[House Hearing, 106 Congress]
[From the U.S. Government Publishing Office]



 THE YEAR 2000 COMPUTER PROBLEM: LESSONS LEARNED FROM STATE AND LOCAL 
                              EXPERIENCES

=======================================================================

                                HEARINGS

                               before the

                 SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
                      INFORMATION, AND TECHNOLOGY

                                 of the

                     COMMITTEE ON GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED SIXTH CONGRESS

                             FIRST SESSION

                               __________

                      AUGUST 13, 14, AND 17, 1999

                               __________

                           Serial No. 106-48

                               __________

       Printed for the use of the Committee on Government Reform


                   U.S. GOVERNMENT PRINTING OFFICE
60-954                     WASHINGTON : 1999


     Available via the World Wide Web: http://www.house.gov/reform

                                 ______

                     COMMITTEE ON GOVERNMENT REFORM

                     DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York         HENRY A. WAXMAN, California
CONSTANCE A. MORELLA, Maryland       TOM LANTOS, California
CHRISTOPHER SHAYS, Connecticut       ROBERT E. WISE, Jr., West Virginia
ILEANA ROS-LEHTINEN, Florida         MAJOR R. OWENS, New York
JOHN M. McHUGH, New York             EDOLPHUS TOWNS, New York
STEPHEN HORN, California             PAUL E. KANJORSKI, Pennsylvania
JOHN L. MICA, Florida                PATSY T. MINK, Hawaii
THOMAS M. DAVIS, Virginia            CAROLYN B. MALONEY, New York
DAVID M. McINTOSH, Indiana           ELEANOR HOLMES NORTON, Washington, 
MARK E. SOUDER, Indiana                  DC
JOE SCARBOROUGH, Florida             CHAKA FATTAH, Pennsylvania
STEVEN C. LaTOURETTE, Ohio           ELIJAH E. CUMMINGS, Maryland
MARSHALL ``MARK'' SANFORD, South     DENNIS J. KUCINICH, Ohio
    Carolina                         ROD R. BLAGOJEVICH, Illinois
BOB BARR, Georgia                    DANNY K. DAVIS, Illinois
DAN MILLER, Florida                  JOHN F. TIERNEY, Massachusetts
ASA HUTCHINSON, Arkansas             JIM TURNER, Texas
LEE TERRY, Nebraska                  THOMAS H. ALLEN, Maine
JUDY BIGGERT, Illinois               HAROLD E. FORD, Jr., Tennessee
GREG WALDEN, Oregon                  JANICE D. SCHAKOWSKY, Illinois
DOUG OSE, California                             ------
PAUL RYAN, Wisconsin                 BERNARD SANDERS, Vermont 
HELEN CHENOWETH, Idaho                   (Independent)
DAVID VITTER, Louisiana


                      Kevin Binger, Staff Director
                 Daniel R. Moll, Deputy Staff Director
           David A. Kass, Deputy Counsel and Parliamentarian
                      Carla J. Martin, Chief Clerk
                 Phil Schiliro, Minority Staff Director
                                 ------                                

   Subcommittee on Government Management, Information, and Technology

                   STEPHEN HORN, California, Chairman
JUDY BIGGERT, Illinois               JIM TURNER, Texas
THOMAS M. DAVIS, Virginia            PAUL E. KANJORSKI, Pennsylvania
GREG WALDEN, Oregon                  MAJOR R. OWENS, New York
DOUG OSE, California                 PATSY T. MINK, Hawaii
PAUL RYAN, Wisconsin                 CAROLYN B. MALONEY, New York

                               Ex Officio

DAN BURTON, Indiana                  HENRY A. WAXMAN, California
          J. Russell George, Staff Director and Chief Counsel
                Bonnie Heald, Professional Staff Member
                          Grant Newman, Clerk


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on:
    August 13, 1999..............................................     1
    August 14, 1999..............................................   187
    August 17, 1999..............................................   443
Statement of:
    Aikens, Willie, Director, companywide process and strategy, 
      the Boeing Co.; Don Jones, director of year 2000 readiness, 
      Microsoft Corp.; Joan Enticknap, executive vice president, 
      Seafirst Bank; William Jordan, deputy superintendent of 
      public instruction, State of Washington; and Rich Bergeon, 
      consultant, Nuevue International, LLC, Audit 2000..........   589
    Cortez, Elias, director, Department of Information 
      Technology, State of California; Joel Willemssen, Director, 
      Civil Agencies Information Systems, U.S. General Accounting 
      Office; Doug Cordiner, principal auditor, Bureau of State 
      Audits, California State Auditor's Office; Joan Smith, 
      supervisor, Siskiyou County, on behalf of the Regional 
      Council of Rural Counties; and Cathy Capriola, 
      administrative services director, city of Citrus Heights...    12
    Hall, Garth, manager of project 2000, Pacific Gas & Electric 
      Co.; Karen Lopez, division manager, administrative 
      services, Silicon Valley Power; Frances E. Winslow, 
      director, Office of Emergency Services, city of San Jose; 
      William Lansdowne, chief of police, city of San Jose; and 
      John McMillan, deputy fire chief, city of San Jose.........   353
    Hall, Garth, manager of Y2000 project, Pacific Gas and 
      Electric Corp.; Tom Latino, public safety director, Pacific 
      Bell, appearing for Mike Petricca; Roy Le Naeve, senior 
      project manager, Y2K readiness program, Sacramento 
      Municipal Utility District; Steve Ferguson, chief of 
      information technology, county of Sacramento, accompanied 
      by Carol Hopwood, emergency management, county of 
      Sacramento.................................................   116
    O'Rourke, Joe, chief information officer, Bonneville Power 
      Administration; Jerry Walls, project manager, embedded 
      systems, Puget Sound Energy; James Ritch, deputy 
      superintendent, finance and administration, Seattle City 
      Light; Marilyn Hoggarth, Washington State public affairs 
      manager, General Telephone Co.; Dave Hilmoe, division 
      director, Water Quality and Supply, Seattle Public 
      Utilities; and Brad Cummings, Y2K program manager, 
      University of Washington Academic Medical Centers..........   542
    Tschogl, Kathleen, manager, governmental and regulatory 
      affairs, Raley's Supermarkets; Alan Rabkin, general 
      counsel, senior vice president, Sierra West Bank, on behalf 
      of the California Bankers Association; Guy Koppel, chief 
      information officer, U.C. Davis Medical Center; and Holly 
      Delaney, year 2000 program, Mercy Healthcare Sacramento....   169
    Whitworth, Brad, Y2K marketing and communications manager, 
      Hewlett Packard Co.; Pat Cavaney, year 2000 program 
      manager, customer service and support group, Hewlett 
      Packard Co.; Richard Hall, director, california 
      governmental affairs, year 2000 program manager, Intel 
      Corp.; Tom Latino, product manager, Pacific Bell; and Ralph 
      Tonseth, director of aviation, San Jose International 
      Airport....................................................   301
    Willemssen, Joel C., Director, Civil Agencies Information 
      Systems, General Accounting Office; Chris Hedrick, 
      director, Washington State Year 2000 Office; Clif Burwell, 
      Y2K program manager, King County, WA; Marty Chakoian, 
      project manager, city of Seattle Year 2000 Office; and 
      Barbara Graff, emergency preparedness manager, city of 
      Bellevue, WA...............................................   451
    Willemssen, Joel, Director, Civil Agencies Information 
      Systems, U.S. General Accounting Office; Mark Burton, Y2K 
      project manager, city of San Jose; Dana Drysdale, vice 
      president, information systems, San Jose Water Co.; Ronald 
      E. Garratt, assistant city manager, city of Santa Clara; 
      and Christiane Hayashi, year 2000 communications manager, 
      city of San Francisco......................................   192
Letters, statements, etc., submitted for the record by:
    Aikens, Willie, Director, companywide process and strategy, 
      the Boeing Co., prepared statement of......................   592
    Bergeon, Rich, consultant, Nuevue International, LLC, Audit 
      2000, prepared statement of................................   618
    Burton, Mark, Y2K project manager, city of San Jose, prepared 
      statement of...............................................   236
    Burwell, Clif, Y2K program manager, King County, WA, prepared 
      statement of...............................................   503
    Capriola, Cathy, administrative services director, city of 
      Citrus Heights, prepared statement of......................    79
    Chakoian, Marty, project manager, city of Seattle Year 2000 
      Office, prepared statement of..............................   518
    Cordiner, Doug, principal auditor, Bureau of State Audits, 
      California State Auditor's Office, prepared statement of...    64
    Cortez, Elias, director, Department of Information 
      Technology, State of California, prepared statement of.....    15
    Drysdale, Dana, vice president, information systems, San Jose 
      Water Co., prepared statement of...........................   241
    Enticknap, Joan, executive vice president, Seafirst Bank, 
      prepared statement of......................................   599
    Ferguson, Steve, chief of information technology, county of 
      Sacramento, and Carol Hopwood, emergency management, county 
      of Sacramento, prepared statement of.......................   155
    Garratt, Ronald E., assistant city manager, city of Santa 
      Clara, prepared statement of...............................   246
    Graff, Barbara, emergency preparedness manager, city of 
      Bellevue, WA, prepared statement of........................   526
    Hall, Garth, manager of Y2000 project, Pacific Gas and 
      Electric Corp., prepared statements of.................. 118, 355
    Hall, Richard, director, california governmental affairs, 
      year 2000 program manager, Intel Corp., prepared statement 
      of.........................................................   336
    Hayashi, Christiane, year 2000 communications manager, city 
      of San Francisco, prepared statement of....................   260
    Hedrick, Chris, director, Washington State Year 2000 Office, 
      prepared statement of......................................   498
    Hilmoe, Dave division director, Water Quality and Supply, 
      Seattle Public Utilities, prepared statement of............   578
    Hoggarth, Marilyn, Washington State public affairs manager, 
      General Telephone Co., prepared statement of...............   571
    Horn, Hon. Stephen, a Representative in Congress from the 
      State of California:
        Merced County document...................................    87
        Prepared statements of............................. 5, 190, 447
    Jordan, William, deputy superintendent of public instruction, 
      State of Washington:
        Information concerning Y2K readiness.....................   606
        Prepared statement of....................................   611
    Lansdowne, William, chief of police, city of San Jose, 
      prepared statement of......................................   428
    Le Naeve, Roy, senior project manager, Y2K readiness program, 
      Sacramento Municipal Utility District, prepared statement 
      of.........................................................   149
    Lopez, Karen, division manager, administrative services, 
      Silicon Valley Power, prepared statement of................   364
    McMillan, John, deputy fire chief, city of San Jose, prepared 
      statement of...............................................   433
    O'Rourke, Joe, chief information officer, Bonneville Power 
      Administration, prepared statement of......................   545
    Ose, Hon. Doug, a Representative in Congress from the State 
      of California, prepared statement of.......................     9
    Petricca, Mike, Pacific Bell, prepared statement of..........   145
    Ritch, James, deputy superintendent, finance and 
      administration, Seattle City Light, prepared statement of..   561
    Smith, Joan, supervisor, Siskiyou County, on behalf of the 
      Regional Council of Rural Counties, prepared statement of..    73
    Tonseth, Ralph, director of aviation, San Jose International 
      Airport, prepared statement of.............................   346
    Tschogl, Kathleen, manager, governmental and regulatory 
      affairs, Raley's Supermarkets, prepared statement of.......   171
    Walls, Jerry, project manager, embedded systems, Puget Sound 
      Energy, prepared statement of..............................   556
    Whitworth, Brad, Y2K marketing and communications manager, 
      Hewlett Packard Co.:
        Information concerning Hewlett Packard's program.........   321
        Prepared statement of....................................   304
    Willemssen, Joel, Director, Civil Agencies Information 
      Systems, U.S. General Accounting Office, prepared 
      statements of....................................... 22, 194, 453
    Winslow, Frances E., director, Office of Emergency Services, 
      city of San Jose, prepared statement of....................   420

