HB 617-FN - AS INTRODUCED
2023 SESSION
23-0188
06/08
HOUSE BILL 617-FN
SPONSORS: Rep. Gallager, Merr. 20
COMMITTEE: Executive Departments and Administration
─────────────────────────────────────────────────────────────────
ANALYSIS
This bill prohibits, with limited exception, state agencies from requiring use of proprietary software in interactions with the public.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Explanation: Matter added to current law appears in bold italics.
Matter removed from current law appears [in brackets and struckthrough.]
Matter which is either (a) all new or (b) repealed and reenacted appears in regular type.
23-0188
06/08
STATE OF NEW HAMPSHIRE
In the Year of Our Lord Two Thousand Twenty Three
Be it Enacted by the Senate and House of Representatives in General Court convened:
1 New Chapter; Free and Open Source Software. Amend RSA by inserting after chapter 21-V the following new chapter:
CHAPTER 21-W
FREE AND OPEN SOURCE SOFTWARE
21-W:1 Mandatory Use of Proprietary Software Prohibited. No person in the state of New Hampshire shall be required to use proprietary software for any interaction with the government, including, but not limited to: the filing or payment of taxes, remote appearance for court proceedings, the taking of standardized tests or the completion of coursework by school students, applying for or receiving unemployment benefits, or other similar benefits, unless the government agency has determined that the proprietary software is the only means available for the required interaction. In such cases of proprietary software use, the agency shall post a notice of its determination and the use of proprietary software on the agency's website.
2 Effective Date. This act shall take effect 60 days after its passage.
23-0188
Revised 2/16/23
HB 617-FN- FISCAL NOTE
AS INTRODUCED
FISCAL IMPACT: [ X ] State [ ] County [ ] Local [ ] None
|
| |||
| Estimated Increase / (Decrease) | |||
STATE: | FY 2023 | FY 2024 | FY 2025 | FY 2026 |
Appropriation | $0 | $0 | $0 | $0 |
Revenue | $0 | $0 | $0 | $0 |
Expenditures | $0 | In excess of $320,157,448 | In excess of $320,157,448 | In excess of $320,157,448 |
Funding Source: | [ X ] General [ ] Education [ ] Highway [ ] Other | |||
|
|
|
|
|
The Legislative Budget Assistant is still awaiting information from the Legislative Branch in response to this bill. The Legislative Branch was contacted on 01/20/2023 for a fiscal note worksheet.
METHODOLOGY:
The Department of Information Technology (DoIT) states this bill prohibits the state from requiring the public use proprietary software when visiting state websites. DoIT states there are many websites, and applications within those sites, that are managed by the Department of Information Technology (DoIT) for Executive Branch agencies. The estimates do not consider public facing applications for other branches and constitutional offices. The Department states historically the cost of implementing a new application, whether replacing an existing application or implementing applications where none existed before, is three to seven times the cost of purchasing the software licenses. To become compliant with the language of this bill the Department would have to re-implement all but “limited exception” of the existing publicly facing applications. The cost of each re-implementation for the applications would depend on the size of the applications, the complexity of the business process they support and the regulatory environment (security and privacy) they exist in. For the purposes of these estimates, applications were broken into four categories: small, medium, large and extra-large. DoIT collaborated with the IT Leads for each Executive Branch agency to look at the cost of recent software implementations to determine the average cost for each category. The Department states that due to unique laws and customs in each state, state government applications are very specific to the state they are operating in. This means that there will be very few, if any, existing opensource applications that could simply be implemented in place of their commercial counterparts. Having a preponderance of outwardly facing applications operating in an opensource environment would require that most be developed from scratch or heavily modified if there were existing applications that have similar capabilities to what is required.
DoIT states additional staff to support the effort would be brought on under a competitively bid contract that would maintain an opensource ecosystem, customize existing opensource platforms to our needs and write applications from scratch if there is no opensource base to work from. The Department estimates this will require twenty ten-person sprint teams as well as a vendor program lead and five project managers. Each sprint team would consist of a scrum master (facilitator), a business analyst, five software engineers and three software quality engineers. The vendor team would consist of two hundred and six people. On the state site DoIT would need a team of six people to manage the vendor relationship, monitor and report on progress and to coordinate all the activities. This team would consist of a director, a financial analyst and four business analysts.
The duration of this project would be five years, so the fiscal impact would go beyond the scope of this fiscal note. The Department inventoried a total of 670 Executive Branch applications of which 271 are in scope for this language. In scope is defined as having externally facing (web site) components. Since the “limited exception” language is non-specific DoIT assumes 90% of the small, medium and large applications will be brought into compliance. They also assume all the extra-large applications will be brought into compliance. The Department assumes that the fiscal impact will be linear, and that one fifth of the total cost for application compliance will be borne each year of the five-year program. They state the cost of the program will need to be funded by the state general fund as this work will not qualify for other funding sources.
