[Senate Hearing 105-693]
[From the U.S. Government Publishing Office]
S. Hrg. 105-693
NORTHWEST YEAR 2000 SUMMIT
=======================================================================
FIELD HEARING
before the
SPECIAL COMMITTEE ON THE
YEAR 2000 TECHNOLOGY PROBLEM
UNITED STATES SENATE
ONE HUNDRED FIFTH CONGRESS
SECOND SESSION
__________
JULY 1, 1998
PORTLAND, OR
__________
Printed for the use of the Committee
Available via the World Wide Web: http://www.access.gpo.gov/congress/
senate
U.S. GOVERNMENT PRINTING OFFICE
50138 CC WASHINGTON : 1998
_______________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Printing Office
Washington, DC 20402
SPECIAL COMMITTEE ON THE
YEAR 2000 TECHNOLOGY PROBLEM
[Created by S. Res. 208, 105th Cong., 2d Sess. (1998)]
ROBERT F. BENNETT, Utah, Chairman
JON KYL, Arizona CHRISTOPHER J. DODD, Connecticut,
GORDON SMITH, Oregon Vice Chairman
SUSAN M. COLLINS, Maine JEFF BINGAMAN, New Mexico
TED STEVENS, Alaska, Ex Officio DANIEL PATRICK MOYNIHAN, New York
ROBERT C. BYRD, West Virginia, Ex
Officio
Robert Cresanti, Staff Director
Andrew Lowenthal, Acting Minority Staff Director
(ii)
C O N T E N T S
------
OPENING STATEMENT BY COMMITTEE MEMBER
Hon. Gordon Smith, a U.S. Senator from Oregon.................... 2
MODERATOR
Norm Eder, vice president of public affairs, Oregon Graduate
Institute...................................................... 1
CHRONOLOGICAL ORDER OF WITNESSES
Keith Barnes, CEO, Integrated Measurement Systems, Beaverton, OR. 3
Louis Burns, vice president and director of information
technology, Intel Corp......................................... 5
Ben F. Williams, principal, WRG Design Co., Beaverton, OR........ 7
Rita Aikins, director, Data Management Security, Providence
Health System.................................................. 8
Lloyd Bell, vice president for Y2K, Bank of America, Portland, OR 10
NORTHWEST YEAR 2000 SUMMIT
----------
WEDNESDAY, JULY 1, 1998
U.S. Senate,
Special Committee on the Year 2000
Technology Problem,
Portland, OR
The committee met, pursuant to notice, at 10:10 a.m., at
the Oregon Graduate Institute of Science and Technology,
Portland, OR, Hon. Gordon Smith (member of the committee),
presiding.
Present: Senator Smith.
Also Present: Norm Eder, OGI.
STATEMENT OF NORM EDER, VICE PRESIDENT OF PUBLIC AFFAIRS,
OREGON GRADUATE INSTITUTE
Mr. Eder. Good morning. Welcome to OGI and the Northwest
Year 2000 Summit. Thank you for taking the time to come on what
I know is a busy summer day, and it is probably the kind of
weather you would all like to be spending the morning gardening
instead of doing Year 2000 problems. I am Norm Eder. I am vice
president of public affairs at the Oregon Graduate Institute.
Senator Smith, who has joined us this morning, is a member
of the Senate Special Committee on the Year 2000 Technology
Problem. He asked OGI to organize this briefing several weeks
ago. We were very pleased to do so, and we recruited a panel of
business and technology experts this morning to lead off the
testimony. And we want to get the audience involved as well,
and you will have plenty of opportunity to share your view with
the Senator and the panel.
Our audience today comes from a number of groups: the
American Electronics Association, local business groups, and
the Tualatin Valley Economic Development Corp.
Before we get started with the testimony, let me say a few
words of introduction about the Senator. He was elected to the
U.S. Senate in 1996, following the retirement of Mark Hatfield,
who, incidentally, was a member along--or a founder, along with
Howard Baum, of the Oregon Graduate Institute. He served prior
to that time as president of the Oregon Senate. After earning a
law degree from Southwestern University in 1979, he practiced
law in Arizona. Later, he purchased a vegetable-processing
business in eastern Oregon and successfully guided the company
to profitability and growth.
As a U.S. Senator, he sits on three committees: Budget,
Energy and Natural Resources, and Foreign Relations. That is in
addition to the Special Year 2000 Committee that Senator Smith
has joined recently.
Senator Smith, do you have a few comments?
OPENING STATEMENT OF HON. GORDON SMITH, A U.S. SENATOR FROM
OREGON
Senator Smith. Thank you. Thank you very much, Norm, and my
thanks also to OGI for setting this up, to our panel who are
participating, and all of you who are taking an interest in
this issue.
It wasn't very long ago that Senator Tom Daschle, the
Democratic leader of the Senate, and Senator Trent Lott, the
majority leader of the Senate, set up a Y2K Committee, a
special committee, because it is dawning on the U.S. Senate and
other branches of our Government just how potentially large a
problem this will be.
I sought membership on that committee and was given a seat
on it. It is chaired by Senator Robert Bennett of Utah, but
there are equal numbers of Republicans and Democrats. This is
truly a bipartisan problem and a bipartisan committee designed
to highlight, as best we can, this problem and to focus human
efforts to resolve it. We do it out of fear of its economic
impact, the kinds of panic that have set in, the kinds of
threats to human life that could result, and also out of fear
that perhaps in this modern society, we have built something of
a modern Tower of Babel that, if we don't figure out how to
resolve this embedded chip problem, we will not be able to
communicate well with one another and certainly with other
countries as well.
So it is in the spirit of bipartisanship and out of genuine
concern for the impact that this Y2K problem can have upon our
country and on our entire planet that many of us are putting
our shoulder to this wheel to try to move it along.
I know the Clinton administration is, our Senate Year 2000
recently had our first hearing to focus on the energy and
utilities sector and the President has also assigned a Y2K task
force to pursue this entire problem. I head up the general
business sector's effort to address the Y2k problem. Other
members of the committee are heading up other critical
Government services, such telecommunications, utilities, health
care, and transportation. All of these things have an enormous
potential to negatively impact our Nation if we don't get them
resolved.
Some parts of the Government have acted quickly, such as
Social Security who has a real success story to tell. On the
other hand, the FAA is telling us that all their little
stations will have lost their codes and will not be able to
reprogram it. A lot of our current FAA system are simply going
to be obsolete after New Year's Eve 1999. I wouldn't suggest
you be in an airplane at that time.
But, nevertheless, knowing that now, we will begin to make
efforts to fix that. But to the end that we not have created a
Tower of Babel, we are here to communicate today and focus on
solutions.
So, again, Norm, thank you, OGI, to all our panelists, and
to each of you for taking the time.
Mr. Eder. Well, I can assure you that today will not be a
Tower of Babel. Thank you.
Two little numbers--or, rather, the lack of two spaces for
those numbers in some software programs is cause for
significant concern. Some say the millennium bug issue is much
ado about nothing. Others envision the collapse of civilization
as we know it. Some organizations have been working for many
years to find a fix, and yet others, particularly small
business, seem to be taking a wait-and-see attitude.
The Federal Reserve sees it as a problem, sees the
millennium problem as serious, predicting that it will trim
economic growth, cost U.S. business some $50 billion, and a
worldwide cost of $300 billion. And I think that the Defense
Department is currently struggling to try to assess the cost to
national security.
