[House Hearing, 106 Congress]
[From the U.S. Government Publishing Office]





 
OVERSIGHT OF THE YEAR 2000 PROBLEM: THE Y2K STATUS OF THE DEPARTMENT OF 
                       HEALTH AND HUMAN SERVICES

=======================================================================

                                HEARING

                               before the

                 SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
                      INFORMATION, AND TECHNOLOGY

                                 of the

                              COMMITTEE ON
                           GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED SIXTH CONGRESS

                             FIRST SESSION

                               __________

                           FEBRUARY 26, 1999

                               __________

                           Serial No. 106-45

                               __________

       Printed for the use of the Committee on Government Reform


     Available via the World Wide Web: http://www.house.gov/reform

                                 ______

                      U.S. GOVERNMENT PRINTING OFFICE
60-933 CC                     WASHINGTON : 1999





                     COMMITTEE ON GOVERNMENT REFORM

                     DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York         HENRY A. WAXMAN, California
CONSTANCE A. MORELLA, Maryland       TOM LANTOS, California
CHRISTOPHER SHAYS, Connecticut       ROBERT E. WISE, Jr., West Virginia
ILEANA ROS-LEHTINEN, Florida         MAJOR R. OWENS, New York
JOHN M. McHUGH, New York             EDOLPHUS TOWNS, New York
STEPHEN HORN, California             PAUL E. KANJORSKI, Pennsylvania
JOHN L. MICA, Florida                GARY A. CONDIT, California
THOMAS M. DAVIS, Virginia            PATSY T. MINK, Hawaii
DAVID M. McINTOSH, Indiana           CAROLYN B. MALONEY, New York
MARK E. SOUDER, Indiana              ELEANOR HOLMES NORTON, Washington, 
JOE SCARBOROUGH, Florida                 DC
STEVEN C. LaTOURETTE, Ohio           CHAKA FATTAH, Pennsylvania
MARSHALL ``MARK'' SANFORD, South     ELIJAH E. CUMMINGS, Maryland
    Carolina                         DENNIS J. KUCINICH, Ohio
BOB BARR, Georgia                    ROD R. BLAGOJEVICH, Illinois
DAN MILLER, Florida                  DANNY K. DAVIS, Illinois
ASA HUTCHINSON, Arkansas             JOHN F. TIERNEY, Massachusetts
LEE TERRY, Nebraska                  JIM TURNER, Texas
JUDY BIGGERT, Illinois               THOMAS H. ALLEN, Maine
GREG WALDEN, Oregon                  HAROLD E. FORD, Jr., Tennessee
DOUG OSE, California                             ------
PAUL RYAN, Wisconsin                 BERNARD SANDERS, Vermont 
JOHN T. DOOLITTLE, California            (Independent)
HELEN CHENOWETH, Idaho


                      Kevin Binger, Staff Director
                 Daniel R. Moll, Deputy Staff Director
           David A. Kass, Deputy Counsel and Parliamentarian
                      Carla J. Martin, Chief Clerk
                 Phil Schiliro, Minority Staff Director
                                 ------                                

   Subcommittee on Government Management, Information, and Technology

                   STEPHEN HORN, California, Chairman
JUDY BIGGERT, Illinois               JIM TURNER, Texas
THOMAS M. DAVIS, Virginia            PAUL E. KANJORSKI, Pennsylvania
GREG WALDEN, Oregon                  MAJOR R. OWENS, New York
DOUG OSE, California                 PATSY T. MINK, Hawaii
PAUL RYAN, Wisconsin                 CAROLYN B. MALONEY, New York

                               Ex Officio

DAN BURTON, Indiana                  HENRY A. WAXMAN, California
          J. Russell George, Staff Director and Chief Counsel
                Bonnie Heald, Professional Staff Member
                          Mason Alinger, Clerk
                     Michelle Ash, Minority Counsel
                     Faith Weiss, Minority Counsel




                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on February 26, 1999................................     1
Statement of:
    DeParle, Nancy-Ann, Administrator, Health Care Financing 
      Administration; and John J. Callahan, Chief Information 
      Officer, Department of Health and Human Services...........    54
    Willemssen, Joel C., Director, Civil Agencies Information 
      Systems, General Accounting Office.........................     5
Letters, statements, etc., submitted for the record by:
    Callahan, John J., Chief Information Officer, Department of 
      Health and Human Services:
        Chronology of reengineered payment management system.....   100
        HHS's total Y2K costs....................................   102
        Information concerning cost of payment management system.   108
        Information concerning cost of secondary system..........   109
        Information concerning the original payment management 
          system.................................................   109
        Information concerning total revenue.....................   109
        Prepared statement of....................................    76
    DeParle, Nancy-Ann, Administrator, Health Care Financing 
      Administration:
        Letter dated January 12, 1999............................   103
        Prepared statement of....................................    57
    Willemssen, Joel C., Director, Civil Agencies Information 
      Systems, General Accounting Office:
        Information concerning HHS's payment management system...    48
        Prepared statement of....................................     7


OVERSIGHT OF THE YEAR 2000 PROBLEM: THE Y2K STATUS OF THE DEPARTMENT OF 
                       HEALTH AND HUMAN SERVICES

                              ----------                              


                       FRIDAY, FEBRUARY 26, 1999

                  House of Representatives,
Subcommittee on Government Management, Information, 
                                    and Technology,
                            Committee on Government Reform,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 9 a.m., in 
room 2154, Rayburn House Office Building, Hon. Stephen Horn 
(chairman of the subcommittee) presiding.
    Present: Representatives Horn, Morella, Biggert, and 
Turner.
    Also present: Representive Gordon.
    Staff present: J. Russell George, staff director and chief 
counsel; Matt Ryan, senior policy director; Bonnie Heald, 
director of information, and professional staff member; Mason 
Alinger, clerk; Paul Wicker, Kacey Baker, and Richard Lukas, 
interns; Michelle Ash and Faith Weiss, minority counsels; Ellen 
Rayner, minority chief clerk; and Jean Gosa and Earley Green, 
minority staff assistants.
    Mr. Horn. The Subcommittee on Government Management, 
Information, and Technology will come to order.
    There are only 308 days left to reassure American citizens 
that the computer systems, those that are critical to our 
lives, are year 2000 compliant. Unfortunately, even today, many 
private organizations and governmental entities are only now 
recognizing the potential severity of this problem. Some are 
just starting to fix their systems, leaving little, if any, 
time for one of the most important aspects of this effort--
adequate testing.
    The problem is real, the consequences serious, and the 
deadline is unmovable.
    The House Subcommittee on Government Management, 
Information, and Technology has focused on the potential 
problem since early 1996. On Monday, our subcommittee issued 
its seventh report card, which showed considerable improvement 
throughout the Federal Government. However, much work still 
remains. We will continue to steadfastly monitor the Federal 
Government's year 2000 readiness and sternly prod those 
departments and agencies that lag behind.
    Today we will hear about the status of year 2000 technology 
initiatives at the Department of Health and Human Services 
[HHS], and one of its key components, the Health Care Financing 
Administration, otherwise known as HCFA.
    Since November, and as shown in our most recent report 
card, HHS has reported substantial improvement in making its 
mission critical systems year 2000 compliant. Currently, HHS 
reports that about 83 percent of its mission critical systems 
are compliant, due in large part to HCFA's reported increase in 
mission critical system compliance. We look forward this 
morning to learning how HHS righted itself in grappling with 
its year 2000 issues.
    In addition, we will hear from the General Accounting 
Office, Congress' auditing arm on program and money, which has 
been doing outstanding work for this subcommittee over the last 
3 years on this issue.
    The Department of Health and Human Services provides vital 
services to the American public, ranging from health care and 
food safety to AIDS research. In addition, the Health Care 
Financing Administration approves more than $300 billion 
annually in medical bills for over 72 million of America's most 
vulnerable citizens, the elderly, the poor and the sick. But 
will these payments continue on January 1st? How year 2000 
ready is HCFA and how ready are the numerous health care 
contractors and providers involved in Medicare?
    Finally, how prepared are the States for providing Medicaid 
services to the nearly 35 million people who otherwise could 
not afford to seek medical help. No Federal entity is an island 
unto itself and no Federal entity can be complacent regardless 
of its Y2K status until its partner organizations, in this case 
the doctors, hospitals and the State and local governments, are 
also adequately prepared for the new millennium. HHS is also 
responsible for processing about $170 billion a year in Federal 
grants through its large payment management system. This 
centralized system processes most Federal assistance grants, 
including block grants, to over 20,000 recipient accounts. For 
example, this system processes 98 percent, or about $95 
billion, of the Federal Government's share of Medicaid grants. 
The big concern for us in Congress is that this critically 
important system is not yet year 2000 compliant.
    I look forward to delving into these and other highly 
important issues this morning. I welcome today's witnesses and 
look forward to their testimony.
    We have a total of three witnesses for this hearing and we 
are going to start with panel one, being Joel Willemssen, the 
Director of Civil Agencies, Information Systems, General 
Accounting Office. Panel two will then come up, John J. 
Callahan, the Chief Information Officer for the Department of 
Health and Human Services, and Nancy-Ann DeParle, Administrator 
of HCFA.
    I would now like to yield to Mr. Gordon, the ranking member 
on the Committee on Technology of the House Committee on 
Science. The gentleman from Tennessee.
    Mr. Gordon. Thank you, Mr. Chairman. I have a constituent 
at home by the name of Barbara Mandrell. She had a song a few 
years ago entitled, ``I Was Country Before Country Was Cool'' 
and let me just say that Steve Horn has been singing the 
problem of Y2K long before it was cool, and we owe you a debt 
of gratitude in raising this awareness in our country. I was 
with the EU last week and I was dismayed when we talked with 
many of their parliamentarians that for some reason they think 
that this problem is going to go away. I want to thank you for 
putting this country on notice, and I think your report cards 
help us all to better focus.
    Mr. Horn. I now yield for an opening statement to a new 
Member from Illinois, the vice chairman of the Subcommittee on 
Government Management, Information, and Technology, Mrs. 
Biggert.
    Mrs. Biggert. Thank you, Chairman Horn. You always start on 
time to the very minute, and we always appreciate that. This 
certainly is an important issue and I look forward to the 
testimony. I think that--how many days do we have now, about 
310?
    Mr. Horn. 308.
    Mrs. Biggert. So the year 2000 is not going to wait and I 
look forward to these hearings. And I think that the more 
hearings that we have, the more education that we have on this 
issue, the more that we raise the consciousness of the American 
people and the importance for all industry, government, local 
government and Federal Government and State government, to 
really assure us that we are going to be ready for the year 
2000.
    Thank you.
    Mr. Horn. Thank you. And we now have as our first witness 
and I think you all know the routine. All of the subcommittees 
of the Government Reform Committee swear in all witnesses, and 
we will start with you, Mr. Willemssen.
    [Witness sworn.]
    Mr. Horn. The clerk will note that the witness affirmed and 
we will begin with this overview and then ask panel two to join 
us and have their testimony, and then it will be essentially a 
dialog of the committee and the witnesses.
    Let me just withhold, the distinguished ranking member from 
Texas, Mr. Turner, is here. Do you have an opening statement? 
He is always a constructive member of this committee.
    Mr. Turner. Thank you, Mr. Chairman. I want to thank you, 
first of all, for holding this hearing, both you and Chairwoman 
Morella have been active in leadership in this area.
    We are here to discuss the efforts of the Department of 
Health and Human Services to resolve the year 2000 problem. In 
September 1998, the General Accounting Office reported that 
HCFA and its contractors were behind schedule in testing, 
repairing, and implementing the systems that support Medicare. 
At that time, the GAO concluded that it was highly unlikely 
that the Medicare systems would be compliant in time to ensure 
uninterrupted delivery of benefits and services.
    Even as recently as February of this year we have learned 
that only 54 of the 78 contractor systems were compliant and 5 
of these 24 noncompliant systems were more than 2 months behind 
schedule. We have additionally learned that while HCFA's 
contractors have made progress, seven are at risk of missing 
the federally imposed March 31st deadline.
    In addition, HCFA has been in the process of determining 
whether to update its current payment management system or to 
use a new system. The payment management system processes about 
$170 billion annually or about 75 percent of all Federal grant 
and aid programs, and HCFA has chosen to update and maintain 
this system through the year 2000. Given the time spent in 
making this determination, Y2K efforts to test this system did 
not begin until later than expected, and HCFA will be 
conducting tests next month.
    Further, the ability of HCFA's computers to communicate 
with non-Federal computers is a very serious concern. HCFA 
communicates with hospitals, physicians, State governments, and 
its own contractors on a daily basis, and if problems arise in 
these non-Federal systems, the communication efforts of HCFA 
will be adversely impacted.
    Another area of concern is the area of medical equipment. 
It bears mentioning that the Food and Drug Administration has a 
number of Y2K concerns relating to medical equipment, and as of 
January 12th, only 1,438 of the 1,932 targeted manufacturers 
had submitted Y2K data on their biomedical equipment to the 
Federal Y2K Biomedical Equipment Clearinghouse.
    What this means to the American people is that there are 
still a number of products about which there is not sufficient 
information to know its Y2K status. A further concern is the 
fact that the majority of manufacturers are not affirmatively 
notifying users that potential problems may exist in their 
equipment.
    One solution will be to require the manufacturers to notify 
the device users, including hospitals and nursing homes, of 
other potential Y2K problems. Still further, there is concern 
that many consumers may attempt to hoard prescription drugs at 
the turn of the century, and given the brief shelf life of some 
prescription medications, the FDA must create contingency plans 
for potential drug shortages.
    Before we move into January 2000, it will certainly be 
necessary to find a solution to the problem of shortages of 
prescription drugs. One of HHS's largest problems is the 
readiness of State governments which administer the various HHS 
programs. As you know, States administer Federal benefits 
pursuant to Medicare, child care, food stamps, and other 
government programs. The recipients of these benefits are often 
the elderly or the disabled who will have limited financial 
resources or single mothers struggling to make ends meet.
    That is why I know that HHS will take the issues of State 
readiness very seriously, and I am encouraged to hear that HCFA 
is taking steps to identify and work with those States that 
have been identified as being the furthest behind. State 
readiness for Y2K is a critical concern and one that HCFA 
should be following closely.
    Also appearing most susceptible to disruptions are the 
inner city municipal hospitals and the rural health care 
providers. Given their geographic locations, rural providers 
often do not have the resources of larger institutions, and I 
am particularly interested in hearing what HCFA is doing to 
ensure that the Y2K concerns of our rural health care providers 
are being adequately addressed.
    I come from a rural district, and I know that rural 
hospitals and rural health care providers need to be confident 
that HCFA will reimburse them for their services in a timely 
manner. HCFA has assured us if a claim gets into the processing 
system, it will get paid. However, Medicare claims are 
submitted to HCFA contractors either through independent 
billing agents or directly by providers. A claim is only 
considered in HCFA's system once it is received by the 
contractor, and I would like to hear more today about how we 
can ensure that these billing agents and these independent 
providers, such as rural hospitals, will be compliant so that 
the providers can be certain that they will be paid.
    I realize there is much in the system that is out of the 
direct control of HCFA, but I think it is HCFA's responsibility 
to be sure that those independent contractors are adequately 
preparing for Y2K.
    Mr. Chairman, thank you again for having this hearing. This 
is probably one of the most critical hearings that we have had 
and with an agency that you and I both know has probably had 
more problems than most of the agencies that we have had before 
this committee.
    Mr. Horn. I thank the gentleman from Texas and since I grew 
up in rural America on a farm, I share your views. Thank you.
    Now, Mr. Willemssen. I think all of the members of the 
committee know this gentleman. He has done a splendid job in 
his role with his team over at the General Accounting Office as 
Director of Civil Agencies Information Systems, and when we 
have held hearings throughout the country, Mr. Willemssen has 
been there with the opening statement and we welcome you today.