 
 THE YEAR 2000 COMPUTER PROBLEM: LESSONS LEARNED FROM STATE AND LOCAL 
                              EXPERIENCES

                              ----------                              


                        FRIDAY, AUGUST 13, 1999

                  House of Representatives,
Subcommittee on Government Management, Information, 
                                    and Technology,
                            Committee of Government Reform,
                                                    Sacramento, CA.
    The subcommittee met, pursuant to notice, at 9 a.m., in the 
Sacramento Board of Supervisors Chambers, room 1450, 700 H 
Street, Sacramento, CA, Hon. Steve Horn (chairman of the 
subcommittee) presiding.
    Present: Representatives Horn and Ose.
    Staff present: J. Russell George, staff director and chief 
counsel; Bonnie Heald, director of communications and 
professional staff member; and Grant Newman, clerk.
    Mr. Horn. I'm Steve Horn, the chairman of the House 
Subcommittee on Government Management, Information, and 
Technology. The presiding officer today will be Mr. Ose, who is 
a valued member of this committee and represents part of this 
area as we go north, I guess, from Sacramento a little bit and 
various other areas. And I'm just going to make an opening 
statement and then he's going to preside. And I will have the 
opportunity to ask some questions. He will, too. And we have an 
excellent panel today which should give a real good feel for 
where we are in government, at least in California and with 
some of the private utilities and others.
    The hearing is in order as a quorum is present, and I, of 
course, thank Mr. Ose and the staff for all they've done to 
make this a very pleasant visit in my home State of California. 
I represent the area from Long Beach, CA, and I grew up in 
northern California where I still have a ranch at San Juan 
Batista. So when I got off the plane a few years ago when I was 
university president, a lady came up to me and I don't know how 
she ever knew I ever had anything to do with anything, and she 
said, ``You're stealing our water.''
    So I understand northern California, the views. It's tough 
to get water; and believe me, when you have a ranch, it's even 
tougher.
    The year 2000 computer problem, which is the subject of 
today's hearing, affects nearly every aspect of operations in 
the government and the private sector and, therefore, impacts 
all of us.
    From Social Security and Medicare to telephone service and 
electric power, the year 2000 computer bug is the largest 
management and technology change and challenge that we as a 
community and as a Nation have confronted. No single 
organization, city or State, can solve the problem alone, nor 
can they guarantee their computers will work until the 
organizations and agencies that exchange data with them are 
also compliant.
    Almost all of the agencies now report their critical 
computer systems have been renovated. These are the computer 
systems that must continue functioning in order for Federal 
agencies to provide their services. That is only part of the 
complex job that lies ahead. The agency must now complete 
systemwide testing to ensure that these are renovated and new 
computers are compatible with other computer systems. As most 
computer students know, when you tinker with one area of a 
computer system, you can create unexpected problems in another 
area.
    The problem was created in the mid-1960's when many of you 
know, at least my age, you had computers which filled a room of 
this size, and they had very little memory. The laptop you get 
now has as much memory as that whole room of computers. And 
somebody said, ``Hey, why are we punching in a four-digit 
year?'' Instead of 1967, let's just say 67 and knock the 19 
off. And, that gained them some memory. I was running the 
university then, and I'm well aware of the really difficult 
time we had to get enough memory. And of course, they knew even 
then that in the year 2000 it would be 00, not 2000, and that 
would confuse the computer to get either 1900 or 2000, and they 
wouldn't know what to do. It would just be simply 00.
    So some attention was given to this early on in the 1980's, 
and we had one department where a very able programmer told all 
of the brass, ``Hey, we've got to start work on this. This is 
1987.'' They never did a thing. They are still getting If's, 
once we got into this in 1996. It's been very slow.
    That's the Department of Transportation and obviously FAA 
is the key aspect there. They're moving ahead. They've got an 
excellent Administrator that's picked up the pieces that hadn't 
been picked up in years. And the other group that had done it 
on its own was the Social Security Administration. They knew we 
looked ahead to 1989 that we've got to deal with it because 
we've got 50 million different customers here for one program 
and 43 for another one. And they did it all on their own. There 
was no precedential guidance in budget and management and they 
just did it.
    And, therefore, they've been the first to really be 100 
percent compliant, and we shouldn't have any problems on that 
front. And 3 years ago we started our first hearing, which was 
roughly April 1996. And we've held about 30 hearings and issued 
about eight report cards monitoring the status of the executive 
branch of the Federal Government.
    We wrote the President in 1997. We said, ``You've got to 
appoint somebody to coordinate this full-time within the 
executive branch.'' He acted on that. That was 1997; he acted 
on it in 1998. And, in effect, Mr. Koskinen took office in 
April 1998. He's done a very fine job. He's pulled a lot of 
people together. They are also working with the industrial 
sector and various panels and so forth. So all of that has been 
helpful.
    At our first hearing we asked the Gardner Group, ``How much 
you think it's going to cost the Federal Government and 
nation?'' They said, ``Well, it's $600 billion worldwide 
problem. We're half the computers in the world, so it will be 
about $300 billion. That's the private sector and State and 
local government.'' And I said, ``How much for the Federal 
Government?'' They said, ``It's going to cost about $30 
billion.''
    As I got into this more and more, I thought that was a 
little high and knew more likely it would be $10 billion. We're 
now at the $9 billion mark with the Federal Government through 
September 30th. We might well use another billion in the last 
closing panic bit, if there is any of getting the right people 
in the right place at the right time. It might hit $10 billion. 
But basically they've done it with that amount of $9 billion, 
and we're going to have our opening witness with a very fine 
representative of the General Accounting Office who has kept 
tabs on the executive branch in their role as the watchdog 
programmatically and financially on behalf of the legislative 
branch.
    So in addition to programs such as Social Security, 
Medicare and the Nation's air traffic control system, 10 of 
these federally funded programs are operated by the State. 
These programs which depend on State and county computers, as 
well as the Federal systems, include Medicaid, food stamps, 
unemployment insurance, child support enforcement and a myriad 
of other things. None of the 10 programs will be ready for the 
year 2000 until December, leaving little if any time to fix 
unforeseen problems. Data exchanges and interdependencies exist 
at all levels of government and the private sector. A single 
failure could disrupt the entire chain of information.
    The Social Security Administration, for example, maintains 
a data base of Social Security payment information for eligible 
citizens. When these payments are due, the Social Security 
Administration sends the information to the Department of the 
Treasury's Financial Management Service, where the check is 
issued, and then either electronically deposit it into a 
personal bank account or deliver it by the U.S. Postal Service.
    Each of these agencies has its own network of computers. If 
even one of them fails, the entire system will break down and 
the check will not be delivered. Fortunately, the Social 
Security Administration has been working on this problem for 10 
years and it's in good shape. But even the best prepared 
computers won't work without power. Two of the most essential 
questions involving the year 2000 challenge are, will the 
lights stay on and the gas pumps remain full. For without 
electricity and fuel, farm crops cannot move from field to 
table and commerce cannot flow from factory to household.
    The year 2000 computer problem also presents other 
potential threats to communities, from computed interrupting 
services, such as 911, to delays in assistance for disasters, 
such as California's all too familiar earthquakes, floods, 
fire, you name it, we do it. Why we are here today is to 
examine California's readiness for this challenge as well as 
the preparations being made by regional local governments and 
businesses. But even with the best of plans, no one can predict 
what might or might not happen once the clock ticks midnight 
this New Year's Eve. The only certainty is that the January 1st 
deadline cannot be extended.
    I understand that California and Sacramento have been 
working hard toward meeting this deadline. And I welcome 
today's witnesses and look forward to the testimony.
    And with that, Mr. Ose will preside and Chair as the 
chairman pro tem. He's a valued member of our committee in 
Washington. Since we're in his district, he's going to chair it 
and run us through it, and I will ask some questions and so 
will he.
    Does the gentleman from California have an opening 
statement?
    [The prepared statement of Hon. Stephen Horn follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.001
    
    [GRAPHIC] [TIFF OMITTED] T0954.002
    
    [GRAPHIC] [TIFF OMITTED] T0954.003
    
    Mr. Ose. I do, Mr. Chairman.
    First of all, let me thank you for coming all this distance 
to visit with us today. Your work on this subject has been the 
backbone of everything we're trying to do to make sure this 
does not become a problem. As arcane as the subject is, the 
country owes you a great debt of gratitude.
    First, I'd like to thank everyone for joining us today at 
this special field hearing. Today we are going to look at how 
State and local government entities, utilities and selected 
businesses in the community have prepared their computer 
systems for the next century.
    On the Federal level, this committee has reviewed the 
Federal Government's Y2K preparations for several years under 
the guidance of Chairman Horn. So far this year, it's a long 
title, but the Government Reform Committee's Government 
Management, Information, and Technology Subcommittee, of which 
Mr. Horn is chairman and on which I sit, has held over a dozen 
hearings on the Y2K computer problem.
    As Chairman Horn contends, the Federal Government has been 
slow to act on the problem. As a result, some of the agencies 
have had to work overtime to become compliant with the 
challenge. At this point, about 94 percent of the government's 
mission-critical systems will be ready for January 1st--excuse 
me, are ready for January 1st. And the remaining 6 percent have 
yet to be completed.
    The purpose of this hearing, again, is to look beyond the 
Federal Government and see how localities are dealing with this 
problem. On the State level, it appears that the State of 
California's followed a similar path as the Federal Government 
identifying the problem and going to work on it.
    The State Auditor prepared a report in February 1999 and 
the director of the Department of Information Technology is 
here with us today to discuss it. As in the Federal Government, 
the State is hustling, if you will, to make sure that their 
systems comply as of the end of the year, and I'm looking 
forward to this testimony.
    I'm also pleased to see that we have a wide variety of 
witnesses who will testify before us today. We'll hear from the 
representative of Sacramento County and from the Sacramento 
County Emergency Services. We have someone from my city, the 
city of Citrus Heights. We'll have a representative from the 
Regional Council of Rural Counties, and finally from the 
Government Accountability Office.
    We're also going to receive testimony from utility 
providers, those being PG&E, Pacific Bell, and SMUD. Finally, 
we'll hear from important industries on the private side such 
as banking, agriculture, and health care.
    I look forward to everyone's testimony, and I hope this 
hearing will help educate the public on our region's 
preparedness for the year 2000.
    [The prepared statement of Hon. Doug Ose follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.004
    
    [GRAPHIC] [TIFF OMITTED] T0954.005
    
    [GRAPHIC] [TIFF OMITTED] T0954.006
    
    Mr. Ose. I would like to invite the first panel down for 
their testimony. We're going to have you sit right here with--
so those folks, Joel Willemssen, Elias Cortez, Doug Cordiner, 
Joan Smith, Cathy Capriola if you would come join us down here.
    OK. We're going to have Mr. Cortez testify first. He's got 
a 10 a.m. flight. But before we get into that, this being a 
congressional oversight hearing, I need to swear the witnesses. 
Folks, if you'll raise your right hands.
    Do you solemnly swear the testimony you will give before 
this subcommittee will be the truth, the whole truth and 
nothing but the truth?
    Let the record show the witnesses responded in the 
affirmative.
    [Witnesses sworn.]
    Mr. Ose. So, Mr. Cortez, you're up. Thank you for joining 
us.

STATEMENTS OF ELIAS CORTEZ, DIRECTOR, DEPARTMENT OF INFORMATION 
  TECHNOLOGY, STATE OF CALIFORNIA; JOEL WILLEMSSEN, DIRECTOR, 
  CIVIL AGENCIES INFORMATION SYSTEMS, U.S. GENERAL ACCOUNTING 
   OFFICE; DOUG CORDINER, PRINCIPAL AUDITOR, BUREAU OF STATE 
    AUDITS, CALIFORNIA STATE AUDITOR'S OFFICE; JOAN SMITH, 
SUPERVISOR, SISKIYOU COUNTY, ON BEHALF OF THE REGIONAL COUNCIL 
OF RURAL COUNTIES; AND CATHY CAPRIOLA, ADMINISTRATIVE SERVICES 
                DIRECTOR, CITY OF CITRUS HEIGHTS

    Mr. Cortez. Good morning. Honorable chair and members, on 
behalf of Governor Davis, I welcome you and your committee to 
the State of California.
    I am Elias Cortez, chief information officer for the State 
of California and director of the Department of Information 
Technology. I would like to thank the members of the 
subcommittee and all your staff for the opportunity to deliver 
a brief statement on California's comprehensive year 2000 
program. Based on recent reviews and detailed analysis of the 
Y2K program, efforts not only within the State, but across the 
Nation, we're confident that California's approach to the year 
2000 issue is progressive and comprehensive.
    The executive order D-3-99, signed by Governor Gray Davis 
in February 1999, identified the Y2K issues as the State's No. 
1 information technology priority. This emphasizes and ensures 
that the State's resources are focused on public safety, 
economic stability, continuation of business, and the 
uninterrupted delivery of essential government services to all 
of California's citizens and business partners. The executive 
order empowered me to lead and make bold, decisive initiatives 
to assess, validate, and communicate the status of Y2K 
remediation and preparedness activities.
    The executive order also empowered me with authority over 
all information technology units and resources within the 
State. Through this role, I forged successful partnerships with 
representatives of both the public and private sectors, 
including local governments and State governments and other 
State entities such as the Governor's Office of Emergency 
Services, and various committees and task forces convened by 
the Governor.
    Our main purpose and focus was to accelerate and escalate a 
progressive and successful year 2000 program, and included are 
subcommittees such as the year 2000 executive committee, year 
2000 business economy task force, the year 2000 business 
council, the year 2000 emergency preparedness task force, and 
the year 2000 communications and outreach task force. As we 
implemented and enhanced our year 2000 program in February 
1999, we found that government entities were not as prepared as 
we had thought or had been previously reported, and as a 
result, we immediately accelerated and escalated our year 2000 
program through the proactive implementation of a statewide 
program management office for Y2K and the development of 
prescriptive methodologies based on the industry best practices 
for Y2K.
    This approach is documented in the Department of 
Information Technology's Strategic Plan, which is included in 
the documents supplied to you. California's year 2000 program 
is a comprehensive approach to the year 2000 remediation and 
preparedness and includes the establishment of baseline status 
for more than a 100-plus State entities, an assessment of each 
entity, a high-level analysis and the assessment results, and 
the independent validation and verification of those entities 
with a mission-critical system's focus by external vendors.
    The assessment and review outcomes are tracked through a 
corrective action planning process. This process ensures 
accountability and action and focus from the entities with the 
corrective action plans and resources in place that they are 
required to complete prior to September 1, 1999. A compilation 
of the State Department Status Information is presented for 
review on-line on the web on the California Y2K website, which 
is www.year2000.ca.gov. This bold-step initiative allows any 
government entity or citizen to access objective, quantitative, 
current information about State entities' Y2K efforts.
    Additionally, the website information communicates entity 
status to business partners within and external to the State 
government entity and structure. California's Y2K program has a 
significant commitment to ensuring that business continuity and 
contingency planning occurs for all entities.
    The year 2000 management program office, the statewide 
program, must receive a completed and tested plan from each 
entity prior to October 1999. The commitment to business 
continuity and contingency planning echoes a message of 
Governor Davis' executive order and ensures a seamless delivery 
of services in order to make the century change a nonevent.
    In addition to technical assessments and reviews, our Y2K 
program consists of extensive communication and outreach 
activities. These include year 2000 emergency preparedness and 
business continuity and contingency planning, conferences, 
infrastructure industry roundtables, legislative-sponsored 
attendance in hearings in which we participated; additional 
activities are anticipated over the coming months and the new 
year relative to communications and outreach on Y2K.
    Finally, we have raised the bar regarding end to end 
testing. We will broaden and strengthen interface testing of 
data with all our partners in local government to ensure that 
mission-critical public safety, health and welfare and 
education services are delivered uninterrupted into the new 
year.
    We have a successful and productive collaboration with 
counties and local governments and even private sector 
organizations relative to the services that we deliver from the 
State. All Y2K activities conducted by the State of California 
are a direct reflection to the decisive actions taken in 
support of Governor Davis' administration and the legislature, 
as well as an unprecedented cooperation among State government 
entities and partners for the State.
    Recent accomplishments by the program will allow the State 
to ensure continuity of State and county mission critical 
services to the community at large regardless of unforeseen 
information system impacts.
    I'm extremely confident that California can and will 
deliver the mission-critical services for residents before, 
during and after the century event.
    In summary, the State has been extremely proactive and 
focused on California's expectations of uninterrupted services 
by doing the following things:
    We focused in the area of addressing the most challenging 
issues and mission-critical priorities first and concentrating 
on the greatest impacts to health, safety and revenues. We've 
maintained public trust in the infrastructure that Californians 
depend on by accurately reporting the progress made and any 
challenges facing forward, managing those to date, making sure 
that there is a workable solution in place to provide 
uninterrupted service if an unforeseen year 2000 event occurs, 
preparing for the unexpected year 2000 related impacts by 
anticipating scenarios and directing the resources necessary to 
maintain confidence in our communities via the Office of 
Emergency Services.
    Again, thank you for giving the State the opportunity to 
testify before you about our comprehensive year 2000 program. 
We are proud not only to share our current status, but we have 
proactively shared our methodologies with all local government, 
small business and entities relative to Y2K.
    Thank you.
    [The prepared statement of Mr. Cortez follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.007
    
