[Senate Hearing 105-693]
[From the U.S. Government Publishing Office]



                                                        S. Hrg. 105-693


 
                       NORTHWEST YEAR 2000 SUMMIT

=======================================================================

                             FIELD HEARING

                               before the

                        SPECIAL COMMITTEE ON THE
                      YEAR 2000 TECHNOLOGY PROBLEM
                          UNITED STATES SENATE

                       ONE HUNDRED FIFTH CONGRESS

                             SECOND SESSION

                               __________

                              JULY 1, 1998

                              PORTLAND, OR

                               __________

                  Printed for the use of the Committee


                               


 Available via the World Wide Web: http://www.access.gpo.gov/congress/
                                 senate

                     U.S. GOVERNMENT PRINTING OFFICE
 50138 CC                   WASHINGTON : 1998
_______________________________________________________________________
 For sale by the Superintendent of Documents, U.S. Government Printing Office
                          Washington, DC 20402


                        SPECIAL COMMITTEE ON THE
                      YEAR 2000 TECHNOLOGY PROBLEM

         [Created by S. Res. 208, 105th Cong., 2d Sess. (1998)]

                   ROBERT F. BENNETT, Utah, Chairman
JON KYL, Arizona                     CHRISTOPHER J. DODD, Connecticut,
GORDON SMITH, Oregon                   Vice Chairman
SUSAN M. COLLINS, Maine              JEFF BINGAMAN, New Mexico
TED STEVENS, Alaska, Ex Officio      DANIEL PATRICK MOYNIHAN, New York
                                     ROBERT C. BYRD, West Virginia, Ex 
                                         Officio
                    Robert Cresanti, Staff Director
            Andrew Lowenthal, Acting Minority Staff Director

                                  (ii)


                            C O N T E N T S

                                 ------                                

                 OPENING STATEMENT BY COMMITTEE MEMBER

Hon. Gordon Smith, a U.S. Senator from Oregon....................     2

                               MODERATOR

Norm Eder, vice president of public affairs, Oregon Graduate 
  Institute......................................................     1

                    CHRONOLOGICAL ORDER OF WITNESSES

Keith Barnes, CEO, Integrated Measurement Systems, Beaverton, OR.     3
Louis Burns, vice president and director of information 
  technology, Intel Corp.........................................     5
Ben F. Williams, principal, WRG Design Co., Beaverton, OR........     7
Rita Aikins, director, Data Management Security, Providence 
  Health System..................................................     8
Lloyd Bell, vice president for Y2K, Bank of America, Portland, OR    10



                       NORTHWEST YEAR 2000 SUMMIT

                              ----------                              


                        WEDNESDAY, JULY 1, 1998

                               U.S. Senate,
                 Special Committee on the Year 2000
                                        Technology Problem,
                                                       Portland, OR
    The committee met, pursuant to notice, at 10:10 a.m., at 
the Oregon Graduate Institute of Science and Technology, 
Portland, OR, Hon. Gordon Smith (member of the committee), 
presiding.
    Present: Senator Smith.
    Also Present: Norm Eder, OGI.

   STATEMENT OF NORM EDER, VICE PRESIDENT OF PUBLIC AFFAIRS, 
                   OREGON GRADUATE INSTITUTE

    Mr. Eder. Good morning. Welcome to OGI and the Northwest 
Year 2000 Summit. Thank you for taking the time to come on what 
I know is a busy summer day, and it is probably the kind of 
weather you would all like to be spending the morning gardening 
instead of doing Year 2000 problems. I am Norm Eder. I am vice 
president of public affairs at the Oregon Graduate Institute.
    Senator Smith, who has joined us this morning, is a member 
of the Senate Special Committee on the Year 2000 Technology 
Problem. He asked OGI to organize this briefing several weeks 
ago. We were very pleased to do so, and we recruited a panel of 
business and technology experts this morning to lead off the 
testimony. And we want to get the audience involved as well, 
and you will have plenty of opportunity to share your view with 
the Senator and the panel.
    Our audience today comes from a number of groups: the 
American Electronics Association, local business groups, and 
the Tualatin Valley Economic Development Corp.
    Before we get started with the testimony, let me say a few 
words of introduction about the Senator. He was elected to the 
U.S. Senate in 1996, following the retirement of Mark Hatfield, 
who, incidentally, was a member along--or a founder, along with 
Howard Baum, of the Oregon Graduate Institute. He served prior 
to that time as president of the Oregon Senate. After earning a 
law degree from Southwestern University in 1979, he practiced 
law in Arizona. Later, he purchased a vegetable-processing 
business in eastern Oregon and successfully guided the company 
to profitability and growth.
    As a U.S. Senator, he sits on three committees: Budget, 
Energy and Natural Resources, and Foreign Relations. That is in 
addition to the Special Year 2000 Committee that Senator Smith 
has joined recently.
    Senator Smith, do you have a few comments?

  OPENING STATEMENT OF HON. GORDON SMITH, A U.S. SENATOR FROM 
                             OREGON

    Senator Smith. Thank you. Thank you very much, Norm, and my 
thanks also to OGI for setting this up, to our panel who are 
participating, and all of you who are taking an interest in 
this issue.
    It wasn't very long ago that Senator Tom Daschle, the 
Democratic leader of the Senate, and Senator Trent Lott, the 
majority leader of the Senate, set up a Y2K Committee, a 
special committee, because it is dawning on the U.S. Senate and 
other branches of our Government just how potentially large a 
problem this will be.
    I sought membership on that committee and was given a seat 
on it. It is chaired by Senator Robert Bennett of Utah, but 
there are equal numbers of Republicans and Democrats. This is 
truly a bipartisan problem and a bipartisan committee designed 
to highlight, as best we can, this problem and to focus human 
efforts to resolve it. We do it out of fear of its economic 
impact, the kinds of panic that have set in, the kinds of 
threats to human life that could result, and also out of fear 
that perhaps in this modern society, we have built something of 
a modern Tower of Babel that, if we don't figure out how to 
resolve this embedded chip problem, we will not be able to 
communicate well with one another and certainly with other 
countries as well.
    So it is in the spirit of bipartisanship and out of genuine 
concern for the impact that this Y2K problem can have upon our 
country and on our entire planet that many of us are putting 
our shoulder to this wheel to try to move it along.
    I know the Clinton administration is, our Senate Year 2000 
recently had our first hearing to focus on the energy and 
utilities sector and the President has also assigned a Y2K task 
force to pursue this entire problem. I head up the general 
business sector's effort to address the Y2k problem. Other 
members of the committee are heading up other critical 
Government services, such telecommunications, utilities, health 
care, and transportation. All of these things have an enormous 
potential to negatively impact our Nation if we don't get them 
resolved.
    Some parts of the Government have acted quickly, such as 
Social Security who has a real success story to tell. On the 
other hand, the FAA is telling us that all their little 
stations will have lost their codes and will not be able to 
reprogram it. A lot of our current FAA system are simply going 
to be obsolete after New Year's Eve 1999. I wouldn't suggest 
you be in an airplane at that time.
    But, nevertheless, knowing that now, we will begin to make 
efforts to fix that. But to the end that we not have created a 
Tower of Babel, we are here to communicate today and focus on 
solutions.
    So, again, Norm, thank you, OGI, to all our panelists, and 
to each of you for taking the time.
    Mr. Eder. Well, I can assure you that today will not be a 
Tower of Babel. Thank you.
    Two little numbers--or, rather, the lack of two spaces for 
those numbers in some software programs is cause for 
significant concern. Some say the millennium bug issue is much 
ado about nothing. Others envision the collapse of civilization 
as we know it. Some organizations have been working for many 
years to find a fix, and yet others, particularly small 
business, seem to be taking a wait-and-see attitude.
    The Federal Reserve sees it as a problem, sees the 
millennium problem as serious, predicting that it will trim 
economic growth, cost U.S. business some $50 billion, and a 
worldwide cost of $300 billion. And I think that the Defense 
Department is currently struggling to try to assess the cost to 
national security.
    To begin the discussion on Y2K issues, OGI has assembled a 
group representing diverse interests. They are carefully 
looking at the approach of the new millennium from different 
perspectives.
    There are some questions for the panel prior to your 
introduction that I would appreciate if you could address 
yourself to. How will the Y2K problem affect the growth engine 
of our State and the high-technology industry that now is at 
the core of our economic growth? How will it affect product 
sales? Will tangled international trade and travel result? What 
preparations are being taken by key industries such as banking 
and health care in our State? And what are small business 
operators in Oregon doing? And the question for the day: What 
should the Federal Government and the Congress be doing to help 
us address this problem?
    Our panel members were invited to offer a few minutes of 
individual testimony. Following their comments, I will 
facilitate a panel discussion. I would encourage the audience 
to ask questions or to make statements after the panelists 
speak.
    We now turn to a view from the high-technology industry. 
Keith Barnes is CEO of Integrated Measurement Systems, an 
electronics company based in Beaverton. Keith is a leader in 
the high-tech industry, and we are very proud to say that Keith 
is a member of the OGI Board of Trustees.

