Audit of Settlement Agreements and Confidentiality Clauses Across Multiple State Agencies - Finding 4

We reviewed a sample comprising 108 monetary state employee settlement agreements to determine whether agencies maintained supporting documentary evidence. In doing this test, we found that agencies did not provide 18 employee settlement agreements totaling $620,304. These were a mix of settlement payments reportedly paid through a state agency’s own funds or the Settlements and Judgments fund. The table below details, by agency, the settlement agreements not provided to us.

Settlement Agreements Not Provided by Agency—Substantive Testing Sample

Additionally, when performing our data reliability assessment using a separate judgmental sample, we requested a copy of state employee settlement agreements for our sample (254 requested in total). We conducted this test to ensure the accuracy of the state employee settlement agreement lists provided to us by the agencies (employee names, execution dates, use of confidentiality language). Agencies were unable to provide 29 employee settlement agreements in this sample, this time totaling $270,976. The table below details, by agency, the settlement agreements not provided to us.

Settlement Agreements Not Provided by Agency—Data Reliability Assessment Testing Sample

Agencies’ failure to provide settlement agreements to our office, which has the legal authority to receive and analyze them under state law, creates the reasonable concern that information is being unlawfully withheld. Indeed, across the two tests identified above, 47 executed settlement agreements were not provided to us. This could negatively affect public trust in government and obscures from view how public dollars are being spent. Since these records were not provided to us, we were unable to test (1) whether these agencies complied with CTR’s reporting requirements and (2) that settlement lists provided to us were accurately described. Without sufficient documentary support, there is a greater-than-acceptable risk that some or many employee settlement agreements that should have been reported to CTR were not. CTR would therefore have been unable to ensure proper accounting of these settlement agreements.

The Massachusetts Statewide Records Retention Schedule requires state agencies to retain records relating to an employee settlement agreement in accordance with the following guidelines:

E05-01: Employee Complaint/Investigation/Disciplinary Records

Retain 6 years after last activity.

Documents informal or formal investigations into alleged employee misconduct. Includes complaints, notes, statements, and determinations and record of actions taken.

E05-02: Employee Grievance/Complaint Records . . .¹⁷

Documents work related complaints from non-union employees and grievances from union employees relating to their job environment. Includes complaints, grievances, hearing notices, arbitration findings, meeting notes, dispositions, and related correspondence.

E05-02 (a): Landmark cases

Permanent

E05-02 (b): Case summaries and final decisions

25 years

E05-02 (c): All other records

Retain 6 years final resolution.

E05-03: Personnel Action Records

See sub-schedules for specific retention periods.

Documents individual or class actions relating to reclassifications, promotions, demotions, transfers, layoffs, reductions-in-force, severance agreements, and terminations. Includes justification documentation, working notes, requests, employee notifications and responses, appeals, and related correspondence.

E05-03 (a): Landmark or policy setting cases

Permanent

E05-03 (b): Case summaries and final decisions

Permanent

E05-03 (c): All other records

Retain 6 years final resolution.

No policies and procedures were documented that defined how long state agencies should retain employee settlement agreements in accordance with the Massachusetts Statewide Record Retention Schedule. Some agencies told us that settlement agreements should be retained for six years under E05-03 of this schedule. However, neither this time period nor the method for storing settlement agreements were documented in a policy. Therefore, when records were requested to support the employee settlement agreements reported to us, some state agencies had difficulties locating and producing these records, as some reported that they may have been destroyed because their records retention period had allegedly expired. Additionally, some settlement agreements were not provided to us by agencies in a timely manner in accordance with the law (Section 12 of Chapter 11of the General Laws).

GOV could not provide reasoning as to why state agencies within the executive branch did not have a centralized list of employee settlement agreements and supporting documentation for employee settlements that fell within a record retention period.

GOV should ensure that state agencies comply with public records law and should develop policies and procedures to ensure that state employee settlement agreements are retained in accordance with the Massachusetts Statewide Record Retention Schedule. GOV should ensure that these records are provided to our office upon request. This policy should consider the creation of a centralized list of such state employee settlement agreements and the location of the storage of these records to facilitate production of these records upon request.

In responding to this audit, the executive department worked collaboratively and cooperatively with OSA to locate and produce information and documents from a thirteen-year audit period, nine years of which fell outside of the presumptive records retention period. Hundreds of employees across at least seventy-five offices and agencies collectively dedicated hundreds of hours, including through searches of archived paper files and electronic databases, to compile and produce information on the over 2,000 settlement agreements discussed in the report.