    [GRAPHIC] [TIFF OMITTED] T0954.008
    
    [GRAPHIC] [TIFF OMITTED] T0954.009
    
    Mr. Ose. Director, if I may, in deference to your time, 
we're going to ask what few questions we have of you first so 
that you can catch your plane.
    First of all, you mentioned the website that you had, the 
www.year2000.California.gov. I want to make sure that we've got 
that correctly identified as www.year2000.ca.gov., right?
    Mr. Cortez. Yes, sir.
    Mr. Ose. So if anybody is watching, that's a first--that's 
one resource everybody can use.
    The other question I have most directly is under Chairman 
Horn's leadership, one of the things that has been most 
apparent is that our initial attempts to cure this problem have 
been changed or governed by agencies' self-examination after 
the fact. And what I'd like to find out is: There are three 
particular situations I'm concerned about.
    First, is it the agencies themselves who are reporting on 
their compliance, or do you have an independent third party 
doing that?
    Second, since, say, January 1st, have you seen any material 
change in the degree of readiness amongst the agencies?
    And, finally, as it affects regional and local governments 
in particular, has the State been able to provide any financial 
assistance to those levels of government to help them get into 
compliance?
    Mr. Cortez. Thank you.
    Regarding the agencies, we are very proud to say that that 
was a concern for our legislature coming in. Again, the program 
wasn't where we had expected it to be. We did see prior to our 
acceleration and escalation of this program a need for 
independent validation of verification. We immediately 
implemented that program. No entities do self-assessment or 
self-reporting. We've put that behind us. Our new program not 
only allows us to do current triages, but we have ongoing 
statewide program management in which we continually track on a 
weekly basis and post on line on our web the status of any 
corrective action plans required for these departments.
    Furthermore, we're proud to say we're putting that on the 
web so that any local government and citizens who have any 
concerns regarding our compliancy or status can go on line and 
see positive steps taken, actions that need to be taken, and 
corrective actions and plans in place and resources with dates 
proactively displayed. So we are totally having an objective 
review. It's all external and it's independent. And, again, we 
have a multitude of vendors that are helping us with that 
process.
    Second, the issue on the degree of readiness, we have seen 
an extreme acceleration and escalation of the Y2K program, and 
we've even documented that on line. So when you see the 
department status, you can see the initial baseline and its 
actual validation where it was when we started the program and 
where it currently is. And you can see some major improvement 
and action items taken care of. So we view this program as 
extremely successful and have recommended to other local 
government entities not only the methodology that we use; we 
post it on line and they can download it and use it as a tool 
kit for themselves if they don't have resources to hire 
expensive consultants. And many government entities have taken 
the opportunity to do so.
    And, furthermore, we continually assess on a week-to-week 
basis and allow the departments to give current status. So, as 
an example, if a department finds an issue that hadn't been 
dealt with prior to this, it gets red-flagged again and brought 
into the loop of the program. So we have a comprehensive review 
of all issues left to be compliant and complete into the new 
year.
    Regional governments, we have proactively been out in the 
community working with regional governments sharing our 
methodologies at no cost to them. We're doing conferences. We 
are aggressively pursuing a communication and outreach program 
making sure that our message and their message is in sync with 
the community. We have proactively worked with the legislature 
to provide dollars so that we can fund such programs. And, 
again, at this point, the funding that has been put in place I 
know has gone to core programs and other programs. Again, at 
this point, I'm not aware of legislation with additional 
funding.
    Mr. Ose. Chairman Horn.
    Mr. Horn. Just one brief question. I know the Governor 
doesn't run the State education systems here, but increasingly 
Governors do, and I wondered if you as the chief technology 
boss of the State have a feel for what's happening on K-12, 
what's happening at the community college level, what's 
happening at the California State University level. And we do 
have one witness from the UC-Davis campus, the medical school, 
but I wondered what you know about what's happening at the 
University of California, also.
    Mr. Cortez. Yes. We are proud to say that we've had the 
opportunity to work side by side with Assembly Member John 
Dutra, Chair of the Assembly Information Technology Committee, 
and we've gone across the State and had hearings like this in 
similar forums, and we have seen that smaller government 
entities, not just school districts, have had financial 
challenges that they recently have come out of, and so their 
starts with the Y2K program have been late.
    I personally have met the leader of the Board of Education 
for our State and have shared our methodology. We have 
proactively worked with them on the assessment for their 
department. They take--all government entities take this 
challenge seriously, and we are continuously working with them. 
And as an example, through communications and outreach programs 
trying to disseminate Y2K status and methodologies through 
their broadcast system. We do and we have found in again 
smaller government entities that financial strains have been an 
issue for them. As we did in one case, a city up in northern 
California, they used $100,000 reserve plus borrowed $50,000 to 
complete their Y2K program.
    So all in all we've seen a major impetus to get the job 
done. We've seen many challenges on a different level, and we 
believe the smaller government entities do need help not only 
in methodologies, but resources. And they need to shift their 
own internal resources to get this job done, as we've seen with 
other local government entities.
    Mr. Horn. Well, I appreciate that answer. The State auditor 
has a representative here after you, and we'll ask him some of 
the questions, but the statewide audit in February I'm sure was 
helpful in assessing where you were. I don't know the degree to 
which California departments have, say, an inspector general 
because there's another--at least at the Federal level, another 
independent authority that can call them as they see them. Are 
you concerned about the verification of what some of the 
departments are submitting?
    Mr. Cortez. Actually, I'm confident to say that we've taken 
the auditor's report to heart. We welcome all their comments. 
We aggressively pursued as we have expanded and escalated our 
program all their issues into our program. We reported to them 
currently and recently about the program and the status of the 
program. We do not use self-assessment. We do not believe 
that's the appropriate measure of Y2K. We have proactively 
worked with what we call the Y2K Business Council.
    Right across the mountains here, we have the leaders in the 
world on technology. And we are lucky to have used them, and 
they have committed their CIOs to be our compass and guide for 
our Y2K program; and we've been able to take industry best 
practices, procedures, and policies, such as software freezes 
and other things that are related to a good compliant 
information project--Y2K information project in place. And so 
we're confident that not only the recommendations from the 
Bureau of State Audits we've taken into account and 
implemented; but, furthermore, we've got an additional set of 
eyes on our program and advisory to our program and that has 
embellished our program tremendously.
    Mr. Horn. Thank you very much.
    Mr. Ose. Director, thank you. Appreciate you coming.
    Now to the rest of the panel, I appreciate your patience. 
That's very courteous to extend that to the director. So we'll 
just go down the list.
    Mr. Willemssen. Thank you, Congressman, for inviting us 
here today. Chairman Horn, as requested, I'll briefly summarize 
our statement on the Y2K readiness for Federal Government, 
State and local government, in key economic sectors.
    Regarding the Federal Government, reports indicate 
continued progress in fixing, testing and implementing mission-
critical systems. Nevertheless, numerous critical systems must 
still be made compliant and must undergo independent 
verification and validation. The most recent agency quarterly 
Y2K reports due to OMB today should provide further information 
on agency progress. Our own reviews of selected agencies have 
shown uneven progress and remaining risks in addressing Y2K 
and, therefore, point to the importance of business continuity 
and contingency planning.
    Even for those agencies that have clearly been Federal 
leaders such as the Social Security Administration, work still 
remains to ensure full readiness. If we look beyond individual 
agencies and systems, the Federal Government's future actions 
will need to be increasingly focused on making sure that its 
high priority programs are compliant. In line with this, OMB 
has identified 43 high-impact programs such as Medicare and 
food safety. As you know, Mr. Chairman, we're currently 
reviewing for you the executive branch's progress in addressing 
these high-impact programs. Available information on the year 
2000 readiness of State and local governments indicates, also, 
that much work remains. For example, according to recently 
reported information on States, about eight States had 
completed implementing less than 75 percent of their mission-
critical systems. Further, while all States responding said 
they were engaged in contingency planning, 14 reported their 
deadlines for this as October or later.
    State audit organizations, including the California State 
Auditor, as earlier mentioned, have also identified significant 
Y2K concerns in areas such as testing, imbedded systems, and 
contingency planning.
    Mr. Ose. Mr. Willemssen, just a moment. If everyone would 
turn off their pagers and cell phones, that would be a great 
benefit to the witnesses. Thank you.
    Mr. Willemssen. Another area of risk is represented by 
Federal human services programs administered by States, 
programs such as Medicaid, food stamps and child support 
enforcement. Of the 43 high-impact priorities identified by 
OMB, 10 are State-administered Federal programs such as these. 
OMB reported data on the systems supporting those kinds of 
programs show that numerous States are not planning to be ready 
until close to the end of the year. Further, this is based on 
data that has not been independently verified.
    Recent reports have also highlighted Y2K issues at the 
local government level. For example, last month we reported on 
the Y2K status of the 21 largest U.S. cities. On average, these 
cities reported to us completing work for 45 percent of their 
key services.
    Y2K is also a challenge for the public infrastructure in 
key economic sectors. Among the areas most at risk are health 
care and education. For health care we've testified on several 
occasions on the risks facing Medicare, Medicaid and biomedical 
equipment. In addition, last month we reported that while many 
surveys have been completed on the Y2K readiness of health care 
providers, none of the 11 surveys we reviewed provided 
sufficient information with which to assess the true status of 
these providers. For education, last week's report of the 
President's Council on Y2K conversion indicates that this 
continues to be an area of concern. For example, according to 
the council report, many school districts could have 
dysfunctional information systems because less than one-third 
of institutions were reporting that their systems were 
compliant.
    That concludes a summary of my statement, and I'd be 
pleased to address any questions you may have.
    [The prepared statement of Mr. Willemssen follows:] 