STATEMENT OF KEITH BARNES, CEO, INTEGRATED MEASUREMENT SYSTEMS, 
                         BEAVERTON, OR

    Mr. Barnes. Thank you, Norm. Good morning and thanks to 
Senator Smith for coming and listening to the high-tech 
community and to the rest of us about this critical issue.
    I guess the first thing I would like to get across is that 
this is clearly pervasive. It affects everything in our 
personal lives and certainly things in our businesses. I was 
trying to think of exactly what I would say last evening as I 
was driving home at about 7:30, and I reached down to see 
whether or not I could program the date into my automobile for 
the Year 2000. I have a BMW, and it has that capability. And 
thank goodness it is a new enough car where the engineers I 
guess thought about it enough that they allowed it to be 
programmed into the Year 2000. So at least I think my car will 
still run after the turn of the century.
    I am also a pilot. I would be concerned to check out every 
instrument in the planes that I fly to make sure that they 
don't end up having a problem with respect to the Year 2000, 
because I certainly intend to be flying past that date.
    I think if you take a look at most of the high-technology 
companies, especially those that are doing reasonably well 
these days, they take this problem very seriously. I am on the 
board of two public companies and a private company and OGI, 
and I am involved with other people in the high-tech community, 
and I believe that most companies are taking this very 
seriously.
    In our own company, we have programs to go through the 
priority software products and systems in our company to make 
sure that they will work properly and be able to support our 
customers properly, and that includes not only our materials 
planning systems but our service systems, our bug-tracking 
systems and so forth. And we have plans in place to work with 
the vendors of those software programs to make sure that things 
will be up and running as we move forward.
    So I think that the high-tech community is taking this very 
seriously. I think the things that we feel uncomfortable about 
are pretty much the things that Senator Smith talked about, and 
that is, you know, what does happen when a number of our 
employees are flying around in December--which they will be 
doing--of 1999 or in January of the Year 2000, or our families 
are celebrating the millennium, going to visit relatives or 
whatever. Will the FAA systems, in fact, be working and keeping 
the planes separated and the departures and aircraft separated 
in the appropriate way?
    Those are the big questions I think that we need to answer. 
In our own companies, I think that we look at our products, 
look at the products that serve our companies, we have a very 
long list of things that we look at to make sure that they are 
in good shape for the Year 2000, even down to--we were talking 
earlier about the climate control systems. We talked about air 
conditioning and heating. We talked about elevators. We talked 
about a number of things. Have we talked about them all? 
Absolutely not. There will be something that will jump out that 
we have not considered.
    But I guess at this point, given that we don't have a heck 
of a lot of time left, what we have to do is prioritize not 
only our companies but also in the Government, the high-
priority, critical issues that have to do with human safety and 
protection and defense so that we don't get caught off guard 
and have something that is really critical that could cost 
human lives.
    The occasional invoice that won't happen or the occasional 
problem that comes from some system that people didn't 
anticipate having this problem, I think we can get around that. 
We tackle much larger problems than that, and I think that over 
time we will just deal with it.
    So I guess my closing comment here would be to concentrate 
on those issues which are critical to human safety, to defense, 
and to the well-being of people, either from a Government 
standpoint or within our businesses. And I think that business 
on its own is really taking it very seriously and making sure 
that they are compliant with the Year 2000 to the best of their 
ability.
    Mr. Eder. Thank you, Keith.
    Senator Smith. I would like to put in a comment. One 
element that I hear from my sources is that every business 
ought to be really focused on fixing this. I understand the 
trial lawyers are really watching this issue, too. [Laughter.]
    And so there ought to be plenty of economic incentive to 
mitigate it now because there is liability potentially that a 
court might find later. So that is another reason why we are 
all here with as loud of megaphones as we can find, to protect 
human safety and to protect the wallet and keep our country 
from sliding into a recession from some of these things and the 
unintended consequences.
    Mr. Eder. Oregon's largest industrial employer is Intel. 
For a look at Intel's concerns, here is Louis Burns, vice 
president and director of information technology, who, we are 
very pleased, came from California today to be at this meeting.

   STATEMENT OF LOUIS BURNS, VICE PRESIDENT AND DIRECTOR OF 
              INFORMATION TECHNOLOGY, INTEL CORP.

