Confidentiality and Transparency
Our opinion – nonprofits should be transparent. Yet, the board’s duty of loyalty requires “directors,” (board members), to maintain confidentiality. Many nonprofit leaders are confused on what should be public knowledge and what should remain confidential. As with most questions, the right answer is, “it depends.” This article is not written as legal opinion, but hopefully will provide some clarity on how an organization can be as transparent as possible while it understands that some information can and should remain confidential.
Charitable nonprofits are private corporations founded for the “greater good.” As private corporations they can keep most corporate information confidential. However, the IRS requires financial transparency through the organization’s filing of Form 990, the nonprofit income tax report. Between those two absolutes, the ambiguity can confuse board and staff members on what to share, or not.
Open meetings/Executive sessions
Charitable nonprofits are not required to have open meetings but some operate as if they are subject to open meetings rules. Those rules can be imposed by a funder but are not required by law. For example, nonprofit public radio stations use open meetings rules because the Corporation for Public Broadcasting requires them to do so.
As a practice, it is difficult for nonprofit boards to operate efficiently with an audience. Some organizations feel strongly that everything be in the “light of day” and do not restrict observers. But for most organizations the directors (a board) meet and make decisions using reasonable inquiry to monitor outside opinions. State statute requires the board, “to make decisions in the best interests of the corporation.” Often members of the public do not understand the board’s legal duties nor do they have access to all information. Therefore, they have limited understanding to give relevant advice on some issues. The norm is for boards to conduct meetings with a limited number of people, like key staff and advisors, but at times, a board may seek even more privacy for sensitive conversations.
Boards have the ability to meet and engage in confidential conversations in an executive session. Some bylaws dictate how an executive session is convened. But even if not stated in the bylaws, there is an accepted process to hold an executive session.
First, a motion is made and seconded to go into an executive session. Then, with the consent of the board, the executive session is declared. When a board meets in executive session it can restrict participants, or in other words the board can kick anyone out of the room except a board member. Even if a director’s behavior is the concern for the executive session, that director has the right to be in the room. Confidentiality of conversations in an executive session is required. Any person that participates in an executive session, and then discloses what happened in session without using a script developed and approved by the board for public release, is violating confidentiality.
Organizations required to use open meetings rules, like city or state organizations, usually don’t go into executive session unless dealing with a very specific issue that may have legal or financial implications, like with confidential personnel or acquisition issues. Most boards can hold an executive session for any reason. Research validates that it is a good practice for boards to regularly meet in executive session. These private sessions are useful for the board to discover its “one voice.” It also helps the board better manage its relationship with its executive director.
Two other situations that are often misunderstood about executive sessions are who can be in the room and whether formal business can be conducted in an executive session. The answers – boards can invite others like their CEO, a professional advisor, or anyone else it chooses into an executive session, but no one, including the CEO or corporate members, is entitled to be in an executive session unless otherwise stated in the bylaws. And according to Roberts Rules, votes can be taken in executive session. While the specifics of the confidential conversations during executive session should not be included in the minutes, a general description of a motion and vote can be included, minus the conversations that led to the decision.
While there is clarity that what happens in executive session stays in executive session, confidentiality can be less absolute when sharing corporate records or deliberations concerning ongoing operations. Questions like:
- Are minutes of the meeting public information?
- Does everyone have access to our policies?
- Are board member’s email addresses or phone numbers public information?
- Is the public entitled to see an audit?
The answer to all of these questions is no, unless your bylaws require such disclosure. Nonprofits are private corporations and have the right to share corporate records, or not, with the public. But Alaska statute is clear that all corporate records are available to directors unless the board considers a specific director untrustworthy.
Other questions we regularly encounter include:
- Are executive salaries public information?
- Do we have to disclose our largest donors?
- Are the names of our board members public information?
The answer to all of these questions is yes. When the IRS required annual reporting through the Form 990, financial information became very public. Anyone can go online and secure a nonprofit’s 990s to see such information and more. Guidestar, a national nonprofit, posts all charitable 990s online.
Directors acting alone
Unless information is required on the 990, or unless the bylaws state differently, all other records of a nonprofit corporation are under the control of the fiduciary body, the board, to disseminate as it sees fit. To abide by the duty of care and to maintain confidentiality, no individual director should share information about the organization that he or she has access to, unless the board has determined that such information should be available to all. For example, many directors do not want their email address shared with the general public. So sharing personal contact information is never a good idea unless discussed and approved by all. When the board discusses a program’s direction or a pending financial consideration, even when not in executive session, such conversations or reports should be considered as confidential unless there is an understanding that they should be common knowledge.
State statute requires that directors be reasonable people, dedicated to looking after the best interests of the corporation. Sharing some information with the public could damage the organization’s reputation or strategy. Reasonable people should understand what should be shared and what should not, and if uncertain, ask before sharing. A director is not empowered to make a decision on what to share on his or her own. The “duty to act as a deliberative body” requires that a director understands that he or she has no legal authority to make a decision or speak on behalf of the organization without the consent of the body, the board. This is referred to as the “one voice” of the board. Sharing corporate records without the consent of the board is a violation of the duty of loyalty to maintain confidentiality and the duty to act as a deliberative body.
What happens when a director violates confidentiality?
Too often nothing. Most directors are disturbed by such behavior. Others will never know about a violation. Even if there is suspicion, validation of a breach of confidentiality is difficult to prove and uncomfortable to confront.
In a previous position, my board met in executive session to complete my annual evaluation. Before anyone on the board had discussed their decision with me, a member of my staff knew the specifics of what was discussed in that executive session. I was outraged! I demanded that the board handle the situation. Nothing was done. My only options were to grin and bear it, or quit. I stayed, but I was pretty sure I knew who violated the board’s confidential discussion, and it obviously impacted that relationship. Since that experience, I have done all I could to encourage directors to behave – even if there is no legal or social consequence.
If a director steals from the organization, the board should demand legal action. If a director were to release confidential information, like about an employee dismissal where the organization could have liability, the board could take civil action against that director, especially if the disclosure of that information led to a judgment with financial consequence.
In any case, if a director violates the duty of loyalty and does not maintain confidentiality, in our opinion, the board should consider removal of the director. For such situations, it is a good practice to have provisions in the bylaws for director removal. It goes without saying that if a board has a rogue director that endangers the credibility of the institution by disclosing confidential information or through other inappropriate behavior, the board should demand a change in behavior and that the director understand and act within policy. If bad behavior continues, then the board should consider removal of the director.
We notice that certain board behaviors seem to cluster at a specific time in Alaska. In the past few months, we have had numerous leaders call with questions about confidentiality so we felt it time to share these insights with all. Thankfully, most nonprofits never have to deal with directors that are not willing to work with the team. But when the opposite is true, we find that the majority of a board is too risk averse to confront the behavior – they want it to just go away. I am sure that was the case with my board years ago. But they almost lost me because they didn’t act. When an organization has a board behavior problem and does not respond, it runs risk of not only losing their executive, but also losing good directors.
It is also good to understand that there are times when boards are not responsive to serious concerns of certain directors that should be addressed. Some may see the dissenters as troublemakers. But what if those troublemakers are right? The best boards allow for healthy dissent and seek directors with diverse viewpoints and skills. But the key word is healthy. A board has a duty to respond to concerns. Directors should monitor their meetings to ensure there is healthy dissent. But when the dissent becomes counter-productive, or when a few directors intentionally undermine the rest through violating confidentiality, boards should act swiftly to resolve the problem.