    [GRAPHIC] [TIFF OMITTED] T0954.010
    
    [GRAPHIC] [TIFF OMITTED] T0954.011
    
    [GRAPHIC] [TIFF OMITTED] T0954.012
    
    [GRAPHIC] [TIFF OMITTED] T0954.013
    
    [GRAPHIC] [TIFF OMITTED] T0954.014
    
    [GRAPHIC] [TIFF OMITTED] T0954.015
    
    [GRAPHIC] [TIFF OMITTED] T0954.016
    
    [GRAPHIC] [TIFF OMITTED] T0954.017
    
    [GRAPHIC] [TIFF OMITTED] T0954.018
    
    [GRAPHIC] [TIFF OMITTED] T0954.019
    
    [GRAPHIC] [TIFF OMITTED] T0954.020
    
    [GRAPHIC] [TIFF OMITTED] T0954.021
    
    [GRAPHIC] [TIFF OMITTED] T0954.022
    
    [GRAPHIC] [TIFF OMITTED] T0954.023
    
    [GRAPHIC] [TIFF OMITTED] T0954.024
    
    [GRAPHIC] [TIFF OMITTED] T0954.025
    
    [GRAPHIC] [TIFF OMITTED] T0954.026
    
    [GRAPHIC] [TIFF OMITTED] T0954.027
    
    [GRAPHIC] [TIFF OMITTED] T0954.028
    
    [GRAPHIC] [TIFF OMITTED] T0954.029
    
    [GRAPHIC] [TIFF OMITTED] T0954.030
    
    [GRAPHIC] [TIFF OMITTED] T0954.031
    
    [GRAPHIC] [TIFF OMITTED] T0954.032
    
    [GRAPHIC] [TIFF OMITTED] T0954.033
    
    [GRAPHIC] [TIFF OMITTED] T0954.034
    
    [GRAPHIC] [TIFF OMITTED] T0954.035
    
    [GRAPHIC] [TIFF OMITTED] T0954.036
    
    [GRAPHIC] [TIFF OMITTED] T0954.037
    
    [GRAPHIC] [TIFF OMITTED] T0954.038
    
    [GRAPHIC] [TIFF OMITTED] T0954.039
    
    [GRAPHIC] [TIFF OMITTED] T0954.040
    
    [GRAPHIC] [TIFF OMITTED] T0954.041
    
    [GRAPHIC] [TIFF OMITTED] T0954.042
    
    [GRAPHIC] [TIFF OMITTED] T0954.043
    
    [GRAPHIC] [TIFF OMITTED] T0954.044
    
    [GRAPHIC] [TIFF OMITTED] T0954.045
    
    [GRAPHIC] [TIFF OMITTED] T0954.046
    
    [GRAPHIC] [TIFF OMITTED] T0954.047
    
    [GRAPHIC] [TIFF OMITTED] T0954.048
    
    [GRAPHIC] [TIFF OMITTED] T0954.049
    
    Mr. Ose. We're going to go through the other witnesses and 
then come back for questions. I actually think there are 
microphones on the table here in the event you want to sit to 
give your testimony. You're welcome to stand, of course.
    Mr. Cordiner, from the State Auditor's Office.
    Mr. Cordiner. Mr. Chairman, Congressman, and Members, I 
appreciate the opportunity to speak to you this morning on a 
very important topic. Thus far our office has had two 
opportunities to review the Y2K effort in California. The first 
of our audits was published in August 1998. Under the former 
administration, agencies self-reported their progress on 
remediating their systems to the Department of Information 
Technology, and we were concerned that those reportings were 
accurate reportings. So we looked at several of the systems of 
these agencies and found that they were overly optimistic as to 
where they currently were in their progress. In addition, we 
did some survey work and found the same held true for some 
other agencies.
    Moreover, there were many of these agencies that had not 
begun to do business continuity planning, which we felt was 
critical in light of the fact that they would seem to be 
lagging behind on the remediation progress. Most were doing 
planning, but it was more of a disaster recovery type of 
planning rather than concentrating on what would happen if 
their remediation efforts failed or weren't done in time.
    Based on our recommendations in the first audit, the 
legislature again wanted us to look at this area, and we did 
publish another report in February 1999. This time we looked--
we chose a sample of what we considered the most critical 
agencies supplying services to Californians, and that would 
include health and safety, payment systems, and revenue 
agencies. We chose a sample of 14 agencies to look at. We 
looked at the critical systems supporting those programs and 
found that 11 of the 14 agencies had not completed their 
remediation of critical systems that by a previous 
administration Executive order should have been done by 
December 31, 1998.
    Areas that weren't finished included thoroughly testing 
their systems, dealing with the threats posed by imbedded 
technology that those systems depend on, as well as data 
exchange partners. They hadn't fully agreed on formats or some 
hadn't tested that agreed-upon format to ensure that 
information passed between the data exchange partners would be 
seamless and wouldn't cause a corruption of data.
    We also found that one of the State's two large data 
centers that many agencies depend on to support their systems 
didn't have--it had a risky strategy for Y2K in that the 
infrastructure that these other agencies depend on hadn't been 
thoroughly tested to determine that it would work. And they 
also had noncompliant products out there that they had notified 
others that they shouldn't use, but they hadn't removed them as 
we felt would be prudent in the circumstance.
    Last, we looked at the infrastructure, mainly 
telecommunications and the power grid, and we found that with 
the decentralization that has occurred in this industry, there 
are many players, if you will, that oversee segments of the 
infrastructure, but there was no centralized place that one 
could go to determine, you know, what's the progress on, say, 
telecommunications, or what's the progress on whether all the 
providers of power are fully ready to meet the new century.
    That concludes my summary, and I would be glad to answer 
any questions.
    Mr. Ose. We appreciate that. We're going to go ahead and 
have the other two testify and then we'll just take questions 
as a whole.
    Mr. Cordiner. Thank you.
    [The prepared statement of Mr. Cordiner follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.050
    
    [GRAPHIC] [TIFF OMITTED] T0954.051
    
    [GRAPHIC] [TIFF OMITTED] T0954.052
    
    [GRAPHIC] [TIFF OMITTED] T0954.053
    
    [GRAPHIC] [TIFF OMITTED] T0954.054
    
    Mr. Ose. I stand corrected. We would like you to give your 
testimony up here at the podium.
    This is Joan Smith, supervisor from Siskiyou County. Thank 
you for joining us.
    Ms. Smith. Thank you, Congressman Ose. Good morning. I want 
to thank you for the opportunity to provide testimony for the 
subcommittee with regards to the year 2000 readiness of local 
governments. I'm here today speaking on behalf of the Regional 
Council of Rural Counties [RCRC], which is an organization that 
represents 27 of California's rural counties. I would like to 
begin by thanking our distinguished congressional 
representatives for taking time from their busy schedules to be 
here in Sacramento today. A warm northern California welcome to 
all of you.
    The issues that we are addressing are of great importance 
to the communities represented by Congressman Ose and 
throughout rural California. There are only 140 days left 
before the year 2000, and we still have much work to do. The 
Y2K preparedness level of local government varies widely within 
the State of California. California has 58 counties, 471 
cities, and over 2,300 independent special districts. Some are 
ready right now, but many, most, are not.
    Today's hearing is especially important because it concerns 
the readiness of public services their citizens come in contact 
with every day. Here's where the rubber hits the road for fire, 
police and the programs and services counties provide for 
children and families and the basic services that allow 
communities to function and the economy to grow. It is vital 
that the citizens in rural California have confidence that 
county services will still function and that there are 
realistic contingency plans should any systems fail.
    Recently, the General Accounting Office was asked to 
identify the Y2K status of key services provided by the 
Nation's 21 largest cities, as was testified here today.
    As of early July, America's largest cities report on 
average that they have completed 43 percent of the work that 
will be required for an uneventful transition to the year 2000. 
Information from the National Association of Counties estimate 
that only 27 percent of the more than 3,000 counties it 
represents nationwide have completed Y2K testing. Apparently, 
more than 2,000 counties have a lot of work to do in the next 
140 days.
    Siskiyou County Y2K experiences. As was previously stated, 
I'm from the very top of the State, Siskiyou County. We 
border--we have a population of approximately 45,000 people, 
and we're located on the Oregon border, and we lie between the 
counties of Modoc and Del Norte. Siskiyou County began its year 
2000 preparedness program in October 1998, with the formation 
of an interdepartmental task force.
    Mr. Chairman, I just wanted to let you know our 
Superintendent of Schools, Barbara Dillan does sit on our Y2K 
task force and they are working with us and bringing things up 
to date. This task force works to identify essential services 
for each county department, institute contingency planning, 
coordinate systems testing, test all essential communication 
systems by the manufacturer, ensure medical facilities have 
replaced essential equipment and have additional supplies 
available, create a coordinated response procedure for 
potential increase in medical response, including home health 
patients, address potential increase in law enforcement calls, 
conduct over 100 community awareness programs, develop planning 
information for all county departments, cities and special 
districts in our area.
    The county of Siskiyou has worked with our region's 
electric and telephone service providers to ensure that their 
systems will be fully functional. We are fortunate that our 
electric provider, Pacificorp, has completed its Y2K compliance 
testing. In fact, they have rolled their date forward. They are 
now in the year 2000. They managed to work out any bugs that 
they had, and we are still functioning in the year 2000 in our 
area. The Federal Department of Energy has advised us to 
prepare for the potential of a 2- to 3-day power outage during 
the first month of the year 2000.
    Siskiyou County has actively worked with other governmental 
entities in the community in the development and implementation 
of our Y2K preparedness plan to make the transition to the new 
year as smooth as possible. We believe that our hard work and 
advance planning related to the Y2K issue will leave us in good 
shape for anything that may come our way.
    The Regional Council of Rural Counties, in response to this 
hearing, commenced a survey to gauge the year 2000 readiness of 
our member counties of which you have a copy of the results 
before you. While this survey is only a snapshot of rural 
county preparedness, it does provide an interesting accounting 
of how local governments perceive they are doing. For your 
information, we have attached a copy of the survey and a 
computation.
    The first section of the Y2K Compliance Survey asked the 
rural counties to identify the systems they have checked and if 
and where any problems have occurred and identified. The 
responses indicated that they are actively checking programs 
such as 911 emergency systems, jail functions, data bases, 
billing/payroll, mobile data systems, communication 
infrastructure, wastewater treatment and a number of other 
systems.
    Several counties have checked and have made needed 
adjustments to 100 percent of their critical systems. Many of 
the counties responded they are not checking systems within 
their counties, that they are the responsibility of State, 
Federal or private entities. These systems would include rail 
crossings, mass transit systems and traffic control systems. 
However, most of the respondents are working with their 
telephone, electricity, and water suppliers to ensure that 
these operations are being examined.
    The county of Alpine responded that there are no public 
elevators in the entire county to check and that their 911 
emergency services are provided by Douglas County, NV.
    The second area of the Y2K Compliance Survey asked the 
rural counties to note who they are currently working with to 
determine their ability to interface with other systems. They 
indicated they were working with State entities, cities, 
counties and special districts, schools and community 
organizations to test specific critical interfaces. The 
counties of Yuba and Shasta have expressed that they have 
worked closely with their health care providers. Only five of 
the counties say they have communicated directly with Federal 
entities regarding Y2K issues. There appears to be little 
district Federal-to-county technology interface, with most 
payment and communication systems being linked between the 
Federal and the State.
    The third section of the survey focused on risk assessment. 
Most of the counties have developed a formal year 2000 
preparedness plan and have completed between 50 and 95 percent 
of the necessary compliance checks. The 15 counties in the 
survey assessed their combined current readiness is 73 percent. 
The counties of Lassen and Alpine indicated they do not have 
official year 2000 preparedness plans. Most of the counties 
stated that they are attempting to address the Y2K issues 
internally, and only two counties, Glen and El Dorado, have 
hired outside consultants to assist them with their effort.
    The responses show that 69 percent of counties currently 
employ a full-time information technology staff person.
    The last section asks the counties to indicate the amount 
and type of public outreach on year 2000 issues that they have 
conducted. The survey shows the counties have effectively 
utilized community forums, media presentations to businesses--
media--excuse me--presentations to business and social 
organizations, and public service announcements to communicate 
how they are preparing, especially to the elderly community.
    Many of the counties have developed a brochure or have 
posted information on their webpages to inform their community 
about Y2K issues. Merced County's website is located at 
222.co.shasta.ca.us and Shasta County is www.co.shasta.ca.us. 
They are two very good examples.
    Before you is a copy of the Y2K Cookbook. This was 
developed by Merced County with the assistance of the State of 
California, the Department of Information Technology or DOIT, 
as we call it.
    In conclusion, for the past 3 years California's rural 
counties have invested hundreds of hours of staff time, 
replaced and upgraded hardware and software and have spent 
millions of dollars to prepare for Y2K. The survey and recent 
conversations with rural county Y2K representatives appear to 
indicate that most of the counties will be well prepared for 
any potential disruptions that may occur due to the changeover 
at the end of the year.
    As stated by several counties, the potential of losing 
services such as electricity or telephone service is not much 
greater than the possibility of a severe snowstorm, flood or 
forest fires, all of which we have survived. We strongly 
believe that no matter what, everyone should always be prepared 
in case of an emergency. That means having warm blankets, extra 
food and water, flashlights and backups for all systems 
containing program logic.
    There has been a fair amount of media attention focused on 
people acquiring survivalist property in rural areas, food and 
gas hoarding, and the impact of increased traffic on rural 
roads as people escape urban areas. These doom-and-gloom 
forecasts will potentially lead to additional impacts upon 
county services that will be difficult to assess.
    California's rural counties are looking forward to a smooth 
transition to the year 2000 and are working hard to ensure that 
our citizens and businesses will not be adversely impacted by 
the failure of any governmental-operated systems. Thank you.
    Mr. Ose. Thank you for joining us, Supervisor Smith.
    [The prepared statement of Ms. Smith follows:]

     [GRAPHIC] [TIFF OMITTED] T0954.055
    
    [GRAPHIC] [TIFF OMITTED] T0954.056
    
    [GRAPHIC] [TIFF OMITTED] T0954.057
    
    [GRAPHIC] [TIFF OMITTED] T0954.058
    
    [GRAPHIC] [TIFF OMITTED] T0954.059
    
    Mr. Ose. Our last witness is Cathy Capriola from the city 
of Citrus Heights.
    Ms. Capriola. Good morning. On behalf of the Citrus Heights 
City Council and our community, I'd like to say thank you for 
the opportunity to participate in this congressional hearing.
    Citrus Heights is in a very fortunate position relative to 
the year 2000. As Congressman Ose knows, since he served on the 
Citrus Heights Incorporation Project and was president of that 
at one time, we are a newly incorporated city. We became a city 
on January 1st and opened our doors for business to the 
community in July 1997. So because of that and because of the 
kind of character of our community and the service delivery, 
we're in a far better position probably than most of our peer 
agencies.
    There are three reasons that we're somewhat of an anomaly 
with the year 2000. One is because we are a startup, so we have 
no legacy systems. All of our technology is new, and we have no 
custom applications that have been developed in-house through 
the years. We're just installing our local area network and are 
completing that and at this point have held off on purchasing 
any other specialized software until the year 2000 passes.
    We also have a limited scope of operations. Because we're 
not a full service city, again, as a newly incorporated city of 
88,000, a number of special districts provide services to our 
residents. So those individuals in the area of parks and 
recreation and water retain the programmatic policy and the 
year 2000 responsibility.
    The third area that makes us a little different is we're a 
contract city, more like some of the southern California cities 
where we contract back to other jurisdictions and the private 
sector for services. Specifically back to Sacramento County 
that provides our law enforcement--very, very well, solid 
waste, and street and related infrastructure maintenance. So 
we're coordinating with Sacramento County and private firms 
that provide services for us and communicating with them.
    In terms of what the city has done--a complete inventory 
and prioritization of what we do have, and that's 98 percent 
complete. The systems we currently use require some 
remediation--and even with new technology there are still 
patches and tinkering that needs to occur. So, we will be 
completing that within the next 45 days. We're doing some 
community outreach. We'll be holding some workshops with our 
community in September and also working with our contracting 
agency, Sacramento County, et cetera, on emergency operations 
and some of our mission critical items.
    So overall, just to summarize, I think that for we as a 
city, timing is everything, and we became a city at the right 
time on this one. And we're in a very fortunate position. Just 
the way we're structured, being new, we're less complex in 
scope and smaller than all of our peers. I'd be happy to answer 
any questions.
    Mr. Ose. Thank you, Cathy.
    [The prepared statement of Ms. Capriola follows:] 