   STATEMENT OF JOEL C. WILLEMSSEN, DIRECTOR, CIVIL AGENCIES 
         INFORMATION SYSTEMS, GENERAL ACCOUNTING OFFICE

    Mr. Willemssen. Thank you, Mr. Chairman. I will briefly 
summarize the readiness of HHS to address the Y2K issue, and in 
particular focus on HCFA and Medicare, and then on the Payment 
Management System.
    First regarding HCFA and Medicare Y2K, we originally 
reported our concerns with this nearly 2 years ago and at that 
time the level of HCFA management attention on Y2K was minimal. 
Instead much of the agency's system focus was on a failed 
effort known as the Medicare Transaction System which was 
intended to replace existing part A and part B core computing 
systems.
    As we have previously testified, this effort was terminated 
after about $80 million was spent and not one line of software 
had been delivered. It is important to keep that history in 
mind as we now look at the large challenge that HCFA faces in 
addressing Y2K.
    We reported last fall that with its very late start on Y2K, 
HCFA faced the prospect of having too much to do in too little 
time. Many of the basic Y2K management practices that we would 
have expected to have seen were not there. Our conclusions and 
recommendations to the Administrator reflected our concern 
about the high level of risk facing HCFA. HCFA has been 
responsive to our recommendations and the Administrator is to 
be commended for making Y2K the agency's top priority and 
directing a number of actions to more effectively direct the 
project. Among these many actions has been an important 
commitment to business continuity and contingency planning to 
ensure that in the event of system failures, beneficiaries will 
still receive care and providers will be paid. Despite its 
progress, we still have serious concerns with where HCFA is 
with Medicare and Y2K.
    First, HCFA's reported external systems progress on Y2K is 
highly overstated. HCFA and HHS recently reported that 54 
contractor systems were compliant as of December 31st. In fact 
none of these 54 should have been considered compliant. All had 
important exceptions, some of them very significant.
    According to HCFA officials they reported these systems as 
compliant because the qualifications were minor problems that 
should not take much time to address. This is at variance with 
the report of HCFA's independent verification and validation 
contractor on about February 16th. At that time the contractor 
found the qualifications to be critical, most requiring a major 
to moderate level of effort to resolve.
    Among the other issues that HCFA needs to address: One, 
HCFA still lacks an integrated schedule that lays out a 
critical path for the most important tasks that have to be 
done.
    Two, HCFA has thousands of data exchanges that remain to be 
remediated and tested.
    Three, HCFA faces a tremendous amount of testing for the 
remainder of this year, testing both at a system level, for 
changes to resolve the existing qualifications, as well as 
other legislatively mandated changes that will go into effect. 
All of that testing will ultimately determine whether HCFA's 
systems are indeed compliant. Given the magnitude of the 
challenge that HCFA faces, it is absolutely critical that the 
Administrator sustain her commitment to complete and test 
business continuity and contingency plans so that if system 
failures occur, HCFA will be positioned with backup plans.
    Next, let me turn briefly to HHS's Payment Management 
System and the Program Support Center. As noted, a key activity 
for this center is providing grant payments totaling over $165 
billion annually to about 20,000 recipient organizations. The 
payment management system is instrumental to making sure those 
payments are made. However, the system is not yet Y2K compliant 
and it is unclear at this point when it will be. In 1995 there 
was an effort begun to replace the existing system with a new 
state-of-the-art system that was expected to be Y2K compliant 
and operational by October 1997. However, since its inception, 
that planned system replacement has encountered problems and as 
a result is still not operational. We understand that the 
Program Support Center has contracted with a company to conduct 
an analysis of whether to rely on the replacement system as the 
year 2000 solution or rely on their existing system and 
remediate and test that. Regardless of the outcome of that 
analysis, and I believe that HHS may be providing the results 
today, there will be a tremendous amount of work remaining to 
make sure, whether the existing system or replacement system is 
the solution, that is indeed Y2K compliant. That concludes a 
summary of my statement. I would be pleased to address any 
questions that you have.
    [The prepared statement of Mr. Willemssen follows:]

    [GRAPHIC] [TIFF OMITTED]60993.001
    
    [GRAPHIC] [TIFF OMITTED]60993.002
    
    [GRAPHIC] [TIFF OMITTED]60993.003
    
    [GRAPHIC] [TIFF OMITTED]60993.004
    
    [GRAPHIC] [TIFF OMITTED]60993.005
    
    [GRAPHIC] [TIFF OMITTED]60993.006
    
    [GRAPHIC] [TIFF OMITTED]60993.007
    
    [GRAPHIC] [TIFF OMITTED]60993.008
    
    [GRAPHIC] [TIFF OMITTED]60993.009
    
    [GRAPHIC] [TIFF OMITTED]60993.010
    
    [GRAPHIC] [TIFF OMITTED]60993.011
    
    [GRAPHIC] [TIFF OMITTED]60993.012
    
    [GRAPHIC] [TIFF OMITTED]60993.013
    
    [GRAPHIC] [TIFF OMITTED]60993.014
    
    [GRAPHIC] [TIFF OMITTED]60993.015
    
    [GRAPHIC] [TIFF OMITTED]60993.016
    
    [GRAPHIC] [TIFF OMITTED]60993.017
    
    [GRAPHIC] [TIFF OMITTED]60993.018
    
    [GRAPHIC] [TIFF OMITTED]60993.019
    
    [GRAPHIC] [TIFF OMITTED]60993.020
    
    [GRAPHIC] [TIFF OMITTED]60993.021
    
    [GRAPHIC] [TIFF OMITTED]60993.022
    
    [GRAPHIC] [TIFF OMITTED]60993.023
    
    [GRAPHIC] [TIFF OMITTED]60993.024
    
    [GRAPHIC] [TIFF OMITTED]60993.025
    
    [GRAPHIC] [TIFF OMITTED]60993.026
    
    [GRAPHIC] [TIFF OMITTED]60993.027
    
    [GRAPHIC] [TIFF OMITTED]60993.028
    
    [GRAPHIC] [TIFF OMITTED]60993.029
    
    [GRAPHIC] [TIFF OMITTED]60993.030
    
    [GRAPHIC] [TIFF OMITTED]60993.031
    
    [GRAPHIC] [TIFF OMITTED]60993.032
    
    [GRAPHIC] [TIFF OMITTED]60993.033
    
    [GRAPHIC] [TIFF OMITTED]60993.034
    
    [GRAPHIC] [TIFF OMITTED]60993.035
    
    [GRAPHIC] [TIFF OMITTED]60993.036
    
    [GRAPHIC] [TIFF OMITTED]60993.037
    
    [GRAPHIC] [TIFF OMITTED]60993.038
    
    Mr. Horn. I thank the gentleman. I note that the chairman 
of the Subcommittee on Technology of the House Committee on 
Science has joined us and before we begin the questioning, if 
the gentlewoman from Maryland would like to make an opening 
statement.
    Mrs. Morella. Thank you, Mr. Chairman. You invited me to 
participate in this hearing and I appreciate it very much. It 
is part of our ongoing series of meetings that we have had, and 
briefings, to make sure that all agencies recognize the urgency 
and the time limits on correcting the year 2000 computer 
problem, computer glitch, mother of all computer glitches. 
Certainly my hope is that given what we understand from the 
General Accounting Office about the serious difficulties that 
HCFA is experiencing with Y2K that we can spur the agency to 
undertake the dramatic actions that are needed to ensure that 
the population who receive over $170 billion annually of 
Medicare and Medicaid assistance, that their elderly, disabled 
and indigent benefits continue uninterrupted.
    Last September GAO reported that ``HCFA and its contractors 
were severely behind schedule in the repairing, testing, in the 
implementing of its mission critical systems that support 
Medicare.'' And the General Accounting Office also noted that 
``due to the complexity and magnitude of the problem and HCFA's 
late start, its progress in repairing mission critical Medicare 
systems is far behind schedule.''
    I know that HCFA disputes some of the General Accounting 
Office's conclusions. I know that both HHS and HCFA have 
demonstrated a great deal of progress in this last quarter, so 
I look forward to continuing the dialog and hearing our other 
witnesses and questioning Mr. Willemssen.
    Thank you very much, Mr. Chairman.
    Mr. Horn. I thank the gentlewoman. We will begin with the 
questioning for 5 minutes alternating between the majority and 
minority side. There are not too many questions to ask the 
General Accounting Office. We will then move to panel two and 
have Mr. Willemssen rejoin the panel at the end and have some 
more questioning.
    Let me yield the chairman's time to the vice chairman of 
the committee, Mrs. Biggert, the gentlewoman from Illinois.
    Mrs. Biggert. Thank you, Mr. Chairman.
    Mr. Willemssen, in the Department's quarterly report to the 
Office of Management and Budget, the Health Care Financing 
Administration [HCFA], reported that 54 of its 78 external 
mission critical systems were year 2000 compliant. However, in 
your testimony you said that none of these 54 external mission 
critical systems are completely compliant because they have 
important qualifications or exceptions associated with them. Do 
you think that these qualifications are important and if so, 
why?
    Mr. Willemssen. Yes, we do think the qualifications are 
important. The essence of making systems Y2K compliant is in 
part making sure that they are forward date tested so that 
dates such as January 1, 2000, February 29, 2000 will indeed 
work as intended and therefore within that testing it is 
important that those kinds of issues have been fully resolved. 
At this point they have not. Also, as of December 31st, the 
evidence we saw was that all of these 54 had important 
qualifications requiring some amount of effort in order to 
resolve. If indeed they involved minor effort, I would have 
expected that they would have been fully resolved and tested 
over the last 2 months. In fact they have not. They continue to 
be outstanding. So although some resolution has taken place, 
they still all need to be tested. HCFA is making excellent 
progress but not as much progress as is reflected in those 
statistics.
    Mrs. Biggert. In your opinion then would you say that HCFA 
is trying to gain the system, trying to improve its grade by 
overstating the Y2K compliance?
    Mr. Willemssen. I would say that HCFA is under tremendous 
pressure to do the best job possible on Y2K. The Administrator 
has made it the top priority. There are a lot of people at HCFA 
working very hard, as are many contractors. I guess it is 
subject to interpretation what they saw with the February 16th 
independent verifi-cation and validation contractor's report 
that they could possibly consider the system substantially 
compliant, and therefore close enough, let's call that 
compliant.
    We differ with that view. We thought those exceptions were 
significant enough that those systems should not be considered 
compliant at that point in time.
    Mrs. Biggert. Thank you. Then turning to the Health and 
Human Services Payment Management System which processes about 
$170 billion a year in Federal grant payments, of concern is 
that HHS has been trying to develop a new Payment Management 
System since 1995, as you mentioned, but with little success, 
but it is also still renovating the current system to try to 
make it Y2K compliant. Is the current system year 2000 
compliant now?
    Mr. Willemssen. No. We have not seen the test results for 
the existing system demonstrating that it is indeed compliant, 
and I believe HHS will be talking about that a little bit today 
about whether they are going to rely on the existing system or 
the replacement system. But the evidence that we have seen is 
that no, that it is not compliant at this point in time.
    Mrs. Biggert. How about by March 31, 1999 which is the 
President's deadline?
    Mr. Willemssen. In discussions over the last few days with 
some of the key officials within HHS, at least one official 
maintained that he thought it would be compliant by March 31st. 
I believe HHS may be amending that in testimony today to 
possibly being a few months later.
    Mrs. Biggert. Since--how about the new system, will it be 
ready by March 31st then? If it is, what are they going to do 
with the old system?
    Mr. Willemssen. This is an issue that several agencies have 
encountered. The difference with HHS is that this is a bit late 
to be encountering this, and in some cases agencies decide on a 
dual track approach. That is, let's continue with the 
replacement system but with the risk involved with that 
replacement system of being delivered so late, we need to go 
into the existing system just in case and remediate and test 
that one so in the event the replacement does not get in in 
time, we have this one to fall back on. We would not disagree 
with that kind of approach overall.
    Mrs. Biggert. OK. How much then is the Department spending 
to develop the new system and to fix the existing system to 
make it Y2K compliant?
    Mr. Willemssen. We do not have up-to-date information on 
the cost that we have gathered over the last couple of days, 
but we can supply the information for the record.
    Mr. Horn. We will insert that at this point in the record.
    [The information referred to follows:]
    [GRAPHIC] [TIFF OMITTED]60993.039
    