To begin the discussion on Y2K issues, OGI has assembled a
group representing diverse interests. They are carefully
looking at the approach of the new millennium from different
perspectives.
There are some questions for the panel prior to your
introduction that I would appreciate if you could address
yourself to. How will the Y2K problem affect the growth engine
of our State and the high-technology industry that now is at
the core of our economic growth? How will it affect product
sales? Will tangled international trade and travel result? What
preparations are being taken by key industries such as banking
and health care in our State? And what are small business
operators in Oregon doing? And the question for the day: What
should the Federal Government and the Congress be doing to help
us address this problem?
Our panel members were invited to offer a few minutes of
individual testimony. Following their comments, I will
facilitate a panel discussion. I would encourage the audience
to ask questions or to make statements after the panelists
speak.
We now turn to a view from the high-technology industry.
Keith Barnes is CEO of Integrated Measurement Systems, an
electronics company based in Beaverton. Keith is a leader in
the high-tech industry, and we are very proud to say that Keith
is a member of the OGI Board of Trustees.
STATEMENT OF KEITH BARNES, CEO, INTEGRATED MEASUREMENT SYSTEMS,
BEAVERTON, OR
Mr. Barnes. Thank you, Norm. Good morning and thanks to
Senator Smith for coming and listening to the high-tech
community and to the rest of us about this critical issue.
I guess the first thing I would like to get across is that
this is clearly pervasive. It affects everything in our
personal lives and certainly things in our businesses. I was
trying to think of exactly what I would say last evening as I
was driving home at about 7:30, and I reached down to see
whether or not I could program the date into my automobile for
the Year 2000. I have a BMW, and it has that capability. And
thank goodness it is a new enough car where the engineers I
guess thought about it enough that they allowed it to be
programmed into the Year 2000. So at least I think my car will
still run after the turn of the century.
I am also a pilot. I would be concerned to check out every
instrument in the planes that I fly to make sure that they
don't end up having a problem with respect to the Year 2000,
because I certainly intend to be flying past that date.
I think if you take a look at most of the high-technology
companies, especially those that are doing reasonably well
these days, they take this problem very seriously. I am on the
board of two public companies and a private company and OGI,
and I am involved with other people in the high-tech community,
and I believe that most companies are taking this very
seriously.
In our own company, we have programs to go through the
priority software products and systems in our company to make
sure that they will work properly and be able to support our
customers properly, and that includes not only our materials
planning systems but our service systems, our bug-tracking
systems and so forth. And we have plans in place to work with
the vendors of those software programs to make sure that things
will be up and running as we move forward.
So I think that the high-tech community is taking this very
seriously. I think the things that we feel uncomfortable about
are pretty much the things that Senator Smith talked about, and
that is, you know, what does happen when a number of our
employees are flying around in December--which they will be
doing--of 1999 or in January of the Year 2000, or our families
are celebrating the millennium, going to visit relatives or
whatever. Will the FAA systems, in fact, be working and keeping
the planes separated and the departures and aircraft separated
in the appropriate way?
Those are the big questions I think that we need to answer.
In our own companies, I think that we look at our products,
look at the products that serve our companies, we have a very
long list of things that we look at to make sure that they are
in good shape for the Year 2000, even down to--we were talking
earlier about the climate control systems. We talked about air
conditioning and heating. We talked about elevators. We talked
about a number of things. Have we talked about them all?
Absolutely not. There will be something that will jump out that
we have not considered.
But I guess at this point, given that we don't have a heck
of a lot of time left, what we have to do is prioritize not
only our companies but also in the Government, the high-
priority, critical issues that have to do with human safety and
protection and defense so that we don't get caught off guard
and have something that is really critical that could cost
human lives.
The occasional invoice that won't happen or the occasional
problem that comes from some system that people didn't
anticipate having this problem, I think we can get around that.
We tackle much larger problems than that, and I think that over
time we will just deal with it.
So I guess my closing comment here would be to concentrate
on those issues which are critical to human safety, to defense,
and to the well-being of people, either from a Government
standpoint or within our businesses. And I think that business
on its own is really taking it very seriously and making sure
that they are compliant with the Year 2000 to the best of their
ability.
Mr. Eder. Thank you, Keith.
Senator Smith. I would like to put in a comment. One
element that I hear from my sources is that every business
ought to be really focused on fixing this. I understand the
trial lawyers are really watching this issue, too. [Laughter.]
And so there ought to be plenty of economic incentive to
mitigate it now because there is liability potentially that a
court might find later. So that is another reason why we are
all here with as loud of megaphones as we can find, to protect
human safety and to protect the wallet and keep our country
from sliding into a recession from some of these things and the
unintended consequences.
Mr. Eder. Oregon's largest industrial employer is Intel.
For a look at Intel's concerns, here is Louis Burns, vice
president and director of information technology, who, we are
very pleased, came from California today to be at this meeting.
STATEMENT OF LOUIS BURNS, VICE PRESIDENT AND DIRECTOR OF
INFORMATION TECHNOLOGY, INTEL CORP.
Mr. Burns. Thank you. I enjoy the rain, so I come here.
[Laughter.]
First off, I would like to thank Senator Smith and the
other panel members and the invited guests for spending the
time on this very critical issue to each one of us in business
and each one of us in our personal lives.
As you said, my name is Louis Burns, and I am the director
and vice president of information technology at Intel Corp. The
more popular term for that is the chief information officer of
the company. I am responsible for managing Intel's information
technology's assets and operations around the world. I am also
the member of Intel's executive staff who is responsible for
the Year 2000 Program inside of Intel and making sure that that
is not an issue for us as a corporation.
Again, I would like to thank Senator Smith for chairing
this summit to gather the information and recommendations from
an Oregon business point of view on how we resolve this issue.
I would also like to say thanks to the Oregon Graduate
Institute for hosting this. This is critical. This is an issue
that far too many people are talking about in abstract and not
talking about specifics on.
Intel is a worldwide company. We have facilities in over 30
countries around the world. In North America, we have
facilities in Massachusetts, Texas, New Mexico, Arizona,
California, Utah, Washington State, and Oregon. Our Intel
campus in Oregon is the largest Intel site in the world, and as
you said earlier, we are the largest private employer.
We have over 11,000 employees in Oregon. We occupy over 4.2
million square feet of office space in Washington County, and
our employees are involved in a range of things from
manufacturing, research and development, design, and
administrative functions.
The Year 2000 technology issue does not have a specific
impact on Intel's Oregon facility. We are treating it as a
worldwide issue and addressing it on a worldwide basis. So
there is nothing unique about our issue in Oregon. It is an
Intel issue around the world.
Let me give you some basic points and Intel's position on
this and what we are doing to respond to them.
We are taking this issue of the Year 2000 extremely
seriously. We are devoting all necessary resources to address
the problems resulting from the date change with our internal
computer systems, our suppliers, and our products. All of
Intel's primary products--i.e., microprocessors--are Year 2000
capable. We are offering a limited warranty on all current
products that are deemed Year 2000 capable, or Year 2000
capable with a fix.
For Intel's other products with potential Year 2000 issues,
we are communicating with our customer base to determine how to
best achieve Year 2000-capable status. All of Intel's Year 2000
product information is posted on our website. That website, if
you go to www.intel.com and look under support, you will see a
huge database of what we are doing from the Year 2000 point of
view.