We respectfully disagree with the report’s assertion that “57 executed settlement agreements” requested by OSA “were not provided.” Agencies were unable to locate a small number of settlement agreements requested by OSA, many fewer than 57, particularly agreements that pre-date 2019.

. . . Audit Finding 4 appears to: (a) treat settlement agreements that were produced after OSA’s initially requested deadlines as having been not produced at all (including, for example, agreements from EOPSS and EOHLC); and (b) include settlements that predate OSA’s testing period of 2019 to 2022. . . .

Over the thirteen-year audit period, many executive department offices and agencies underwent broad organizational changes or consolidated their human resources functions, updated their computer systems, and sent older case-related materials to offsite paper storage. In each case in which settlement agreements could not be located, the offices and agencies explained or offered to explain to OSA how its searches were conducted and why certain requested agreements could not be found. Consequently, we disagree with the report’s unfounded implication that settlement agreements may have been “unlawfully withheld” from OSA. We are confident that all individuals involved in conducting and responding to this audit—OSA and executive department employees alike—acted diligently and in good faith.

In this regard, the executive department and OSA have also attempted in good faith to resolve a legal disagreement over the applicability of G. L. c. 66A to certain requests made as part of the audit. In July 2024, OSA asked to review of a random sampling of several hundred personnel records of current and former executive department employees to “test” for the presence of settlement-related materials. Following consultation with the Attorney General’s Office, we advised OSA that the request to review unredacted personnel information in a large number of personnel records—inclusive of personal identifying information, bank account numbers, social security numbers, medical information, and disciplinary information, for both employees and their family members—likely triggered the protections of G. L. c. 66A. See G. L. c. 66A, s. 2(k) (requiring agencies to “maintain procedures to ensure that no personal data are made available in response to a demand for data made by means of compulsory legal process, unless the data subject has been notified of such demand in reasonable time that he may seek to have the process quashed”); Torres v. Att’y Gen., 391 Mass. 1, 12 (1984) (G. L. c. 66A applies to requests made by the Attorney General’s Office for confidential, personal information, even in the context of ongoing litigation); Allen v. Holyoke Hosp., 398 Mass. 372, 381 (1986) (“[W]here a party . . . seeks materials arguably protected by [G. L. c. 66A], that party must demonstrate that, based on the particular circumstances of the case, the collective public interest in disclosure warrants an invasion of the data subject’s privacy.”)

To try to resolve the G. L. c. 66A issue, the executive department offices and agencies offered to review the personnel records at issue and produce to OSA any responsive information that might be located. OSA rejected this suggestion, contending that G. L. c. 66A was categorically inapplicable to its request. The Attorney General’s Office thereafter suggested that the impacted agencies should send notices to data subjects under G. L. c. 66A, s. 2(k) and, absent any court orders to the contrary, provide OSA with access to the requested personnel records. To facilitate OSA’s access to the documents, these notices were sent in early December 2024. To date, none of the employees have sought a court order to block review of the records.

As we have previously advised the OSA, the agencies are now prepared to schedule time for OSA’s review of all records for which there is no court order to the contrary. As such, the report’s suggestion that OSA has been “denied access” to the requested personnel records is incorrect. We have also acknowledged that OSA’s review would be without prejudice to any of OSA’s legal positions on the applicability or inapplicability of G. L. c. 66A.

We appreciate the efforts that all 75 agencies included in this audit, and their employees, made to produce settlement listings, produce requested records, and participate in interviews with us to explain their processes in entering into, processing, and documenting employee settlement agreements. We are sure the Governor’s Office similarly appreciates the countless hours, weeks and months spent by our audit team, making requests, analyzing records and drafting this report alongside this Administration to make government work better.

There were 57 settlement agreements requested during the course of the audit that agencies did not provide upon our request. We revisited the responses from the agencies that came in late and after our requested timelines and revised the figure, which still shows 47 settlements agreements were not provided to us in order for us to conduct our tests.

Some agencies had noted on their settlement listings that they were aware of a settlement agreement’s existence through their search of relevant records, but they were unable to locate the actual settlement agreement itself. Some of our audit requests were made at random and did not take into consideration an agency’s notation that the settlement agreement could not be located while we were performing our audit testing. Additionally, records were expected to be provided to us in a timely manner. We waited months on end, in many cases for some requested records, that were provided to us only after our testing was already performed. We are sure GOV understands, even though it is not required to comply with the public records law, that the public records law generally requires state entities to produce a response within 10 business days. The Office of State Auditor, under M.G.L. Chapter 11 Section 12 asks for records to be provided to our office within a reasonable time frame. GOV and executive offices and agencies failed to fulfill our audit requests for information in a timely fashion. For several months, our office worked—in good faith—to accommodate the executive offices and agencies as they compiled the settlement lists. While agencies did provide periodic updates, we experienced months-long waiting periods. The timeframe of receipt of settlement lists ranged from one to six months (see table on report page 23) with an average wait time of three months from the date of the initial request.