    Mrs. Biggert. Thank you.
    Mr. Horn. I defer the questioning to Mr. Turner, the 
ranking member of this subcommittee.
    Mr. Turner. Thank you, Mr. Chairman.
    I would like to inquire a little bit into--HCFA has a 
unique problem in that it deals with a lot of folks that it 
doesn't have direct control over, such as its contractors and 
the States. What is the hammer in terms of legal control that 
HCFA has over its independent contractors to be sure that they 
get their systems in compliance, or are we just hoping that 
they will?
    Mr. Willemssen. I think it is an excellent point that you 
raise. It is one of the unique challenges that HCFA faces that 
many other organizations don't, in that they have to apply 
tremendous pressure on the contractors to get these systems 
compliant.
    One of the excellent steps that they have taken is hiring 
the independent verification and validation contractor to go in 
and help them make sure that the systems are compliant, and I 
think that contractor has shown some definite value over the 
last few months.
    But I think the legal issues, I won't pretend to know them 
inside and out, but there are apparently some legal impediments 
that the Administrator may be more attuned to speak toward. I 
know the administration has put forward some contractor reform 
legislation that it believes will in part assist them in that 
area.
    Mr. Turner. So we really don't know if a contractor who is 
supposed to be sending out these payments to all of these 
providers, if they are not ready on January 1st and their 
systems go down, we don't really know if the Federal Government 
and HCFA can hold them legally responsible for those 
noncompliant acts or whether we can hold them liable for 
damages? Do we even know what we can do if a contractor does 
not get in a situation where they are compliant?
    Mr. Willemssen. With that legal question I would prefer to 
defer to the Administrator since I do not know the legal 
intricacies that well in terms of what the Federal Government 
can and cannot do.
    Mr. Turner. Another similar issue is the one that you 
described regarding the new system that was going to handle the 
payment management system, the computer that apparently was 
acquired and put in place or attempted to be put in place I 
believe you said in 1997. Now they have decided well, that is 
not Y2K compliant so we are going to stay with the old system 
through 2000. Who provided that system, and do we know if there 
were representations made at the time to HCFA that was going to 
be Y2K compliant?
    Mr. Willemssen. The documentation that we got from HHS 
indicated that Y2K would not be an issue once the new system 
went in. Among the problems--I don't have the contractor names 
at my disposal--but among the issues that came up is HHS 
decided to go with another contractor after the initial 
contractor because of some of the problems that they were 
experiencing and the initial contractor not being able to meet 
the schedule. So for implementation of the system, HHS went 
with a second contractor to do that.
    Mr. Turner. To put in the new system?
    Mr. Willemssen. Yes, to implement that new system.
    Mr. Turner. Do we know if that contractor represented that 
that system they were providing to HCFA was going to be Y2K 
compliant?
    Mr. Willemssen. We can look--once we get the documents from 
HHS, we can look at the contractual language to see if indeed 
the standard Y2K compliance language was in there. The timing 
of that would be--it may or may not have been. We will look at 
that for you, though. There was some standard governmentwide 
Y2K compliance language that was pulled together over a year 
ago now, so it would be interesting in terms of that particular 
contract to see if that language has been put in or potentially 
an amendment put into the contract subsequent to its initial 
award.
    Mr. Turner. I would certainly hope as late a date as 1997, 
1998, when all of this occurred, that that language would have 
been in there.
    Mr. Willemssen. 1997, from a governmentwide perspective 
generally speaking that language may not have existed. It was 
still being debated during most of that year.
    Mr. Turner. We are having a lot of hearings on Y2K 
liability, and I think sometimes as we discuss that subject we 
fail to remember that the Federal Government itself may be a 
potential plaintiff making claims against contractors who have 
failed in a legal duty to provide systems that are Y2K 
compliant.
    If you looked at HCFA's serious problems from the 
perspective of those contractors, when we say that there are 
serious noncompliance problems, give us an example of something 
you found that you are calling a serious noncompliant problem?
    Mr. Willemssen. One thing in looking at the seriousness of 
the issue is the tremendous complexity of the entire claims 
processing process and it involves so many players with so many 
individual systems and so many data exchanges that you have to 
look at it as a building block type of approach. Each of those 
individual components we first have to get compliant. And once 
we have ascended that mountain, then we have to look at it from 
an end to end process involving multiple systems and data flows 
and making sure that that process end to end is compliant, and 
that is one of the primary reasons for our concern about the 
high risk at HCFA. It is not that they are not doing what they 
can, it is that there is a relatively limited amount of time 
left to get it all done.
    Mr. Turner. Thank you, Mr. Chairman.
    Mr. Horn. Thank you. I now yield 5 minutes to the 
gentlewoman from Maryland for questioning.
    Mrs. Morella. Thank you, Mr. Chairman.
    We rely very heavily on the General Accounting Office and 
we thank you very much for doing the kind of reporting and the 
investigative work that helps us move forward. I can't think of 
anything more important than Medicare and Medicaid and then the 
whole medical field when it comes to compliance of Y2K.
    I am kind of--I had a concern very much about those many 
contractors who are out there and how you pull it together. But 
I am also concerned as I look at the testimony or the statement 
that came, the GAO report, that deals with Medicaid 
specifically, the fact that HCFA distributed a survey to all of 
the States to ascertain their background on Y2K compliance, and 
they then decided they would rely on because they didn't feel 
that this was accurate enough or complete enough, rely on 
onsite contractor visits to ascertain accurate Medicaid systems 
status. They then go on to say that some States appeared to 
make progress in the 6 months since the survey that had been 
made, but many of the others--four States made progress, three 
States remained the same. This says something about the 
monitoring and a whole question about what more needs to be 
done, how do we get a handle on this because again of the end 
to end and the many connections that have to be made for total 
compliance and reliability. I ask you--would you like to 
comment on it?
    Mr. Willemssen. Yes. Medicaid systems overall are of great 
concern. When we issued our report last year on State human 
services systems, the compliance rate that we saw for Medicaid 
systems nationwide was only about 16 percent of all of those 
Medicaid systems self reported to us by States. So that 
definitely was of concern.
    HCFA has taken some excellent steps since then. Part of 
that being hiring a contractor to go out and do on-site visits 
to see if the States are making the progress that they need to. 
HCFA's intent is to go to all States and then for those States 
deemed at risk, to have followup visits.
    We think those are excellent steps that need to be taken, 
but overall Medicaid has a long ways to go. These are not 
simple systems that are going to need to be made compliant. 
HCFA is taking some aggressive steps to try to assist, and 
again they are to be commended for doing that.
    Mrs. Morella. So basically what HCFA has done is hired 
contractors to go----
    Mr. Willemssen. To see how the States are doing.
    Mrs. Morella. Do you feel that HCFA is going to be able to 
meet that March 31st deadline for compliance before the end-to-
end testing begins, in all candor?
    Mr. Willemssen. I doubt that they will be able to make the 
March 31st deadline from the perspective that we would see all 
those systems renovated and tested and certified compliant. I 
don't think that they will be able to make the March 31st 
deadline.
    Mrs. Morella. What do you think the consequences will be 
and what do you think we should do about it?
    Mr. Willemssen. The consequences of that are that the 
additional--as you mentioned the end to end testing, the period 
for that will get squeezed tighter; and, therefore, the 
thoroughness and depth of that testing will not be as much. 
HCFA has made an excellent commitment toward the need to put 
together contingency plans so that they have backup.
    Mrs. Morella. I would assume that contingency plans are 
already there and have been worked on. Am I assuming too much? 
Do they not have contingency plans?
    Mr. Willemssen. They are aggressively working on those 
plans currently.
    Mrs. Morella. Which means that they do not have them yet?
    Mr. Willemssen. Their timetable I believe is to have them 
done and tested I believe by approximately the end of June, so 
that will give them some time. From a governmentwide 
perspective, that is not out of the realm of what the deadline 
should be for doing that. That is pretty good.
    Mrs. Morella. Do you see something more that Congress can 
do to encourage, forge, require? What else can we do? These are 
systems that so many people statistically, as we have 
mentioned, are affected by?
    Mr. Willemssen. One, it is important to continue to have 
this kind of oversight on a critical program such as this to 
keep up to date on what kind of progress and impediments there 
are for Medicare.
    Second, I think you should also ask the question of HCFA, 
what do you need from us? What is getting in your way? Whether 
it is some of the legal issues that we discussed earlier, that 
contractor reform is necessary because we can't get the 
contractors to do what we tell them if indeed that is the case. 
I think that is a very useful question to ask of HCFA also.
    Mrs. Morella. Thank you, Mr. Willemssen. My time is up.
    Mr. Horn. Thank you very much. I now yield to the ranking 
member of the House Science Subcommittee on Technology, Mr. 
Gordon of Tennessee.
    Mr. Gordon. Thank you, Mr. Chairman.
    Welcome, Mr. Willemssen. I want to thank you and the 
General Accounting Office for the important role that you have 
played in the oversight and watchdog of all of these agencies. 
As I think you just mentioned, the more oversight, the more we 
can talk about this and bring it out, the better off we are.
    Let me ask you, do you feel that Congress has provided 
adequate funds or enough funds for HCFA to maximize their 
effort to correct this problem?
    Mr. Willemssen. I am not aware at HCFA or actually any 
other agency where they have made requests for funds for Y2K 
and those requests have been denied.
    So again an extremely useful question to ask of HCFA, do 
you need more resources, more funds because at many of the 
hearings that I have testified at, that is a common question 
asked of many agencies. If you need more resources, please tell 
us and we will do what we can.
    As you know, last year the Congress passed a $3.35 billion 
emergency fund so that agencies such as HCFA and others could 
tap into that fund if indeed they needed those additional 
resources.
    Mr. Gordon. Thank you. I will ask that question later.
    Let me ask you also, Chairman Horn's report card I think 
has been helpful in trying to raise awareness of the problem. 
If you had your own report card and you were grading the focus 
and the attention that HCFA is placing on this problem, what 
grade would you give?
    Mr. Willemssen. If we were grading in terms of the current 
focus of what HCFA is placing on this problem, given that the 
Administrator has named it her No. 1 priority and given that 
many of her staff are working on it, it is hard to give less 
than a top grade given where the priority stands within HCFA 
and given the kind of progress they have made since our 
September report.
    Mr. Gordon. Thank you, Mr. Chairman.
    Mr. Horn. We are now going to bring forward the second 
panel. We are going to swear them in and then Mr. Gordon will 
have the honor of introducing the members.
    [Witnesses sworn.]
    Mr. Horn. The clerk will note that both witnesses have 
affirmed the oath, and I yield to Mr. Gordon to introduce the 
panel.
    Mr. Gordon. Thank you, Mr. Chairman. We have all sat 
through a number of hearings with well-informed witnesses, but 
you don't really know them, I don't think that their testimony 
is as real sometimes, so I want you to get to know these two 
folks a little bit better.
    First, John Callahan. Dr. John Callahan and I first met 
almost 20 years ago when he served as a very Yankee chief of 
staff to a very southern Senator and even with that impediment 
he did a very good job partly because there are a lot of 
lawyers around here, but not too many doctors or PhDs.
    Mr. Horn. Will the gentleman yield. When I hear that I am 
reminded of the great line of William White, who covered the 
Senate for the New York Times, who said, ``The Senate is the 
South's revenge on the North for having lost the Civil War.''
    Mr. Gordon. Well, John did a good job there. And then he 
went over to Assistant Secretary in HHS. When there became an 
opening at Social Security, they needed somebody to fill in, 
and John went over and did a very competent job of being the 
acting Director of Social Security; and now he has become at 
HHS an Assistant Secretary and John, I am glad you are here.
    And Nancy-Ann DeParle is a good friend from home, an old 
friend from home. And let me tell you about Nancy-Ann. She grew 
up with her mother in Rockwood, TN, and Rockwood is just about 
as tough as the name sounds. Nancy-Ann was fortunate enough to 
get a scholarship to go to the University of Tennessee and I 
think UT feels it was a good investment because Nancy-Ann 
became the first woman student body president of their 20,000-
plus campus in its almost 200-year history, and became a Rhodes 
Scholar and went on to Yale, graduated with honors from law 
school and turned down offers all around the country to come 
home, and I am glad she did.
    After she got home and she was trying to pay off some 
bills, our Governor asked her to be his commissioner for human 
services, and Nancy-Ann really didn't have any background in 
the health care area, but she knew how to get things done. So 
she became the youngest and the shortest member of Governor 
Border's cabinet, instituted a number of new information 
systems that tremendously reduced the error rate in food stamps 
and the welfare program, went back to the private sector and 
then Leon Panetta gave her a call and said we hope you will 
come to OMB to head up our health care area. She did, did a 
very good job and then was appointed the Director of HCFA.
    And it was interesting at the time she got that appointment 
Chairman Morella and I had our first hearing on the Y2K 
problem, and so I wrote Nancy and said we just had this 
hearing, and I think there is a potential for a real problem 
and you ought to check HCFA and see what is being done.
    She called me later, somewhat frustrated that virtually 
nothing had been done. I don't think there is a conversation 
that we have had since then that we haven't discussed her 
focus. And with all of them, the new responsibilities that 
Congress has placed on HCFA, Nancy-Ann has made this her first 
priority. I know that daily she works at it and worries about 
it and tries to get a handle on it.
    I am glad that she is here to give us her experiences, and 
I have to say that really Nancy-Ann to me epitomizes all that 
is best about the American dream in this country.
    Mr. Horn. We thank you for that delightful introduction and 
we thank the witnesses for being with us. However you would 
like to proceed, please do.