    [GRAPHIC] [TIFF OMITTED] T0954.060
    
    [GRAPHIC] [TIFF OMITTED] T0954.061
    
    [GRAPHIC] [TIFF OMITTED] T0954.062
    
    Mr. Ose. Now, as far as how we proceed from here, many of 
you have not participated in a congressional hearing. What we 
do is the chairman and I will direct questions at the witness 
and you're free to answer. If there is something you care to 
add to someone else's testimony, be happy to take that 
testimony.
    So with that, Mr. Chairman, would you like to proceed?
    Mr. Horn. Well, let me ask Mr. Willemssen, who has been a 
faithful attender at every single one of our field hearings for 
the last 3 years, what you heard this morning, how does that 
fit in with other things the General Accounting Office has 
looked at in other areas and States? And are we missing 
something here that we should ask about, and what do you think 
it is?
    Mr. Willemssen. One area that you might want to pursue with 
some of the witnesses, I realize the State IT director is no 
longer here, but I heard touched on very briefly but you may 
want to pursue a little more, testing of data exchanges with 
other organizations.
    Many of the witnesses talked about where they are at with 
their own systems and they are making great progress; but as 
you know as well as anyone, the testing of data exchanges is 
especially critical to make sure that there aren't any 
disturbances that affect the systems outside of your control. 
And I think your question earlier to the State Director on the 
education side again points to that.
    I know that Secretary of Education has expressed great 
disappointment with the low number of schools who have opted to 
test their data exchanges with the Federal Department of 
Education on loans and grants. And I think that it would be 
worthwhile for California, among other States, to begin looking 
at how well their postsecondary schools are actually doing in 
the testing of those exchanges, because my understanding is 
nationally it still remains a very low number who have taken 
advantage of it.
    Mr. Horn. I think you're correct. I wrote a letter to the 
Secretary of Education Riley about a month and a half ago. I 
don't think we have an answer to it yet, but our feeling was 
given the lack of money in many school districts and the 
smaller ones along the Pacific Coast where you've got a lot of 
rural schools still, and I'm proud to say I went to one, I 
thought I got a great education, but the fact is this takes 
money. And I think I told him to make an estimate for us and 
see what's needed and would they administer the program.
    Mr. Willemssen. The other thing I might add, Mr. Chairman, 
is taking a look at the California State Auditor's Report of 
February 1999, I thought that raised some good issues. The 
question, if I were in your chair that I would want to ask, is 
what their plans are for upcoming review, if they have an audit 
or report that is due to be issued so there could be some check 
on the statements that were made by the State director of IT.
    Mr. Horn. What plans does the State Audit operations have?
    Mr. Cordiner. The way our office operates, we do audits at 
the request of Joint Legislative Audit Committee and thus far 
they have not asked us to do any further work in this area. 
However, based on our prior reports, we do get periodic updates 
on the progress of our recommendations and whether they've been 
implemented or not; and insofar as that goes, a lot of what Mr. 
Cortez said we're encouraged by, the planning that has gone 
into this. And the new administration, obviously they've 
dedicated considerable resources. We're still somewhat 
concerned, however, in that the last quarterly report that was 
generated by the Department of Information Technology which 
came out in July indicated while a number of agencies that are 
deemed critical agencies that have programs that are highly 
necessary for Californians and that they depend on have 
progressed, they're still--one of the things that is measured 
and you were concerned earlier with was, ``Well, how much 
independent work has been done?''
    Now, clearly there has been independent work done on 
assessing where they are currently at to get a measurement, but 
another part of DOIT's planning is to have an independent 
verification and validation of those very critical systems to 
see, ``OK, they are ready for the date change.'' That has not 
occurred in any of the ones that are listed on the website, to 
my knowledge. And so there is still a concern in that area.
    In addition, we had recommended in our February 1999 report 
that particularly for critical programs that business 
continuation planning be done by June 30, 1999 which mirrors 
industry standards so that there's enough lead time for those 
that require hiring additional staff or whatever the work 
around is going to be for that to occur. In addition, to be 
able to test that plan to see if it's viable.
    And we saw again in the last quarterly report that those 
plans are being requested. They drafted them in August and the 
final in September, and now I see in the prepared comments that 
that date has slipped even further, and so they are looking for 
one that's been fully tested in October. Well, if they fall 
short of the mark, that's pretty close to an immoveable date. 
So we've got some concerns in that area.
    I failed to mention in my statement because of the time 
constraints that one of the issues we looked at in the February 
1999 report was also to survey every State agency that was in 
the Governor's budget. 140 of them are responsible for 460 
programs. We found that for two-thirds--nearly two-thirds of 
the programs or the systems supporting the programs they 
operate, one or more critical steps wasn't completed at that 
point in time, which was December 31, 1998, and that nearly 
one-half of the agencies did not have business continuation 
plans.
    Mr. Horn. You're absolutely right. In terms of verification 
approach, and I wondered if as the welfare system in the State 
with the Federal billions and the State billions and then the 
county welfare in 58 counties, what is the interconnection 
there between the smaller welfare groups like San Benito and 
San Luis Obispo?
    Mr. Cordiner. As far as the Y2K exposure, a lot of it is 
the interface that Joel mentioned earlier. It's critical both 
upstream and down for State agencies to be able to seamlessly 
communicate with both the Federal, local and outsiders. Say, 
Medi-Cal, for instance, has third-party providers. It's a 
tremendous amount of interface that goes on.
    Mr. Horn. Has much of that been tested, to your knowledge?
    Mr. Cordiner. To my knowledge, the quarterly report--in 
fact, I looked at the appendix that was attached to that that 
lists every one of the departments, and some indicated that 
they completed testing, or at least say they have, or an 
independent party says they have without the independent 
verification of it that they have tested their data exchange. 
For others, that information was not included, when we've known 
based on our past work that these systems that didn't indicate 
anything about data interchange do have that. So I don't know 
what the status is, to tell you the truth.
    Mr. Horn. This question isn't necessarily on the year 2000, 
but it's a computer question, and that's the deadbeat dad 
situation. In Congress we had to get an exemption for 
California because you would have had a lot of money taken away 
since I think--what is it--about 24, 25 counties don't like the 
L.A. system and wanted their own system, and where are we on 
that?
    Mr. Cordiner. The current status on that--it's fortuitous 
you ask. I was on that. We just released an audit report on the 
5th on that. What California tried to do is create a consortia 
which would have been a link--four systems, including Los 
Angeles, would have been linked together, and that would have 
been the State's plan to develop a statewide automated child 
enforcement system. That was recently rejected. That plan was 
rejected at the Federal level.
    We are now back to basically square one where the Health 
and Welfare Data Center which is responsible for developing the 
IT solution for this program has awarded four different 
contracts to vendors to come up with a design. The winner of 
that will be given a future contract to develop or replicate an 
existing system for California to use. So we're--in my mind, 
we're years away from a statewide automated system. There are 
systems in use out there, and the ones that we visited, most of 
them are Y2K ready now. Some weren't and they were migrating to 
other systems that were.
    Mr. Horn. Thank you.
    Mr. Ose. If I may follow up on something, Mr. Cordiner, in 
your testimony you talked about noncompliant products being 
used I believe at the Teale Data Center?
    Mr. Cordiner. Correct.
    Mr. Ose. After the Teale data operator advised everybody 
not to use those same products, and my question is whether or 
not we're still using those noncompliant products?
    Mr. Cordiner. Based on their last response to our audit, 
those have been--they are in the process of removing them.
    Mr. Ose. That was the critical question, whether they 
complied with their own recommendation.
    Second, if I might, I know that the director of--I like the 
acronym DOIT--the director of DOIT testified about the 
independent verification validation, but in your opinion, are 
those truly independent?
    Mr. Cordiner. We haven't really reviewed--I know they had 
established a prequalified pool of vendors that could meet the 
need. We didn't really look at that process and we haven't 
really evaluated what's being done in the IV&V to determine 
that. The answer to that question, I would hope that they are. 
And I think you know this isn't about pointing a finger.
    Mr. Ose. I understand.
    Mr. Cordiner. And I think Mr. Cortez is sincere in wanting 
this to be done the best possible way. So with that in mind, 
I'm confident that those people are doing a good job.
    Mr. Ose. Do I understand that your charge to do an audit 
follows a request? In other words, you cannot move independent 
of having received a request either from the Governor's office 
or the Legislature?
    Mr. Cordiner. That's correct.
    Mr. Ose. OK.
    Mr. Horn. If I might ask one more question.
    Mr. Ose. Certainly.
    Mr. Horn. One question comes to mind, having read in The 
Sacramento Bee this morning makes me ask this, a 15-year-old 
that knifes and kills a woman older than him, and he's out as a 
juvenile and should have been locked up earlier. And that gets 
down to what's happening in a number of States when they 
checked for 2000 conformity, they found their jail/prison 
security systems are opening the doors sometimes. And unless 
they check that, you're going to have a real problem. I 
wondered in terms of the sheriffs and State and if the audit 
team has gone into any of that?
    Mr. Cordiner. We--in our last audit, we looked at the 
Department of Corrections and we looked at two specific 
systems. One was where the prisoners were at. You know, their 
status, reporting status. We found that to be OK. The other was 
an imbedded chip issue with the electrified fences that 
encompass 23 of 33 institutions. They still had work to do on 
those, so there was no assurance that those work as intended.
    It's my understanding that Mr. Cortez had a group of 
independent contractors go out and see where that was at, but I 
see on his website that Corrections still is designated with a 
pink, which is a high-risk element associated with their 
ability to be ready at the appropriate time. We were assured, 
however, during hearings that Corrections has backup systems to 
those electrified fences whereby if push came to shove they 
would have 24/7 guards in the towers. So hopefully we can sleep 
a little bit better knowing that.
    Mr. Horn. Yeah. Interesting.
    Mr. Ose. Supervisor Smith, the question I have is given the 
nature of my district, seven of my eight counties are 
effectively rural, what are the unique challenges that the 
rural counties are facing? Have we been helpful? Has the State 
been helpful and what can we do to assist solving those 
problems that are unique?
    Ms. Smith. Well, Congressman, as I had mentioned, we have 
the Y2K Cookbook which the State did assist in; and going on 
line, I believe, is very helpful with the smaller counties that 
don't have the ability to hire the technology. In Siskiyou 
County we're fortunate that we do have a technology staff, if 
you will. Small, but they've been helping us with what our Y2K 
task force has come forward with. I was surprised to see the 
small amount of interface with the Federal level. So most of 
our interface comes up at the State level. So we are working 
with the State.
    What our biggest challenge right now is I think we've gone 
in internally and we've done our planning there, but I believe 
what our biggest challenge is and what we're in the process of 
doing is getting out to the public. We're going into the 
smaller communities.
    We're finding that we're getting calls on a daily basis 
from the elderly community who are very concerned and 
frightened, ``What if the electricity goes out?'' It's very, 
very cold in Siskiyou County in January, and they are concerned 
about heating and about telephones. So we're getting out to the 
public. We're telling them what we've done. We're also advising 
them to have--as I had mentioned in any emergency, to have 
things on hand in case of an emergency: Warm blankets, extra 
food, extra water, for at the most a 2- to 3-week period, but 
we're saying 2 to 3 days as has been advised, I believe, by the 
State and Federal Government.
    I think that having some funding available which I believe 
the State has some available, I'm not sure at the Federal 
level, it's very helpful for some of the smaller counties. As 
you know, the budgets are very restrictive in the smaller 
counties and we don't have a lot of extra money, although 
Siskiyou County has been in the process of replacing a lot of 
our computer system and we have spent probably half a million 
dollars doing that and we will probably be spending another 
$100,000 between now and the end of year in replacing the 
things that we have to. We are also are hoping we will be up 
and ready to go by at least October because, as Mr. Cordiner 
said, in October there is not a whole lot extra you can do at 
that time.
    Most of the counties--I was surprised and pleased to see 
that most of the counties are addressing this issue. I think 
that in the area--many of the areas that has not been addressed 
are the very small areas such as the service districts and 
small water companies and we're working very hard to work with 
them. It would be nice if the State would help us with that and 
the Federal Government, Because they just don't have the staff 
to do it nor the money, and those are the areas that we're 
concerned about.
    Mr. Horn. If I might, Mr. Chairman, without objection, I'd 
like to see the Merced document entered into the record in 
full.
    Mr. Ose. Without objection.
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.063
    