Additionally, five agencies requested extensions in order to produce documents for our substantive test work. The explanation for these extension requests varied from scheduled vacation to time needed to retrieve paper documents from storage. While we did eventually, and thankfully, make some progress with agencies, whose workers appeared invested in working together with our office, we would unfortunately reach legal impasse with the Office of Governor, itself, which had cited FIPA (Chapter 66A) to direct agencies to withhold documents from our office. As we have already made clear, it was not feasible to grant yet additional extensions, or allow for an additional delay, in December, at the end of our already significantly delayed audit review.

Agency Requests for Extensions

We certainly acknowledge that agencies have moved offices through the years and undergone reorganization, restructuring and other activities over the last 13 years that may have impacted their ability to provide to us requested records. In this immediate instance, there were indeed challenges claimed by executive offices and agencies, and our audit report reflects the challenges that they cited.

The Office of Governor, originally told our office it could not access documents we needed because the prior administration still controlled them. (See Appendix F.)

Months later, GOV and executive agencies and offices conceded it could produce the documents, only to then refuse to allow us to perform our data reliability assessment to ensure that a full and accurate record was indeed provided to us. These repeated delay tactics added significant stress to the work of our office as we sought to navigate how to complete our audit work timely, considering this audit covered 75 agencies that—as you are aware—all fall under a requirement to be audited every three years.

The overall difficulty in finding prior records underscores to us the need for GOV to ensure significantly improved centralized management and oversight of these issues. We believe centralized management and record keeping, in a one-stop shop—so to speak, could improve access, transparency and accountability while reducing risk for the Commonwealth, its taxpayers and its employees.

Furthermore, the request to review random samples of personnel files of individuals who were employed with those entities during the audit period was part of our office’s Data Reliability Assessment (DRA). This step is required by GAGAS, the standard by which we are required by statute to conduct our audits, to ensure the completeness and accuracy of the data received from auditees. We have never had a problem with accessing these types of records to complete our work which helps to ensure that the law is not being broken and that abuse and fraud in government are weeded out. In fact, a few recent examples of when we reviewed personnel files as part of our audit work, was our audits of the Massachusetts Convention Center Authority, Southfield Redevelopment Authority, Hampden County District Attorney’s Office, Department of Industrial Accidents, and Worcester County Sheriff’s Department.

It is concerning that GOV is asserting new privileges for itself regarding the review of records that we have always had access to and very much need to be able to access in order to fulfill our duties to the taxpayers. Regarding sensitive information, GOV should know that we could not have conducted our recent audit of the Department of Children and Families that highlighted a need for significant improvements to be made regarding children’s medical treatment and mental health services. Without access to documents containing very sensitive information, we would not have been able to examine 51A reports, regarding child abuse and neglect cases, for our audit of The Department of Early Education and Care.

It is truly concerning that GOV took it upon itself, against our office’s repeated and well-documented directives not to do so, to reach out to former and current public employees to invite them to “object to” and “quash” access to documents we needed to complete our audit of executive offices and the agencies, not those individuals. Employees in the Office of Governor, acted in a manner inconsistent with Government Auditing Standards, by reaching out to individuals without our audit team’s request or consent. We can imagine how the Office of Governor would respond if our team acted as though we were speaking on its behalf, against its repeated, documented directives not to do so.

The statement given by the Office of the Governor in its response to justify its actions by stating that no one has “to date” objected in its response and that our office was somehow therefore not technically “denied access” is, in our opinion, purposefully misleading. This misleading statement seems to be intended to provide the Governor’s Office with political cover after creating confusion and legal obstacles by refusing to allow our office access to records that we have the full right to access, under M.G.L. Chapter 11 Section 12, to conduct our data reliability assessment in time for the completion of the audit report. GOV’s response leaves out the very important, and incredibly relevant fact, that we had closed out the testing period and were already drafting the final report—which, as GOV knows, was given to GOV for review only days later during December. It was made crystal clear, that there was nothing to object to by that point.