DoIT estimates the cost for application compliance using the following assumptions:
- Number of small systems * compliance cost for a small system*.9 = total cost for small systems
- Number of medium systems * compliance cost for a medium system*.9 = total cost for medium systems
- Number of large systems * compliance cost for a large system*.9 = total cost for large systems
- Number of extra-large systems * compliance cost for each extra-large system = total cost for extra-large systems
The Department estimated the average for compliance and annual costs for contracted staff derived from an existing statewide contract for staff augmentation. DoIT indicates there are 215 small systems, 36 medium systems, 17 large systems and 3 extra-large systems. The extra-large systems include NH FIRST (statewide ERP), New HEIGHTS (Integrated Eligibility) and MMIS (Medicaid Enterprise System). DoIT estimates the project will take at least 5 years to make the necessary changes resulting in a total state general fund cost of approximately $1.47 Billion. See table below for average annual costs:
Cost for Application Compliance (Spread Out over 5 Years):
Average Annual Cost
Small Systems $46,440,000
Medium Systems $45,360,000
Large Systems $67,320,000
Extra Large Systems:
NH FIRST $15,000,000
New HEIGHTS $32,000,000
MMIS $40,000,000
Subtotal - Application Compliance $246,120,000
Cost of Contracted Staff:
Vendor Program Oversight -
1 Vendor Program Lead $429,000
5 Project Managers $1,628,520
Program Execution (20 Sprint Teams) -
20 Scrum Masters $5,460,000
20 Business Analysts $4,095,000
100 Software Engineers $22,881,300
100 Software Quality Engineers $12,527,190
Subtotal - Contracted Staff $47,021,010
Cost of State Staff:
State Program Oversight -
1 Director, Opensource Program (LG 34) $143,204
1 Financial Analyst (LG 29) $118,134
4 Business Analysts (LG 30) $492,272
Subtotal - State Staff $753,610
TOTAL ANNUAL COST $293,894,620
The Judicial Branch states they identified any outwardly facing New Hampshire Judicial Branch (NHJB) website applications needing to be compliant under this bill. The NHJB states there are many websites, and applications within those sites, that are managed by the NHJB's IT Department. The estimates do not consider public facing applications for other branches and constitutional offices.
To develop the fiscal impact, the NHJB states it would have taken more resources than they currently have to get a precises quote of the cost to evaluate bringing each application into full compliance, so they have chosen to take a formulaic approach as developed by the Executive Branches' DoIT. To become compliant with the language of this bill the NHJB would have to re-implement all but “limited exception” of the existing publicly facing applications. The cost of each re-implementation for the applications would depend on the size of the applications, the complexity of the business process they support and the regulatory environment (security and privacy) they exist in. For the purposes of these estimates, applications were broken into four categories: small, medium, large and extra-large. The NHJB collaborated with the IT Managers to look at the cost of recent software implementations to determine the average cost for each category. The NHJB states that due to unique laws and customs in each state, state government applications are very specific to the state they are operating in. This means that there will be very few, if any, existing opensource applications that could simply be implemented in place of their commercial counterparts. Having a preponderance of outwardly facing applications operating in an opensource environment would require that most be developed from scratch or heavily modified if there were existing applications that have similar capabilities to what is required.
NHJB states additional staff to support the effort would be brought on under a competitively bid contract that would maintain an opensource ecosystem, customize existing opensource platforms to our needs and write applications from scratch if there is no opensource base to work from. The NHJB estimates this will require three ten-person sprint teams as well as a vendor program lead and two project managers. Each sprint team would consist of a scrum master (facilitator), a business analyst, five software engineers and three software quality engineers. The vendor team would consist of thirty three people. On the NHJB site they would need a team of four people to manage the vendor relationship, monitor and report on progress and to coordinate all the activities. This team would consist of a director, a financial analyst and two business analysts.
The duration of this project would be five years, so the fiscal impact would go beyond the scope of this fiscal note. The NHJB inventoried a total of 55 NHJB applications of which 23 are in scope for this language. In scope is defined as having externally facing (web site) components. Since the “limited exception” language is non-specific NHJB assumes 100% of the small, medium and large applications will be brought into compliance. The NHJB assumes that the fiscal impact will be linear, and that one fifth of the total cost for application compliance will be borne each year of the five-year program. They state the cost of the program will need to be funded by the State General Fund as this work will not qualify for other funding sources.
NHJB estimates the cost for application compliance using the following assumptions:
- Number of small systems * compliance cost for a small system = total cost for small systems
- Number of medium systems * compliance cost for a medium system = total cost for medium systems
- Number of large systems * compliance cost for a large system = total cost for large systems
The NHJB estimated the average for compliance and annual costs for contracted staff derived from an existing statewide contract for staff augmentation. NHJB indicates there are 14 small systems, 7 medium systems and 2 large systems. NHJB estimates the project will take at least 5 years to make the necessary changes resulting in a total state general fund cost of approximately $131.3 Million. See table below for average annual costs:
Cost for Application Compliance (Spread Out over 5 Years):
Average Annual Cost
Small Systems $3,360,000
Medium Systems $9,800,000
Large Systems $4,800,000
Subtotal - Application Compliance $17,960,000
Cost of Contracted Staff:
Vendor Program Oversight -
1 Vendor Program Lead $429,000
2 Project Managers $651,300
Program Execution (3 Sprint Teams) -
3 Scrum Masters $819,000
3 Business Analysts $614,250
15 Software Engineers $3,432,195
9 Software Quality Engineers $1,879,083
Subtotal - Contracted Staff $7,824,828
Cost of State Staff:
State Program Oversight -
1 Director $135,000
1 Financial Analyst (LG 29) $111,000
4 Business Analysts (LG 30) $232,000
Subtotal - State Staff $478,000
TOTAL ANNUAL COST $26,262,828
This bill does not establish or provide an appropriation for new positions.
AGENCIES CONTACTED:
Department of Information Technology, Judicial Branch and Legislative Branch