  STATEMENTS OF NANCY-ANN DEPARLE, ADMINISTRATOR, HEALTH CARE 
     FINANCING ADMINISTRATION; AND JOHN J. CALLAHAN, CHIEF 
  INFORMATION OFFICER, DEPARTMENT OF HEALTH AND HUMAN SERVICES

    Ms. DeParle. Thank you, Chairman Horn, Congressman Turner, 
and distinguished committee members. We appreciate the 
opportunity to be here today to talk about the progress of the 
Health Care Financing Administration in meeting the year 2000 
challenge. I have with me Dr. Gary Christoph who I brought in 
from Los Alamos National Laboratory a year ago to lead our 
information technology efforts.
    We have a great deal to do, Mr. Chairman, but we are making 
good progress and we will be ready well before January 1, 2000. 
Our main job is financing the health care for Medicare 
beneficiaries. We can assure that our claims processing and 
payment systems work and that doctors and hospital bills will 
get paid, but continuity of care depends on much more. Doctors, 
hospitals and other providers must ensure that they are also 
ready. We are therefore engaging in an unprecedented outreach 
effort to help our partners reach their responsibilities.
    Just 2 months ago I personally wrote each and every one of 
the 1.3 million health care providers in the country who work 
in the Medicare program to make sure that they were aware of 
this problem and to give them information about what they 
needed to do to be fixing it, and we will also be doing special 
outreach to critical access providers and Medicare sole 
providers to make sure that they are ready.
    We have aggressively attacked our part of the problem, and 
I have to say to Congressman Gordon, it seems like it has been 
about 10 years since we had that conversation, but you are 
exactly right. It is my No. 1 priority. We have to continue to 
retest systems and refine contingency plans, but I do think 
that we have come a long way since I became Administrator.
    To get to this point, we had to make some difficult 
decisions, including delaying implementation of some of the 
Balanced Budget Act provisions and I want to thank the 
committee for your leadership and support in helping us make 
those decisions. We did reach a significant milestone in 
December when we reported that all 25 internal mission critical 
systems are now compliant, and those include the systems, 
Congresswoman Biggert, that pay Medicaid claims and managed 
care claims. They are the systems under our direct control. 
And, Mr. Chairman, you and I had a conversation about the 
complexity of this, and you remembered from your experience on 
the Senate side how Medicare was set up with all of the 
different contractors around the country, and that has been a 
big part of our problem, as has been noted this morning.
    One of the first things that I did when I got to HCFA was 
sit down with Joel Willemssen and Gene Dodaro from GAO to ask 
them what I needed to do, and they made a couple of 
recommendations. One was to amend the contracts that we have 
with our contractors to require them to be compliant by the end 
of December of last year. That turned out to be more difficult 
than it sounds. The contractors initially said no, they were 
not going to sign it. They testified to the Ways and Means 
Committee that they didn't think that I had the authority to 
require that, and, in fact, under the contracts that Medicare 
has that are different than any other government contracts, 
there have been questions about the authority that the 
Secretary and I have to hold them compliant for things like 
this. But we did in fact succeed in getting a contract 
amendment. And by the end of December 31, 1998 we had certified 
that 78 of the external mission critical systems had been 
renovated, in other words the 50 million lines of code had been 
repaired, and 54 had been self-certified as compliant. That 
meant that they had completed three levels of testing by 
December 31, 1998.
    Let me stress that self-certification does not mean that 
our work is finished. It does mean that the software has been 
renovated and tested and that those systems were able to 
process and pay claims with future dates.
    We have greatly appreciated, and I have personally 
benefited greatly from, the diligence of GAO in advising us on 
this project. But as you heard this morning, there is a 
difference of opinion between us and our colleagues at GAO on 
the exact nature and extent of the qualifications that we 
received with the self-certifications from the contractors.
    And I want to note that there has been some discussion of 
our December submission and I brought with me just the pages 
that relate to this, from a letter to you in early February 
that contained 4 or 5 pages of what the qualifications were on 
the 24 contractors that we did not accept. The GAO believes 
that all of the qualifications should have been removed before 
certifications were accepted. We believe that the 
qualifications that we allowed were minor and don't go to the 
heart of the claims processing, and as I said, we outlined each 
and every contractor that we thought had a problem that was 
significant enough that we were not going to accept their 
certification.
    I directed our staff to be very conservative. With all 
respect to you, Mr. Chairman, I care about your grade, but I 
care much more about making sure that the systems are renovated 
and tested properly and there is no disruption in services. I 
was not looking to increase my grade. I was looking to be as 
conservative as we could be. We went on-site at all of these 
places. We didn't just look at the paper qualifications. And we 
believe that these contractors have made the kind of progress 
that we needed to note to you at that time.
    We are continuing to closely monitor this situation and we 
have established a war room in our Baltimore headquarters. We 
have special teams of people who have been asked to leave their 
homes and work at these contractors so that I know, frankly, on 
day-to-day basis what is actually happening on the ground. And 
we are developing comprehensive business continuity and 
contingency plans in case any unforeseen problems arise. We are 
through our third draft of our proposed plan, and we plan to 
have that done in June.
    The GAO and our IV&V contractor have identified essential 
work that remains for all of our systems to be millennium-
ready, and we agree with the GAO that one of the most critical 
tasks is testing our many data exchanges to make sure that all 
of our interdependent systems function together properly.
    We also have to continue end to end testing from the point 
of claim submission to the point of sending a payment 
instruction to a bank and printing a notice to a beneficiary. 
And we have to continue working with providers, and this is the 
area where Congress can help us the most.
    After I wrote a letter to each and every one of the 
providers, I also sent every Member of Congress a copy of that 
letter and asked for you to help us. We have speakers available 
to go out to your districts and meet with providers. We will do 
whatever will help. We are also meeting with providers here and 
with the trade associations, and we want to get out across the 
country.
    The good news is that we have given providers a deadline by 
when they have to submit compliant claims, and many of them are 
already doing so. About 98 percent of the submitters who submit 
on the part B side are submitting compliant claims right now. 
And on the part A side, from December to January, it increased 
by about 30 percent. We are at 58 percent there.
    So that is the good news, but we also are going beyond 
current industry practice on testing and everything else. We 
are now instructing our contractors across the country to begin 
testing with those providers around the country who want to 
submit future date claims to test that.
    We hope that will build provider confidence. If they want 
to test claims, they can do so. For especially critical 
systems, we are going another level beyond the GAO's guidance 
by having the independent contractor perform independent tests 
in isolated future date environments.
    We also have to finish, test and refine our contingency 
plans and we are doing that in accordance with the GAO's 
advice.
    In short, Mr. Chairman, we have much more to do and we 
fully expect that there may be bumps in the road, but I want to 
assure you that we are committed to doing everything we have to 
do. This is our No. 1 priority. All of this would have been a 
lot harder without your leadership, Mr. Chairman, and without 
Congress' support, and I want to thank you for that as well as 
for the hard work that our colleagues at GAO continue to do on 
our behalf, and I am happy to answer your questions.
    [The prepared statement of Ms. DeParle follows:]

    [GRAPHIC] [TIFF OMITTED]60993.040
    
    [GRAPHIC] [TIFF OMITTED]60993.041
    
    [GRAPHIC] [TIFF OMITTED]60993.042
    
    [GRAPHIC] [TIFF OMITTED]60993.043
    
    [GRAPHIC] [TIFF OMITTED]60993.044
    
    [GRAPHIC] [TIFF OMITTED]60993.045
    
    [GRAPHIC] [TIFF OMITTED]60993.046
    
    [GRAPHIC] [TIFF OMITTED]60993.047
    
    [GRAPHIC] [TIFF OMITTED]60993.048
    
    [GRAPHIC] [TIFF OMITTED]60993.049
    
    [GRAPHIC] [TIFF OMITTED]60993.050
    
    [GRAPHIC] [TIFF OMITTED]60993.051
    
    [GRAPHIC] [TIFF OMITTED]60993.052
    
    [GRAPHIC] [TIFF OMITTED]60993.053
    
    [GRAPHIC] [TIFF OMITTED]60993.054
    
    [GRAPHIC] [TIFF OMITTED]60993.055
    
    [GRAPHIC] [TIFF OMITTED]60993.056
    
    Mr. Horn. I will turn to Mr. Callahan.
    Mr. Callahan. Thank you, Chairman Horn, Congressman Turner, 
and other distinguished members of the subcommittee.
    I am pleased to appear before you today to testify about 
the Department's efforts to make its payment management system 
Y2K compliant. I am also accompanied today by Dr. Neil 
Stillman, who is the Deputy CIO of the Department, and Jeanette 
Clay, who is the Chief Information Officer for the Program 
Support Center.
    I would like to echo Nancy-Ann DeParle's statement about 
the committee. Clearly sometimes even though these sessions may 
appear to be a bit painful, clearly when we reach January 1, 
2000 and we succeed, in no small measure a good deal of the 
credit will go to you personally and to the members of your 
committee for asking us to be as diligent as we can be on the 
Y2K effort.
    The payment management system, which is the subject of the 
hearing today, is run by the Program Support Center of the 
Department, not by HCFA; it is run by the Program Support 
Center. This serves 20,000 grantees across the Nation and it is 
a historically sound and successful grants payment system. 
Indeed, in its more than 30 years of operation, it has only 
been down for one-half day during the blizzard of 1996.
    I will say this, since not many people know about the 
payment management system. It serves 20,000 grantees. It makes 
260,000 payments a year or about 1,000 payments a day. $165 
billion a year goes through that system, and what happens in 
this system is States, for example, with regard to their grants 
which go through the system, draw down grants daily and most of 
the other grantees draw down their grant allocations every 2 
weeks. In essence, it is a just in time grant payment system. 
This system, as it currently operates, saves the Federal 
Government $60 million a year as a result of adhering to the 
Cash Management Improvement Act.
    But as with any businesslike process, the Department of 
Health and Human Services is committed to making continuous 
improvements in the payment management system. That is why we 
engaged beginning in 1994 in the process of developing as a 
business solution the fourth major system development of this 
system since its inception in 1969. Yet in this particular case 
of reengineering, obviously we have to be fully cognizant of 
the need to make a new payments management system Y2K 
compliant.
    Therefore, in November 1998 we followed a parallel track of 
remediating the older legacy code, the current payment 
management system, to be year 2000 compliant as a contingency 
while at the same time continuing on a business solution to 
develop a fourth generation rebuild of the payment management 
system.
    Obviously given the decision at that time to look into 
following a dual track, we obtained the expert advice of the 
Avistar Corp. to assess the risk of completing the new system 
development, the fourth system rebuild of testing, the testing 
and implementation of the current system, the remediation of 
the legacy code with an eye toward achieving a low risk Y2K 
compliant payment management product in the shortest possible 
time. The report has been delivered to us by the Avistar Corp. 
this week. We will provide this to the committee in its 
entirety.
    Based on that recent report that we have received from the 
Avistar Corp., we plan to proceed immediately with the testing 
and implementation of the renovated legacy based payment 
management system. We expect this system to be Y2K compliant; 
that is, renovated, remediated, tested and implemented by June 
1999.
    At the same time, and this again comes from the 
recommendation of the Avistar report, outside of this 
development effort, and not to complicate this decision, we 
will devote additional staff and resources to achieve the goal 
of having in place hopefully before the end of the calendar 
year a fourth generation Y2K reengineered PMS system. But I 
will emphasize to the committee we will not follow that second 
track and in any way that would jeopardize getting at the 
fastest possible date a Y2K compliant payment management 
system.
    We would hope to achieve obviously the best possible 
outcome of having two Y2K compliant payment management systems 
that could be available for operation in the year 2000 and at 
some point when we have a fully operational Y2K reengineered 
payment management system, we will operate that in place of the 
current system.
    With regard to contingency planning, the Program Support 
Center, as is the case with all of our agencies, including 
HCFA, have supplied--at least I think most of them are up to 
their second drafts of their business continuity in their 
contingency plans, and we will be testing and implementing 
those contingency plans throughout the year. We believe that 
the contingency plan that is put forward to us is imminently 
practicable on the part of the Program Support Center and that 
the plans will ensure that the 20,000 grantees that we now 
service across the government, including HHS, will receive the 
Federal funds that they are due for their prior year and fiscal 
year 2000 appropriations.
    We pledge to you on behalf of the Secretary, the Deputy 
Secretary and myself and the Program Support Center that our 
customers, our grant customers, will be paid in full and on 
time. You have our word on that.
    Thank you, and I would be happy to answer any questions 
that you may wish to pose to me.
    [The prepared statement of Mr. Callahan follows:]

