislature enacted the Information Technology Advisory Board (“Advisory Board”) based upon the 2002 IT Commission’s recommendations to improve the government’s uncoordinated IT strategy.  The Commission found that the state’s disparate IT policies resulted in increased costs, and decreased information sharing and capabilities and consequently, decreased value and utility to the taxpayers and businesses of the Commonwealth.[87]  To address these concerns and develop a statewide IT coordinated strategy, the legislature passed Chapter 149 of the Acts of 2004, which created an advisory panel of the government’s three branches.

The seven member Advisory Board is comprised of the state CIO, legislative CIO, the judiciary’s CIO, the Chairs of the House and Senate Committee on Science and Technology, and two members selected by the Governor.  It is charged with drafting a MOU that is “acceptable to the executive department, legislature, judiciary and constitutional offices that shall include information technology standards and a strategic plan for the signatories' acquisition and use of information technology.”[88]  The Advisory Board was designed to advise the state CIO on IT issues, “including the development of an enterprise vision, strategy and direction for the use of information technology in the executive department, the development of policy, strategic planning, and project selection criteria, and information technology architecture, infrastructure, information technology investments and security.”[89]

Enacted in July of 2004, the Advisory Board conducted its first meeting on March 28, 2005 and a second meeting on May 11, 2005, in which Ms. Hamel presented an overview of the ITD licensing negotiations with Microsoft.[90]  The Advisory Board issued an annual report, which recommended that membership be expanded to include representatives from the Treasurer’s Office, State Auditor’s Office, Secretary of the Commonwealth, and the Office of the Attorney General. The report also included the following overview of projects for FY 2006:

The Advisory Board has met twice since the issuance of the annual report, but has not drafted an MOU outlining IT Strategy.  ITD maintains that the goals of the ETRM, which is a strategic vision and specifications for the executive branch, are not what the legislature envisioned as “strategy” in the passage of the Advisory Board.  While the Advisory Board is a consultative entity and constitutional prohibitions preclude interference between branches of government, it was developed as a collaborative entity to create more value for the taxpayers and ensure that the Massachusetts government had a coordinated IT strategy.  Despite the existence of the Advisory Board, ITD never presented ETRM or formally discussed the ODF with it prior to issuing the standard.

 

ADMINSTRATIVE PROCEDURE ACT

It is important that government agencies, particularly information technology agencies, have flexibility in decision-making processes.  ITD is forced to make hundreds of decisions about IT procurements and standards, varying in size and scope, which are within the scope of its expertise and have no impact on outside entities.  For example, in the event of a virus threat or a systems failure, ITD may be required to make real-time decisions and procurements that should not be slowed by bureaucratic requirements.  Agencies should, however, maintain an open administrative process for more comprehensive policies to ensure public input, a transparent process and avenues of administrative recourse.  The Massachusetts Administrative Procedures Act (“APA”) was passed to ensure these procedural protections in agency proceedings.  APA requirements, which apply to agency regulatory actions, include public notice, a public hearing, an adjudicatory hearing process, and a substantial evidence standard.[92] 

 

As ITD does not have regulatory authority, it issued the ETRM as a standard which it claims is not subject to the APA.  While the definition of a regulation includes a “standard,” the ETRM likely meets an APA exclusion for standards that govern internal agency operations.  While ITD did establish a voluntary public comment period and worked with industry and government entities during the development of the ETRM,[93] the Committee was contacted by advocates and vendors who were excluded from the process and left with no administrative recourse.  ITD did not respond to the public testimony about accessibility for persons with disabilities by more than a dozen state employees and the Massachusetts Office on Disability.  The state’s existing IT vendor, Microsoft, claimed that ITD “did not provide sufficient time for review and comment on the proposed policy, nor a robust process for addressing comments.  Due process requires much more, particularly given the unprecedented nature of the proposal and the potentially adverse consequences it could provoke.”[94]  A formal public hearing process would have afforded ITD the opportunity to hear concerns and take any necessary corrective action prior to issuing the standard.     