The Year 2000 issue is primarily a software and systems
issue. For a computer system to handle the Year 2000 date
correctly, each of the impacted components--in the case of a
PC, the bios, the operating system, and the applications that
run on that--have to be Year 2000 capable. Any one of those not
being Year 2000 capable will cause you a problem.
Intel is addressing its internal systems with a
comprehensive, corporate-wide approach. Our goal is to have all
Intel critical systems Year 2000 capable by the first quarter
of 1999, and we are on track for that today.
At Intel, we are devoting significant resources to solving
this problem, but we currently do not believe that the costs of
the Year 2000 programs will have a material effect on the
company's financial position or on its overall results of
operations.
Some analysts, as you said, predict that the worldwide cost
of resolving the Year 2000 issue by the private and public
sectors may be as high as $300 to $600 billion, and even higher
if you include the cost of litigation. [Laughter.]
In the public policy arena, Intel is active in supporting
efforts to develop reasonable limits on these litigation costs.
We are currently supporting State-level efforts in California
and Texas to limit litigation or frivolous claims related to
Year 2000 issues, and at the Federal level, we are working with
the Semiconductor Industry Association to develop proposals to
reduce litigation.
This is an important issue which Intel is taking very
seriously. All companies, regardless of size or where they do
business in the world, should take this seriously and
systematically review the issues that might relate to the Year
2000.
Senator, if there is one bit of advice I could give, there
are not short cuts in this process; there are no magic bullets.
This problem is only solved by hard work, extreme rigor, and
extreme focus by every company on every part of their business
to ensure this is not an issue.
Thanks again for inviting us up here.
Senator Smith. Louis, do we have the labor literally to
physically fix all of the chips?
Mr. Burns. In my opinion, we have. I can speak for what we
are doing inside of Intel. We have--it is not just an
information technology issue. It is an Intel issue, and all
parts of the company are rallied around and involved in this.
Internally, yes, we have the talent, the knowledge, and the
labor pool to get it done. I think and I hope that is true in
general across business. We started a 1\1/2\ years ago on this
process. So if someone is starting late, either in Government
or in business, at this stage of the game that could be an
issue for them.
Mr. Eder. Thank you, Louis. And we did arrange the rain
especially for you today.
Mr. Burns. Thank you. [Laughter.]
Mr. Eder. From the concerns of big business, we turn to
small business. Ben F. Williams is a principal of WRG Design
Co., a Beaverton engineering firm. He has been involved in the
development of numerous office parks and industrial sites, some
of them being familiar to all of us in Washington County.
As a business strategy, WRG tries to stay on the cutting
edge of technology. The firm has wrestled with the Y2K issue.
Ben, thanks very much for being here today.
STATEMENT OF BEN F. WILLIAMS, PRINCIPAL, WRG DESIGN CO.,
BEAVERTON, OR
Mr. Williams. Thank you, and thank you, Senator Smith, for
being here today, and other panel members. I feel fortunate to
be here today.
My partner, Darren Welborn, was supposed to be here today,
and he had to be out of town, so I kind of got thrown into
this. So I will apologize now for not being as up on this as I
should be.
We are relatively small engineering firm in the Portland
metro area. We have grown from four employees to 65 employees.
And through this growth, we have been required to stay up on
technology, upgrading our software continuously from a year-to-
year basis. We are being told by our vendors that our software
is Y2K compliant.
We also are fortunate to have two very good employees on
staff that are going through the software and trouble-shooting
it and making sure that it is working. However, as everyone
knows, you can only trouble-shoot so much when you are working
the long hours that you do as a small business. So we are
dependent upon our vendors to make sure that it is Y2K
compliant, because if it is not, it will affect our business
later on.
Because of that, some things that we would like to see
implemented from the Government, what we would like to be
looking for is some sort of certification from these vendors,
making sure that they are Y2 compliant and that there is some
sort of off-site testing going on out there that they can
assure us that compliance is being made, not only from the
vendor's mouth but also from an outside source. We will
continue in-house, obviously, but it would give us a triple
check.
I am a civil engineer. By definition, that is problem-
solving, and I see this as a problem, and I think we all need
to stay focused together and work on the problem and not stop.
I think some of us need to be identifying the problems and
making sure we are staying out there on a global region, and at
the same time, while those are looking for the problems, we
need to have other people taking each one of those problems and
making sure we are going through and we are doing the little
check list items. Because if we don't, in 2 years it could be a
major turmoil for the United States internationally and
nationally.
I personally don't want to be around here for that. It is
kind of like working as a small business and a consultant on a
project. I take the same approach. We go through our task list
and we say these things all need to be done. And I go through
and I make sure each one of those things are done, because I
know when the project is due and it is being built, if I
haven't done those things, there are going to be problems
between me, my client, and everybody else.
I would like to close with that, and I hope that Senator
Smith will get the support he need to insure the United States
is prepared for the Year 2000. I am happy to see that you are
taking this on, and I will let you know that the small business
community is behind you, and I hope that there are other
businesses that support these types of things that I am asking
for.
Mr. Eder. Our next speaker represents the health care
industry. She is Rita Aikins from Providence Health System.
Rita has been responsible and is responsible for the system's
Y2K compliance on the west coast. She has worked in health care
computing for 18 years. Rita is based in Portland.
STATEMENT OF RITA AIKINS, DIRECTOR, DATA MANAGEMENT SECURITY,
PROVIDENCE HEALTH SYSTEM
Ms. Aikins. Thank you, Senator Smith, for having us here
today, the panel, OGI, and all of you out in the audience that
are here today to listen to us.
My name is Rita Aikins. I am from the Providence Health
System. Just as everyone else is throwing out some numbers, I
will tell you that the Providence Health System in the Oregon
region has over 10,000 employees. So we are a very large
employer for the Oregon region.
The Year 2000 Project for Providence is being managed from
a corporate level, so we are actually pulling all four States
together--Alaska, Washington, Oregon, and California--and
looking at this from a corporate level. We have formed a Year
2000 Project office, and that office is basically responsible
for high-level project management and coordination to make sure
that we are not duplicating effort in any of our service areas.
I believe that most health care organizations and providers
are now starting to take the Year 2000 millennium bug
seriously. I heard a quote yesterday that some folks are
expecting that one in four hospitals will not make Year 2000
compliance.
At the Providence Health System, we are taking this
extremely seriously, and we are basically approaching it from
seven key areas. The first area is software. Within health
care, software is divided among the many departments that
operate. I like to think of health care as a small city because
we have--you know, we have so many different areas, and each
area--be it patient care, patient accounting, radiology,
nursing, laboratory--in many cases they each have their own
unique software that they are using. And then, on top of that,
the software usually runs on its own server, has its own
operating system and its own database. So we have not just one
system to bring compliant, but we have many pieces of software
to make sure that they are all reaching compliance level.
Also in health care, software tends to be vendor-developed,
so we really do need to rely upon our vendors to bring their
software to Year 2000 compliance. We have sent registered
letters. We have received letters back. And I can tell you that
the responses from the vendor community are all over the board.
At the Providence Health System, we are not assuming
anything. If a vendor says that they are compliant, we will
still proceed with full testing of that software.