    [GRAPHIC] [TIFF OMITTED]60993.057
    
    [GRAPHIC] [TIFF OMITTED]60993.058
    
    [GRAPHIC] [TIFF OMITTED]60993.059
    
    [GRAPHIC] [TIFF OMITTED]60993.060
    
    [GRAPHIC] [TIFF OMITTED]60993.061
    
    [GRAPHIC] [TIFF OMITTED]60993.062
    
    [GRAPHIC] [TIFF OMITTED]60993.063
    
    [GRAPHIC] [TIFF OMITTED]60993.064
    
    [GRAPHIC] [TIFF OMITTED]60993.065
    
    [GRAPHIC] [TIFF OMITTED]60993.066
    
    [GRAPHIC] [TIFF OMITTED]60993.067
    
    Mr. Horn. Thank you. We are going to ask Mr. Willemssen to 
rejoin the panel. And we will begin the questioning, and the 
General Accounting Office is free to comment on all the 
questions and answers as we go through this. We appreciate the 
testimony both of you have given. It clears up some of the 
matters.
    Let me start the questioning, if I might, and yield myself 
5 minutes of time here. First, I would like to ask the 
Administrator, in your testimony you state that 17 of the 54 
compliant systems are highly compliant and the other 34 require 
a moderate level of effort to resolve any remaining issues. Is 
that correct?
    Ms. DeParle. Yes, sir, that's based on our IV&V 
contractor's assessment. And then yesterday our staff on the 
government management group personally met with your staff.
    Mr. Horn. Now, your staff stated yesterday that all 54 
compliant systems required only minimal effort to complete the 
remaining issues. And I guess the question is, what's the 
definition of compliant? How do we know when we are complete 
here? What kind of testing has gone on?
    Ms. DeParle. Well, what we mean when we talk about 
compliance is that all mission critical--I guess it has four 
steps, all mission critical, local source code, software and 
hardware used to support the system were renovated and Y2K 
compliant. Second, that the individual contractor had completed 
unit testing, integrated testing, system testing and end-to-end 
testing on the front ends and the shared system software 
interfaces.
    Third, that the entire system had been future date tested 
using a combination of future dates simulation and in a 
separate future date tested environment. That's the so-called 
hard IPL. And they have to have completed and reviewed output 
from claims cycles during hard IPLs for at least two future 
dates for the recertification in July. We are going to require 
them to test more future dates, but for this initial 
certification it was just two.
    In fact, Mr. Chairman, there were a couple who turned in 
certifications to us, and when we checked on-site they hadn't 
done those tests, so we took them out.
    And, finally, they have to ensure that all mission critical 
business functions would be Y2K compliant by verifying and, 
where appropriate, testing the readiness of all mission 
critical hardware, software, commercial off-the-shelf software 
facilities and vendors used to support such functions.
    And that last area is one area I would like to just point 
to, because one of the differences between us and GAO is that 
there are some contractors who had some COTS software, 
commercial off-the-shelf software, that was not tested and was 
not Y2K compliant. But in their qualifications to me, which I 
held up a while ago what we had sent to the committee, the 
contractor identified that. And we checked it to see whether or 
not it was mission critical; and if it wasn't we went ahead and 
accepted their certification.
    Now, by this July, when all of that other testing is done, 
everything is going to have to work, no ifs, ands or buts. But 
we felt that was a minor qualification at this point. And I 
think--Mr. Willemssen and I have discussed this, and I think 
from the GAO's perspective, they think all that should have 
been done in December. So I think that's the issue.
    Mr. Horn. Well, on that very point, you've given a 
definition of compliant and the Office of Management and Budget 
on behalf of the President also has a definition, and the 
General Accounting Office has a definition. And I guess I would 
ask, Mr. Willemssen, as you listen to this discussion, are they 
compliant in terms of OMB standards and GAO standards?
    Mr. Willemssen. Well, what HHS has put in their report, the 
quarterly report to OMB, is that they would provide a 
description of the progress on their systems being consistent 
with the CIO counsel's best practices guide and GAO's 
assessment guide. So from a criteria perspective, given that 
statement, we used our guide as a measure of whether those 
systems were compliant.
    The Administrator is correct, much of that computer date 
testing was done. Having it done and then resolving the 
problems resulting from that testing are two different matters. 
We expect the resolution of problems emanating from testing to 
also be done prior to deeming a system compliant. In many cases 
that has not yet been done.
    And I will again repeat, if these issues were considered 
minor as of December 31st, then one would expect 2 months 
later, February 26th, that those issues would have been 
resolved. We haven't seen evidence that they have been resolved 
and tested so that those systems can be deemed compliant at 
this point in time.
    Mr. Horn. Well, let me ask the Administrator. Are you aware 
of the lag there, despite the fact that those look like minor 
bits of the glitch and not major?
    Ms. DeParle. Yes, sir, I am. And in fact, Mr. Willemssen 
and his colleagues spent a couple of hours with us on Monday 
going through all of this to make sure we understood it, and on 
those specific examples that he cites, I don't know if it's in 
this testimony, but it's one that he discussed. The Florida 
shared system, which is one of our biggest systems, there were 
a couple of issues in their report that in fact they have 
corrected--they corrected as of January 29th. Those were 
qualifications that they identified to us and then they 
corrected and we do have evidence of that. So, I asked Dr. 
Christoph about this yesterday, just to be sure, and he advises 
me that these things have been corrected.
    Mr. Horn. Thank you. Since we have a visiting Subcommittee 
on Technology, I'm going to yield to the chair of that 
subcommittee, and then to Mr. Turner on our committee and then 
to Mr. Gordon on that committee. So the gentlewoman from 
Maryland, who is chairman of the Subcommittee on Technology.
    Mrs. Morella. Thank you. Thank you, Mr. Chairman. The 
question I want to ask has to do with personnel, since so much 
of Y2K compliance relies on people. I mean it's so intensive in 
terms of labor. And since there are really so few who may know 
COBOL and may know that system, et cetera, could you give me a 
candid analysis of how personnel fits into the compliance 
strategy? And I'm asking you, do you have trouble with 
recruiting people?
    Have you had to rely more than you've ever thought on 
contractors and subcontractors because of that? Are you losing 
some people who may have seniority or expertise? I know this is 
a tough question with many implications, but I would really 
like your candid assessment of it.
    Mr. Callahan. Congresswoman Morella, let me make a brief 
comment and defer to HCFA Administrator DeParle. You're 
absolutely correct that the human resource dimension is the 
critical element of getting this Y2K compliant problem solved. 
It is a difficult problem. Certainly the people that are 
working on it in the agencies, whether that be at HCFA or 
Program Support Center, support and deserve our commendation 
for the long hours that they are putting in and the efforts 
they are making.
    The Department of Health and Human Services was the first 
agency to go to the Office of Personnel Management and ask for 
an amendment to the law to rehire annuitants that were familiar 
with the Y2K problem that had worked at these agencies and 
could come back and help us in this effort without losing their 
annuity. As you know, given your experience, if you rehire 
they--we've hired approximately 54 reemployed annuitants. HCFA 
has taken the lead. I think they have over 50 of those, and the 
Program Support Center has brought back a person.
    So we took the initiative as a department to go out and 
seek those qualified employees to come back and help us, and 
they have.
    Ms. DeParle. I would say, though, just to add a little bit 
to this, from speaking to our contractors around the country, 
the 60 contractors who operate these 78 systems that we've been 
talking about this morning, they have had difficulty as well in 
hiring and retaining the kind of personnel that is needed.
    And it is something that I think as we get closer and 
closer to the deadline, one of the concerns I have when we talk 
about what the challenges are out there, not even just for our 
contractors, because they've known about this for a year, and 
they've been working, but for some of the providers like the 
ones Congressman Turner talked about, if they haven't already 
started, they're going to have trouble finding people who can 
do this work. And that's something I've been concerned about.
    Mrs. Morella. Have you been losing people because of the 
lure of higher salaries in the private sector?
    Ms. DeParle. Hardly a week goes by that I don't have one of 
my senior people in the information services area approached, 
and I suspect Mr. Willemssen has the same experience, because 
they do have such valuable expertise. We have been lucky in 
that our folks feel very committed to this project and seeing 
it through and are patriotic about it, I think.
    Mrs. Morella. Has any of the work been sent offshore?
    Ms. DeParle. Well, HCFA has a long history of public/
private partnerships from the inception of the Medicare 
program. For 34 years, we have worked through contractors. 
There are only 4,000 people working in Baltimore, there are 
25,000 people working at these contractors. So we've always had 
an imbalance, if you will, with most of our work in this area 
really being done offsite.
    So, we were already using contractors, and I think as Mr. 
Willemssen pointed out, there's a sense, on this particular 
project, that contractors are helpful, because they can come in 
and look over your shoulder, and that's what the IV&V 
contractor, that GAO advised us to get, has been doing.
    Mrs. Morella. Is there anything we can do to help with 
regard to contractors?
    Ms. DeParle. Yes.
    Mrs. Morella. I would imagine the data exchange law that 
passed would have been of some assistance in terms of freeing 
up some of the chilling effect of just sharing information?
    Ms. DeParle. I think it helped. And as I mentioned before, 
one of the first things I did was ask contractors to sign an 
amendment to their contract requiring them to be compliant. And 
I was rebuffed pretty strongly for about 6 months. And then 
after Congress passed the law, they became more willing to do 
it. Because one of their concerns had been what if the power 
systems fail or what if things beyond our control failed, and 
you helped with that.
    I should note, too, Congresswoman, you asked me about work 
offshore, and we don't have anyone working offshore.
    Mrs. Morella. No, the contractors may and do, whatever, but 
you don't.
    Mr. Willemssen, would you like to comment on that whole 
concept of personnel?
    Mr. Willemssen. A couple points I will make. First is to 
echo what Dr. Callahan said is one of the best things that the 
executive branch did was OPM allowing retired retirees to come 
back without a reduction in their annuity. That's something we 
have supported for some time. That was an excellent move. Many 
agencies, including HHS, have taken advantage of that. Second, 
in a report we did last year in the personnel area, we did see 
quite a bit of anecdotal evidence throughout the government 
that, indeed, there were people leaving for higher salaries.
    There wasn't any systemic analysis done, but clearly it was 
an issue that was coming up. Third, as we move into 1999 the 
issue will become less about finding people who can fix the 
code, so to speak, and more about people who have an excellent 
understanding of end-to-end testing and contingency planning, 
and I think those kinds of resources will increasingly be in 
short supply.
    Mrs. Morella. I want to thank you all and thank you for 
working together. I think this is critically important, and I 
hope that you will continue to see us as an important part of 
working together with you. Thank you.
    Thank you, Mr. Chairman.
    Mr. Horn. I thank the gentlewoman, and I now yield to the 
ranking member on the Government Management, Information, and 
Technology Subcommittee, Mr. Turner of Texas.
    Mr. Turner. Thank you, Mr. Chairman. Administrator DeParle, 
I want to ask you first to kind of go back with me a little 
bit. I know that much of the work that you've done trying to 
become Y2K compliant has been very, very costly.
    From your perspective, has the agency been provided 
sufficient funds to put you in the position to be Y2K 
compliant?
    Ms. DeParle. Yes, sir. And I want to thank the members of 
the committee who have supported us and the Secretary, last 
year when we realized after getting the IV&V contractor that we 
had 50 million lines of code to renovate, instead of what they 
originally thought, which was 20 million. We needed some money 
fast. And the Secretary did something that was very difficult. 
She basically tapped funding from other agencies in the 
Department to come up with $40 million, so that we could have 
right then and go ahead and get the contractors to hire people 
to do this work.
    It would have been harder if we had had to wait for the 
emergency supplemental to get that done. And so there's been 
complete support for this throughout the administration and 
from the Congress.
    Mr. Turner. Inasmuch as you've had sufficient funds to 
pursue Y2K compliance, what are the reasons then for the delay 
in the implementation of the Balanced Budget Act?
    Ms. DeParle. Well, it's a matter of the complexity of some 
of the changes that were made in the Balanced Budget Act. We've 
implemented, I think, almost 200 of the more than 300 
provisions that were in the Balanced Budget Act. But there are 
a few provisions that are extremely complicated, like 
developing new payment methodologies for home health agencies 
and for rehabilitation hospitals and for outpatient departments 
of hospitals. Our IV&V contractor, AverStar, came to me last 
April or May, I think it was, and made the strong 
recommendation that we stop that work, that we not proceed with 
trying to make those changes, because it's one thing to make 
them on paper, in the law, up here and for us to write the 
regulation and the policy.
    But when you have to start implementing those changes into 
the software--and you had these contractors who were trying to 
renovate and test the 50 million lines of code at the same time 
that they're trying to implement complicated software changes--
our IV&V contractor told me in no uncertain terms that that 
would not be a prudent thing to do. So we had to stop that 
work. We're going to resume it as soon as it is feasible after 
January 1, 2000. And I hope we will be close to being on track. 
But I felt I had no choice, because this had to be the No. 1 
priority.
    Mr. Turner. Well, as you know, there's been quite a few 
hardships created, particularly in the home health area in 
recent months, and it seems to me that what you're telling us 
is that it was your concern about the ability of some of the 
contractors to perform both tasks; that is, to be able to 
implement the new requirements of the Balanced Budget Act and 
to be Y2K compliant, that caused you to make that decision.
    Ms. DeParle. That's right. And at the point in time that we 
were--and I think you've heard from our colleagues at the GAO 
about the--from the chairman himself. There's nothing that can 
change this deadline of January 1, 2000. And even with more 
money, we couldn't necessarily be sure that we were going to 
get the work done at the level and the quality that it needed 
to be done. So, I was faced with a choice of do I want to be 
sure that we're paying claims January 1, 2000, or do I want to 
get these extra things done.
    And that was a hard choice. But as I said, I felt I had no 
choice. I had to be sure we were going to have our systems 
ready.
    Mr. Turner. Did the law itself impose deadlines upon you 
that you, in effect, did not comply with or was this within the 
discretion of the agency?
    Ms. DeParle. The law itself imposed deadlines in two or 
three areas. In the home health area, the Congress, once we had 
informed the authorizing committees, last summer made some 
changes in the home health interim payment system to try to 
correct some of the problems that had occurred from that and 
also extended the deadline. The original deadline was October 
1, 1999 to implement this new prospective payment system.
    And, in fact, before we even started on it, as you may 
recall, there was some doubt about whether it could be 
implemented so quickly and the Congress included in the law an 
automatic 15 percent reduction for the home health agencies in 
the event that we did not implement. And so last summer, what 
the Congress did, was decide to change that. And they extended 
for another year the implementation. It's now October 1, 2000, 
and we're on track to meet that.
    Mr. Turner. I might ask, Mr. Willemssen, if you had any 
oversight over that particular decision, and did you concur 
with the decision that was made?
    Mr. Willemssen. I would want to emphasize one point that 
the Administrator made, any time that additional changes are 
made to the software, if indeed that system has been deemed 
compliant, HCFA and the contractor will have to go back in and 
retest and recertify that the changes that were made have not 
changed the system in such a way that it was now not year 2000 
compliant. So that adds an incredible extra amount of effort 
beyond what would otherwise have to be done.
    Mr. Turner. My time is about to expire. Thank you, Mr. 
Chairman.
    Mr. Horn. The gentleman from Tennessee, Mr. Gordon.
    Mr. Gordon. Thank you, Mr. Chairman. One of the common 
denominators that I see between Federal agencies and the 
private sector in the Y2K problem is no matter how well the 
agency or a corporation might get their act together, they're 
still somewhat hostage to vendors and providers. So I guess, 
Administrator DeParle, no matter how good a job that you might 
do with your agency, you know, how much at risk are you with 
these vendors and providers, and what can be done, and where 
does that stand?
    Ms. DeParle. Well, with vendors that we deal with in 
Baltimore, we will make sure that they're either Y2K compliant 
or that we have a contingency plan in place to get around them. 
But the area that I'm most concerned about now, as we begin to 
see daylight on finishing our work and getting that done with 
the contractors, is what about all of these providers.
    And as I said, we took the unprecedented step of writing a 
letter directly to all of them. We do not usually do that. 
Normally, the contractors deal with the providers, because 
that's where the claims come in. We do not deal with them 
directly. But we have been trying to be much more aggressive 
than we ordinarily would, because I'm worried some of them will 
wait until the last minute and try to make these changes and 
they will not be able to do it.
    Even if I'm sitting there and my contractors are ready to 
pay claims, they will not be able to generate a claim. I think, 
as I said earlier, the good news is that based on what we know 
so far, we set a deadline. We started telling them a year and a 
half ago that they had to be able to submit claims in an eight 
digit format so there would be four digits for the year, so 
those would be compliant, and we have extended the deadline a 
couple times. The deadline is now April of this year.
    And there's been some complaining, but from what we're 
seeing, the compliance is really jumping up. So I'm hoping that 
is a good sign that providers will be ready. But I continue to 
share Congressman Turner's concern that there are going to be 
providers out there whose awareness is not what it should be 
and that they're not going to be ready. And from the standpoint 
of our beneficiaries that is what concerns me.
    Mr. Gordon. You know, any time you deal with a complex 
problem, you have to have priorities. And I think that it's 