    Mr. Burns. Thank you. I enjoy the rain, so I come here. 
[Laughter.]
    First off, I would like to thank Senator Smith and the 
other panel members and the invited guests for spending the 
time on this very critical issue to each one of us in business 
and each one of us in our personal lives.
    As you said, my name is Louis Burns, and I am the director 
and vice president of information technology at Intel Corp. The 
more popular term for that is the chief information officer of 
the company. I am responsible for managing Intel's information 
technology's assets and operations around the world. I am also 
the member of Intel's executive staff who is responsible for 
the Year 2000 Program inside of Intel and making sure that that 
is not an issue for us as a corporation.
    Again, I would like to thank Senator Smith for chairing 
this summit to gather the information and recommendations from 
an Oregon business point of view on how we resolve this issue. 
I would also like to say thanks to the Oregon Graduate 
Institute for hosting this. This is critical. This is an issue 
that far too many people are talking about in abstract and not 
talking about specifics on.
    Intel is a worldwide company. We have facilities in over 30 
countries around the world. In North America, we have 
facilities in Massachusetts, Texas, New Mexico, Arizona, 
California, Utah, Washington State, and Oregon. Our Intel 
campus in Oregon is the largest Intel site in the world, and as 
you said earlier, we are the largest private employer.
    We have over 11,000 employees in Oregon. We occupy over 4.2 
million square feet of office space in Washington County, and 
our employees are involved in a range of things from 
manufacturing, research and development, design, and 
administrative functions.
    The Year 2000 technology issue does not have a specific 
impact on Intel's Oregon facility. We are treating it as a 
worldwide issue and addressing it on a worldwide basis. So 
there is nothing unique about our issue in Oregon. It is an 
Intel issue around the world.
    Let me give you some basic points and Intel's position on 
this and what we are doing to respond to them.
    We are taking this issue of the Year 2000 extremely 
seriously. We are devoting all necessary resources to address 
the problems resulting from the date change with our internal 
computer systems, our suppliers, and our products. All of 
Intel's primary products--i.e., microprocessors--are Year 2000 
capable. We are offering a limited warranty on all current 
products that are deemed Year 2000 capable, or Year 2000 
capable with a fix.
    For Intel's other products with potential Year 2000 issues, 
we are communicating with our customer base to determine how to 
best achieve Year 2000-capable status. All of Intel's Year 2000 
product information is posted on our website. That website, if 
you go to www.intel.com and look under support, you will see a 
huge database of what we are doing from the Year 2000 point of 
view.
    The Year 2000 issue is primarily a software and systems 
issue. For a computer system to handle the Year 2000 date 
correctly, each of the impacted components--in the case of a 
PC, the bios, the operating system, and the applications that 
run on that--have to be Year 2000 capable. Any one of those not 
being Year 2000 capable will cause you a problem.
    Intel is addressing its internal systems with a 
comprehensive, corporate-wide approach. Our goal is to have all 
Intel critical systems Year 2000 capable by the first quarter 
of 1999, and we are on track for that today.
    At Intel, we are devoting significant resources to solving 
this problem, but we currently do not believe that the costs of 
the Year 2000 programs will have a material effect on the 
company's financial position or on its overall results of 
operations.
    Some analysts, as you said, predict that the worldwide cost 
of resolving the Year 2000 issue by the private and public 
sectors may be as high as $300 to $600 billion, and even higher 
if you include the cost of litigation. [Laughter.]
    In the public policy arena, Intel is active in supporting 
efforts to develop reasonable limits on these litigation costs. 
We are currently supporting State-level efforts in California 
and Texas to limit litigation or frivolous claims related to 
Year 2000 issues, and at the Federal level, we are working with 
the Semiconductor Industry Association to develop proposals to 
reduce litigation.
    This is an important issue which Intel is taking very 
seriously. All companies, regardless of size or where they do 
business in the world, should take this seriously and 
systematically review the issues that might relate to the Year 
2000.
    Senator, if there is one bit of advice I could give, there 
are not short cuts in this process; there are no magic bullets. 
This problem is only solved by hard work, extreme rigor, and 
extreme focus by every company on every part of their business 
to ensure this is not an issue.
    Thanks again for inviting us up here.
    Senator Smith. Louis, do we have the labor literally to 
physically fix all of the chips?
    Mr. Burns. In my opinion, we have. I can speak for what we 
are doing inside of Intel. We have--it is not just an 
information technology issue. It is an Intel issue, and all 
parts of the company are rallied around and involved in this.
    Internally, yes, we have the talent, the knowledge, and the 
labor pool to get it done. I think and I hope that is true in 
general across business. We started a 1\1/2\ years ago on this 
process. So if someone is starting late, either in Government 
or in business, at this stage of the game that could be an 
issue for them.
    Mr. Eder. Thank you, Louis. And we did arrange the rain 
especially for you today.
    Mr. Burns. Thank you. [Laughter.]
    Mr. Eder. From the concerns of big business, we turn to 
small business. Ben F. Williams is a principal of WRG Design 
Co., a Beaverton engineering firm. He has been involved in the 
development of numerous office parks and industrial sites, some 
of them being familiar to all of us in Washington County.
    As a business strategy, WRG tries to stay on the cutting 
edge of technology. The firm has wrestled with the Y2K issue.
    Ben, thanks very much for being here today.

   STATEMENT OF BEN F. WILLIAMS, PRINCIPAL, WRG DESIGN CO., 
                         BEAVERTON, OR

    Mr. Williams. Thank you, and thank you, Senator Smith, for 
being here today, and other panel members. I feel fortunate to 
be here today.
    My partner, Darren Welborn, was supposed to be here today, 
and he had to be out of town, so I kind of got thrown into 
this. So I will apologize now for not being as up on this as I 
should be.
    We are relatively small engineering firm in the Portland 
metro area. We have grown from four employees to 65 employees. 
And through this growth, we have been required to stay up on 
technology, upgrading our software continuously from a year-to-
year basis. We are being told by our vendors that our software 
is Y2K compliant.
    We also are fortunate to have two very good employees on 
staff that are going through the software and trouble-shooting 
it and making sure that it is working. However, as everyone 
knows, you can only trouble-shoot so much when you are working 
the long hours that you do as a small business. So we are 
dependent upon our vendors to make sure that it is Y2K 
compliant, because if it is not, it will affect our business 
later on.
    Because of that, some things that we would like to see 
implemented from the Government, what we would like to be 
looking for is some sort of certification from these vendors, 
making sure that they are Y2 compliant and that there is some 
sort of off-site testing going on out there that they can 
assure us that compliance is being made, not only from the 
vendor's mouth but also from an outside source. We will 
continue in-house, obviously, but it would give us a triple 
check.
    I am a civil engineer. By definition, that is problem-
solving, and I see this as a problem, and I think we all need 
to stay focused together and work on the problem and not stop. 
I think some of us need to be identifying the problems and 
making sure we are staying out there on a global region, and at 
the same time, while those are looking for the problems, we 
need to have other people taking each one of those problems and 
making sure we are going through and we are doing the little 
check list items. Because if we don't, in 2 years it could be a 
major turmoil for the United States internationally and 
nationally.
    I personally don't want to be around here for that. It is 
kind of like working as a small business and a consultant on a 
project. I take the same approach. We go through our task list 
and we say these things all need to be done. And I go through 
and I make sure each one of those things are done, because I 
know when the project is due and it is being built, if I 
haven't done those things, there are going to be problems 
between me, my client, and everybody else.
    I would like to close with that, and I hope that Senator 
Smith will get the support he need to insure the United States 
is prepared for the Year 2000. I am happy to see that you are 
taking this on, and I will let you know that the small business 
community is behind you, and I hope that there are other 
businesses that support these types of things that I am asking 
for.
    Mr. Eder. Our next speaker represents the health care 
industry. She is Rita Aikins from Providence Health System. 
Rita has been responsible and is responsible for the system's 
Y2K compliance on the west coast. She has worked in health care 
computing for 18 years. Rita is based in Portland.