We also have interfaces, and we utilize what is known as an
interface engine. We have a lot of data flowing through our
system, so we have all of the interfaces that we need to look
at and make sure that both internal and external data is moving
correctly.
We also have electronic data interchange in place where we
utilize automated claims and electronic funds processing. That
needs to be compliant as well.
Our third area is hardware. Luckily, our hardware used is
the same hardware that is used across all of the other
businesses, so that is one area that we do share with other
businesses.
We have facilities. Again, that is something that is
shared, when you talk about the building infrastructure, is the
elevator going to work, is the security system going to work,
et cetera.
Telecommunications, are we going to have communication on
January 1, the Year 2000? And trading partners, suppliers,
that, you know, normal business, trading partners, we want to
know are those folks compliant, are we going to be able to
still continue to do business with that area on January 1.
And then last, but certainly not least, that is unique to
health care is biomedical equipment and clinical engineering.
Because of health care's demand and use of medical devices for
patient care, we have lots of equipment that have date-
sensitive embedded chips in them. An organization such as
Providence, we have about 18,000 devices. Now, some of those
devices need to be checked and are definitely date-sensitive
and could impact patient care of they are not Year 2000
compliant. We have gone through, done an extensive inventory,
know which ones. We have basically set up a compliance level,
know which ones we need to test, which ones do not have date-
sensitive chips in them.
To give you an idea of what I am talking about when I talk
about medical equipment, we are talking about infusion pumps,
ICU monitoring equipment, laboratory diagnostic equipment, MRI,
CT scans, other radiology equipment, radiation oncology where
the amount of radiation could be based upon a patient's age. So
I think it is very critical that health care take this
seriously and that the hospitals that have not, something needs
to be done to start them on the process because we are running
out of time. Providence has been actively working on the Year
2000 Project for over a year.
I would like to close with just two comments that are
critical to health care. If we as an organization become Year
2000 compliant, the question that we have is: Will the public
utilities be compliant? Because primarily water and power for
our employees, if those systems aren't Year 2000 compliant, we
are afraid we will not be able to deliver patient care.
And then the last one--and this is for you, Senator Smith--
we are concerned if HCFA will become compliant since that is
our largest health care payer and will we be able to receive
our funds for the health care that we have delivered so that we
can continue our business.
Thank you.
Senator Smith. That is a good question. [Laughter.]
But I believe the answer is yes, and I am actually happy to
tell you that this is the highest priority in the Federal
Government, and I cited Social Security as an example whereby
this fix may already have been for the most part achieved. But,
clearly, there are other systems.
But it occurs to me, Rita, that if one in four hospitals
will not be Y2K compliant for one reason or another, and with
all the embedded chips in medical equipment, our hospitals,
which are places that heal, could become a very, very dangerous
places to those individuals whose health is vulnerable. So,
clearly, the embedded chip problem affects not only the Federal
Government and the General Motors assembly line, but it also
affects hospital operations.
Mr. Eder. This is certainly a problem we all need to be
aware of, and this forum was to provide us with some breadth of
understanding.
Mr. Eder. Let me turn finally, but not least, to banking
and financing. Our speaker is Lloyd Bell from Bank of America.
Lloyd serves as vice president and manager of Year 2000
Projects for Bank of America. He has working in banking
computer systems for 25 years. Lloyd.
STATEMENT OF LLOYD BELL, VICE PRESIDENT FOR Y2K, BANK OF
AMERICA, PORTLAND, OR
Mr. Bell. Thank you, and thanks for the opportunity to be
here. I appreciate your hosting this event to hopefully not
only increase Government awareness but also others.
Bank of America has been working on Year 2000 compliance
since early 1996. There have been many comments made here about
the types of activities that each business and industry is
undertaking. Our approach has been primarily to try to
inventory--we started trying to inventory those things that we
do, and systems and procedures, items that we have that could
be compliant, which we talk a lot about computer chips and the
problems that they can cause. There are Year 2000 issues beyond
those. Certainly we have talked about catastrophic issues. We
have felt strongly that we obviously want to avoid the
catastrophic issues, but we would like to avoid the
inconveniences as well, and I will use a really simple example.
I don't know how many thousand forms there are in the world
that have 19-blank-blank on them. Obviously you can cross out
the 19 and write 20, and that is an inconvenience. It is not
going to cause the country to grind to a halt. But even to that
level, we are trying to identify what are the things that we
need to change in our organization, anticipating that there
will be some issues that aren't uncovered. We would like not to
have to be dealing with the inconveniences either so that we
can turn our attention to whatever problems remain that weren't
discovered.
Beyond inventorying our own house, so to speak, we are also
dealing with the compliance of vendors that provide services to
us in all sectors, trying to understand the compliance of our
customers. It could be a significant issue in the banking
industry if those who have major lending relationships with us
are unable to stay in business, we are not interested in having
that happen, and so we are working with our credit customers to
review with them their compliance.
We are evaluating our own liquidity, anticipating any type
of requirement for funds that may exist at the turn of the
century. Hopefully there won't be a panic, but we don't want
people to feel like they can't get their hands on their money
if they need to.
The OCC--there is Government involvement in the banking
industry, as I am sure you are aware. The OCC and Fed have
provided compliance guidelines that the banking industry is
required to respond to. Obviously we are doing that at Bank of
America, but we also feel, as we discuss with our counterparts
in the banking industry, that the banking industry is paying
attention to those compliance requirements and responding to
them. We started our efforts before those compliance
requirements were created, so we feel that we are kind of ahead
of the game in that regard.
For the most part, the banking industry's objective is to
be compliant with Year 2000 by the end of 1998, and we are on
target within the bank to accomplish that, and generally, the
industry is working towards an early 1999 compliance and making
good progress.
At Bank of America--some numbers have been mentioned as far
as costs--we are estimating our costs to be between $250 and
$300 million worldwide to become Year 2000 compliant. If you
compare that against the $50 billion number that was quoted
earlier, that may not be enough.
The Year 2000 is the top technology priority in our
business. At the highest levels in the bank, there is executive
commitment to compliance by the end of 1998. We have contacted
all vendors that we do business with and asked them to provide
compliance responses to us. We have a major centralized task
force in the bank, and we are developing contingency plans to
deal with those vendors who may not be compliant and may not be
able to provide services to us.
Major issues for the bank have kind of been mentioned a
little bit already, some of them. One is the validity of
compliance statements that we receive from other companies. We
have certainly had the experience that a company has told us
that their product is Year 2000 compliant, and our own testing
has revealed that it is not Year 200 compliant. We have gone
back to the vendor and tried to work through those issues.
We have concerned about compliance efforts in all sectors,
particularly some of the areas that have already been
mentioned--the utility industry, the transportation industry.
As we have approached some of those providers of service to us,
we have gotten uncomfortable feelings about just how dedicated
they are to recognizing the problems that have to be solved.
And, obviously, there is nothing we can do about it if the
electricity goes off. We can't prevent that problem ourselves.
How can Government help? Well, one other comment. You have
also referred--or someone did--to litigation. That is a major
issue. We are finding that communications between companies is
sometimes restricted because of concerns regarding litigation
and how much information should we share and have we made a
warranty by making a comment that we are then subject to some
litigation that there is a problem. So the litigation sector is
not insignificant. It is a significant concern.
