Florida’s Agency for State Technology Faces Legislative Threat to Autonomy, Authority

If one Florida lawmaker has his way, the agency could be in for another sweeping reorganization — when it is arguably at its strongest point in years.

by / March 31, 2017
After earning unanimous favor in the House last spring, the proposal stalled in the Senate amid the chaotic end to the 2015 legislative session. flickr/Steven Martin

Lawmakers in the Florida Legislature are considering a proposal that could once again force the Agency for State Technology (AST) into a reorganization that would come with not only a loss of responsibility, but authority as well.

In a hearing held March 28, legislative members of the House Government Operations and Technology Appropriations subcommittee approved PCB GOT 17-01, which calls for several substantial changes to the state’s technological footprint, as well as the restructuring of AST in title and function. If successful, the power shift would be one of a handful of others in recent history: AST was rebooted in 2014 after the Agency for Enterprise Information Technology (AEIT) was defunded in 2012; prior to that was the Florida State Technology Office's upheaval in 2005.

The proposal's timing has raised questions about the intended motivations behind the bill and what, if anything, it would actually do to help the state move forward. 

Even the wide margin of members that voted in support of the bill, proposed by Rep. Blaise Ingoglia, R-District 35, voiced confusion as to its purpose and the sweeping impacts it would have on the state technology enterprise.

Among a number of other changes, the proposal would pull the State Data Center out from under AST’s oversight, moving it to the Department of Management Services. Additionally, AST would be renamed the Office of Technology and Data Solutions, and stripped of its enterprise rulemaking authority.

During a more than hour-long discussion on the controversial proposal, subcommittee members questioned whether a complete overhaul of AST and transfer of state data center oversight and rule-making authority would be positive changes for the state.

Further, the potential law would remove the existing centralized authority to approve technology procurements and moves to cloud environments — Ingoglia’s vision leaves each of the state’s agencies to their own devices, essentially opening the door to a broad patchwork of systems.

“As you know, we have been discussing AST and their role in state government over the past couple of weeks. After taking in a lot of information, and quite frankly a lot of feedback from members of this committee, we are putting forth this PCB to reorganize the way we do information technology in the state,” explained Ingoglia, who serves as subcommittee chair.

The lawmaker pointed to the increasing costs incurred by AST in the management and oversight of the state’s data center, saying that the costs had ballooned to surpass Medicaid — a comparison Rep. James Grant, R-District 64, challenged as incomparable.

But lawmakers were not the only ones with questions and criticisms for the bill. Interim CIO Eric Larson, who stepped in following the departure of Jason Allison in late February, said it would not only be a major setback for the state from an enterprise perspective, but could also drive up costs and inefficiencies across the board. 

“It appears that the focus really is to abandon the concept of a central authority defining enterprise strategy for the state and revert that back to the agencies,” he told Government Technology. “The expectation, as I understand it from the committee meeting, is that this will drive costs down.”

In a letter to Larson dated March 27, National Association of State Chief Information Officers (NASCIO) Executive Director Doug Robinson spoke out against the every-agency-for-itself approach. “In my opinion, a centralized approach is considered a best practice for state government, with policy, planning, infrastructure services, data centers, shared services, cybersecurity and support under one organization,” he wrote. “State IT is no longer about just delivering infrastructure services, but requires enterprise leadership, innovation and transformation."

Larson said a number of potential problems come from stripping the agency of its data center authority, the least of which would be the mish-mash of agency solutions to come out of each agency’s autonomy. A more considerable issue, the Interim CIO argues, is a self-fulfilling prophesy of ballooning costs that will come out of each agency comparing state storage services to private-sector cloud options. 

Because of the existing cost-recovery model, Larson said he fears that as entities are allowed to do individual cost-benefit analysis, their exit from the state data center will spell increased costs for every other agency. As this drives up costs, the cost-benefit ratio further skewed.

What may seem like a good deal for the one creates additional cost for the many — and the state overall.

Ingoglia sees things differently.

“By transferring the state data center to DMS, I hope to see a transition from requiring agencies to pay for a high-cost, on-premise data center to allowing agencies to utilize more efficient commercial cloud services,” he said during the hearing. “We shouldn’t need to continue the cycle of buying hardware every five years to support our legacy systems. Instead, we need to direct our agencies to modernize and authorize the use of commercial cloud services where the state can receive better services at lower costs.” 

Money aside, the state’s unified way of doing business is also in danger. Granting autonomy to procure IT and fly on their own poses not only security consideration for the state, but compatibility issues as well, according to the acting CIO.

“There is obviously the cost issue," Larson said. "We have 34 agencies doing the same thing different ways, that increases costs, but the opportunity to get agencies to collaborate or share services becomes a destabilized, crowd-sourced concept."

With no mechanism craft policy, the new iteration of the seemingly cursed agency would have no way to enforce or create effective policy. Though it could make recommendations, lawmakers would ultimately sign off on any new rules.

The powers of project oversight are also greatly reduced. As it stands, AST has dominion over all IT projects above $10 million, but under the new proposal the ability to manage the workload is extremely diminished, according to Larson.

What is currently a staff of seven statewide project managers would be cut back to one, he said, but “they still have the same responsibilities to monitor projects; they have an army of one to manage all of the projects throughout the state.”

But AST officials are not the only ones raising eyebrows over the proposal that was introduced and passed within one business day. During the hearing, a representative from the Associate Industries of Florida spoke out against the bill, calling for the state’s “commitment, sustainability and investment” rather than a proposal that would fundamentally destroy the governance structure.

It was the same story from James Taylor, executive director of the Florida Technology Council, who cited substantial improvement in the state’s IT standing in recent years. “Starting over again is not what’s best for our state.”

Instead, Taylor advocated for seeing AST through, bolstering the mission and adjusting as needed.

“There simply isn’t a technology that I can think of that costs less by stopping it early instead of allowing it to go through it’s process,” he said.

Despite considerable reservation about the intent and wording of the bill, the subcommittee voted 13-1 in favor. Though Larson said the legislators he has been in touch with are puzzled by the attempted coup, he expects to see it heard in the House Appropriations Committee Wednesday, April 5.

Eyragon Eidam Web Editor

Eyragon Eidam is the Web editor for Government Technology magazine, after previously serving as  assistant news editor and covering such topics as legislation, social media and public safety. He can be reached at eeidam@erepublic.com.