    [GRAPHIC] [TIFF OMITTED] T0954.064
    
    [GRAPHIC] [TIFF OMITTED] T0954.065
    
    [GRAPHIC] [TIFF OMITTED] T0954.066
    
    [GRAPHIC] [TIFF OMITTED] T0954.067
    
    [GRAPHIC] [TIFF OMITTED] T0954.068
    
    [GRAPHIC] [TIFF OMITTED] T0954.069
    
    [GRAPHIC] [TIFF OMITTED] T0954.070
    
    [GRAPHIC] [TIFF OMITTED] T0954.071
    
    [GRAPHIC] [TIFF OMITTED] T0954.072
    
    [GRAPHIC] [TIFF OMITTED] T0954.073
    
    [GRAPHIC] [TIFF OMITTED] T0954.074
    
    [GRAPHIC] [TIFF OMITTED] T0954.075
    
    [GRAPHIC] [TIFF OMITTED] T0954.076
    
    [GRAPHIC] [TIFF OMITTED] T0954.077
    
    [GRAPHIC] [TIFF OMITTED] T0954.078
    
    [GRAPHIC] [TIFF OMITTED] T0954.079
    
    [GRAPHIC] [TIFF OMITTED] T0954.080
    
    [GRAPHIC] [TIFF OMITTED] T0954.081
    
    [GRAPHIC] [TIFF OMITTED] T0954.082
    
    [GRAPHIC] [TIFF OMITTED] T0954.083
    
    [GRAPHIC] [TIFF OMITTED] T0954.084
    
    [GRAPHIC] [TIFF OMITTED] T0954.085
    
    [GRAPHIC] [TIFF OMITTED] T0954.086
    
    [GRAPHIC] [TIFF OMITTED] T0954.087
    
    [GRAPHIC] [TIFF OMITTED] T0954.088
    
    [GRAPHIC] [TIFF OMITTED] T0954.089
    
    [GRAPHIC] [TIFF OMITTED] T0954.090
    
    Mr. Horn. I think it would be helpful for people in the 
hearing.
    Mr. Ose. In case anybody would like to see what that looks 
like, it's the yellow book, actually pretty attractive. If you 
can get a copy and pass it to your colleagues, that would be 
great. But it will be entered into the record.
    Ms. Smith. We do have a few extra copies available, and 
it's also on the website--on the Merced website, the 
www.ca.merced.--wait a minute.
    Mr. Ose. www.co.merced.ca.us.
    Ms. Smith. Thank you.
    Mr. Ose. As far as the newest, largest city in the State, 
that means Citrus Heights, is it just happenstance that brings 
you to the fortuitous position you are, or are there things 
you've done in particular that we could share with other 
municipalities as far as an effort to be Y2K compliant?
    Ms. Capriola. As I mentioned in my testimony, I think it is 
the timing. We don't have old systems. We don't have legacy 
systems that we're trying to create or bring up to date. In 
some ways it's an enviable position that we're in. And I would 
wish it upon everyone. But I think we've also learned from our 
colleagues who have gone through the process that's been 
articulated by State and Federal guidelines in terms of what we 
should be trying to do in trying to work with those service 
providers, Sacramento County and private firms that do provide 
a great deal of services for us, to make sure that the service 
delivery continues.
    The one good thing, I think, that is coming out of year 
2000 is that it's an opportunity for every organization to kind 
of step back and review what their technology systems are and 
it's kind of this crisis that's pushing us to get rid of some 
systems that need to be moved on; but change is hard, as we 
know, especially in large organizations. So I actually think 
that out of every crisis, including this one, there are very 
good things that are happening to our governments and to--so we 
become more entrepreneurial with better services and systems 
coming out at the end, though the process is painful and 
expensive.
    Mr. Ose. Do you have anything else to add, Mr. Chairman?
    Mr. Horn. Well, you're absolutely correct, and we've raised 
that question often in the hearings and a lot are doing exactly 
what you're doing, and that's the right thing to do. You can 
get rid of a lot of them or combine them or whatever, and this 
is the chance to do it.
    Mr. Ose. Well, I would like to express the appreciation of 
Chairman Horn and myself for the testimony of the witnesses 
this morning. I know some of you have come quite a distance. We 
appreciate you participating. We're going to stay on this. One 
thing I hear everybody talking about is the interrelationship 
and the interdependencies between the Federal, State, and 
local, you know. We're kind of in this together so we need to 
keep working together.
    So I again thank you.
    With that, Mr. Chairman, I'd like to bring the second panel 
down. Thanks for coming.
    Second panel is--we're going to take a short break here, 
but the second panel is Garth Hall with PG&E, Mike--is it 
Petricca?
    Mr. Latino. It's Tom Latino.
    Mr. Ose. OK. It's Tom Latino with Pacific Bell, Roy Le 
Naeve and Steve Ferguson accompanied by Carol Hopwood. These 
will be largely utilities and service providers at the local 
level. So having heard from the State and local government, now 
we're into a new group.
    Now I need to again swear everybody in.
    [Witnesses sworn.]
    Mr. Ose. Let the record show that the witnesses answered in 
the affirmative.
    So, again, what we'll do here is we'll take testimony from 
the witnesses in total, and then come back with questions. We 
do request you go to the podium provided.
    And with that, Garth you're first. This is Garth Hall with 
PG&E, the manager of their Y2K project.

STATEMENTS OF GARTH HALL, MANAGER OF Y2000 PROJECT, PACIFIC GAS 
AND ELECTRIC CORP.; TOM LATINO, PUBLIC SAFETY DIRECTOR, PACIFIC 
BELL, APPEARING FOR MIKE PETRICCA; ROY LE NAEVE, SENIOR PROJECT 
 MANAGER, Y2K READINESS PROGRAM, SACRAMENTO MUNICIPAL UTILITY 
  DISTRICT; STEVE FERGUSON, CHIEF OF INFORMATION TECHNOLOGY, 
 COUNTY OF SACRAMENTO, ACCOMPANIED BY CAROL HOPWOOD, EMERGENCY 
                MANAGEMENT, COUNTY OF SACRAMENTO

    Mr. Hall. Mr. Chairman, members of the committee, I really 
appreciate the opportunity on behalf of PG&E Corp. to talk to 
you today. I represent the corporate program office across all 
the lines of business nationwide. You know PG&E, the utility. 
But the businesses nationwide, I assure you, have adopted and 
followed the same standards across the board that we have 
applied in utility, and I have been responsible in ensuring all 
of those things. I know that is of interest to you because of 
your national interest, but I will now focus up on the utility 
because that is the scope of the California hearing today.
    Our program, of course, covers all of the elements that 
have traditionally been discussed and some of which you heard 
of today: The inventory process, the analysis process, the 
remediation, the fixing process, the testing, finally the 
certification process, and then the very important contingency 
planning process. All of those elements are very, very far 
along across our corporation and in the utility as well.
    In July, we were very pleased to report to the North 
American Electric Reliability Council, which has received a 
charter from the Department of Energy, that we--for all the 
electric delivery systems in the utility--we are ready. So that 
means that anything that has to do with delivery of power to 
the consumers, we have assessed, we have fixed, we have tested, 
and we have certified. That includes, also, the power 
generation plants, the hydro and the fossil power plants that 
we still own, understanding, of course, that we have sold many 
lately. So all of those that we own in those domains are 
included in that. So that should be of enormous relief to those 
who have concerns about power, and we heard some of those 
reflected today.
    In addition to that, we are very, very far along in the 
nuclear power area. We are down to less than 1 percent of items 
still in testing in the gas supply area and in the nuclear 
generation area at Diablo Canyon. There are very, very few, 
fewer than a handful of things, left in testing and 
certification of all those is expected in September. By 
November 1st, the California Public Utilities Commission 
requires us to file a written certification as to our state of 
readiness across all of our departments and functions in the 
utility. And we fully expect to file at that time that we are 
ready across the board, that everything is tested, certified 
and is ready.
    Even though we are very confident about all of these 
things, we have also taken contingency planning very seriously. 
Every one of our mission-critical business partners, suppliers 
and government agencies has a contingency plan developed by us. 
In other words, for each one of those entities that we depend 
on to a strong degree for our ongoing continuation of business, 
we have already developed a contingency plan. Even when we are 
fairly confident, as with Pac Bell and many of the others that 
are represented today, that the service will be there and 
reliable, we still have developed a contingency plan.
    In addition to that--at a higher level--we have developed 
business recovery plans that are really just continuations of 
our standard business recovery planning. As everyone would 
appreciate, we face storms, earthquakes, floods, during which 
power outages and gas line interruptions can occur. Our 
organization, having been trained and practiced in response to 
those, is the same organization that would have to deal with 
any type of high-level disaster whether driven by storms or Y2K 
or anything. Even though the probability of those may be very, 
very slight, we have drilled those internally twice in the 
utility now, making sure that everybody understands what they 
would have to do; and we have participated in one nationwide 
drill in April, organized by the North American Electrical 
Reliability Council, and we will do that again on September 
9th.
    We also recognize the importance of communicating our 
readiness out to the community, have met with over 100 various 
customer groups, including Hewlett Packard, Wells Fargo, Shell 
Oil, the Woodland Chamber of Commerce, many city councils, many 
county boards of supervisors, water agencies and trade groups. 
We will continue to do that. We understand the importance of 
communicating our readiness so people understand and have 
advice on how they should prepare. That's going to be an 
ongoing process for us.
    With those remarks, I thank you again for the opportunity.
    Mr. Ose. Thank you, Mr. Hall.
    [The prepared statement of Mr. Hall follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.091
    
    [GRAPHIC] [TIFF OMITTED] T0954.092
    
    [GRAPHIC] [TIFF OMITTED] T0954.093
    
    [GRAPHIC] [TIFF OMITTED] T0954.094
    
    [GRAPHIC] [TIFF OMITTED] T0954.095
    
    [GRAPHIC] [TIFF OMITTED] T0954.096
    
    [GRAPHIC] [TIFF OMITTED] T0954.097
    
    [GRAPHIC] [TIFF OMITTED] T0954.098
    
    [GRAPHIC] [TIFF OMITTED] T0954.099
    
    [GRAPHIC] [TIFF OMITTED] T0954.100
    
    [GRAPHIC] [TIFF OMITTED] T0954.101
    
    [GRAPHIC] [TIFF OMITTED] T0954.102
    
    [GRAPHIC] [TIFF OMITTED] T0954.103
    
    [GRAPHIC] [TIFF OMITTED] T0954.104
    
    [GRAPHIC] [TIFF OMITTED] T0954.105
    
    [GRAPHIC] [TIFF OMITTED] T0954.106
    
    [GRAPHIC] [TIFF OMITTED] T0954.107
    
    [GRAPHIC] [TIFF OMITTED] T0954.108
    
    [GRAPHIC] [TIFF OMITTED] T0954.109
    
    [GRAPHIC] [TIFF OMITTED] T0954.110
    
    [GRAPHIC] [TIFF OMITTED] T0954.111
    
    [GRAPHIC] [TIFF OMITTED] T0954.112
    
    [GRAPHIC] [TIFF OMITTED] T0954.113
    
    [GRAPHIC] [TIFF OMITTED] T0954.114
    
    [GRAPHIC] [TIFF OMITTED] T0954.115
    
    Mr. Ose. Mr. Latino.
    Mr. Latino. Good morning. My name is Tom Latino and I am 
director of the Public Safety Organization for Pacific Bell. I 
appreciate the opportunity to update you on SBC's readiness for 
the year 2000, and I'm happy to say that we have some great 
news to share. The bottom line is that when you pick up the 
phone on January 1st of the year 2000, our network will be 
ready to serve you just as it always has and so will the 
wireless, data, Internet, and other services which we provide.
    We spent nearly 4 years preparing for this issue. As of 
June 30th virtually all necessary upgrades have been completed. 
A very few upgrades are scheduled to be completed by September. 
As we wrap up these upgrades, we will continue to focus on 
testing and finalizing our business continuity plans. All of 
our services will be tested and retested in simulated year 2000 
environments prior to January 1st.
    Our testing efforts also go well beyond our own network. 
SBC is working with the Alliance for Telecommunications 
Industry Solutions to test our services in conjunction with 
other communications companies and other industries. As a 
matter of fact, ATIS recently announced the successful 
completion of a Y2K test involving communication networks 
serving the credit card and financial industries. SBC and other 
communication carriers had no difficulty in transmitting 
financial data in a simulated Y2K environment. We have also 
worked closely with Telco Year 2000 Forum, which in December 
completed tests showing that local networks are prepared to 
provide uninterrupted service.
    This internal and third-party testing provides further 
evidence that Y2K will be a nonevent for our customers. And 
while we strongly believe that that will be the case, we also 
recognize that factors outside of our control could potentially 
impact our services. To further ensure continuous quality 
service, SBC is enhancing its business continuity plans to 
prepare for Y2K contingencies. These plans are an extension of 
Southwestern Bell's existing procedures for providing service 
in the event of an emergency or natural disaster.
    As part of these business continuity plans, SBC will 
increase staffing at customer support in business centers 
during peak periods leading up to and including the New Year's 
holiday weekend. We also are establishing command centers 
throughout our service territory to ensure a smooth transition 
to the new year. As you can tell, Y2K readiness has been a very 
big job. All told SBC has spent $200 million to prepare for 
Y2K. SBC's Y2K project management team is led by an officer of 
the company, and each of our major business units have 
dedicated Y2K coordinators responsible for managing year 2000 
issues within their organization.
    To keep our customers up to date on our progress, SBC's Y2K 
team maintains a comprehensive website with the latest 
information available. Anyone looking for detailed information 
on our Y2K readiness can access the Preparing for the 
Millennium Section of SBC's website at www.sbc.com. The site 
includes a selection that allows you to check on the readiness 
of the central office switch that serves your community. You 
can also register at the website to receive a copy of SBC's 
final readiness report.
    Thank you again for the opportunity to provide this update.
    Mr. Ose. Thank you, Mr. Latino.
    [The prepared statement of Mr. Petricca follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.116
    