What could the Government do? One thing is to try to
identify--it is getting kind of late, really, to deal with it,
but to provide some standards of compliance that companies
could follow and say we have done this. Now, that has happened,
as I said, for our industry. The OCC has provided to us--and
they have audited us, and all the banks are being audited by
the OCC to determine that we are following their compliance
standards. There aren't necessarily agencies that regulate
every piece of business in the country. I suppose probably that
is good. But it would be helpful to provide compliance
guidelines. We are trying to do that ourselves to our own
clients, some sort of self-assessment tools and those kinds of
things to help businesses determine their compliance.
Another item is to assure compliance in the public service
sectors. Many of those services are offered at the State and
local level and not at the Federal level, and I don't have an
answer. One of the concerns that we have observed is some
legislation in some States to eliminate the responsibility if
there is a problem, which kind of works against solving the
problem if that happens.
There is some possibility of opportunism in this whole
process of companies to take advantage of the situation and the
lack of understanding and knowledge, and yet I am not sure
exactly what the Government's role in that could be except to
be aware that there are those who will, as in almost any
environment, try to take advantage of the situation.
My last thought as far as the Government is just what
should John Q. Public do. Most of the business world is
worrying about itself in one way or another. As friends and
neighbors and relatives learn what I am doing, I am often
asked, Well, should I worry about my computer at home? What
will that do? And, you know, that probably goes back to the
category of an irritant as opposed to a catastrophe. But it
would be helpful to provide to the general public some things
that you could to determine whether or not you are going to
have an issue in your home with your personal computer.
Thank you again for the opportunity to share our thoughts.
Senator Smith. I would just point out that one of the
sectors on the Y2K Committee is dealing with litigation. I
think it is highly unlikely that we would agree that there was
no liability, but there may be some boundaries put on that
liability, some thresholds. So that is an issue that the
Congress is exploring.
Mr. Eder. Well, it is apparent that banking, health care,
manufacturing, high-technology, small business, that all of us
share an interest in addressing the Y2K problem, that it is
intertwined with the nervous system of our entire society.
Let's take a few moments to give the panel an opportunity
to respond, either to follow up some of their own comments or
others' comments. First, do you have anything else to add?
Mr. Barnes. Well, actually, I guess I would have more of a
question. I think this concept of certification is extremely
important, especially for critical businesses like banking and
health care. Certainly it could be something that could be
extended to our own business. I guess my question would be:
Given how much time is left, what is the likelihood--and I ask
the Senator this because I knew him first as a businessman and
then as a politician. So he has both perspectives, I think.
What is the practical reality of putting in place some kind of
a nationwide certification program to make sure that businesses
would be compliant? Because we really don't have a heck of a
lot of time left.
Senator Smith. No, we don't. I think there is a possibility
we can do that. That is the reason the committee has been
working so hard to develop a package of proposals for the whole
Congress. This is one of those things where we are saying, you
know, what is the feasibility. I don't have an answer for you
today, but I do know that is an issue we are exploring.
Mr. Eder. Well, we are going to turn--let me give one last
shot to the panelists, then we will hear from the audience.
Mr. Burns. The one comment I would make is the concept of
certification has a lot of merit. The concern I would have, if
the Government were to go to a position of trying to put in a
nationwide certification by industry or whatever segmentation,
is would we run the risk of businesses stopping and waiting for
that certification to start on this problem. And that would be
my biggest concern, because if business has not started yet
with the issue, if they were to find a reason not to start,
that would be a much bigger issue.
Mr. Eder. Further comments?
Mr. Bell. Senator, I have a question regarding local
governments. Is there an effort from the Senate's committee to
involve and help local governments make progress on this issue?
Senator Smith. Absolutely. Again, it is one of the sectors.
We have broken it down into eight sectors. We have local and
State governments as one of them, utilities, health care,
telecommunications, transportation, financial services,
business services, and litigation. But local governments are
where the rubber meets the road, if you will, and perhaps it
will be most felt at that level. So means and money are being
authorized and appropriated to help local governments deal with
this.
Mr. Eder. I have one question. I will take the prerogative
of the chair to ask one. This is clearly an issue which is of
great importance to all of us. Many of our companies and
institutions are dealing with it. But how do you, those of you
who deal internationally, deal with offshore vendors or
offshore customers? And is there an opportunity in American
leadership, and specifically Oregon leadership, in dealing with
this and solving this issue and turning it into a business
opportunity? I know that there are some people in the audience
that are consultants and this might be a question of broader
concern.
Mr. Burns. I will address everything but the business
opportunity, because while there are probably opportunities in
this process, I think solving the problems should be the
highest priority.
We deal internationally, like I say; we operate in 30
countries around the world. In dealing with our suppliers, we
have an extremely active program of polling them, talking to
them, and going on site to their business and talking with them
and seeing where they are at with certification and making sure
that they are on track. Because if our suppliers don't ship to
us, we don't ship product, which has a rather interesting
impact on the technology industry. So we are active in that
process, and we get a mixed reaction, again, both in the United
States and offshore, as to how those vendors are working on it.
We have applied the same formula worldwide in how we are
attacking the problem. So far it is working pretty well.
Mr. Barnes. To add a little bit to that, I think that with
respect to our company, we have a fairly thorough program to
address the Y2K problem. But we are a smaller company. Even
though we have a lot of international business and we require
our vendors to be compliant, I think we probably do more than
many of the international companies that we deal with, with
respect to trying to provide compliance in our own company. But
I am not sure we have the resource to go and test every piece
of software. You know, if a vendor gives us a compliance
statement, I am not sure we have the resource to go test every
piece of software to the most thorough extent.
So, I think that based on some of what I heard with other
software coming in and having compliancy presented with the
product, there is going to be some uncertainty out there. And I
think that in our case, the things that we feel most certain
about that are really high-priority issues that, are really
going to stop our business or stop our customer's business, and
we are addressing this first. So, this concept of really having
certification and compliance you can believe in I think is
going to be important to companies that don't have the
resources to test every single product that comes in. And that
in itself might be something that we can get help from either
the Federal or local governments to work with, maybe some kind
of testing lab where you can take products to and get them
certified, that might be helpful.
Given the time, it is a difficult challenge, but I just
don't think that a lot of businesses are going to be able to
test every single product that is dropped on their doorstep, no
matter whether it comes with a compliance certificate or not.
Mr. Eder. Well, now it is the audience's turn. If you have
questions or comments, let me ask first that you speak up
because we need to get this on tape, and also state your name.
Mr. Ruehle. Yes, my name is John Ruehle, and I have a small
firm. My concern, I will address it in two parts. The major
part is the public service and safety issue at the State level.
The Y2K problems are going to occur in the dead of winter. What
is being done on the State level to ensure that the power, the
heat, electricity, water, sewage, and all that is going to be
compliant? Because that will affect not just businesses but
affect every household. If the sewage doesn't work, the
restaurants have to close down. If the water doesn't work, what
does that mean to health? If the power is not there and the
heat is not there in the dead of winter, what is going to
happen to the people that rely on that and are low income, as
well as people in the upper-income brackets in their homes? So
that affects everyone. And what are we doing from the State
level to ensure that the utilities, which are so basic, are
going to be compliant?