wise as it--within this problem to establish, as has been, so-
called critical or noncritical missions. And we mostly talked 
about the critical missions. Tell me a little bit about the 
noncritical missions. You know, what are some of the things 
that may not get done because you can only do so much, and what 
impact are you going to have?
    Ms. DeParle. Well, for example, I mentioned that in 
December we finished renovating and testing all of our 25 
mission-critical internal systems, the ones that we operate in 
Baltimore. And those include systems like the one that makes 
Medicaid payments to the States and the one that makes managed 
care payments to managed care organizations for Medicare. It 
did not include some other systems that we are in the process 
of renovating now, and I believe we're going to make the March 
deadline on those. But there are things like surveys that we do 
of beneficiaries and other sorts of software that we maintain 
to keep data on beneficiaries.
    Those things would be of a lower priority as we move toward 
what are our essential missions. And that's sort of how we've 
done our contingency planning, focusing on what are our 
essential missions. For example, what has to happen on day one 
to keep our business functioning. There will be things such as 
beneficiary education and things like that, that might not 
happen if we are in a contingency mode for some reason.
    Mr. Gordon. OK, thank you.
    Mr. Horn. Now, I yield 5 minutes to the vice chairman of 
the Subcommittee on Government Management, Information, and 
Technology, Mrs. Biggert of Illinois.
    Mrs. Biggert. Thank you, Mr. Chairman. Ms. DeParle, it 
seems like you've got an awful lot to accomplish here, and you 
have made this your top priority and are working very hard to 
accomplish it.
    Are you still able to do business as usual and really, you 
know, continue with what you are working on, such as Medicare, 
Medicaid plus program and things like that? Do you have enough 
personnel to continue on your regular scope of business?
    Ms. DeParle. Well, there's no question that we're 
stretched. And for example, on the ones that you raised and on 
the many other things that we're doing, the other Medicaid 
tasks, Medicare, beneficiary education, we're probably not 
doing as much on those as we would have been. It is not because 
those staff are working in information systems and making the 
renovations or overseeing that, but because we've had to deploy 
staff to go out to contractors and oversee their work.
    And we have a lot of staff working right now, I think maybe 
almost 100 people of our 4,000 are working virtually full-time, 
on contingency planning because we have to get that done by 
March. So I think it has probably slowed down progress in other 
areas.
    You heard the questions that Congressman Turner asked me 
about the Balanced Budget Act. When you make something your top 
priority, it means that you're probably diverting attention 
from other things. I think we're getting our essential missions 
accomplished despite that. But there's no question that Y2K has 
been something that we had to put our full focus on. And 
certainly in the information systems area, which is one of this 
committee's interests, Dr. Christoph I brought from the Los 
Alamos National Laboratory to help us develop a new information 
technology infrastructure, which is something that we need.
    That isn't what he's been doing. He has spent his full time 
working on managing this Y2K project, because this is what we 
had to get done.
    Mrs. Biggert. Thank you. Then you, in your testimony, 
talked about the States, as well as providers, but the State as 
the provider, and said you don't really have the authority to 
demand that they are compliant. But you're working with them. 
Are there any--well, are you working with the States really to 
educate them on this as a top priority, and what else can be 
done to ensure then that the State systems will not fail?
    Ms. DeParle. Well, we are working with the States, and we 
started that well over a year ago by sending them the GAO's 
guidelines on what they should be doing. But last summer, I 
became concerned about where the States were, because we were 
getting self-reported data from them that didn't give me 
confidence that they were all sufficiently on top of it. The 
GAO was also looking at it and was getting similar data that 
they reported to the Congress in November.
    So we ended up hiring an IV&V contractor to go out to the 
States to investigate how they were doing. There are two main 
systems that they operate that are critical to Medicaid. One is 
their eligibility system, and the other is their--what's called 
their MMIS, their Medicaid Management Information System. And 
we have sent independent contractors out to--I think we've been 
to 16 States now, and it will be 20 by the end of the month and 
by April we will have been to all 50 States--to just 
investigate how they're doing.
    We're working directly with them, sending them the results 
in the same way that GAO would send us the results, giving them 
an opportunity to comment, but we're going to aggressively 
identify the problems there. We're also asking to see their 
contingency plans.
    And by the way, we pay for this. You should know that 
Congress, through the Medicaid program will pay for States' 
remediation efforts, 75 percent, as well as if they had wanted 
to hire IV&V contractors, you would have paid for that. And we 
urged them to do it. Most of them weren't doing it, which is 
why we decided to do it ourselves.
    Mrs. Biggert. Are there other working groups, like say as 
groups of hospitals, are you getting together with them to 
discuss the problems?
    Ms. DeParle. Yes. We're meeting on a biweekly basis with 
all the different trade associations in town that deal with 
health, and I've met personally with the State Medicaid 
directors, with the hospitals, with the managed care plans. 
We've had hundreds of meetings with them about this.
    Mrs. Biggert. Is that a definite structure that's set up 
and when did that start to occur?
    Ms. DeParle. It started, I want to say, in earnest in late 
spring or summer of last year--the outreach effort--and has 
been continuing, as I said, on a biweekly basis since then.
    Mr. Callahan. I might add, if I could on that, John 
Koskinen, who is the President's special advisor in year 2000, 
has asked all the various Federal agencies to share various 
sector groups. The health--the overall health and the human 
services sector group is shared by the Deputy Secretary in our 
department, Kevin Thurm, and as Nancy Ann has mentioned, we do 
have periodic meetings with the health care sector, not just 
hospitals, but, for example, at a recent meeting with the 
pharmaceutical association, the drug stores, the Veterans 
Administration, et cetera. So we're actively reaching out to 
them to get their best information possible as to the Y2K 
situation.
    Mrs. Biggert. Just one last question. GAO talked about 
every time there's a change or someone is not in compliance 
then it has to be retested and reworked. What time do you 
envision that you would be able to test every system and if it 
works, and if it doesn't, will you still have enough time to 
rework it? Is that like October?
    Ms. DeParle. We plan to complete our end-to-end testing by 
the end of October. And in July, we're going to freeze all of 
our systems, in other words, not make any other changes that 
would require another whole round of testing. But he's exactly 
right, that's been one of the complications of what we do, 
because so much of what we do involves making updates and 
changes and that kind of thing. And if you're doing that, it 
interferes with the work you need to do to make sure everything 
is compliant.
    Mrs. Biggert. Thank you very much. Thank you, Mr. Chairman.
    Mr. Horn. Thank you. We will now start on round two of 5 
minutes apiece. I would like to just clarify what's compliant 
and what isn't.
    Mr. Secretary, as I look at what the whole department 
submitted, they said there was a dramatic 34 percent increase 
this quarter. And I'm just curious, I think it was made up of 
96 critical mission systems, as I recall, and then the question 
would be, is the Medicare 54 part of the 96?
    Mr. Callahan. Yes, I believe it is, sir.
    Mr. Horn. OK. Then the question gets down, Mr. Willemssen, 
do you think their view of compliance and the General 
Accounting Office's view of compliance, do you think we're on 
the same wavelength or is there a discrepancy here?
    Mr. Willemssen. We definitely have a discrepancy on those 
54 systems.
    Mr. Horn. And what do you think has to be done to make them 
come into compliance?
    Mr. Willemssen. We not only have to go in and change the 
software to deal with the problems that have been identified, 
but you also then have to test that those changes have fixed 
the problems that were previously identified. And that--we 
haven't seen that evidence for those 54 yet.
    Mr. Horn. Any reaction of both the Administrator and the 
Secretary?
    Ms. DeParle. Well, I think part of what Mr. Willemssen is 
talking about is, as auditors, the GAO relies on the paper 
trail, and they looked at the self certifications that we got 
at the end of December, and they were looking at the paper 
trail. The qualifications that were given to us were worded 
quite broadly. They were written by lawyers. That shouldn't 
surprise me, since I'm the one who started this by saying I 
wanted a contract amendment. But what I think the GAO wants to 
see is paper evidence again that they can rely on to say that 
those things have happened, and I think we should get the GAO 
that.
    Mr. Horn. Well, as you know, the basis for judgment both by 
the executive branch and the legislative branch is the fact 
that we deal with self-reported data, and that's why we try to 
clarify when we get into one of these things as to the degree 
of progress a particular department is making, such as Health 
and Human Services. We want to figure out what's backing those 
numbers, and is there an agreement on definitions so we're all 
singing from the same hymn book and that we don't have 
dissidents, we have harmony, and that's why we're fishing to 
see if, indeed, we really have had more systems comply in this 
last round that we've reported on last week. And I take it you 
agree that there's still a lot of work to be done to make them 
really compliant?
    Ms. DeParle. Well, actually on a couple of systems that the 
GAO has expressed concerns about, and I mentioned the one in 
Florida. We believe we've given them the documentation that 
should have satisfied them.
    And just to follow your point, Mr. Chairman, I also don't 
want to rely just on paper, because I learned very quickly that 
wasn't good enough, and that's why I asked a number of our 
employees to leave their home base to go to Little Rock, AR and 
Richmond, VA and places where they don't live, to be onsite 
with these contractors to make sure what the contractors were 
telling us was what was happening.
    So we have more thorough information than anyone else does 
about this. But having said that, you know Mr. Willemssen has 
been very helpful to us, and I trust his assessment of this. 
And I want to make sure that--I don't have any interest in 
relying on something that isn't accurate. So I want to make 
sure that the GAO is satisfied.
    Mr. Horn. Well, may I suggest that both the General 
Accounting Office and your agency, HCFA, agree on a pattern of 
testing just to solve this problem and make sure everybody is 
talking the same language?
    I want to move on now, Mr. Callahan, to an area in which 
you are involved. Very few of the departments merged the Chief 
Information Officer role with the Assistant Secretary for 
Management. How did that happen in HHS?
    Mr. Callahan. Mr. Chairman, you and I have had some 
previous discussions on this. We are a very centralized--we 
have a very centralized management system at headquarters in 
HHS. For example, I am the Assistant Secretary of Management 
and Budget, Chief Information Officer. I'm also the Chief 
Financial Officer. There are days when I probably wish I could 
shed some of those responsibilities.
    Mr. Horn. But don't you need somebody else to work 18 hours 
a day, 7 days a week?
    Mr. Callahan. Let me say this, I don't do it all myself 
obviously, but we have able Deputies, Deputy CIO Dr. Stillman, 
et cetera. But the key point here is we are able to move very, 
very quickly on behalf of the Secretary and the Deputy 
Secretary to make those decisions, I think, which help the Y2K 
situation. For example, in the area that Administrator DeParle 
mentioned last year, HCFA indicated that they needed an 
additional $40 million on an urgent basis. Because I'm the 
Assistant Secretary of Management and Budget and work with the 
Secretary and execute the authority we have to transfer up to 1 
percent of our appropriations among accounts, we were able to 
execute that and do it in record time so that in essence we met 
that deadline. I dare say that other departments would not have 
been able to do it as quickly or as effectively as we did. So 
there are benefits in centralization.
    Mr. Horn. Well, there's also when we could get two other 
fine people like you working on various aspects, both the 
financial and the information side, it seemed to me we would 
make a little more progress, because this is just a heavy job, 
you all know that.
    Mr. Callahan. Yes, sir.
    Mr. Horn. And Treasury did the same thing, and Treasury has 
got major problems I think because of that, where they didn't 
have a new business and focus of energy in an area to 
straighten it up. I will get back to a few other questions 
later. But let me now yield to Mrs. Morella, the gentlewoman 
from Maryland.
    Mrs. Morella. Thank you. You know, one of the concerns with 
regard to this computer glitch is how the public is going to 
react. I mean attitude, whether it's going to be panic, whether 
it's going to be a laissez-faire concept that we don't have to 
worry about anything. I always say it's between Chicken Little 
and Pollyanna, in terms of where we should be. But how are you 
communicating with the public to assuage concerns that people 
may have--and that I think will be exacerbated as we get closer 
to the date and you're hearing more and more about Y2K. I mean 
Steve and I were involved in this 3 years ago as we started, 
but only now are people beginning to realize, you know, Mark 
Gordon and others, are beginning to realize that this is a 
situation where we can't have a continuing resolution.
    Do you have a responsibility to communicate, to establish 
information lines, again, to assuage concerns that your 
recipients, whether it's agencies, States, individuals, are 
experiencing or will experience?
    Mr. Callahan. Congresswoman Morella, we absolutely have 
that responsibility, and we have that responsibility in the 
context, as you know, of working with John Koskinen under the 
President's Y2K Conversion Council. He has made it clear that 
one part of his efforts in terms of advising the President and 
the general public is to give periodic reports to the President 
and the general public about our Y2K readiness and our ability 
to meet the Y2K situation.
    As Administrator DeParle mentioned, she's worked--she sent 
out nearly 1.25 million letters to the providers, hospitals, 
doctors, et cetera, who have to on their own, as you know, they 
have to work hard to meet their side of the Y2K question. We 
intend to obviously offer this committee and the public as much 
information as we can as to the situation with regard to Y2K 
readiness. So you're absolutely right. We have that 
responsibility, and we will exercise that.
    Mrs. Morella. Would any of you like to comment on it?
    Ms. DeParle. Just one more comment. Another thing we've 
been doing more recently in this health care sector group that 
I mentioned that's working together with the various hospital, 
doctor and other groups, rural providers and others, on 
outreach is our first level of reaching out to the actual 
providers themselves, to make sure they're ready, because 
that's the best risk mitigation strategy you can have is to 
make sure they're ready.
    But we do think the next step is to work together to 
reassure the public, and we think that's something that we 
should do as an agency and as a department with the providers. 
So, for example, we've been working with the drug companies on 
how we will reassure the public on those issues and the Deputy 
Secretary of the department is leading that effort. We're 
working with the hospitals on how we will reassure the public 
about their readiness. So that's sort of the next step of this.
    Mr. Willemssen. If I may make two points, one general and 
one a little bit more specific. The general point is the best 
way to combat public panic is with hard data, and the Federal 
Government is obviously in the lead on that and has been for 
some time. Federal agencies can provide data on where they're 
at, and they will have organizations such as GAO coming in and 
looking at where they're at, and making assessments of that. So 
I think to the extent that we can put the data out there, that 
will help combat the fear.
    Second, and a little bit more specific to HCFA, a hearing 
like this obviously airs that HCFA has some issues and some 
challenges ahead and that there is a high possibility that 
there will be some system failures. But to the extent that HCFA 
can demonstrate through the remainder of this year that the 
excellent efforts it will have done in the contingency planning 
area, it can then say even if we do have some system failures, 
don't worry, because we have some backup plans in place to make 
sure that providers are paid and services are still provided.
    Mrs. Morella. I see a role for public service 
announcements, maybe some other kind of simple mailer to people 
to just say we are working on it, we will be all right. We will 
have perhaps, at most, some inconveniences, but we want you to 
know that blah, blah, blah, because I'm hearing more and more 
from people, will my Social Security check be out there. We 
say, oh, yes, they started in 1989 and they're doing very well 
and then you get into the other areas.
    They also want to know what should they ask, you know, 
particularly in the medical field. I just think all of us, 
whether it's done through agency by agency, I think there 
should be a strategy for communicating with the public.
    Mr. Callahan. I do know, as I'm sure you're aware, that the 
FTC, for example, has omnibus Y2K consumer Website where----
    Mrs. Morella. Yes.
    Mr. Callahan [continuing]. If you as a consumer want to 
know about your microwave, or whatever it is you want to know 
about, you can get into that, and they will try to provide you 
the best answers as possible. As does SBA, for example, with 
small businesses.
    Mrs. Morella. They have their Website, I know. And the 
other day I was at an event for Red Cross. Red Cross has a 
wonderful little pamphlet for consumers, for constituents, what 
should you ask, what should you know, what is Y2K, done very 
simply, nothing complicated. But it gives a feeling that we 
know something about it and we will have a part to play and 
ultimately people are working on it, it will be OK.
    Thank you all very much. Thank you, Mr. Chairman.
    Mr. Horn. Thank you. Now I yield 5 minutes to questioning 
to the ranking member of the Government Management, 
Information, and Technology Subcommittee, Mr. Turner of Texas.
    Mr. Turner. Dr. Callahan, you mentioned that you're having 
to operate both computer systems for the payment management 
systems for the year 2000. The old system has been updated and 
you still got the new system you're bringing on line.
    Mr. Callahan. I might correct that. Let me--I don't want to 
interrupt, but that's not quite precise, but I will----
    Mr. Turner. Go ahead, if I misstated it.
    Mr. Callahan. Actually the reengineered payment management 
system, which is the one that we want to put in place of the 
existing system, is not operational. This was brought about as 
a business decision starting in 1994. A basic decision was made 
that we should have a new payment management system, and we 
will provide you a chronology of what's happened with regard to 
that system.
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED]60993.068
    