    [GRAPHIC] [TIFF OMITTED] T0954.117
    
    Mr. Ose. Next Mr. Le Naeve. He's the senior project manager 
for the Y2K readiness program at Sacramento Municipal Utility 
District.
    Mr. Le Naeve. Good morning, Mr. Chairman, members of the 
committee. I am Roy Le Naeve, the senior project manager for 
the Sacramento Municipal Utility District's Y2K program. I 
thank you for the invitation to speak here today.
    Sacramento Municipal Utility District, commonly referred to 
as SMUD, is a community-owned utility that services 
approximately a half million customers. We are the second 
largest community-owned utility in California and the fifth 
largest nationally. SMUD has 11 generating facilities with a 
maximum generating capacity of 1140 megawatts. Our purchase 
requirements ranges from zero to 1500 megawatts with largest 
purchases generally occurring during the summer months.
    Our customer base includes some very influential entities 
such as the county seat, the Sacramento County, a major State 
prison in Folsom--Mr. Horn referred to prisons earlier--the 
California Independent System Operator located headquarters and 
their control center in Folsom, the Western Area Power 
Authority, also headquartered in Folsom, the Office of 
Emergency Services for the entire State of California, and the 
residing body and support locations for the State of 
California.
    We clearly recognize and strive to meet our serious 
responsibility to provide a high quality of dependable and 
reliable power to our customers. At the outset of the Y2K 
project, SMUD recognized and respected the public's concern. We 
also understood that in spite of any eventual successes of 
overcoming the threat of Y2K problems, if those successes were 
not credibly presented to the public, a sense of personal 
concern would continue.
    Consequently, as our project was put together, the task of 
communicating openly and frequently to our customers and the 
public at large was placed very high in our project plan. This 
has been achieved through a variety of processes such as news 
events, community forums, special media presentations, key 
account presentations, bill inserts, and the SMUD website. We 
believe the word is getting out.
    Over the last 6 months we have seen a noticeable drop in 
what was previously widespread Y2K anxiety as SMUD is receiving 
less and less requests for Y2K information. We formalized our 
Y2K project in the late part of 1997 by inventorying all the 
items in the district that may be subject to Y2K anomalies, or 
the bug as you've heard of them. At the end of the inventory we 
placed each item in two major categories: mission critical and 
nonmission critical.
    To date, we placed and prioritized more than 1,500 items 
onto the Y2K vulnerable list. Each of SMUD's inventory items 
have received reviews, evaluations, and in the case of mission 
critical items, serious testing. As of this date there are 35 
items remaining on the list for disposition and currently 
undergoing remediation. SMUD has plans to remediate or replace 
all the outstanding items by October 1st, 1999. SMUD's Y2K 
efforts have enabled it to declare all of its 11 generating 
facilities Y2K compliant.
    The year 2000 compliance for SMUD means that all mission 
critical systems have been tested for proper operation through 
the 1999 year and into the year 2000 timeframe. Further, where 
remediation actions were required, appropriate actions were 
taken. The systems were retested and no reasons are known to us 
that would preclude the system from performing into the year 
2000.
    To date, all the generation and distribution systems have 
undergone vigorous test requirements and they have been 
declared Y2K ready with minor exceptions by the North American 
Reliability Council. The exceptions deal with nongenerating 
requirements. For example, affluent meters are very important 
to us but are not important for the sake of producing 
electricity. As a point of interest, the meters in question had 
been made compliant and will be installed in our system prior 
to October 1999. Our Y2K project has received the highest 
possible organizational oversight from executive management.
    As the Y2K project manager, I report on a weekly basis to 
an executive sponsor. On a monthly basis I brief and receive 
guidance from the entire SMUD executive team. Additionally, I 
brief and receive policy direction from our entire board of 
directors on a monthly basis. This practice is scheduled to 
continue well into the year 2000.
    As Americans we enjoy the best and most reliable electric 
service in the world. While each utility plays its respective 
role, the high service reliability is achieved because of a 
network of utilities that have joined together to work 
together. The North American Electric Reliability Council 
promotes the reliability of the electric supply for North 
America and it oversees our Y2K activities.
    Over the past months we have worked with NRC and the 
utilities to be ready to respond. In April we exercised all of 
our national and local communications capabilities to ensure 
that we could talk to each other under degraded communications 
capabilities. The next national exercise is scheduled for 
September 9th. The exercise is scripted to be a dress rehearsal 
for the night of rollover. We anticipate that much will be 
learned concerning our posturing activities in preparation for 
the new year.
    In summary, SMUD offers no guarantee. We do a test. We have 
searched, evaluated, tested, reevaluated every vulnerable item 
known to us, and we're unaware of anything that would keep the 
lights from burning as bright on the night of rollover as they 
do today. Thank you.
    Mr. Ose. Thank you, Mr. Le Naeve.
    [The prepared statement of Mr. Le Naeve follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.118
    
    [GRAPHIC] [TIFF OMITTED] T0954.119
    
    [GRAPHIC] [TIFF OMITTED] T0954.120
    
    [GRAPHIC] [TIFF OMITTED] T0954.121
    
    Mr. Ose. Mr. Ferguson from the city of Sacramento.
    Mr. Ferguson. Thank you very much. My name is Steve 
Ferguson. I'm CIO information officer for the county of 
Sacramento.
    Mr. Ose. Excuse me.
    Mr. Ferguson. On behalf of the county Board of Supervisors, 
I wish to welcome your committee and all of the witnesses today 
to our community.
    On the Y2K issue, the county began addressing its Y2K 
issues back in 1995. In 1995 we formed a Y2K steering committee 
consisting of county executives and key business players. We 
began a formal assessment of our status risks and remediation 
alternatives at that time. Our Board of Supervisors has taken a 
very strong interest in this issue. They have made it clear to 
us that they expect to be informed on how the county is doing. 
In response to that, our first comprehensive assessment report 
was made to our Board of Supervisors in June 1998. 
Subsequently, we have updated the information of that report in 
February and the first part of this month. The Board has asked 
we give them a final readiness report in December 1999.
    I thought I would take a few minutes to review a few of the 
key points that we've given to our Board that were identified 
in that report. The county of Sacramento plans to spend over 
$60 million in remediation of Y2K. While that may not be 
impressive at the Federal level or State level, it certainly 
represents a sizable investment for this community. There have 
been some big benefits out of that. No. 1 is we have used that 
investment. We have leveraged that investment to provide a 
technological foundation for the county's future. This 
foundation will help us provide better and more efficient 
community services in the future.
    For example, we've upgraded our networks that will allow us 
to engage in e-commerce. We have upgraded our applications that 
will allow us to more interactively interact with our citizens 
in foreign e-government, and the IT work forces have had the 
opportunity to learn new skills.
    The county is planning for a number of Y2K-related 
activities. We've been discussing some of the business 
continuity issues. We're also aware as provider of local 
services to a large community that we have public safety issues 
that have to be dealt with as well. We are planning the 
operation of a joint emergency operation center with the city 
of Sacramento over the millennium change, and we are planning 
numerous table-top exercises to prepare for what we expect to 
be a high level of activity due to celebrations around Y2K. We 
also realize we have a responsibility to communicate readiness 
to our citizens and our county public information officer has 
been very active in preparing a countywide public information 
campaign.
    We've shared with our Board a number of concerns about our 
readiness in Y2K. I thought I'd just summarize those quickly 
for you. The first area of concern is the Family Support Bureau 
of child support issues. A recent failure in the State project 
has put the county at risk. We do not have time to remediate 
legacy systems in that area. However, plans are under way to 
implement a system, one of the four consortiums that was 
mentioned by your earlier testimony in the child support area, 
and that's planned to go live in November of this year.
    Embedded chips, as others have mentioned, have been a major 
concern. The county operates numerous facilities from clinics 
to crime labs to jails and the airport, and we have been making 
major inroads in the testing and remediation of those types of 
issues. We believe most of that has been corrected and it will 
be operational through the millennium.
    In the public safety arena, we've identified Y2K problems 
in our criminal justice systems. Pleased to report that just 
last month the Y2K readiness system went on line. The Sheriff's 
Department has identified Y2K problems with their computer-
aided dispatch. They are now in the process of contingency 
planning should that system fail.
    These problems, as I mentioned, are being addressed and we 
will continue to keep our Board informed on progress. A final 
area of concern that other members--other witnesses today have 
touched upon is the area of State interfaces. The county of 
Sacramento relies heavily on communication with the State of 
California. Myself and other CIOs throughout the State have 
expressed concerns repeatedly over the last few years about 
this, and I want to express my appreciation to Mr. Cortez, who 
has taken our concerns to heart and the State has renewed its 
focus in assisting counties in testing and working on those 
interfaces.
    Again, thank you very much for the opportunity to testify 
today on behalf of Sacramento County, and we hope that your 
visit to the area is enjoyable.
    Mr. Ose. Thank you, Mr. Ferguson.
    [The prepared statements of Mr. Ferguson and Ms. Hopwood 
follow:]