The second piece of that question is I think we have a
shorter runway in many areas in the Year 2000. Most people are
getting familiar with the date 999 that was used by many
programmers, and the embedded chips going to the medical
devices in some research that we have done, we find that the
testing devices will pass the Year 2000 test, but they fail
999. And there is--and I am confused about which is the Julian
and which is the Gregorian calendar, but there is also--so
September 1999, 999, will be a severe date, and then there is
the 99th day of the 99th year, which is going to fall sometime
in April, and certain systems count the number of days. And
they are showing that some systems will fail--are failing that
test. So we really have a shorter runway than the Year 2000,
and, again, I address this to the public issue of safety and
health. Is the government going to do something at the State
level regardless of international and national, but at the
State level, what are we going to do to make sure that those
basic utilities are going to be functional?
Senator Smith. I can't speak for the State of Oregon. I
honestly don't know what preparatory actions they are taking,
but I can tell you at the Federal level, our first hearing was
on the issue of energy. And I think we fortunately have the
luxury in our country of taking energy for granted. We may find
out through the Year 2000 problem what it would be like to have
our dams removed because we may not be able to hit a switch and
have the light go on or be able to go to a restaurant or to a
hospital. We can't do anything, folks, if there isn't energy
produced first. It is that threshold an issue. That is why it
was the first issue.
I know our committee and the President are communicating
loudly with the utilities and trying to bring those things into
focus so that we don't have these kinds of brownouts that will
inevitably occur. A lot of energy questions.
Mr. Ruehle. Are we doing any--from the State perspective,
should not we be doing something to force the utilities to
become compliant above all else?
Senator Smith. Absolutely. We are trying to do that at the
Federal level. I just can't speak for the Governor. I don't
know.
Mr. Sussman. My name is Leslie Sussman. I am president of
Sussman, Inc. I have been project manager for a $5 billion
company and project manager for the largest trade union in the
State of Oregon. I am doing risk assessment and QA in the State
of Oregon and the State of Washington for different agencies.
That is my day job. My night job, I am writing booklets about
Year 2000 on what would be a united way trying to get a
program. I am really tired, and we have got 18 months to go. My
perspective is that there is not a lot of winners. My premise
is that we are facing a major catastrophe.
I am from New Zealand, and I think that if we don't take
action, it is going to be shame on us. And there are several
things I want to have happen, but--excuse me. I am a little
excited here. You have given us an opportunity, and I feel very
strongly that, first of all, the Government of the United
States needs to understand its responsibility and its
accountability worldwide. The Government plays a critical role.
You talk about the States. You talk about the hospitals. The
Government has got to get their job done to make it work for
everybody else.
If you think about Canada, if you think about our partners,
our trading partners with the United States, the U.S.
Government is incredibly accountable for success worldwide. We
have only got 18 months to go. I want to address your calendar.
We start fiscal Year 1999 today in 60 percent of the States,
and 1999 is an exception in a lot of systems. I am expecting we
are going to have some small problems.
In October, we start fiscal year 1999, and I think we are
going to have more. January 1, 1999, we are going to have 1-
year--I think we are going to have even more problems. It is
going to grow. So you are right. The window is smaller. It is
not that far away.
Also, we are doing things that we have never done before.
This is a research and development project. People have
inventories, and contingency plans--contingency plans is a huge
portion of this. How many companies have contingency plans
today? And how easy is it to create those? It is not easy. I
have been a project manager for 20 years. Are we just going to
pop these out in 18 months? I am working with a lot of medium-
sized companies, and they are particularly dependent on other
people. They use technology, but they don't have the expertise
and know-how. A lot of what we are trying to do here, we have
got to get down on paper and manage it. It is easier for some
of the bigger companies. It is not easy for the medium and the
small companies. And the awareness is not there.
Sorry. My premise is we are facing a catastrophe. What I
would like to see from you, first of all, is, again, an
understanding of the accountability and responsibility that the
U.S. Government has worldwide. I would say that of all the
people in the firm--and I can't talk for everybody--but a lot
of us spend a lot of time trying to get awareness, and we would
rather be working on the problem.
Third of all, list our priorities, and I have a VIP Plan, I
have worked those, and that wasn't until I really sat down and
thought about it. No. 1, I think is protection from nuclear,
germ, and toxic waste. I think we have got a lot of systems
that depend on that, and I think that comes first because if we
don't protect that, then we don't have clean water. I think we
need to list our priorities.
We then need to mobilize and strategize. We are talking
about spending $1 billion on the IRS, and that system doesn't
work today. You know, who is going to pay for this? We haven't
even started to understand how much this is going to cost us.
But we must pay attention. The money has got to flow, and we
have really got to understand worldwide what drives these
things.
Then there is some protections. The clients that I am
talking to, they want assurances today. They want me to have
errors and omissions. They want me to have all sorts of things.
A lot of the companies won't even touch project management.
They will audit, but they won't do the work because they are
not willing to take the risk. We have all got to get to work on
this.
So some of the ways to do it? I would really like to see
what network food chain looks like with the U.S. Government and
what the responsibilities are. Because however successful the
U.S. Government is, so go the rest of us. That means the
States, and that means other countries.
We need to assign priorities, and we need some leverage.
There is not--there is a lot of talent. I think we have got
enough people and we have enough time, but we have to get
focused and we have to get to work. There is not enough
contingency planning. There is not enough project managers.
There is enough talent, though, in my judgment, and work on the
right things for all of us. And if we all look at motivation,
how do we motivate? Some of the things we can talk about doing,
get out there, get motivation, and get prioritized.
Thank you very much.
Senator Smith. Thank you.
Audience Member. I am a lawyer. We have had a lot of
discussions about lawyers this morning. In terms of the cost to
fix the problem, $300 to $600 billion worldwide on the high
end; the cost of litigation, in excess of $1 trillion. If that
is true, it is a $1.6 trillion drag upon the world economy if
predictions are, in fact, what we heard in the discussion. You
say you are both a businessman and a politician as well. We
have experience in the environmental sector where most of the
dollars spent get spent fighting battles about who is
responsible and the dollars don't get spent toward cleaning up
or fixing the problem. Yet it seems to me in the discussion,
Mr. Burns made reference to legislation in Texas and
California. Some of that legislation has been directed toward
putting tax on liability for responsible behavior.
For example, a software vendor will go ahead and attempt to
identify the problem, identify a fix to it, make that available
to purchasers of their software on a cost-free basis.
Currently, there are 50 to 100 websites right now that we have
identified through tracking this Y2K problem. One of them is
keeping track on a rolling basis of the number of lawsuits
filed. There are already seven filed on the last count. Perhaps
maybe it is more than that.
The nature of the lawsuits tends to be that the software
vendor sold the software with an express or implied warranty
that it would work, and the working would include the Y2K
problem. When it doesn't work, the class action suits that have
been filed have been toward a breach of either express warranty
or breaches of State statutes because the vendors are requiring
people to pay to fix the problem. The legislation that has been
proposed in part would tend to provide a safe harbor if the
vendor provides a free fix.
I guess my comment, and perhaps it is in the nature of a
question, is what can be done--I don't know whether you have an
opinion yet, and you have indicated that a sector is addressing
this issue. What can we do, assuming you are supportive of
legislation, that would encourage people to behave responsibly?
And we have got the time problem. It needs to be done soon.
What can we do to create a political climate? Because the
reaction to the proposed legislation has been it will sell out
the business community and the taxpayer or the consumer is
going to get stuck with the problem. What can we do to
encourage a political climate in which we can create activity
that would cause it to be directed in a positive way?