 STATEMENT OF RITA AIKINS, DIRECTOR, DATA MANAGEMENT SECURITY, 
                    PROVIDENCE HEALTH SYSTEM

    Ms. Aikins. Thank you, Senator Smith, for having us here 
today, the panel, OGI, and all of you out in the audience that 
are here today to listen to us.
    My name is Rita Aikins. I am from the Providence Health 
System. Just as everyone else is throwing out some numbers, I 
will tell you that the Providence Health System in the Oregon 
region has over 10,000 employees. So we are a very large 
employer for the Oregon region.
    The Year 2000 Project for Providence is being managed from 
a corporate level, so we are actually pulling all four States 
together--Alaska, Washington, Oregon, and California--and 
looking at this from a corporate level. We have formed a Year 
2000 Project office, and that office is basically responsible 
for high-level project management and coordination to make sure 
that we are not duplicating effort in any of our service areas.
    I believe that most health care organizations and providers 
are now starting to take the Year 2000 millennium bug 
seriously. I heard a quote yesterday that some folks are 
expecting that one in four hospitals will not make Year 2000 
compliance.
    At the Providence Health System, we are taking this 
extremely seriously, and we are basically approaching it from 
seven key areas. The first area is software. Within health 
care, software is divided among the many departments that 
operate. I like to think of health care as a small city because 
we have--you know, we have so many different areas, and each 
area--be it patient care, patient accounting, radiology, 
nursing, laboratory--in many cases they each have their own 
unique software that they are using. And then, on top of that, 
the software usually runs on its own server, has its own 
operating system and its own database. So we have not just one 
system to bring compliant, but we have many pieces of software 
to make sure that they are all reaching compliance level.
    Also in health care, software tends to be vendor-developed, 
so we really do need to rely upon our vendors to bring their 
software to Year 2000 compliance. We have sent registered 
letters. We have received letters back. And I can tell you that 
the responses from the vendor community are all over the board.
    At the Providence Health System, we are not assuming 
anything. If a vendor says that they are compliant, we will 
still proceed with full testing of that software.
    We also have interfaces, and we utilize what is known as an 
interface engine. We have a lot of data flowing through our 
system, so we have all of the interfaces that we need to look 
at and make sure that both internal and external data is moving 
correctly.
    We also have electronic data interchange in place where we 
utilize automated claims and electronic funds processing. That 
needs to be compliant as well.
    Our third area is hardware. Luckily, our hardware used is 
the same hardware that is used across all of the other 
businesses, so that is one area that we do share with other 
businesses.
    We have facilities. Again, that is something that is 
shared, when you talk about the building infrastructure, is the 
elevator going to work, is the security system going to work, 
et cetera.
    Telecommunications, are we going to have communication on 
January 1, the Year 2000? And trading partners, suppliers, 
that, you know, normal business, trading partners, we want to 
know are those folks compliant, are we going to be able to 
still continue to do business with that area on January 1.
    And then last, but certainly not least, that is unique to 
health care is biomedical equipment and clinical engineering. 
Because of health care's demand and use of medical devices for 
patient care, we have lots of equipment that have date-
sensitive embedded chips in them. An organization such as 
Providence, we have about 18,000 devices. Now, some of those 
devices need to be checked and are definitely date-sensitive 
and could impact patient care of they are not Year 2000 
compliant. We have gone through, done an extensive inventory, 
know which ones. We have basically set up a compliance level, 
know which ones we need to test, which ones do not have date-
sensitive chips in them.
    To give you an idea of what I am talking about when I talk 
about medical equipment, we are talking about infusion pumps, 
ICU monitoring equipment, laboratory diagnostic equipment, MRI, 
CT scans, other radiology equipment, radiation oncology where 
the amount of radiation could be based upon a patient's age. So 
I think it is very critical that health care take this 
seriously and that the hospitals that have not, something needs 
to be done to start them on the process because we are running 
out of time. Providence has been actively working on the Year 
2000 Project for over a year.
    I would like to close with just two comments that are 
critical to health care. If we as an organization become Year 
2000 compliant, the question that we have is: Will the public 
utilities be compliant? Because primarily water and power for 
our employees, if those systems aren't Year 2000 compliant, we 
are afraid we will not be able to deliver patient care.
    And then the last one--and this is for you, Senator Smith--
we are concerned if HCFA will become compliant since that is 
our largest health care payer and will we be able to receive 
our funds for the health care that we have delivered so that we 
can continue our business.
    Thank you.
    Senator Smith. That is a good question. [Laughter.]
    But I believe the answer is yes, and I am actually happy to 
tell you that this is the highest priority in the Federal 
Government, and I cited Social Security as an example whereby 
this fix may already have been for the most part achieved. But, 
clearly, there are other systems.
    But it occurs to me, Rita, that if one in four hospitals 
will not be Y2K compliant for one reason or another, and with 
all the embedded chips in medical equipment, our hospitals, 
which are places that heal, could become a very, very dangerous 
places to those individuals whose health is vulnerable. So, 
clearly, the embedded chip problem affects not only the Federal 
Government and the General Motors assembly line, but it also 
affects hospital operations.
    Mr. Eder. This is certainly a problem we all need to be 
aware of, and this forum was to provide us with some breadth of 
understanding.
    Mr. Eder. Let me turn finally, but not least, to banking 
and financing. Our speaker is Lloyd Bell from Bank of America. 
Lloyd serves as vice president and manager of Year 2000 
Projects for Bank of America. He has working in banking 
computer systems for 25 years. Lloyd.