    Mr. Callahan. It was our intention--we had hoped that that 
new system would be fully in place by December 1998 and Y2K 
compliant. Obviously, it was built to be Y2K compliant. But it 
was scheduled to be in place and operational by December 1998 
and then we would be able to replace the current system.
    During the latter part of 1998, as we were looking at it, 
we understood that there may be slippages. So we then in 
November 1998 with our current system--that's the system that 
operates, it's ongoing today and it does all of these things 
that I mentioned earlier--we said we have to go back and look 
at its code and remediate its legacy code to be Y2K compliant.
    We did that in November; the code has been fully 
remediated, the code itself and the current operating system is 
Y2K compliant. But it has to go through further testing and 
certification through an independent contractor. At that time 
we also contracted with the Avistar Corp. and said, look, this 
is where we are, we've got to remediate it, we want to do two 
things. We want to be Y2K compliant as fast as possible, and 
then, second, we want to have for the future as a business case 
a better payment management system.
    They looked at where we were, both on the remediation of 
the legacy code system and this new reengineered payment 
management system, and gave us the report which basically says 
what you should do is, first of all, devote all of your current 
efforts between now, and they estimate June and they have a 
detailed timeline, et cetera, to make sure that the current 
system which you've remediated, the legacy code system, will be 
fully Y2K compliant.
    However, at the same time or after, as you finish that up, 
you should not forego developing a new reengineered system. 
They felt that the code that we had developed in that, not all 
were hardware, not all were conversions, et cetera, that it was 
a good business case to continue to proceed with. But they 
said, you can't do that at the same time you're doing all of 
this repair to the current system. But they said don't give up 
on the business case, but put it second.
    That's exactly what we intend to do, so that we will have a 
Y2K compliant system by June, the current system, and then 
hopefully, if everything works out right, we will have a second 
system that will be Y2K compliant. But, obviously, we would not 
move into that second system until, unless and until, it can be 
proven that there will be no disruption in service.
    And, again, we think the report that Avistar gave us was an 
excellent roadmap. It will be provided to GAO. It's candid. It 
says this is where you've been, and this is where you should 
go, and we intend to follow that as a roadmap and again we will 
provide it to the committee, and we will hold ourselves to the 
milestones that are provided in this independent report.
    Mr. Turner. I only raised it because it seems to me to be a 
very obvious example of how costly Y2K compliance has become, 
because you never would have tried to remediate the legacy 
system had we not been faced with Y2K.
    Mr. Callahan. Absolutely.
    Mr. Turner. It might be interesting if you could share with 
us, if you have an estimate, of how much Y2K is going to end up 
costing the Department of Health and Human Services.
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED]60993.069
    
    Mr. Callahan. I can get you all the detailed fiscal 
information for the record.
    Mr. Horn. We will put that in the record at this point.
    Mr. Callahan. Last year's emergency appropriation for Y2K 
was $3.2 billion, the Department request under that emergency 
supplemental $285.3 million. We have received those requests, 
and indeed we received another $93 million fairly recently 
which HCFA has requested for its second installment of 
emergency money.
    So at this point, we are approximately for 1999 around $372 
million, with obviously the lion's share of that being 
allocated to HCFA for its work on its internal and external 
systems. That is the top priority of the Department.
    Mr. Turner. One final question I want to ask Ms. DeParle. I 
know that you have made efforts to notify the providers, and 
you have sent out over 1 million letters to the providers. In 
fact, I don't know, Mr. Chairman, if we have that in the record 
or not.
    Mr. Horn. Two million.
    Mr. Turner. It might be nice to place that letter in the 
record.
    Mr. Horn. Without objection.
    Ms. DeParle. It also went out to every Member of Congress.
    [The information referred to follows:]
    [GRAPHIC] [TIFF OMITTED]60993.070
    