Senator Smith. I would say certainly by what we are doing
here today is one way I am trying to help get this started and
create the political dynamic where we can get something done.
I do want to say to you in the strongest of terms that
President Clinton, the U.S. Senate, and the House of
Representatives are putting the ways and the means to fixing
and at least mitigating the consequences that we believe there
to be.
There is a debate as to the extent of the problem. I rather
side with the woman from New Zealand in the evaluation. That is
why I sought membership on this committee.
Sometimes I feel like Paul Revere, and sometimes I feel
like Chicken Little. But somewhere in between there, we have
health consequences, we have safety consequences, we have
potentially worldwide recessional consequences if we don't fix
this. And so I am just saying amen there to what you are saying
in trying to do something about it.
Audience Member. I hope you can tell me that I am wrong,
but I received an independent report from a group called the
Barron Group based in Washington, DC. The report indicates that
there is approximately 80 million lines of code, and the Social
Security system has dedicated only 400 software engineers to
update that. But as of March this year, they have only gotten 2
million lines of that done.
I have a second question for Mr. Burns. How far back are
your chips Year 2000 compliant?
Senator Smith. I would say that, first of all, we just had
a report from the Social Security Administration about how they
were making great progress and felt they had the manpower to
fix their system. But, again, I am not suggesting that it is
entirely done. It is a work in progress.
Mr. Burns. And as I said, the microprocessors that Intel
make, our primary product, are all Year 2000 compliant, and if
you go to the website, you can look at any specific product or
ask about any specific process.
Audience Member. So it goes back 3 years, 5 years?
Mr. Burns. I don't know the exact date, but go to the
website. It will give you exact product by product, speed by
speed, rev by rev, what you need to know specifically.
Mr. Lacroix. Hi, Senator. I am Roy Lacroix, the Y2K program
director for Oregon Health Sciences University, and there are
about four things I would like to see from the Federal
Government. One is leadership, continued actions from what you
are doing today. I would like to see your committee, your area,
lead the leadership effort here inside Oregon. I would like to
see the mayors, specifically Mayor Katz, and Multnomah County
commissioners having discussions on contingency plans for the
area.
One of my jobs just here in our health care area is to
start talking about contingencies. What do we do if we don't
have power? And I am not talking about complete lack of power.
What if we have brownouts, unstable power? How long can a
hospital and various critical entities go without power? And
the same thing for phone and water, all the key utilities. I
need to know where those utilities are. I need to know what the
likelihood of stable power or unstable power is, so I can make
contingency plans. My contingency plans are not cheap, so as I
try to go to the board of directors and get information so I
can start addressing these issues, I need good information.
The next thing that I would like to see is discussion from
the mayor level, your level, to help bring Providence and OHSU
together at a very high level. I can have conversations with
Rita, but it really is going to take the president level or
probably the CEO level to start talking about things. How do we
share patient loads? A good example is trauma centers. Are two
important, or just use one? I don't know that we have enough
capacity to share--to pick up the other one's trauma center
load should we have problems. So I need disclosures from the
utilities, as best as they can, for making contingency plans.
The other thing that I need and I think health care needs
is good regulatory information from--for example, I came from a
health care conference in Washington, DC, last week, and the
real concern was a memo, which may become regulation, stating
that health care providers need to be Y2K compliant to deal
with HCFA, but HCFA did not have to be compliant. Where our
problem comes is how do we interface with them? I don't really
care of they are compliant, but if they need me to be
compliant, what do they mean and how are they setting up their
compliance matrix so I can interface with them. I am a little
leery of regulatory items like that.
Senator Smith. A double standard.
Mr. Lacroix. Right, right. I need to know how to interface
with them. They need to be able to tell us.
I believe the last one was, once again, back to community
awareness being driven at very high level forums like this. I
believe we should have them at least quarterly here in this
area, and I would like to see it expanded to include the
highest leadership levels here in the area.
Multnomah County is doing a very good job of awareness.
There is a lot of e-mail going on. But it is taking place at
the program director, project manager level. I would like to
see the awareness and the discussion starting to take place at
the top level down. We are running out of time. The discussion
needs to shift to the top level with business and community
issues.
Thank you.
Mr. Eder. Don VanLuvanee, also a trustee of OGI.
Mr. VanLuvanee. I am Don VanLuvanee, CEO of Electro
Scientific Industries and current chair of the Oregon American
Electronics Association Council. I have got a real simple
request. I think the No. 1 thing is to provide overriding
legislative relief for frivolous lawsuits in this area, because
I think that is the thing we are all concerned with.
Mr. Mitchell. I have two comments. One is that all these
individuals here are from large or relatively large companies,
and they are in a position to have proprietary software that
they are under control of and that they can fix themselves. But
some of us are small business owners. My name is Andrea
Mitchell, and my husband and I run a very small business, and
we are using off-the-shelf software. So you need to have a
similar conference with the large software providers, Quicken,
Novell, Microsoft, all of these people, to find out if the
software packages that are being provided for the small
businesses who will be going and buying them off the shelf are
also Y2K compliant.
My second point is, if there is some kind of certification,
please make it free because, otherwise, the small businesses
who are producing product, they run a marginal thing, they are
operating out of somebody's basement, they don't have the money
to spend--$50,000, $100,000--getting certification to say that
their product is Year 2000 compliant.
Thank you.
Mr. Smith. My name is Paul Smith. I am a private citizen.
One of the things I am concerned about is that we live in a
constitutional republic, and it seems to me like this is a very
great opportunity for whatever freedoms that we have be all of
a sudden swallowed up into some sort of a morass of Government-
issued documents and people walking in and doing things. And I
think we need to keep in mind that we are a constitutional
republic, and there are things--yes, there are things that we
need to talk with back and forth, but I take a thing about the
TWA flight that was shot down here, and because of that, we
lost a good deal of our freedoms. If you have been through an
airport lately, you have found out what kind of freedoms you
have lost. Then there is a constitutional issue against
unlawful search and seizure, and we gave all of that up in an
airport.
Now, I am not saying it is bad or good, but I am saying it
just happened without really contacting people and saying do we
really like this, do we want this. And so some of the things--
they are some of the things I think we need to be aware of, is
that, yes, we need to have Government--I think what I would
like to see is Government as a facilitator instead of--you
know, because I can see a lot of the regulations, particularly
when you are talking about a regulation that comes out of a
Government office that says, well, you will be or certify to us
that you are Y2K compliant, and then, well, what does that cost
me? You know, what does that cost me as a citizen? Because
everything in an industry basis that comes down to me as a
private citizen when I walk down to the store to buy a piece of
software off the shelf and now that software that used to cost
$50 is now $500 because of the Y2K problem that it had to be
complied on. You know, I have got an old computer that I
realize--in fact, I have got two of them that I realize I will
probably junk after some near future time because I don't have
the money and it is not worth going in and finding the little
chips in it that are--you know, and I do some business on that,
so I am going to be required also as a private citizen to go
out and get a new Y2K-compatible computer.
There is a tremendous number of those in industry around, I
am sure, small businesses, this sort of thing. So I think that
we need to have that addressed on a free basis, on a republic-
type basis.