 

The Committee recognizes the temptation for parties to use APA safeguards in self-interest to delay unfavorable regulations, with such actions potentially resulting in added time and expense.  IT architecture standards,[95] however, are issued infrequently,[96] have an expansive scope covering up to 80,000 desktops, and may have a direct impact on employees, the general public and private sector corporations.  For such standards, the application of certain APA protections is appropriate to ensure a transparent process with public input and procedural protections.  A public hearing and a formal notice process would have ensured that all stakeholders were aware of the ETRM and that comments were considered in an open forum.

   


· Process ·

 

Findings

 

1.      ITD held a voluntary public comment period, industry vendor forums, and conducted legal research, but did not lead a collaborative policy-making process with the legislature and other state agencies in developing the ETRM.  

 

2.      The Massachusetts Office on Disability, the state’s American Disability Act compliance office, was not aware of the ETRM until it was published in August 2005.

 

3.      The Records Conservation Board, comprised of public records specialists, believes the ETRM will affect public records, but was not consulted in the development of the ETRM and did not receive a formal presentation of the standard prior to issuance.

 

4.      The Supervisor of Public Records and ITD communicated intermittently during the development of the ETRM.  ITD claims that it made repeated attempts to work with the Office of the Secretary of the Commonwealth, while the Supervisor maintains there was no recognition of the concerns of the Secretary of the Commonwealth.

 

5.      ITD did not formally present the ETRM to the IT Advisory Board, a nonbinding entity created to coordinate a statewide IT policy between the three government branches prior to releasing the standard.

 

 

Recommendations

 

1.      The Advisory Board should continue to meet, pursuant to Chapter 149 of the Acts of 2004, to ensure there is a collaborative process in the development of IT strategy for the Massachusetts government.

 

2.      ITD should establish a formal notice period and public hearing process prior to issuing all IT architecture standards to ensure there is an open and transparent administrative process.

 

3.      The legislature should add the state’s constitutional office holders (Secretary of the Commonwealth, Auditor of the Commonwealth, and Treasurer) to the IT Advisory Board to ensure all governmental agencies are included in state IT discussions.



[1] Memorandum from Eric Kriss, Secretary, Executive Office for Administration and Finance, to Peter Quinn, Chief Information Officer, Information Technology Division (Sept. 26, 2003) (on file with author).

[2] The Capital Budget, Eric Kriss, Secretary, Executive Office for Administration and Finance (Sept. 29, 2003) (on file with author).

[3] Enterprise Open Standards and Open Source Policy, Policy #: ITD-APP-01, Information Technology Division (Nov. 24, 2003) (on file with author).

[4] Commonwealth of Massachusetts Enterprise IT Strategy, Final Report, Information Technology Commission, (Feb. 2003) (on file with author).  The IT Commission’s recommendation that the state “[l]everage ownership of existing application assets by establishing an ‘open source’ program within the Commonwealth was listed as a ‘Plan’ priority, which was defined as ‘high criticality, low feasibility.’

[5] Enterprise Information Technology Acquisition Policy, Policy #: ITD – APP – 02, Information Technology Division, (Jan. 13, 2004) (on file with author).

[6] The Open Source Definition, www.opensource.org, viewed Mar. 9, 2006.  This definition includes 10 requirements for open source definition. For a full explanation visit http://opensource.org/docs/definition.php.

[7] Id.

[8] TechEncyclopedia, www.techweb.com. viewed Mar. 9, 2006. http://www.techweb.com/encyclopedia/defineterm.jhtml;jsessionid=DE3UMZXHGKK3SQSNDBOCKHSCJUMEKJVN?term=open+source.

[9] Id.

[10] Enterprise Technical Reference Manual version 3.5, Information Technology Division, (Sept. 21, 2005). The ETRM also provides that Hypertext Markup Language (HTML) is an example of an open standard. Open standards imply that multiple vendors can compete directly based on the features and performance of their products. It also implies that the existing information technology solution is portable and it can be removed and replaced with that of another vendor with minimal effort and without major interruption.