    [GRAPHIC] [TIFF OMITTED]60993.071
    
    Mr. Horn. Let me say, if I might, to my colleague, if you 
want a Member of Congress to read it, put on it ``personal and 
confidential'' and it will go in. Otherwise it is in the box of 
junk mail. I am one of the rare ones that reads all of that 
stuff every 2 weeks.
    Ms. DeParle. It came out in early January, so I was hoping 
maybe during the recess there would be a little more time to 
look at things. I was hoping some of you might use that 
information in your newsletters that I know you send to 
district folks.
    Mr. Turner. I see my time has expired. One subject I wanted 
to touch upon briefly, I wanted to get your assessment of the 
risk that we face in the biomedical equipment area. I know you 
have made some efforts to try to get the biomedical equipment 
manufacturers to notify all the providers regarding Y2K 
problems. But how do you personally assess that risk? That is 
one that greatly concerns me, particularly being from a rural 
area, where we have a lot of old equipment in rural hospitals. 
What is your assessment and what do you think you can still do 
to minimize that?
    Ms. DeParle. I have focused on the claims processing and 
payment systems. That is what the Health Care Financing 
Administration does. I think Dr. Callahan can give you a better 
answer on that.
    Mr. Callahan. The Federal Food and Drug Administration is 
the agency within the Department that has to take that task on 
you are so concerned about. I do know they have been requested 
by the full committee for a variety of questions and answers 
related to the biomedical situation that those will be 
forthcoming, I believe in the next day or so, and we would like 
to provide those to you for the record.
    Let me say in general, however, the FDA has moved 
aggressively, along with other partners in the government, the 
Veterans Administration and others, to put up on a Website the 
Y2K compliance aspects of biomedical devices.
    But in addition, what is also important, Congressman 
Turner, as you know, is that each hospital and health care 
provider that has biomedical equipment has to go in and do an 
inventory of that equipment. They have to know what equipment 
they have on hand.
    For example, the Indian Health Service, under the 
jurisdiction of the Department, has completed its total 
inventory, as I understand it, of all the biomedical equipment 
that they have in their hospitals. They are matching that 
information against the FDA Website and working, again, with an 
independent contractor to determine what of that biomedical 
equipment is not Y2K compliant, and then they are moving 
immediately to buy or replace that biomedical equipment.
    I just mention this, because this gets back to the point 
that Administrator DeParle mentioned. It is absolutely 
essential that the hospitals and the clinics and our community 
health centers, and again our Indian Health Service, for 
example, get out there and do this work themselves.
    We cannot, the Federal Government, cannot go in and do an 
inventory for them. They have to do it. Once they do it, we 
feel we will have sufficient information against which they can 
assess their biomedical situation.
    Second, they have to get with their vendors too. They have 
to say I have this biomedical equipment, get on the phone with 
the vendors and ask is this Y2K compliant. I would ask them to 
test it. So it is a big job, and we have a central role to play 
in it, but it is also important for the providers to do their 
work.
    Mr. Turner. Thank you.
    Mr. Horn. Now I yield 5 minutes to the vice chairman of the 
Subcommittee on Government Management, Information, and 
Technology, Mrs. Biggert of Illinois.
    Mrs. Biggert. Thank you, Mr. Chairman.
    Ms. DeParle, do you think that there is any concern on the 
part of providers that liability issues are impacting their 
progress, or either whether they are going to work harder to 
comply or whether just not to do anything, and that they might 
not have the same liability? Is this an issue? Are they 
concerned about liability because of failures of the programs?
    Ms. DeParle. Well, we have been mainly relying on outside 
assessments that have been done of provider readiness. There is 
a group called RX 2000 that we commissioned to do a study. The 
Inspector General at our Department has also done a targeted 
study of Medicare providers that I think she will be releasing 
shortly.
    I don't know if that issue has come to the forefront as 
much as I do have some anecdotal evidence that some providers 
have been concerned. As I mentioned to the chairman, it was an 
issue for me personally about our contractors when I first said 
I wanted the contractors to sign a contract amendment.
    There is a lot of concern, there has been a lot of concern 
about liability. I hear it from, for example, managed care 
plans that I have talked to, that they are concerned about--we 
have asked them to sign a contract amendment certifying they 
are going to be ready to pay managed care payments. Some of 
them are concerned about it.
    I think that the work that this committee and the Congress 
have done in trying to alleviate some of those concerns has 
helped, but I think it is still an issue out there.
    Mrs. Biggert. Thank you. I might ask Mr. Callahan too, as 
far as the payment management system, are there implications 
with the contractor departments. You do all this for all the 
different Federal agencies like the Department of Labor and 
NASA. Are there implications for them as well as if there are 
payments within your payment management system?
    Mr. Callahan. Again, a couple of points. We are very 
confident that, given the information I have mentioned to you 
earlier, we will be fully compliant with the legacy payment 
management system in June of this year. At the same time, we 
will also, as we have, we will provide you with the contingency 
plans that will ensure that all the grantees, whether they are 
in our own Department or out in the States or localities, will 
receive their money on time.
    There may be an issue, for example, on a contingency plan, 
as I mentioned to you earlier since the payment management 
system is just in time payment, if you will. It helps prevent a 
float. That is, we don't give money to the States that they 
don't spend that we could have earned interest on.
    But obviously, if we get to a point where we have to have 
some contingency plans and maybe deliver payments in less than 
just in time, we may have to suggest waiving some of the 
provisions of the Cash Management Act. But I think we will know 
exactly once the 2000 appropriations are passed exactly what 
all these agencies will need by way of grants, and we will make 
sure that they get those grants.
    Mrs. Biggert. Thank you. Mr. Willemssen, do you see this as 
a growing concern?
    Mr. Willemssen. Yes. It has been a growing concern. It is a 
concern that was attempted to be addressed with the Readiness 
Disclosure Act that was passed late last year. I think this 
spring there will have to be a reassessment of the success of 
that act, and if indeed it has allowed more disclosure of 
information. One thing we will be particularly looking at is 
Mr. Koskinen's early April report on the readiness of all the 
key sectors in our country. To the extent that we begin to see 
much more detailed rich data on the readiness of those sectors, 
I think that can be used as a measure of the success of that 
act. To the extent we do not see that, then I think there will 
need to be a reassessment of whether additional legislative 
action is necessary.
    Mrs. Biggert. Thank you. Thank you, Mr. Chairman.
    Mr. Horn. Thank you. I want to go to a very broad question, 
and I need to know who is the senior one in chronology in the 
Department. Mr. Secretary, when did you join HHS?
    Mr. Callahan. I joined in May 1995 and was confirmed in 
August 1995.
    Mr. Horn. Well, you are all innocent, but I am going to put 
the question anyhow. Social Security realized there was a real 
problem with the year 2000 back in 1989. When we were drafting 
Medicare, Social Security was the model which was used to draft 
Medicare. The Secretary was involved, the Commissioner of 
Social Security. Social Security in the sixties was regarded as 
the best managed agency in Washington, DC. I think it still has 
a lot of that reputation.
    But I am curious if maybe you just know anecdotally, when 
Social Security, which was then under HHS, started doing this, 
why wasn't there somebody in Medicare, and this is long before 
the current Administrator's tenure, but why didn't somebody say 
gee, we ought to do that too?
    Mr. Callahan. Well, I can't answer that question directly 
and fully, but let me offer one observation. Social Security 
and HCFA are really two different organizations, as you know.
    Mr. Horn. Right.
    Mr. Callahan. Social Security, to their credit, retains a 
large direct service delivery structure through their offices, 
they retain probably one of the best information technology 
work forces inside their agency. I had the pleasure of working 
with them. They are first rate people, and there is a critical 
mass of information technology people that enables them to get 
the good marks that you give them.
    HCFA, on the other hand, has to rely, as Administrator 
DeParle has said, on contractors to do a lot of their work. 
This was something that was established in legislation, and, as 
you know, we have had discussions about the relationship 
between HCFA and its contractors. So I would just say they were 
two different organizations.
    I would also offer the observation that Social Security had 
the structure and critical mass of people to succeed at a 
quicker rate on this, no matter when the decision was made, 
than possibly the Health Care Financing Administration, with no 
disrespect to the current Administrator or previous 
Administrators.
    Mr. Horn. Let me just try to focus in now, just to get in 
one place in the record the legacy payment management system. 
As I understand it, in November 1998 you said you would think 
the code was all remediated by that time, and I think you said 
they would be year 2000 compliant by June 1999.
    I guess I would ask the question of how much did the 
original system, which is still there until assured of the 
secondary system, reengineered though it might be to see that 
that is compliant, what are we talking about in dollars?
    Mr. Callahan. We have spent, it is my understanding, to 
remediate the code on the legacy-based system, that we have 
spent $850,000 on that remediation. We have now, on the basis 
of that, the Avistar report, which we are giving to the 
committee today, indicates with that code, that remediated code 
in place, they have given us the milestones and the particulars 
to go through the remaining processes to make sure it is 
certified and implemented, and they estimate that it will take 
until June for us to do that.
    Mr. Horn. So the total cost, how about the total cost of 
the payment management system?
    Mr. Callahan. The other system, the reengineered payment 
system that we want to eventually get to----
    Mr. Horn. Well, are you saying that the total cost of the 
original system that you are still working with, you are saying 
that is $850,000? It sounds a little low to me.
    Mr. Callahan. That system has been in operation for a long 
period of time.
    Mr. Horn. What, 10 years?
    Mr. Callahan. I am not exactly sure, but probably at least 
10 years, or at least a large number of years. So there has 
been no structural work on that other than it operates on a 
day-to-day basis. But when we get to the situation of having 
the concern that the reengineered payment management system 
would not make the Y2K deadline, we went back and looked at 
that legacy code and had it remediated, and that has been 
remediated. That cost us $850,000 to do that.
    Mr. Horn. OK. But that is not the original cost of the 
system.
    Mr. Callahan. No. The original cost of that system, I will 
have to get that information for the record.
    [The information referred to follows:]

    The PMS system was developed over a five year period from 
1979-1984 at a cost of approximately $8 million.
    The exact cost to have the factory remediate the legacy 
code was $594,323.

    Mr. Horn. If you could. What I am going to leave open is 
the questions we asked about this now and since you just gave 
us the document today, questions that we will send down to you 
and we will put without objection, the whole bunch at the end 
of the hearing. But we will have it in one place.
    So now that we have got the secondary system that you are 
going to move to when you can be assured that it is compliant, 
what is the estimated cost on that?
    Mr. Callahan. We will supply that for the record, but to 
date we have spent $6.7 million on that since 1994.
    [The information referred to follows:]

    The estimated cost to have the system deployable is $10 
million (in round numbers) and includes the $6.7 million 
already expended.

    Mr. Horn. Since 1994. That is the secondary system.
    Mr. Callahan. Yes.
    Mr. Horn. OK. Now, was your original payment management 
system approved by the appropriate authorization committee and 
appropriations subcommittee?
    Mr. Callahan. I will have to get that information for the 
record.
    [The information referred to follows:]

    PMS was not the ``original'' grants payment system in HHS. 
It was a third-generation system preceded by the Departmental 
Federal Assistance Financing System (DFAFS) and the NIH Grants 
Payment System (GPS). The GPS originated in the sixties and 
operated with funds appropriated for normal administrative 
activities. Therefore, there was no formal request of special 
appropriated funds for a ``new'' system. The funds for the PMS 
upgrade were included in our budget requests and were 
appropriated accordingly.

    Mr. Horn. I take it you billed your customers to try to 
cover the cost?
    Mr. Callahan. Yes.
    Mr. Horn. What kind of money are we talking about?
    Mr. Callahan. You mean our annual inflow?
    Mr. Horn. What is your annual revenue for serving people in 
the rest, the executive branch?
    Mr. Callahan. I will get that for the record, the actual 
dollar, but I will tell you the fees for this are extremely 
low, because in essence we provide not only the just in time 
service, but we reconcile the accounts so there is no Cash 
Management Improvement Act problems. That is, the agency 
doesn't have to pay interest to the States or vice versa.
    [The information referred to follows:]

    The total revenue for FY98 was $9,076,927.

    Mr. Horn. There is $170 million a year flowing through that 
system, is that correct?
    Mr. Callahan. $165, I think it is, or $170. I will get the 
precise amount.
    [The information referred to follows:]

    The precise number is $165,710,740,000 or 166 billion.

    Mr. Horn. OK. Have you kept those records? Is that part of 
your accounting system?
    Mr. Callahan. Yes.
    Mr. Horn. Now, how different is it or how similar is it to 
the Financial Management Service within the Department of the 
Treasury and the center in New Orleans of the Department of 
Agriculture that some other departments use?
    Mr. Callahan. Vis-a-vis the Treasury system, it has 
additional functionalities, the current system and the future 
system have functionalities like Cash Management Improvement 
Act capabilities that the Treasury system does not have. There 
are other agencies right now that, for example, the Department 
of Education has its own grant payment management system. The 
Council of Chief Financial Officers has in response to State 
officials who don't like all these different grant payment 
systems working, recommended that only two systems be used, the 
Treasury ASAP system and the HHS payment management system. So 
we have gone out and worked with each of the agencies. They 
will be making their choices over time.
    So at some point down the line, it appears that there will 
be only two payment management systems run by the Federal 
Government, the Treasury system and our system.
    Mr. Horn. Now, the Treasury system runs the Social Security 
checks, is that not correct?
    Mr. Callahan. Social Security----
    Mr. Horn. Financial Management Service.
    Mr. Callahan. Yes, that goes to the Financial Management 
Service. I am not sure that is ASAP, which is their grant 
payment system. I have to check on that.
    Mr. Horn. I am just curious. So each Cabinet Secretary has 
a right to make a choice as to where they will get the best 
service?
    Mr. Callahan. Yes.
    Mr. Horn. Is some of that related to the actual cost?
    Mr. Callahan. Yes.
    Mr. Horn. Are you the cheapest deal in town?
    Mr. Callahan. We think we are the best deal in town.
    Mr. Horn. I know you think you are the best. The most 
reasonable rate that you charge.
    Mr. Callahan. Right.
    Mr. Horn. Well, we are interested in that, just to make 
sure it is on line. We are interested in the compliant bit, and 
I think if you can all agree on what is the appropriate test, 
we will know in the next round if something really was 
remediated.
    Mr. Callahan. Yes, sir.
    Mr. Horn. Let me just make a few comments. We have had some 
very fine testimony this morning that has clarified a number of 
things for us. The fact is, millions of American citizens rely 
on Health and Human Services and your very critical services. 
We all know that Medicare is just one of the key things in this 
society. When you think back what this country would be like if 
we hadn't had Medicare established in 1965, you would realize 
that this is one of the major laws of the 20th century.
    We are going to continue to monitor the Department's 
progress to develop the new system on the legacy system, and we 
will maybe have a future hearing on all of those types of 
operations in the executive branch.
    However, I remain concerned about the Health Care Financing 
Administration's external mission critical systems that were 
recently reported as being 2000 compliant. I am assuming GAO 
and you will get agreement on this by the next round, because 
to me ``compliant'' means compliant, not compliant with 
qualifications.
    But I thank you both from the Department for your 
testimony, and I thank the General Accounting Office and all of 
your associates for your testimony. I think we are making 
progress as a result of the cooperation we have had within the 
executive branch and with GAO. I think this morning, however, 
we still have a lot to do, and that from some of the questions 
Mrs. Morella asked it is really a thing that both the 
legislative branch and executive branch have to do, which is 
get the word out to the people, so we don't have a lot of 
corner cutters and book writers that are trying to scare the 
living daylights out of the American public.
    This is a solvable problem. You have shown, even though you 
have come to this late, but you certainly turned a lot of that 
agency around in terms of getting the remediation underway, and 
we appreciate that. That good word needs to go out. The more TV 
shows, radio shows, Q and A you can answer, and I know that is 
tough, that is very important, because every little bit helps.
    If there are no further questions from any of my 
colleagues, with that, this hearing is adjourned.
    The staff list I will put in the record. Just for the 
record, J. Russell George, the staff director and chief 
counsel; Matt Ryan, to my left, senior policy director; Bonnie 
Heald, director of information; Mason Alinger, clerk; Paul 
Wicker, Kacey Baker and Richard Lukas, interns; Michelle Ash, 
minority counsel; Faith Weiss, minority professional staff 
member and counsel; Earley Green, minority staff ssistant; and 
then the court reporters, Doreen Dotzler, Cindy Sebo and Bob 
Cochran, who is faithfully writing down to the last second.
    Thank you, Bob.
    [Whereupon, at 11:10 a.m., the subcommittee was adjourned.]

                                   - 