The other thing that concerns me is some things I have
heard about FEMA, and FEMA is the organization that we would
look to if we had these catastrophic things that happen, and we
have not heard about how compliant FEMA is because those are
the people that should be able to--I mean, they should have
been compliant 3 years ago so that they could have
contingencies, so if this happens we have communities or we
have somebody or something like that to come in and help us
out.
I think with Social Security, yes, we have a lot of us--
which I am approaching Social Security age, but that is not the
whole thing. I think that we need--when we are talking about a
long-term issue or a near-term issue, I think that the survival
of the flood water is the sort of thing that we are looking at.
Senator Smith. I just want to assure all of you that
Republicans and Democrats that I serve with in the U.S. Senate
cherish our civil liberty, and there is a tension between
safety and liberty, and we are mindful of that, that the
Government that our Constitution produces has an obligation, I
think, to do everything we can within constitutional boundaries
to assure your safety, and that is the spirit of what you were
operating.
Mr. Eder. We have just a few more minutes, so we will
squeeze as many questions as we can in, so please keep them
brief.
Mr. Hofland. My name is Richard Hofland. I am the Year 2000
project manager for the city of Portland, and it is pretty
clear, I think, to all of us who have been involved in this
stuff that this is a partnership game. Everybody has to do
their own part. Municipalities, for example, we must make sure
that the 911 system operates and that we get clean water and
take care of the sewage, and you have to make sure, Rita, that,
you know, the hospital is working, et cetera. It is just a
partnership thing.
As we talked about the issues about what prevents us from
getting the information we need to do a good job, I think there
are some limitations. People are unwilling to share information
because they are concerned about liability issues. I think that
in your June 12th hearing in Washington, I believe that Charles
Siebenthal suggested that you actually place some liability
limitations against, you know--or people, if they are sharing
technical information, they ought not to be held responsible
for making mistakes in having shared that. I mean, you put out
information that so-and-so, such a piece of hardware has got a
Year 2000 problem, you are reluctant to do that because the
person that made that may come back on you. Well, if you are
not doing it maliciously, if it is in the interest of trying to
get information, that is fine. There ought to be some--I think
the business--and other people mentioned about frivolous
lawsuits, somehow defining that in a way that gives some
protections.
The second thing that a number of people have mentioned
here is whether or not the municipal services will be up and
running. You know, clearly that is going to vary depending on
the municipality. It is just like any other critical supplier
to your business or your operation.
Senator Smith. What are you hearing from PGE and Ma Bell
and others?
Mr. Hofland. Well, you know, that is a very long
discussion. [Laughter.]
I have certainly been in touch--I have been in touch with
PGE, with the gas company, with U.S. West. Those are clearly
critical suppliers to all of us. Those are actually forums like
this where we have--we certainly need to hear from these kinds
of industries, but we need almost like utility forums. I think
someone suggested--I guess it was you--that we have the
municipals, you know, be in these forums.
One of the things that could happen there, you speak of at
the highest level, you would like to see Mayor Katz, for
example, up here. You know, that is possible. At the same time,
you know, we don't have necessarily the chief executive officer
of any of the utilities there. What you want is someone who
really does have a grasp and can be articulate about it.
I think the other point [Laughter.]
Mr. Boy, I am not a politician. My apologies to my boss.
Another comment about--you know, I think it was Mr. Barnes
who was commenting that many small businesses may not have the
ability to absolutely test everything. Can you rely on vendor
certifications? Maybe not. You don't have the resources to test
everything. I think you are going to find municipals in the
same predicament. We, too, do not have the resources to test
everything, particularly given the overall taxing constraints
that have been evidenced in the State of Oregon recently. The
last thing people want to spend money on is a bunch of guys in
the basement that are talking about COBOL programming when we
have got police that we need to keep on the streets. So, you
know, you have this tension. At the same time, we do have
obligations to make sure that the software operates.
In terms of raising awareness within the organizations--I
will try to gently come up against my comment here about
whether or not the people at the top know what is going on. I
can assure you that the city--the mayor is very much aware of
what is going on, and they have made this a very clear priority
that this will be taken care of.
So I would hope that the Federal Government could do some
things in terms of limiting certain kinds of litigation and
liability. Certain kinds. I mean, you can't--you don't want to
limit liability for people that are, you know, doing stupid
things or failing to perform diligently in addressing the
problem. You are going to have a political problem with that.
You can't protect the people that are doing dumb things. But
people that are in the interest of partnership and in the
interest of trying to solve this problem, I think that would
help some.
Mr. Eder. We have one last question.
Mr. Duncan. I am Jeff Duncan with Louisiana Pacific. We get
a couple to a dozen letters a day from our vendors and our
suppliers and customers. We tell them about our plans. We tell
them about our projects. We tell them about what our intent is,
what our desires are. But we are not going to tell them we are
compliant. We are not going to tell them we will be compliant.
It is obvious that our legal department has told us not to do
that. It comes down to the same thing others were talking
about. We don't want to set ourselves up for litigation. That
is pretty obvious. I think it ties in with the comment about
some type of limitation and reasonable effort or good intent
that you should have limitations on liability.
But there is another impact on that. We are not the only
ones with a legal department, and a lot of vendors of software,
of computer hardware, of other hardware, that we are trying to
deal with, they are getting the same advice. As a result, when
we go out, and we found thousands of processing units in the
hundred plants that we have, we go out and research to tell
which ones we really need to address. We are running into some
walls where those vendors aren't willing to say a problem
exists because they have got the same issue about opening
themselves up to litigation later on.
So two issues come out of that. No. 1, a comment that was
made earlier, a third party, possibly the Government,
possibly--a third party that can go after the 80/20 rules of
off-the-shelf applications, of pieces of hardware,
manufacturing PLC's, common PC's, computers, whatever, take a
look at these on an 80/20 basis, the computers and hardware and
software that a lot of people are using. Let's have a third-
party opinion on it. It could save us a heck of a lot of money
than everybody going out and doing the same thing over and over
again. The insurance industry has it on its own. It is not only
the lawyers, but the insurance industry. There is a whole new
industry that is being created around auditing: Are you Y2K
compliant? They say they won't touch it. [Laughter.]
Get Y2K insurance. I think somebody--I think the Government
needs to give us some guidelines and some help in that area.
Mr. Eder. Thank you very much. We promised the Senator that
he would be out of here on time for his appointment. Senator.
Senator Smith. I have to give a speech to an energy
conference. I know what I am going to talk about. [Laughter.]
Let me just say how gratifying it is to be here. When I
requested that we do this, I didn't know whether anybody would
show up except the panel and we would talk to one another. And
it is clear that by your presence there is an understanding of
the severity of the problem and an interest to be helpful in
solving it. And so we have done something more today than just
talk to one another as a panel. I think we have hit a nerve
here.
I want you to know that I leave here encouraged that I am
not talking to myself. Sometimes I feel like I am doing that
because you will mention this to most audiences, and there is
no light that goes on. And if you can help be ambassadors of
the solution to this problem for our State and our country, I
thank you. On behalf of your Federal Government I thank you,
and know that we are working to make legal, regulatory
adjustments as necessary. We will be there with the ways and
means to make this possible. But at the end, our Government is
a reflection of you and me. It is either as good or as bad, as
efficient or inefficient as we are.
So just count yourself enlisted as soldiers in the army of
soldiers to fix this, and thank you for being here. [Applause.]
[Whereupon, at 11:30 a.m., the committee was adjourned.]