   STATEMENT OF LLOYD BELL, VICE PRESIDENT FOR Y2K, BANK OF 
                     AMERICA, PORTLAND, OR

    Mr. Bell. Thank you, and thanks for the opportunity to be 
here. I appreciate your hosting this event to hopefully not 
only increase Government awareness but also others.
    Bank of America has been working on Year 2000 compliance 
since early 1996. There have been many comments made here about 
the types of activities that each business and industry is 
undertaking. Our approach has been primarily to try to 
inventory--we started trying to inventory those things that we 
do, and systems and procedures, items that we have that could 
be compliant, which we talk a lot about computer chips and the 
problems that they can cause. There are Year 2000 issues beyond 
those. Certainly we have talked about catastrophic issues. We 
have felt strongly that we obviously want to avoid the 
catastrophic issues, but we would like to avoid the 
inconveniences as well, and I will use a really simple example. 
I don't know how many thousand forms there are in the world 
that have 19-blank-blank on them. Obviously you can cross out 
the 19 and write 20, and that is an inconvenience. It is not 
going to cause the country to grind to a halt. But even to that 
level, we are trying to identify what are the things that we 
need to change in our organization, anticipating that there 
will be some issues that aren't uncovered. We would like not to 
have to be dealing with the inconveniences either so that we 
can turn our attention to whatever problems remain that weren't 
discovered.
    Beyond inventorying our own house, so to speak, we are also 
dealing with the compliance of vendors that provide services to 
us in all sectors, trying to understand the compliance of our 
customers. It could be a significant issue in the banking 
industry if those who have major lending relationships with us 
are unable to stay in business, we are not interested in having 
that happen, and so we are working with our credit customers to 
review with them their compliance.
    We are evaluating our own liquidity, anticipating any type 
of requirement for funds that may exist at the turn of the 
century. Hopefully there won't be a panic, but we don't want 
people to feel like they can't get their hands on their money 
if they need to.
    The OCC--there is Government involvement in the banking 
industry, as I am sure you are aware. The OCC and Fed have 
provided compliance guidelines that the banking industry is 
required to respond to. Obviously we are doing that at Bank of 
America, but we also feel, as we discuss with our counterparts 
in the banking industry, that the banking industry is paying 
attention to those compliance requirements and responding to 
them. We started our efforts before those compliance 
requirements were created, so we feel that we are kind of ahead 
of the game in that regard.
    For the most part, the banking industry's objective is to 
be compliant with Year 2000 by the end of 1998, and we are on 
target within the bank to accomplish that, and generally, the 
industry is working towards an early 1999 compliance and making 
good progress.
    At Bank of America--some numbers have been mentioned as far 
as costs--we are estimating our costs to be between $250 and 
$300 million worldwide to become Year 2000 compliant. If you 
compare that against the $50 billion number that was quoted 
earlier, that may not be enough.
    The Year 2000 is the top technology priority in our 
business. At the highest levels in the bank, there is executive 
commitment to compliance by the end of 1998. We have contacted 
all vendors that we do business with and asked them to provide 
compliance responses to us. We have a major centralized task 
force in the bank, and we are developing contingency plans to 
deal with those vendors who may not be compliant and may not be 
able to provide services to us.
    Major issues for the bank have kind of been mentioned a 
little bit already, some of them. One is the validity of 
compliance statements that we receive from other companies. We 
have certainly had the experience that a company has told us 
that their product is Year 2000 compliant, and our own testing 
has revealed that it is not Year 200 compliant. We have gone 
back to the vendor and tried to work through those issues.
    We have concerned about compliance efforts in all sectors, 
particularly some of the areas that have already been 
mentioned--the utility industry, the transportation industry. 
As we have approached some of those providers of service to us, 
we have gotten uncomfortable feelings about just how dedicated 
they are to recognizing the problems that have to be solved. 
And, obviously, there is nothing we can do about it if the 
electricity goes off. We can't prevent that problem ourselves.
    How can Government help? Well, one other comment. You have 
also referred--or someone did--to litigation. That is a major 
issue. We are finding that communications between companies is 
sometimes restricted because of concerns regarding litigation 
and how much information should we share and have we made a 
warranty by making a comment that we are then subject to some 
litigation that there is a problem. So the litigation sector is 
not insignificant. It is a significant concern.
    What could the Government do? One thing is to try to 
identify--it is getting kind of late, really, to deal with it, 
but to provide some standards of compliance that companies 
could follow and say we have done this. Now, that has happened, 
as I said, for our industry. The OCC has provided to us--and 
they have audited us, and all the banks are being audited by 
the OCC to determine that we are following their compliance 
standards. There aren't necessarily agencies that regulate 
every piece of business in the country. I suppose probably that 
is good. But it would be helpful to provide compliance 
guidelines. We are trying to do that ourselves to our own 
clients, some sort of self-assessment tools and those kinds of 
things to help businesses determine their compliance.
    Another item is to assure compliance in the public service 
sectors. Many of those services are offered at the State and 
local level and not at the Federal level, and I don't have an 
answer. One of the concerns that we have observed is some 
legislation in some States to eliminate the responsibility if 
there is a problem, which kind of works against solving the 
problem if that happens.
    There is some possibility of opportunism in this whole 
process of companies to take advantage of the situation and the 
lack of understanding and knowledge, and yet I am not sure 
exactly what the Government's role in that could be except to 
be aware that there are those who will, as in almost any 
environment, try to take advantage of the situation.
    My last thought as far as the Government is just what 
should John Q. Public do. Most of the business world is 
worrying about itself in one way or another. As friends and 
neighbors and relatives learn what I am doing, I am often 
asked, Well, should I worry about my computer at home? What 
will that do? And, you know, that probably goes back to the 
category of an irritant as opposed to a catastrophe. But it 
would be helpful to provide to the general public some things 
that you could to determine whether or not you are going to 
have an issue in your home with your personal computer.
    Thank you again for the opportunity to share our thoughts.
    Senator Smith. I would just point out that one of the 
sectors on the Y2K Committee is dealing with litigation. I 
think it is highly unlikely that we would agree that there was 
no liability, but there may be some boundaries put on that 
liability, some thresholds. So that is an issue that the 
Congress is exploring.
    Mr. Eder. Well, it is apparent that banking, health care, 
manufacturing, high-technology, small business, that all of us 
share an interest in addressing the Y2K problem, that it is 
intertwined with the nervous system of our entire society.
    Let's take a few moments to give the panel an opportunity 
to respond, either to follow up some of their own comments or 
others' comments. First, do you have anything else to add?
    Mr. Barnes. Well, actually, I guess I would have more of a 
question. I think this concept of certification is extremely 
important, especially for critical businesses like banking and 
health care. Certainly it could be something that could be 
extended to our own business. I guess my question would be: 
Given how much time is left, what is the likelihood--and I ask 
the Senator this because I knew him first as a businessman and 
then as a politician. So he has both perspectives, I think. 
What is the practical reality of putting in place some kind of 
a nationwide certification program to make sure that businesses 
would be compliant? Because we really don't have a heck of a 
lot of time left.
    Senator Smith. No, we don't. I think there is a possibility 
we can do that. That is the reason the committee has been 
working so hard to develop a package of proposals for the whole 
Congress. This is one of those things where we are saying, you 
know, what is the feasibility. I don't have an answer for you 
today, but I do know that is an issue we are exploring.
    Mr. Eder. Well, we are going to turn--let me give one last 
shot to the panelists, then we will hear from the audience.
    Mr. Burns. The one comment I would make is the concept of 
certification has a lot of merit. The concern I would have, if 
the Government were to go to a position of trying to put in a 
nationwide certification by industry or whatever segmentation, 
is would we run the risk of businesses stopping and waiting for 
that certification to start on this problem. And that would be 
my biggest concern, because if business has not started yet 
with the issue, if they were to find a reason not to start, 
that would be a much bigger issue.
    Mr. Eder. Further comments?
    Mr. Bell. Senator, I have a question regarding local 
governments. Is there an effort from the Senate's committee to 
involve and help local governments make progress on this issue?
    Senator Smith. Absolutely. Again, it is one of the sectors. 
We have broken it down into eight sectors. We have local and 
State governments as one of them, utilities, health care, 
telecommunications, transportation, financial services, 
business services, and litigation. But local governments are 
where the rubber meets the road, if you will, and perhaps it 
will be most felt at that level. So means and money are being 
authorized and appropriated to help local governments deal with 
this.
    Mr. Eder. I have one question. I will take the prerogative 
of the chair to ask one. This is clearly an issue which is of 
great importance to all of us. Many of our companies and 
institutions are dealing with it. But how do you, those of you 
who deal internationally, deal with offshore vendors or 