[11] Boston Herald, Jay Fitzgerald, Saturday, January 15, 2005.

[12] Governor Romney’s Progress Report to the People of the Massachusetts. (June 2005) (on file with author).

[13] Brief of the Information Technology Division Regarding Adoption of Open Document Format, Information Technology Division, submitted to Senator Marc R. Pacheco, Chairman, Senate Committee on Post Audit and Oversight (Nov. 16, 2005) (on file with author).

[14] ODF Alliance Website. Viewed June 3, 2006. http://www.odfalliance.org/.

[15] Id. ETRM v. 3.5.

[16] ITD has provided a list of entities that have implemented software that supports the ODF, including the French Ministry of Economy, Finance, and Industry, the Belgium government, Brazil’s Ministry of Health, the U.S. Office of Health and Human Services, and other private sector companies such as Genentech and Novell.

[17] Interview with Craig Burlingam, Chief Information Officer, Massachusetts Trial Courts, March 8, 2006.

[18] Id.

[19] ITD Brief.

[20] Interview with Linda Hamel, ITD General Counsel, February 10, 2006, in Boston.

[21] The ETRM was published on August 29, 2005 and closed on September 9, 2005, a two week period encompassing the Labor Day holiday.  In a September 9, 2005 letter, the Committee requested that ITD extend the public comment period because of lack of awareness of the issuance of the ETRM.

[22] ITD Brief.

[23] TCO was also endorsed as a tool for developing the Massachusetts IT strategy by the 2002 IT Advisory Committee in the 2003 OSOS report, the IT Advisory Committee in the Annual Report, and ITD in the 2004 ETRM v.3.5.

[24] Letter from Peter Quinn, Director, Information Technology Division to Senator Marc R. Pacheco (Sept. 19, 2005) (on file with author).

[25]Public Testimony on the ETRM by John Beveridge, IT Audit Director, for the Office of the State Auditor, submitted to Information Technology Division. Mr. Beveridge inquired whether there was a “sufficient understanding of the current IT environment across the Commonwealth and the impact of the change” prior to setting an implementation date and whether ITD considered “the change required in the culture of information use and management needed for an enterprise framework.”  

[26] Id. Memorandum by Secretary Kriss. While this memo referred to the more expansive OS/OS proposal, many of the indirect costs of transferring to a new system would apply under the revised policy. 

[27] Email correspondence from John Beveridge, IT Audit Division, Office of the Auditor of the Commonwealth, to Peter Quinn, Director, Information Technology Division, public comments on the ETRM (Sept. 9, 2005) (on file with author). It should be noted that Mr. Beveridge’s comments were not posted on ITD’s website due to a technology error that prevented submission prior to the deadline. The comments were subsequently emailed to ITD.

[28]Wisconsin CIO Gets Slammed on Oracle E-Mail Debacle” Linda Tucci, SearchCIO.com. Visited March 9, 2006. (on file with author).

[29] Email from Linda Hamel, General Counsel, ITD, to Jesse Stanesa, Director, Senate Committee on Post Audit and Oversight, (March 30, 2006) (on file with author).

[30] ITD worked with the state Human Resources Department to develop the cost analysis. During the October 2005 hearing and as part of its investigation, the Committee learned that ITD consulted with a limited number of executive branch CIOs.

[31] Interview with Linda Hamel, General Counsel, Information Technology Division and Bethann Pepoli, Deputy Chief Information Officer, Information Technology Division in Boston, Mass. (Feb. 10, 2006). Ms. Hamel informed the Committee that determined that the Office 12 offers advanced features that are not required for all desktops in the executive branch and that OpenOffice would allow ITD to customize each desktop and eliminate excess functionality for employees.

[32] The ETRM requires the executive branch agencies to make the ODF the default standard for text and spreadsheet documents.

[33] Interview with Linda Hamel, General Counsel, Information Technology Division, and Bethann Pepoli, Deputy Chief Information Officer, Information Technology Division. February 10, 2006, in Boston, Mass.

