Our Issues are Not Unique: Grant & Contracting Reform and Data Privacy Legislation Being Considered in Other States

From National Council of Nonprofits’ Nonprofit Champion 1/29

States Advancing Government Grants and Contracting Reforms

Nonprofits continue to advocate for government grants and contracting reforms at the state level to streamline processes, build relationships with government partners, and produce greater impact in their communities. The following recent bills are worth following and replicating in other states:

  • Maryland: Companion bills (H.B. 418/S.B. 459) would extend the life of the effort to reform state grants processes under the Maryland Efficient Grant Application Council by pushing back the reporting and termination dates of the Council. The bills would, among other things, create the State Ombudsperson to provide technical assistance with accessing and navigating state programs, resolve delays in the grant-making process, and collect and disseminate information on opportunities for federal, state, and local grants. Creating a nonprofit ombudsperson to help nonprofits navigate the system is a priority of the National Nonprofit Legislative Caucus.
  • New York: Two bills (A.2740/S.4877) would ensure a timely procurement process for nonprofits contracting with the state by requiring the government to register a contract with nonprofits within 30 days of the start date or renewal date of the contract.
  • Utah: New legislation to streamline state grants to nonprofits would require administering agencies to make equal, quarterly disbursements and permit multi-year grants of up to five years. Progress reports, deliverables, and performance metrics would be required regularly prior to payment.
  • Vermont: After strong advocacy by nonprofits, a measure originally introduced last year has been amended to include a new Working Group on State Grant Processes to assess the current grant-awarding procedures and funding processes. The Working Group would be led by six nonprofit representatives selected by Common Good Vermont, the state association of nonprofits, and include members from the Governor’s office, Legislature, Secretary of Administration and United Way. The bill also would require state-fund grant agreements to be paid within 30 days or be liable for interest to be paid from the agency’s operating budget. Further, the measure would create a standard grant application form, grant agreement, and reporting forms of reasonable length in accessible languages, as well as streamlined reporting requirements and processes. The Working Group would be required to submit its analyses and recommendations to the Legislature.
  • West Virginia: A bill (H.B. 4195) would provide that funds required to match federal funds as funding under state grants for reporting purposes under the Grant Transparency and Accountability Act.

State Data Privacy Legislation Moving in the States

Concerns over the privacy of personal data collected by for-profit businesses and the lack of federal standards continue to generate legislative proposals in the states. Laws typically mandate data privacy policies, regulate use of data, and provide rights to individuals to protect their data. While nonprofits have largely been exempted from legislation and laws, state lawmakers are now applying the same requirements to them as for-profits. The following examples indicate the direction of this trend:

  • Maine: Lawmakers have been hosting work sessions to consider two data privacy bills in Maine. One measure (LD 1973) would exempt 501(c)(3) nonprofit organizations from proposed data standards applicable to for-profit businesses that control or process the personal data of more than 100,000 consumers or at least 25,000 consumers and derive 25% of their gross revenues from selling the data. The second bill (LD 1977) would exempt entities “acting in a non-commercial context” and provide some exemptions for small businesses that either have gross revenues less than $41 million or do not collect or process data from more than 200,000 individuals.
  • New Jersey: This month, the Governor signed data privacy legislation (S. 332) that will apply to many nonprofits. Under the law, all “controllers” must provide certain data privacy rights to individuals whose data has been collected. “Controllers” are defined as entities that conduct business in the state, that either (a) control or process the personal data of at least 100,000, or (b) control or process personal data of at least 25,000 consumers and make revenues or receive discounts for the data. Controllers must notify users of the data and purposes of processing the data, allow individual users to opt out of processing, and correct inaccuracies upon request. A nonprofit exemption had been included in the bill as it moved through the legislative process, only to be omitted shortly before enactment. Nonprofits are contemplating corrective legislation this year to enact the exemption or limit the adverse impact on the work of charitable organizations.
  • Vermont: A bill (H. 121) moving in Vermont would establish requirements and standards for data collectors of personal information, including nonprofits. Specifically, the legislation would provide rights to consumers to opt out of processing of personal information, require data brokers to allow a consumer to opt out, stop collecting consumer’s data, delete all data in its possession about the consumer, stop selling the consumer’s data. The legislation would establish the Data Broker Security Breach Notice Act to require data brokers to notify consumers and the Attorney General of any data broker security breach; require annual registration for data brokers; and establish penalties and streamline the process for consumers to assert their rights.

For information on how nonprofits can protect both themselves and their communities, see Earning trust: the imperative of data privacy for nonprofits.