offshore customers? And is there an opportunity in American 
leadership, and specifically Oregon leadership, in dealing with 
this and solving this issue and turning it into a business 
opportunity? I know that there are some people in the audience 
that are consultants and this might be a question of broader 
concern.
    Mr. Burns. I will address everything but the business 
opportunity, because while there are probably opportunities in 
this process, I think solving the problems should be the 
highest priority.
    We deal internationally, like I say; we operate in 30 
countries around the world. In dealing with our suppliers, we 
have an extremely active program of polling them, talking to 
them, and going on site to their business and talking with them 
and seeing where they are at with certification and making sure 
that they are on track. Because if our suppliers don't ship to 
us, we don't ship product, which has a rather interesting 
impact on the technology industry. So we are active in that 
process, and we get a mixed reaction, again, both in the United 
States and offshore, as to how those vendors are working on it.
    We have applied the same formula worldwide in how we are 
attacking the problem. So far it is working pretty well.
    Mr. Barnes. To add a little bit to that, I think that with 
respect to our company, we have a fairly thorough program to 
address the Y2K problem. But we are a smaller company. Even 
though we have a lot of international business and we require 
our vendors to be compliant, I think we probably do more than 
many of the international companies that we deal with, with 
respect to trying to provide compliance in our own company. But 
I am not sure we have the resource to go and test every piece 
of software. You know, if a vendor gives us a compliance 
statement, I am not sure we have the resource to go test every 
piece of software to the most thorough extent.
    So, I think that based on some of what I heard with other 
software coming in and having compliancy presented with the 
product, there is going to be some uncertainty out there. And I 
think that in our case, the things that we feel most certain 
about that are really high-priority issues that, are really 
going to stop our business or stop our customer's business, and 
we are addressing this first. So, this concept of really having 
certification and compliance you can believe in I think is 
going to be important to companies that don't have the 
resources to test every single product that comes in. And that 
in itself might be something that we can get help from either 
the Federal or local governments to work with, maybe some kind 
of testing lab where you can take products to and get them 
certified, that might be helpful.
    Given the time, it is a difficult challenge, but I just 
don't think that a lot of businesses are going to be able to 
test every single product that is dropped on their doorstep, no 
matter whether it comes with a compliance certificate or not.
    Mr. Eder. Well, now it is the audience's turn. If you have 
questions or comments, let me ask first that you speak up 
because we need to get this on tape, and also state your name.
    Mr. Ruehle. Yes, my name is John Ruehle, and I have a small 
firm. My concern, I will address it in two parts. The major 
part is the public service and safety issue at the State level. 
The Y2K problems are going to occur in the dead of winter. What 
is being done on the State level to ensure that the power, the 
heat, electricity, water, sewage, and all that is going to be 
compliant? Because that will affect not just businesses but 
affect every household. If the sewage doesn't work, the 
restaurants have to close down. If the water doesn't work, what 
does that mean to health? If the power is not there and the 
heat is not there in the dead of winter, what is going to 
happen to the people that rely on that and are low income, as 
well as people in the upper-income brackets in their homes? So 
that affects everyone. And what are we doing from the State 
level to ensure that the utilities, which are so basic, are 
going to be compliant?
    The second piece of that question is I think we have a 
shorter runway in many areas in the Year 2000. Most people are 
getting familiar with the date 999 that was used by many 
programmers, and the embedded chips going to the medical 
devices in some research that we have done, we find that the 
testing devices will pass the Year 2000 test, but they fail 
999. And there is--and I am confused about which is the Julian 
and which is the Gregorian calendar, but there is also--so 
September 1999, 999, will be a severe date, and then there is 
the 99th day of the 99th year, which is going to fall sometime 
in April, and certain systems count the number of days. And 
they are showing that some systems will fail--are failing that 
test. So we really have a shorter runway than the Year 2000, 
and, again, I address this to the public issue of safety and 
health. Is the government going to do something at the State 
level regardless of international and national, but at the 
State level, what are we going to do to make sure that those 
basic utilities are going to be functional?
    Senator Smith. I can't speak for the State of Oregon. I 
honestly don't know what preparatory actions they are taking, 
but I can tell you at the Federal level, our first hearing was 
on the issue of energy. And I think we fortunately have the 
luxury in our country of taking energy for granted. We may find 
out through the Year 2000 problem what it would be like to have 
our dams removed because we may not be able to hit a switch and 
have the light go on or be able to go to a restaurant or to a 
hospital. We can't do anything, folks, if there isn't energy 
produced first. It is that threshold an issue. That is why it 
was the first issue.
    I know our committee and the President are communicating 
loudly with the utilities and trying to bring those things into 
focus so that we don't have these kinds of brownouts that will 
inevitably occur. A lot of energy questions.
    Mr. Ruehle. Are we doing any--from the State perspective, 
should not we be doing something to force the utilities to 
become compliant above all else?
    Senator Smith. Absolutely. We are trying to do that at the 
Federal level. I just can't speak for the Governor. I don't 
know.
    Mr. Sussman. My name is Leslie Sussman. I am president of 
Sussman, Inc. I have been project manager for a $5 billion 
company and project manager for the largest trade union in the 
State of Oregon. I am doing risk assessment and QA in the State 
of Oregon and the State of Washington for different agencies. 
That is my day job. My night job, I am writing booklets about 
Year 2000 on what would be a united way trying to get a 
program. I am really tired, and we have got 18 months to go. My 
perspective is that there is not a lot of winners. My premise 
is that we are facing a major catastrophe.
    I am from New Zealand, and I think that if we don't take 
action, it is going to be shame on us. And there are several 
things I want to have happen, but--excuse me. I am a little 
excited here. You have given us an opportunity, and I feel very 
strongly that, first of all, the Government of the United 
States needs to understand its responsibility and its 
accountability worldwide. The Government plays a critical role. 
You talk about the States. You talk about the hospitals. The 
Government has got to get their job done to make it work for 
everybody else.
    If you think about Canada, if you think about our partners, 
our trading partners with the United States, the U.S. 
Government is incredibly accountable for success worldwide. We 
have only got 18 months to go. I want to address your calendar. 
We start fiscal Year 1999 today in 60 percent of the States, 
and 1999 is an exception in a lot of systems. I am expecting we 
are going to have some small problems.
    In October, we start fiscal year 1999, and I think we are 
going to have more. January 1, 1999, we are going to have 1-
year--I think we are going to have even more problems. It is 
going to grow. So you are right. The window is smaller. It is 
not that far away.
    Also, we are doing things that we have never done before. 
This is a research and development project. People have 
inventories, and contingency plans--contingency plans is a huge 
portion of this. How many companies have contingency plans 
today? And how easy is it to create those? It is not easy. I 
have been a project manager for 20 years. Are we just going to 
pop these out in 18 months? I am working with a lot of medium-
sized companies, and they are particularly dependent on other 
people. They use technology, but they don't have the expertise 
and know-how. A lot of what we are trying to do here, we have 
got to get down on paper and manage it. It is easier for some 
of the bigger companies. It is not easy for the medium and the 
small companies. And the awareness is not there.
    Sorry. My premise is we are facing a catastrophe. What I 
would like to see from you, first of all, is, again, an 
understanding of the accountability and responsibility that the 
U.S. Government has worldwide. I would say that of all the 
people in the firm--and I can't talk for everybody--but a lot 
of us spend a lot of time trying to get awareness, and we would 
rather be working on the problem.
    Third of all, list our priorities, and I have a VIP Plan, I 
have worked those, and that wasn't until I really sat down and 
thought about it. No. 1, I think is protection from nuclear, 
germ, and toxic waste. I think we have got a lot of systems 
that depend on that, and I think that comes first because if we 
don't protect that, then we don't have clean water. I think we 
need to list our priorities.
    We then need to mobilize and strategize. We are talking 
about spending $1 billion on the IRS, and that system doesn't 
work today. You know, who is going to pay for this? We haven't 
even started to understand how much this is going to cost us. 
But we must pay attention. The money has got to flow, and we 
have really got to understand worldwide what drives these 
things.
    Then there is some protections. The clients that I am 
talking to, they want assurances today. They want me to have 
errors and omissions. They want me to have all sorts of things. 
A lot of the companies won't even touch project management. 
They will audit, but they won't do the work because they are 
not willing to take the risk. We have all got to get to work on 
this.
    So some of the ways to do it? I would really like to see 
what network food chain looks like with the U.S. Government and 
what the responsibilities are. Because however successful the 
U.S. Government is, so go the rest of us. That means the 
States, and that means other countries.
    We need to assign priorities, and we need some leverage. 
There is not--there is a lot of talent. I think we have got 
enough people and we have enough time, but we have to get 