[34] In response to a Committee request, Myra Berloff, Director of the Massachusetts Office on Disability, provided a “conservative” estimate of 1,400 state workers with disabilities with 1,000 requiring assistive technology.  The Disability Policy Consortium testified that 18-20% of the population has some form of disability, which if applied to the executive branch would be 14,400 to 16,000.

[35] Interviews with disability advocates.

[36] Interview with disability advocates.

[37] Report by the New England INDEX, “Virtual Gateway Resource Information Locator Pilot Evaluation”, November 3, 2005.

[38] Interview with disability advocates.

[39] Massachusetts Office on Disability, Mission Statement, at http://www.mass.gov/mod/missionstatement.html, (viewed October 31, 2005) (on file with author)

[40] Public Testimony of Myra Berloff. Director, Massachusetts Office on Disability, submitted to Peter Quinn, Director, Information Technology Division, (Sept. 8, 2005) (on file with author).

[41] Public Testimony of Myra Berloff, Director, Massachusetts Office on Disability, submitted to Senator Marc R. Pacheco, Chairman, Senate Committee on Post Audit and Oversight, (Oct. 31, 2005) (on file with author).

[42] Public Testimony of Jerry Berrier, President, Bay State Council for the Blind, submitted to Peter Quinn, Director, Information Technology Division. (Sept. 6, 2005) (on file with author).

[43] Public Testimony of Gerard Boucher. submitted to Peter Quinn, Director, Information Technology Division. (Sept. 7, 2005) (on file with author).

[44] Public Testimony of Jerry Berrier, President, Bay State Council for the Blind, submitted to Senate Committee on Post Audit and Oversight (Oct. 31, 2005) (on file with author).

[45] Public Testimony of Peter Quinn, Director, Information Technology Division, submitted to the Senate Committee on Post Audit and Oversight (Oct. 31, 2005) (on file with author).

[46] Letter from Thomas Trimarco, Secretary, Executive Office of Administration and Finance, to Myra Berloff, Director, Massachusetts Office on Disability (Jan. 13, 2006) (on file with author).

[47] Mass. Gen. L. c. 3, § 63 (2002) 

[48] Mass Gen. L. c. 66, § 1 (2002)

[49] Mass Gen. L. c. 66, § 10 (2002)

[50] Id. Mass Gen. L. c. 66, §10 (2002)

[51] Mass. Gen. L. c. 30, § 42 (2002)

[52] Id. Mass. Gen. L. c.  30 § 42 (2002)

[53] Id. Mass. Gen. L. c.  30 § 42 (2002)

[54] Mass. Gen. L. c. 7, § 4A (d) (2002)

[55] Mass. Gen. L c. 110G, § 17 (a) (2002)

[56] Interview with Mr. Stephen Fulchino, Chairman, Records Conservation Board, in Boston, Mass. (April 7, 2006).  In response to an inquiry by the Committee, Mr. Fulchino expressed the position of the RCB that ITD neither collaborated nor formally presented the ETRM to the RCB.  Ms. Hamel, General Counsel, ITD provided information to the Committee indicating IT discussions with the RCB in 2001, although it was unrelated to the ETRM or the ODF, and also that the agency considered its communications with Mr. Cote, a member of the RCB, as representative of contact with the RCB. 

[57] Doe v. Attorney General refers to a general statute about disclosure of juvenile records and a subsequent conflicting act governing disclosure of .the records of juveniles that have committed sex offenses.  The subsequent act was given precedence because the legislature is presumed to be aware of existing statutes.

[58] ITD specifically removed provisions from the ETRM relative to document creation, destruction and preservation to avoid conflict with the jurisdiction of the Secretary of the Commonwealth.

[59] Id. ITD Brief.

[60] Id. 

[61] Id.

[62] Id. ITD Brief.

[63] Interview with Linda Hamel, General Counsel, Information Technology Division and Bethann Pepoli, Deputy Chief Information Officer, in Boston, Mass. (Feb. 10, 2006).

[64] Id. ITD Brief.

