Frequently Asked Questions
QAre Area Agencies on Aging (AAAs) and their subcontractors required to tag all property with State of California tags?ANo, AAAs are not required to use State of California tags, but are required to tag property and have tracking systems in place that consistently identifies each property purchased with CDA funds. AAAs are also required to submit to CDA annually, in electronic form, a cumulative inventory of all property furnished or purchased by either the AAA or their subcontractors with funds awarded in the contract on the Report of Property Furnished/Purchased with Agreement Funds (CDA 32) with the Closeout.
QShould AAAs spend State funds first, then the Federal funds?AIn an effort to maintain consistent service levels, it is CDA’s expectation that each AAA spends all funds (State and Federal) available as allocated to each State Fiscal Year (SFY) and proportionately based on match requirements for the services provided.
However, for the HICAP grant only, since the HICAP Federal Grant does not require a State match and since it is now awarded for a three year period ending March 31, 2020, it allows the AAAs some flexibility in managing the funds. State funds are only available within the SFY and expenditures must be recorded by June 30 for each year’s appropriation. Unspent Federal funds may be carried over into the following SFY. Therefore, CDA is not instructing AAAs to spend State funds first, but rather to ensure that all State funds are expended prior to June 30 to maximize service levels. AAAs should be mindful that carryover of Federal funds from year-to-year should be minimal and not routine given service levels should be maintained as outlined in the initial allocation. Also, Federal funding from year-to-year is never a guarantee since the allocation provided in the budget display is what is anticipated at the point-in-time and could change due to subsequent enacted budgets.
QWhat type of encryption is required and for what devices?AAny 128 bit encryption software will meet the encryption requirements. AAAs would need to ensure compliance with this requirement for any devices that access, transmit, or store data related to the services provided through the contract with CDA.
QAre AAAs responsible for ensuring that their subcontractors meet the encryption requirements and how can AAAs verify that their subcontractors meet the requirements?AYes, AAAs who subcontract services are still contractually responsible for ensuring compliance with encryption requirements, which can be met through a Self-Certification process. The Self-Certifications do not need to be sent to CDA, as these would be verified at the time that the AAA is monitored by CDA.
QWho is required to complete the security awareness training and how do AAAs verify completion of the security awareness training?AThe security awareness training, which is available on CDA’s website, is required for all employees and volunteers who provide services related to any of the CDA contracts. This includes, but is not limited to: AAA employees; subcontractor employees; vendor employees; volunteers; etc.
The certificates of completion will need to be printed out but do not need to be sent to CDA, as these would be verified when CDA monitors the AAA.
Updated July 10, 2017
If you are within California and are looking for services
If you are outside California