focused and we have to get to work. There is not enough 
contingency planning. There is not enough project managers. 
There is enough talent, though, in my judgment, and work on the 
right things for all of us. And if we all look at motivation, 
how do we motivate? Some of the things we can talk about doing, 
get out there, get motivation, and get prioritized.
    Thank you very much.
    Senator Smith. Thank you.
    Audience Member. I am a lawyer. We have had a lot of 
discussions about lawyers this morning. In terms of the cost to 
fix the problem, $300 to $600 billion worldwide on the high 
end; the cost of litigation, in excess of $1 trillion. If that 
is true, it is a $1.6 trillion drag upon the world economy if 
predictions are, in fact, what we heard in the discussion. You 
say you are both a businessman and a politician as well. We 
have experience in the environmental sector where most of the 
dollars spent get spent fighting battles about who is 
responsible and the dollars don't get spent toward cleaning up 
or fixing the problem. Yet it seems to me in the discussion, 
Mr. Burns made reference to legislation in Texas and 
California. Some of that legislation has been directed toward 
putting tax on liability for responsible behavior.
    For example, a software vendor will go ahead and attempt to 
identify the problem, identify a fix to it, make that available 
to purchasers of their software on a cost-free basis. 
Currently, there are 50 to 100 websites right now that we have 
identified through tracking this Y2K problem. One of them is 
keeping track on a rolling basis of the number of lawsuits 
filed. There are already seven filed on the last count. Perhaps 
maybe it is more than that.
    The nature of the lawsuits tends to be that the software 
vendor sold the software with an express or implied warranty 
that it would work, and the working would include the Y2K 
problem. When it doesn't work, the class action suits that have 
been filed have been toward a breach of either express warranty 
or breaches of State statutes because the vendors are requiring 
people to pay to fix the problem. The legislation that has been 
proposed in part would tend to provide a safe harbor if the 
vendor provides a free fix.
    I guess my comment, and perhaps it is in the nature of a 
question, is what can be done--I don't know whether you have an 
opinion yet, and you have indicated that a sector is addressing 
this issue. What can we do, assuming you are supportive of 
legislation, that would encourage people to behave responsibly? 
And we have got the time problem. It needs to be done soon. 
What can we do to create a political climate? Because the 
reaction to the proposed legislation has been it will sell out 
the business community and the taxpayer or the consumer is 
going to get stuck with the problem. What can we do to 
encourage a political climate in which we can create activity 
that would cause it to be directed in a positive way?
    Senator Smith. I would say certainly by what we are doing 
here today is one way I am trying to help get this started and 
create the political dynamic where we can get something done.
    I do want to say to you in the strongest of terms that 
President Clinton, the U.S. Senate, and the House of 
Representatives are putting the ways and the means to fixing 
and at least mitigating the consequences that we believe there 
to be.
    There is a debate as to the extent of the problem. I rather 
side with the woman from New Zealand in the evaluation. That is 
why I sought membership on this committee.
    Sometimes I feel like Paul Revere, and sometimes I feel 
like Chicken Little. But somewhere in between there, we have 
health consequences, we have safety consequences, we have 
potentially worldwide recessional consequences if we don't fix 
this. And so I am just saying amen there to what you are saying 
in trying to do something about it.
    Audience Member. I hope you can tell me that I am wrong, 
but I received an independent report from a group called the 
Barron Group based in Washington, DC. The report indicates that 
there is approximately 80 million lines of code, and the Social 
Security system has dedicated only 400 software engineers to 
update that. But as of March this year, they have only gotten 2 
million lines of that done.
    I have a second question for Mr. Burns. How far back are 
your chips Year 2000 compliant?
    Senator Smith. I would say that, first of all, we just had 
a report from the Social Security Administration about how they 
were making great progress and felt they had the manpower to 
fix their system. But, again, I am not suggesting that it is 
entirely done. It is a work in progress.
    Mr. Burns. And as I said, the microprocessors that Intel 
make, our primary product, are all Year 2000 compliant, and if 
you go to the website, you can look at any specific product or 
ask about any specific process.
    Audience Member. So it goes back 3 years, 5 years?
    Mr. Burns. I don't know the exact date, but go to the 
website. It will give you exact product by product, speed by 
speed, rev by rev, what you need to know specifically.
    Mr. Lacroix. Hi, Senator. I am Roy Lacroix, the Y2K program 
director for Oregon Health Sciences University, and there are 
about four things I would like to see from the Federal 
Government. One is leadership, continued actions from what you 
are doing today. I would like to see your committee, your area, 
lead the leadership effort here inside Oregon. I would like to 
see the mayors, specifically Mayor Katz, and Multnomah County 
commissioners having discussions on contingency plans for the 
area.
    One of my jobs just here in our health care area is to 
start talking about contingencies. What do we do if we don't 
have power? And I am not talking about complete lack of power. 
What if we have brownouts, unstable power? How long can a 
hospital and various critical entities go without power? And 
the same thing for phone and water, all the key utilities. I 
need to know where those utilities are. I need to know what the 
likelihood of stable power or unstable power is, so I can make 
contingency plans. My contingency plans are not cheap, so as I 
try to go to the board of directors and get information so I 
can start addressing these issues, I need good information.
    The next thing that I would like to see is discussion from 
the mayor level, your level, to help bring Providence and OHSU 
together at a very high level. I can have conversations with 
Rita, but it really is going to take the president level or 
probably the CEO level to start talking about things. How do we 
share patient loads? A good example is trauma centers. Are two 
important, or just use one? I don't know that we have enough 
capacity to share--to pick up the other one's trauma center 
load should we have problems. So I need disclosures from the 
utilities, as best as they can, for making contingency plans.
    The other thing that I need and I think health care needs 
is good regulatory information from--for example, I came from a 
health care conference in Washington, DC, last week, and the 
real concern was a memo, which may become regulation, stating 
that health care providers need to be Y2K compliant to deal 
with HCFA, but HCFA did not have to be compliant. Where our 
problem comes is how do we interface with them? I don't really 
care of they are compliant, but if they need me to be 
compliant, what do they mean and how are they setting up their 
compliance matrix so I can interface with them. I am a little 
leery of regulatory items like that.
    Senator Smith. A double standard.
    Mr. Lacroix. Right, right. I need to know how to interface 
with them. They need to be able to tell us.
    I believe the last one was, once again, back to community 
awareness being driven at very high level forums like this. I 
believe we should have them at least quarterly here in this 
area, and I would like to see it expanded to include the 
highest leadership levels here in the area.
    Multnomah County is doing a very good job of awareness. 
There is a lot of e-mail going on. But it is taking place at 
the program director, project manager level. I would like to 
see the awareness and the discussion starting to take place at 
the top level down. We are running out of time. The discussion 
needs to shift to the top level with business and community 
issues.
    Thank you.
    Mr. Eder. Don VanLuvanee, also a trustee of OGI.
    Mr. VanLuvanee. I am Don VanLuvanee, CEO of Electro 
Scientific Industries and current chair of the Oregon American 
Electronics Association Council. I have got a real simple 
request. I think the No. 1 thing is to provide overriding 
legislative relief for frivolous lawsuits in this area, because 
I think that is the thing we are all concerned with.
    Mr. Mitchell. I have two comments. One is that all these 
individuals here are from large or relatively large companies, 
and they are in a position to have proprietary software that 
they are under control of and that they can fix themselves. But 
some of us are small business owners. My name is Andrea 
Mitchell, and my husband and I run a very small business, and 
we are using off-the-shelf software. So you need to have a 
similar conference with the large software providers, Quicken, 
Novell, Microsoft, all of these people, to find out if the 
software packages that are being provided for the small 
businesses who will be going and buying them off the shelf are 
also Y2K compliant.
    My second point is, if there is some kind of certification, 
please make it free because, otherwise, the small businesses 
who are producing product, they run a marginal thing, they are 
operating out of somebody's basement, they don't have the money 
to spend--$50,000, $100,000--getting certification to say that 
their product is Year 2000 compliant.
    Thank you.
    Mr. Smith. My name is Paul Smith. I am a private citizen. 
One of the things I am concerned about is that we live in a 
constitutional republic, and it seems to me like this is a very 
great opportunity for whatever freedoms that we have be all of 
a sudden swallowed up into some sort of a morass of Government-
issued documents and people walking in and doing things. And I 
think we need to keep in mind that we are a constitutional 
republic, and there are things--yes, there are things that we 
need to talk with back and forth, but I take a thing about the 
TWA flight that was shot down here, and because of that, we 
lost a good deal of our freedoms. If you have been through an 
airport lately, you have found out what kind of freedoms you 
have lost. Then there is a constitutional issue against 
unlawful search and seizure, and we gave all of that up in an 
airport.
    Now, I am not saying it is bad or good, but I am saying it 
just happened without really contacting people and saying do we 
really like this, do we want this. And so some of the things--
they are some of the things I think we need to be aware of, is 