[65] The Supervisor submitted a draft proposal for IT Bond funding for the digital archive that will automatically retain all public records generated by state and local government entities.  This important initiative is designed to reduce paper costs, avoid lost electronic records, ensure long-term preservation of records, and provide instant access to public records for all citizens. ITD has expressed implementation concerns about the proposal and requested additional information

[66] Supervisor of Public Records Bulletins…

[67] Secretary Galvin’s Guide to the State Public Records Law. MGL 66 § 10 (c). 950 CMR 32.08 (4).

[68] Interview by Andrew Updegrove, Gesmer Updegrove, LLP, with Alan Cote, Supervisor of Public Records, Office of the Secretary of the Commonwealth.  Mr. Cote commented that the ODF “does show promise as one of the formats our government should use to accomplish our goals of preserving records and serving the public.”

[69] It is the understanding of the Committee that the Microsoft Office application could support the ODF, as it did the PDF standard in Office 12.  Microsoft informed the Committee that adoption of the PDF standard required 18 months of research and development.  Microsoft is concerned that results may not produce full functionality for documents.

[70] Interview with Mr. Stephen Fulchino, Chairman, Records Conservation Board, in Boston, Mass. (April 7, 2006).  

[71] Mass. Gen. L. c. 110G, § 17 (2002).

[72] In the “Frequently Asked Questions” document on the ITD website, ITD suggested that it had sole legal authority under the UETA to “create, maintain and preserve documents.”  At the oversight hearing the omission of the Secretary of the Commonwealth and the RCB was clarified.

[73] House Bill 4213 (2002)

[74] Chapter 142 of the Acts of 2002.

[75] Id.

[76] Ms. Hamel stated that Mr. Cote is a member of the RCB and ITD considered him a liaison during the discussions, but the Chairman of the RCB is Stephen Fulchino, an appointee of the Governor, and there was never a presentation to other members of the board.

[77] The Society of American Archivists, Statement on the Importance of Supporting State Archival Program, at http://www.archivists.org/statements/statearchives.asp. (Visited March 23, 2006) (on file with author).

[78] Mass. Gen. L. c. 66

[79] Enterprise IT Strategy, Final Report, Information Technology Commission, (Feb. 2003) (on file with author).

[80] ITD Website. IT Leaders CIO Meetings. Viewed October 28, 2005. (on file with author).

[81] Email from Linda Hamel, General Counsel, Information Technology Division,  to Jesse Stanesa, Director Senate Committee on Post Audit and Oversight (Apr. 3, 2006, 12:20 EST) (on file with author).

[82] Id.

[83] Email from Bethann Pepoli, Deputy Chief Information Officer, Information Technology Division, to Jesse Stanesa, Director, Senate Committee on Post Audit and Oversight (Feb. 13, 2006, 10:50am) (on file with author).

[84] Id.

[85] Interview by Andrew Updegrove, Gesmer Updegrove, LLP, with Alan Cote, Supervisor of Public Records, Office of the Secretary of the Commonwealth, at   http://www.consortiuminfo.org/newsblog/blogcat.php?CID=30&Result_Set=5

[86] Interview with Stephen Fulchino, State Librarian and Chairman of the Records Conservation Board, in Boston, Mass. (April 7, 2006).  Mr. Fulchino, in response to a Committee inquiry, stated that ITD had never presented the ETRM to the RCB and that a majority of RCB members agreed there was an impact on public records.

[87] IT Advisory Board Yearly Report, Fiscal Year 2005, (2005) (on file with author).

[88] 2004 Mass. Acts 149

[89] Id.

[90] The Advisory Board was created in the Fiscal Year 2005 budget, but was delayed in part due to a reorganization of legislative committees.

[91] IT Advisory Board Annual Report

[92] Mass. Gen. L. c. 30A (2002)

[93] Id. ITD Brief.

[94] Public testimony to the Information Technology Division by submitted by Alan Yates, General Manager, Microsoft, September 2005.

[95] The architecture standards referred to here do not include standards under the domain of the Enterprise Security Board.

[96] There have been four versions of the ETRM issued since 2003.