The reality is, contrary to the claims made in GOV’s response, it decided to unilaterally send out these notifications granting the ability to “object” and “quash” our request, purposefully to try and “moot” the court action that we informed you we were taking.

The Office of Governor deliberately and purposefully acted with the intent to undermine our clear intent, and right, to bring this issue to court for resolution—which is needed, since your decision to require us to receive permission blocks our access to sensitive records which impacts not just this audit but the overall state oversight our office provides to taxpayers.

Our team made clear to both GOV and AGO that, since the disagreement and delay had gone on for far too long with no resolution, we had made the AGO aware that we were seeking court action to resolve the dispute so as to access the documents we needed to be able to continue to complete our audits in accordance with MGL Chapter 11 Section 12.

GOV was aware that we were completing our audit and would be citing the scope limitations imposed upon us by the GOV while pursuing court action to resolve the dispute.

The OSA finds the actions of the Governor’s Office, in this regard, to be very problematic. Guided by G.L. c. 11, s. 12 and GAGAS, the OSA has discretion and independence as to how it conducts audits. And, as discussed above, the letters sent by GOV or its executive offices and agencies were not required by law. Sending these notifications, revealed details of our audit, jeopardizing and interfering with the integrity of our audit while creating unnecessary confusion, uncertainty and disruption in the lives of those active and former public servants impacted by the notifications. These actions, by GOV, would allow for records that may contain unflattering information or demonstrate a history of abuse, to be hidden from the Office of State Auditor—preventing us from reporting on potential unlawful or unethical actions within executive offices and agencies. The Administration should know full well that it is completely unacceptable to allow its office, an agency or an individual the opportunity to “quash” or “object” to our review which is conducted on behalf of taxpayers.

Our audits, without access to the records that we need to be able to complete our data reliability assessments, would be relinquished to being nothing more than hypotheses of what is happening across state government regarding the potential abuse and mismanagement of tax dollars and government programs. It is not unfair to question if this is the intent of the Administration, considering its actions over the course of this audit.

It is also notable no auditee has ever raised this objection or employed this novel interpretation of G.L. c. 66A (FIPA) with respect to our ability to access records in connection with an audit. The OSA’s authority to access data in the scope of its audits is broad. Our enabling statute, G.L. c. 11 § 12, explicitly and unambiguously authorizes the OSA to request, review, and if necessary, compel production of documents related to any matter within the scope of its audits. This authority extends to sensitive, confidential, or such information that would otherwise be protected from disclosure by law. See Suzanne Bump, State Auditor v. Shahrzad Haghayegh-Askarian and Hancock Dental Co., Mass. Super. Ct., No. 11-4539A (Suffolk County May 10, 2012). The personnel records requested in the scope of this audit fall under the OSA’s broad authority, granted by statute and affirmed by case law.

The Office of the Governor’s reliance on FIPA fails to note the plain language of the law, specifically, G.L. c. 66A § 2(c), which contains a provision granting OSA access if “such access is authorized by statute.” As discussed above and explained, repeatedly but to no avail, to the Office of the Governor by our audit team, our General Counsel, and the Auditor herself, G.L. c. 11, s.12 provides for the statutory access contemplated by FIPA. Moreover, such statutory access as possessed by the OSA requires neither notification to nor approval from data subjects.

Based on this legal authority, we rejected the Office of the Governor’s assertion that FIPA was applicable and that notifications granting the ability to object to and quash our request were suddenly, and uniquely, required for this particular audit. Additionally, we engaged the Office of the Attorney General (AGO) seeking resolution on this matter not only for this audit but also to ensure our ability to conduct audits in the future. We view this misapplication of FIPA to be an existential threat to our ability to conduct audits across all of state government. We must have access to required data to conduct our audits.

Finally, it is absolutely reasonable, and we would further assert—responsible, to have concerns that some settlement agreements “may have been ‘unlawfully withheld.’” GOV and executive agencies may very well have purposefully hidden these agreements from our audit team. Again, we simply do not know what settlement agreements may have been entered into, but withheld from our office—or whether it was for the reasons claimed. We cannot confirm the claims made by the executive branch offices and agencies regarding the rationale for myriad missing documents. We are not able to simply take the claims of GOV and executive agencies and offices, at face value and based on the honor system, then propagate these claims to the public as though they are reality. Our job is to audit and identify areas lacking sufficient controls and oversight. We may trust, but we do need to verify. Based on its response, GOV is not taking sufficient steps to address our concerns on these matters. Our office encourages GOV to act with urgency to address our audit findings.