that, yes, we need to have Government--I think what I would 
like to see is Government as a facilitator instead of--you 
know, because I can see a lot of the regulations, particularly 
when you are talking about a regulation that comes out of a 
Government office that says, well, you will be or certify to us 
that you are Y2K compliant, and then, well, what does that cost 
me? You know, what does that cost me as a citizen? Because 
everything in an industry basis that comes down to me as a 
private citizen when I walk down to the store to buy a piece of 
software off the shelf and now that software that used to cost 
$50 is now $500 because of the Y2K problem that it had to be 
complied on. You know, I have got an old computer that I 
realize--in fact, I have got two of them that I realize I will 
probably junk after some near future time because I don't have 
the money and it is not worth going in and finding the little 
chips in it that are--you know, and I do some business on that, 
so I am going to be required also as a private citizen to go 
out and get a new Y2K-compatible computer.
    There is a tremendous number of those in industry around, I 
am sure, small businesses, this sort of thing. So I think that 
we need to have that addressed on a free basis, on a republic-
type basis.
    The other thing that concerns me is some things I have 
heard about FEMA, and FEMA is the organization that we would 
look to if we had these catastrophic things that happen, and we 
have not heard about how compliant FEMA is because those are 
the people that should be able to--I mean, they should have 
been compliant 3 years ago so that they could have 
contingencies, so if this happens we have communities or we 
have somebody or something like that to come in and help us 
out.
    I think with Social Security, yes, we have a lot of us--
which I am approaching Social Security age, but that is not the 
whole thing. I think that we need--when we are talking about a 
long-term issue or a near-term issue, I think that the survival 
of the flood water is the sort of thing that we are looking at.
    Senator Smith. I just want to assure all of you that 
Republicans and Democrats that I serve with in the U.S. Senate 
cherish our civil liberty, and there is a tension between 
safety and liberty, and we are mindful of that, that the 
Government that our Constitution produces has an obligation, I 
think, to do everything we can within constitutional boundaries 
to assure your safety, and that is the spirit of what you were 
operating.
    Mr. Eder. We have just a few more minutes, so we will 
squeeze as many questions as we can in, so please keep them 
brief.
    Mr. Hofland. My name is Richard Hofland. I am the Year 2000 
project manager for the city of Portland, and it is pretty 
clear, I think, to all of us who have been involved in this 
stuff that this is a partnership game. Everybody has to do 
their own part. Municipalities, for example, we must make sure 
that the 911 system operates and that we get clean water and 
take care of the sewage, and you have to make sure, Rita, that, 
you know, the hospital is working, et cetera. It is just a 
partnership thing.
    As we talked about the issues about what prevents us from 
getting the information we need to do a good job, I think there 
are some limitations. People are unwilling to share information 
because they are concerned about liability issues. I think that 
in your June 12th hearing in Washington, I believe that Charles 
Siebenthal suggested that you actually place some liability 
limitations against, you know--or people, if they are sharing 
technical information, they ought not to be held responsible 
for making mistakes in having shared that. I mean, you put out 
information that so-and-so, such a piece of hardware has got a 
Year 2000 problem, you are reluctant to do that because the 
person that made that may come back on you. Well, if you are 
not doing it maliciously, if it is in the interest of trying to 
get information, that is fine. There ought to be some--I think 
the business--and other people mentioned about frivolous 
lawsuits, somehow defining that in a way that gives some 
protections.
    The second thing that a number of people have mentioned 
here is whether or not the municipal services will be up and 
running. You know, clearly that is going to vary depending on 
the municipality. It is just like any other critical supplier 
to your business or your operation.
    Senator Smith. What are you hearing from PGE and Ma Bell 
and others?
    Mr. Hofland. Well, you know, that is a very long 
discussion. [Laughter.]
    I have certainly been in touch--I have been in touch with 
PGE, with the gas company, with U.S. West. Those are clearly 
critical suppliers to all of us. Those are actually forums like 
this where we have--we certainly need to hear from these kinds 
of industries, but we need almost like utility forums. I think 
someone suggested--I guess it was you--that we have the 
municipals, you know, be in these forums.
    One of the things that could happen there, you speak of at 
the highest level, you would like to see Mayor Katz, for 
example, up here. You know, that is possible. At the same time, 
you know, we don't have necessarily the chief executive officer 
of any of the utilities there. What you want is someone who 
really does have a grasp and can be articulate about it.
    I think the other point [Laughter.]
    Mr. Boy, I am not a politician. My apologies to my boss.
    Another comment about--you know, I think it was Mr. Barnes 
who was commenting that many small businesses may not have the 
ability to absolutely test everything. Can you rely on vendor 
certifications? Maybe not. You don't have the resources to test 
everything. I think you are going to find municipals in the 
same predicament. We, too, do not have the resources to test 
everything, particularly given the overall taxing constraints 
that have been evidenced in the State of Oregon recently. The 
last thing people want to spend money on is a bunch of guys in 
the basement that are talking about COBOL programming when we 
have got police that we need to keep on the streets. So, you 
know, you have this tension. At the same time, we do have 
obligations to make sure that the software operates.
    In terms of raising awareness within the organizations--I 
will try to gently come up against my comment here about 
whether or not the people at the top know what is going on. I 
can assure you that the city--the mayor is very much aware of 
what is going on, and they have made this a very clear priority 
that this will be taken care of.
    So I would hope that the Federal Government could do some 
things in terms of limiting certain kinds of litigation and 
liability. Certain kinds. I mean, you can't--you don't want to 
limit liability for people that are, you know, doing stupid 
things or failing to perform diligently in addressing the 
problem. You are going to have a political problem with that. 
You can't protect the people that are doing dumb things. But 
people that are in the interest of partnership and in the 
interest of trying to solve this problem, I think that would 
help some.
    Mr. Eder. We have one last question.
    Mr. Duncan. I am Jeff Duncan with Louisiana Pacific. We get 
a couple to a dozen letters a day from our vendors and our 
suppliers and customers. We tell them about our plans. We tell 
them about our projects. We tell them about what our intent is, 
what our desires are. But we are not going to tell them we are 
compliant. We are not going to tell them we will be compliant. 
It is obvious that our legal department has told us not to do 
that. It comes down to the same thing others were talking 
about. We don't want to set ourselves up for litigation. That 
is pretty obvious. I think it ties in with the comment about 
some type of limitation and reasonable effort or good intent 
that you should have limitations on liability.
    But there is another impact on that. We are not the only 
ones with a legal department, and a lot of vendors of software, 
of computer hardware, of other hardware, that we are trying to 
deal with, they are getting the same advice. As a result, when 
we go out, and we found thousands of processing units in the 
hundred plants that we have, we go out and research to tell 
which ones we really need to address. We are running into some 
walls where those vendors aren't willing to say a problem 
exists because they have got the same issue about opening 
themselves up to litigation later on.
    So two issues come out of that. No. 1, a comment that was 
made earlier, a third party, possibly the Government, 
possibly--a third party that can go after the 80/20 rules of 
off-the-shelf applications, of pieces of hardware, 
manufacturing PLC's, common PC's, computers, whatever, take a 
look at these on an 80/20 basis, the computers and hardware and 
software that a lot of people are using. Let's have a third-
party opinion on it. It could save us a heck of a lot of money 
than everybody going out and doing the same thing over and over 
again. The insurance industry has it on its own. It is not only 
the lawyers, but the insurance industry. There is a whole new 
industry that is being created around auditing: Are you Y2K 
compliant? They say they won't touch it. [Laughter.]
    Get Y2K insurance. I think somebody--I think the Government 
needs to give us some guidelines and some help in that area.
    Mr. Eder. Thank you very much. We promised the Senator that 
he would be out of here on time for his appointment. Senator.
    Senator Smith. I have to give a speech to an energy 
conference. I know what I am going to talk about. [Laughter.]
    Let me just say how gratifying it is to be here. When I 
requested that we do this, I didn't know whether anybody would 
show up except the panel and we would talk to one another. And 
it is clear that by your presence there is an understanding of 
the severity of the problem and an interest to be helpful in 
solving it. And so we have done something more today than just 
talk to one another as a panel. I think we have hit a nerve 
here.
    I want you to know that I leave here encouraged that I am 
not talking to myself. Sometimes I feel like I am doing that 
because you will mention this to most audiences, and there is 
no light that goes on. And if you can help be ambassadors of 
the solution to this problem for our State and our country, I 
thank you. On behalf of your Federal Government I thank you, 
and know that we are working to make legal, regulatory 
adjustments as necessary. We will be there with the ways and 
means to make this possible. But at the end, our Government is 
a reflection of you and me. It is either as good or as bad, as 
efficient or inefficient as we are.
    So just count yourself enlisted as soldiers in the army of 
soldiers to fix this, and thank you for being here. [Applause.]
    [Whereupon, at 11:30 a.m., the committee was adjourned.]