[GRAPHIC] [TIFF OMITTED] T0954.122

[GRAPHIC] [TIFF OMITTED] T0954.123

[GRAPHIC] [TIFF OMITTED] T0954.124

[GRAPHIC] [TIFF OMITTED] T0954.125

[GRAPHIC] [TIFF OMITTED] T0954.126

[GRAPHIC] [TIFF OMITTED] T0954.127

    Mr. Ose. Mr. Chairman, would you like to proceed?
    Mr. Horn. Wonder if Mr. Willemssen could join us at the 
table. He's our all-around expert in Washington for the General 
Accounting Office. It's part of the legislative branch.
    Mr. Ose. Without objection.
    Mr. Horn. We always like to hear what he says. He's been to 
I don't know how many States now, but if he's putting pins on 
them, I think he will hit about 50.
    Mr. Le Naeve. Does he have easy questions?
    Mr. Willemssen. Sometimes.
    Mr. Ose. It's the answer we're after, Mr. Le Naeve.
    Mr. Horn. Go ahead. What's your reaction now? You've heard 
the whole second panel, you've heard the first panel.
    Mr. Willemssen. I thought you might want to followup on a 
couple of things that Mr. Hall and Mr. Le Naeve pointed out 
just to confirm the August 3rd, 1999 report of the North 
American Electrical Reliability Council does identify Pacific 
Gas & Electric as Y2K ready and does identify Sacramento 
Municipal Utility District as ready with limited exceptions, as 
was testified to. The report also notes 84 percent of the Y2K 
programs of all these bulk electrical suppliers have been 
audited and reviewed, some of them by internal auditors, some 
by external reviewers. It does not identify which ones have had 
those kind of reviews. You may find it useful to ask the 
witnesses today if they've had independent verification and 
validation reviews and if those reviews are--the reports of 
those reviews are publicly available.
    Mr. Horn. That's a good question. I also would wonder, on 
that report by the council, is there any difference in terms of 
the state of analysis and surety between the nuclear and 
nonnuclear reactors.
    Mr. Willemssen. There is a distinction made, and I believe 
the latest data on nuclear facilities indicates that there are 
approximately 35 such facilities that still have some 
exceptions that are being aggressively dealt with.
    Mr. Horn. Because you know the Nuclear Regulatory 
Commission has told us they were going to do a 10 percent 
audit. We objected and said, ``Why don't you do 100 percent?'' 
And they objected, and said, ``You don't understand what we're 
doing.'' And I said, ``Fine. Put it in writing.'' I don't think 
I've still heard from them in writing. It helps hone the mind 
when you get them to put it down on paper, but I was curious 
what's happening in that area.
    You heard the question. I just wondered if you have any 
thoughts in response to Mr. Willemssen's point.
    Mr. Hall. Let me speak for PG&E. On the August 3rd report 
by the North American Electrical Reliability they were correct, 
in referring to PG&E, that they reflected our report to them 
that our electric delivery systems were totally ready. In other 
words, our systems are tested and certified.
    The question about Diablo Canyon, which is our nuclear 
power plant, I'll just focus on that. That's 1 of the 35 that 
were reported to the Nuclear Regulatory Commission as having 
limited exceptions. It has one, and that will be in place and 
certified by September. The NRC, of course, is watching things 
very closely, and we are very diligently working with them. In 
terms of audits, the NRC, in terms of the contingency planning 
arena, selected six plants nationwide, to my best knowledge, 
one of which happened to be Diablo Canyon. Diablo Canyon was 
audited by the NRC very exhaustively in terms of its readiness 
for handling emergencies in terms of contingency plans, and we 
have the report on that. That was very favorable. To my best 
knowledge, it's available to the public at the NRC's website. 
It's a publicly available document.
    If I missed anything, please followup.
    Mr. Horn. Anyone else like to comment on Mr. Willemssen's 
question?
    Mr. Le Naeve. I would just comment about the auditing of 
our project. Our auditing department works specifically and 
directly for the general manager which bypasses about 10 levels 
of the bureaucracy, if you will. There are three full-time 
auditors that I call them the truth sayers. They don't work for 
me, which means that they make me tell the truth. Two of them 
are SMUD employees, and the other is an outside auditor. In 
terms of being ready with exceptions, the rules are always a 
little sticky. Our plants, as I have testified, are very 
capable tonight to generate everything that it's supposed to 
generate. The meters, they're affluent monitoring meters that 
we need that data in order to report the types of pollutants 
that are going into the air and they meet with Federal 
standards and State standards but they have nothing to do with 
the generation capability.
    Mr. Horn. Any other thoughts, comments, anything else from 
the General Accounting Office?
    Mr. Willemssen. I felt one thing that you have asked at 
prior hearings and especially in terms of counties is when they 
had actually started their Y2K efforts. The year that the 
county started in 1995 is generally much earlier than what 
we've heard in other jurisdictions throughout the country, so I 
think that's worth noting.
    I also think it's worth noting what the county mentioned in 
terms of its plans for additional table-top contingency plan 
exercises, no matter what good of shape they are in because so 
much is outside of their control, I think that is a worthwhile 
effort to pursue.
    Mr. Horn. I guess I'd ask this panel, what is the sort of 
continuity and fallback plan that you have? For example, the 
Federal Government when we ask them, ``Where were your 
contingency plans?'' And most of them said, ``Oh, we're 
depending on the U.S. Postal Service.'' So we held a hearing 
with the United States Postal Service, and it turned out they 
didn't have a contingency plan. So if something is falling 
through the cracks, how do we solve that problem with the 
utilities?
    Mr. Hall. Did you want to go first?
    Mr. Le Naeve. In our case we are mandated by NRC. If not 
just a prudent action, we have contingency plans that takes 
into account our worst-case scenario as well as our worst-
probable scenario and those contingency plans basically means 
we operate our system manually and we exercise accordingly. But 
to my knowledge, we have a contingency plan for just about any 
eventuality, not the least of which is Y2K. In the case of Y2K, 
we certainly don't expect any structural damage, which is what 
we typically have during storms. So I believe, speaking 
certainly for SMUD, we have contingency plans in place and we 
exercise them.
    Mr. Hall. As far as PG&E, in addition to the remarks I made 
during my testimony about that, over the New Year weekend for a 
period of 4 days solid, we will be activating to the highest 
level of preparedness our emergency operation centers, which 
really places additional staff operating people in the field 
and at all key places and at the central location. Even though 
we don't expect anything to happen, we want to make sure 
everybody is prepared and ready, and the preparedness of those 
people goes very deep in terms of the activities they would 
have to undertake.
    It also does include, by the way, invitations and close 
links with OES, Office of Emergency Services, directors from 
the counties and from the State who are tied into our 
distribution emergency centers. And so are the police force and 
fire station links. That's where the linkage occurs. So the 
good part of this is for emergencies unrelated to Y2K, those 
practices and infrastructures and procedures are in place.
    What we're doing with Y2K is just bringing them up to a 
level where everybody is there, ready, in case anything 
happens, which we do not expect.
    Mr. Horn. Well, it's like Jeopardy. You answered the 
question before I asked it. I'm curious because in some States 
we find there's a lack of frequencies where they can 
communicate. There is just overload, and we had that in L.A. 
County about 10 years ago where none of the police departments 
could talk to the Sheriff's office or anything else. And 
they've remedied that. They needed some more frequencies. So I 
take it it's not a problem for you, where you operate. You have 
what, two-thirds of California, at least?
    Mr. Hall. Approximately so. Frequencies--apart from 
depending on Pac Bell, we have our own internal telephone 
network which covers the entire area independently. We also are 
relying on radio, and we also will be having satellite 
telephones as backup in a few key locations if everything else 
fails, including Pac Bell, which we do not expect.
    Mr. Latino. Mr. Congressman, Pacific Bell certainly will be 
ready. Business continuity plans are in place. They have been 
socialized with the appropriate support personnel and those 
systems that require those plans will, in fact, be fully 
staffed. We will have plans to activate our command centers as 
well as our network operation centers. Once again, they will be 
fully operational as well as fully staffed.
    Additionally, specifically as it concerns public safety, we 
will have knowledgeable personnel in the field at key public 
safety sites in order to assist in any identification, 
isolation and resolution of trouble. Moreover, we will have 
established a command center for our 911 infrastructure itself.
    Additionally, we have worked extensively with our 364 
public safety answering sites in order to ensure they take 
steps to have contingency plans in place such as alternate 
answer. And last, we have worked closely with our directory 
assistance in the event, the unlikely event, of a 911 failure 
where seven-digit emergency numbers could be communicated to 
the public.
    Mr. Horn. Interesting.
    Mr. Le Naeve. I'd just like to say we are in exactly the 
same situation. We typically have 2,500 employees. That night 
20 percent of those folks will be up and running and in their 
office and in their locations both in our emergency center as 
well as our energy management center as well as manning our key 
bulk substations, which are things we typically would not do 
just in the eventuality that something happens.
    Mr. Horn. Does SMUD have the natural gas as one of its 
products?
    Mr. Le Naeve. We are a purchaser. We don't produce any--
matter of fact, Mr. Hall's company produces and issues most of 
our gas. We don't deliver gas to anybody.
    Mr. Horn. Reason I ask that, in Eastern Europe and Central 
Europe we have a major natural gas problem where most of that 
is supplied by the Russians and through either pipeline or 
ship; and this is, of course, January, and it could be if that 
can't get through that or is utilized or leakage or whatever, 
you would have most of Eastern and Central Europe freezing 
pretty badly. Because if it was a Y2K affair that triggered 
something--and we know that there are microchips involved in 
the refinery and in the ships that haul that's under 
compression and so forth. So we don't have that problem here?
    Mr. Le Naeve. Not at SMUD.
    Mr. Horn. OK.
    Mr. Ferguson. If I could comment on the county's 
preparedness contingency planning. Like any other local 
government in California, we have considerable experience 
responding to natural disasters. With one exception, the county 
is preparing for Y2K similarly to prepare for any other 
disasters that's also our flood season here. So we're prepared, 
the exception being that, and we've discussed this at great 
length, many times, the response of natural disaster depends 
upon mutual aid between governmental jurisdictions. We realize 
at this point that this problem could be very widespread. So 
we're not counting on mutual aid in our preparations.
    Mr. Ose. If I may inquire, Mr. Ferguson, as it relates to 
the airport, December 31st is typically a pretty heavy travel 
day. As it relates to the airport operations, what, if 
anything, has the county--how has the county interfaced or 
interacted with FAA or operations at the airport to ensure that 
an unlikely contingency can be handled out there, that being 
the system goes down for either an unfortunate lack of power or 
an imbedded chip failure or something of that nature?
    Mr. Ferguson. Well, the rest of the--fall into three 
categories. Businesses, which I briefly addressed in my 
responses, to the extent they need to get bills paid and 
payroll out.
    Second area is in the imbedded chip area. These are systems 
that run the airport, everything from the parking tickets 
dispensing system and fuel dispensing, et cetera. We assisted 
the airport. They've done a very good job in evaluating those 
imbedded chips and we have a program under way.
    Third area of risk, we call this retractable kinds of risk. 
To the extent that the airport depends on the Federal Aviation 
Administration to control traffic, we have no opportunity to 
deal with that. It's just something we depend on someone else 
to provide as well as with the airlines. They have their own 
major business systems that run their reservations ticketing 
operations. And we are relying on them, as we are at the FAA, 
to deal with their Y2K risks. All reports we have at this time 
is that they are making good progress.
    Mr. Ose. You're confident about the county success rate of 
progress to date on the systems that they have authority over 
or responsibility for?
    Mr. Ferguson. I would say the county is--it's at the 90 
percent rate in terms of remediation across the board at this 
point.
    Mr. Ose. Are you going to be at 100 percent come the first 
of the year? That's the question.
    Mr. Ferguson. Probably 99.99 percent. There are obviously 
going to be a few areas we miss, a small computer in a remote 
office, but we don't expect that to have any impact on our 
business operations.
    Mr. Ose. I want to visit on one other aspect of this. SMUD 
has a website?
    Mr. Le Naeve. I'm sorry, sir?
    Mr. Ose. Does SMUD have a website?
    Mr. Le Naeve. We do.
    Mr. Ose. OK. And Pacific Bell has a website?
    Mr. Latino. Yes, sir.
    Mr. Ose. And PG&E has a website?
    Mr. Hall. Indeed, we do.
    Mr. Ose. And I'm curious whether or not on any of those 
websites, in the unlikely event of a failure wherever, your 
subscribers, your ratepayers, or your service recipients could 
access those websites for contingency alternatives?
    Mr. Le Naeve. In our case, Congressman, that whole website 
issue is being discussed as it is and will continue to be right 
up to the night of rollover. We're getting several reports from 
the FBI and a few other places of criticality of people coming 
in and getting into our system and attempting to bug it, if you 
will. And getting into our system of direct path is through our 
website. We are toiling--emphasize the decision has not been 
made--but we're toiling with the possibility of shutting that 
website down for a few hours before and a few hours after the 
actual rollover.
    Now, should the disaster happen that we've all heard about, 
clearly we would expect to communicate either through the 
National Emergency Broadcast System or some other means to get 
the word out as to what we're going to be doing. We will be in 
constant contact with the county. They will be in contact with 
us, and we would look to the county and to the State to assist 
us in getting out whatever word we need to. But to tell this 
committee that we are going to guarantee that they can access 
our website, I'm unable to do that.
    Mr. Ose. I'm more interested in, say, between now and 11:59 
on December 31st, posting information on the website in your 
respective organizations in the event of X----
    Mr. Le Naeve. We do that, yes, sir.
    Mr. Ose. Pacific Bell do that and PG&E?
    Mr. Hall. We have some guidelines and questions--typical 
key questions and answers that have been asked--for public 
information, but it is an idea that I want to take back with me 
and pursue a little more. I think there is some more merit in 
that idea that we haven't pursued all the way. I think 
especially approaching the year end timeframe there may be a 
subset of our customers that might choose to look first there. 
So I'm going to take that back and take a closer look at the 
opportunities for that.
    Mr. Ose. It would seem to me even if the websites--in order 
to shut off access from someone trying to hack, even if the 
websites are shut down at least between now and then, people 
can print out or pull down off the web these very suggestions 
and print them out and keep them readily available.
    Mr. Le Naeve. We do that, Congressman, even to the point of 
the use of portable generators, which is a big fear that the 
average person would attempt to use a portable generator and 
without some basic knowledge and understanding all they do is 
get into a self-destruct mode. So we use our website to get 
that type of information out as well and to caution them for 
the proper usage as well as the most common asked questions. 
There's a shred out to our website that is Y2K specific and we 
update that at a minimum on a monthly base.
    Mr. Ose. As a representative from a rural area, you can 
understand my concern. Many of my people have livestock that 
require regular water and regular feed.
    Mr. Le Naeve. Sure.
    Mr. Ferguson. If I may just briefly comment on the county's 
website efforts. We, too, have a website. However, we are aware 
that we serve all the constituents of Sacramento County, many 
of which may not have access in their homes to Internet 
technology. So our program is multifaceted and involves a 
public information campaign, town hall meetings, and actual 
written material that we're mailing out in our utility bills to 
try and get exposure to the broadest level of our constituency.
    Mr. Ose. Now, there's a date coming up in September, 
September 9, 1999, which I'm familiar with, but would anybody 
care to briefly explain what that date comprises? It's a 
virtual equivalent in some instances to the December 31, 1999 
rollover.
    Mr. Ferguson. I think that's something that's been 
overexaggerated a little bit. Commonly in the old days 
programmers used a collection of nines perhaps to represent the 
end of a file or some other condition. Fortunately, I think 
most computers would represent that date as September 9, 1999. 
So it's unlikely it will cause some of the predicted failures 
that people have talked about. But in all of our remediation 
efforts of our legacy systems, we have examined that as well as 
other Y2K-related issues. There's a date coming up in February 
2000 which would be the first leap year date after the change 
of the millennium, making sure that is corrected as well.
    Mr. Ose. Some of you have actual tests going to transpire 
on the 9th of September?
    Mr. Latino. Pacific Bell, Congressman, is continually 
ongoing in their testing requirements. Specifically in relation 
to September 9, 1999, we have prepared a separate business 
continuity plan for that day where we will have people staffed 
at our critical systems, and I'm addressing specifically our 
911 system. And we have a scheduled list task to be performed 
in order that the right metrics can be evaluated to ensure that 
processing is going as expected.
    Mr. Le Naeve. In our case, the reason NRC decided to play 
the national exercise on September 9th was precisely for that 
reason. That puts all the required forces in the utilities in 
the right place in the eventuality that something did happen.
    Mr. Horn. Mr. Latino, it's good to hear that Pacific Bell's 
911 lines will operate. Isn't there a problem here with the 
people that are taking those calls? Most of them are either law 
enforcement or established by city managers, however, and how 
vulnerable does that make--you might have a good capability, 
but what's the human element here?
    Mr. Latino. Certainly the human element here is to make 
sure that there is not miscommunication, and toward that end, 
we have really launched an extensive effort in 1999 to 
communicate with our public safety partners. We've done this 
through numerous letters indicating the status of their 
equipment that we, in fact, provide and the need for them to 
check with other systems that we do not have responsibility 
for. We have participated in over one dozen forums, both with 
the public as well as with public safety personnel. We have 
sent out bill notices and inserts to further communicate the 
status of the 911 infrastructure concerning Y2K. And just as we 
said, we have distributed this to every public safety agency in 
the State that we supply which is, once again, our cookbook on 
how prepared we are for Y2K with 911.
    Mr. Horn. If you could submit that for the record, maybe we 
can get a lot of it in the hearing.
    Mr. Latino. Yes, sir.
    Mr. Ose. Without objection.
    [Note.--The publication prepared by Pacific Bell entitled, 
``Pacific Bell Public Safety Solutions'' is retained in the 
files of the subcommittee.]
    Mr. Ose. Now, before I go on with my other questions, I 
want to get the website addresses each of you have in the 
record. It's www.smud.com and www.sbc.com?
    Mr. Latino. Yes, Mr. Congressman.
    Mr. Ose. www.pge.com.
    Mr. Hall. Right. And I just emphasize that's ``pge'' 
without the ``&.''
    Mr. Ose. Right. Just the letters, no ampersand.
    Mr. Le Naeve. Sorry, sir. You said SMUD dot--ours is org, 
o-r-g.
    Mr. Ose. www.smud.org in your case?
    Mr. Le Naeve. Yes.
    Mr. Ferguson. And the county's website is 
www.co.sacramento.ca.us.
    Mr. Ose. Sacramento all the way out.
    Mr. Ferguson. Spelled.
    Mr. Ose. All 10 letters.
    Mr. Ferguson. It's a mouthful.
    Mr. Ose. Couple of other questions, if I might. I know PG&E 
receives some gas from foreign sources, that being Canada, and 
Pacific Bell is going to receive calls from overseas 
presumably, and SMUD perhaps by wheeling may receive energy 
from Canada, either through WOP or otherwise. Are there 
challenges each of you face in interacting with companies that 
might not be Y2K compliant and how are you dealing with those?
    Mr. Hall. You mentioned PG&E first so I'll respond first--
and we also include gas from Texas.
    Mr. Ose. That's a foreign country, too.
    Mr. Hall. That's a foreign country to us, indeed. But to be 
frank, initially the Canadian utilities were not under the same 
freedoms or onuses to reveal the status of their programs as 
their U.S. counterparts were, and so we initially had 
difficulty obtaining valid information as to where they were 
going and where they were.
    That has changed. And we have derived--and our affiliates 
who actually transport the gas from the Northwest have 
derived--very good information and have participated in several 
face-to-face meetings where a substantial amount of readiness 
information has been shared--to the point where we are very 
comfortable that they have taken it seriously. They'll be 
ready.
    So I think at this point we see both from the Texas side 
and from the Canadian side that we do not see any issues there 
that we can identify right now.
    Mr. Latino. Congressman, if I may add, our corporate 
headquarters is in Texas. So we have a very good relationship 
with that particular foreign country. And certainly we are 
testing internally. There are two key forums from the 
telecommunications perspective we have worked closely with. The 
first one is Telco forum, which consists of 21 suppliers, and 
that forum interactively with those suppliers tested 82 
different telecommunication elements. And those elements were 
chosen as a result of them being representative across Northern 
America.
    When you start looking from an overseas perspective and 
long distance calls completing, the other organization which we 
conducted testing with is known as ATIS, the Alliance for 
Telecommunications Industry Solutions. Those testing has been 
done and the results have, in fact, been successful.
    Mr. Le Naeve. In our case, most, if not all, the power we 
purchase comes from the organization, from the Western States 
Coordinating Council or those agencies that are members, and, 
as Mr. Hall says, we're now encouraged that Canada is on board. 
And speaking for SMUD, we believe they are at least as well off 
in being prepared as we are. And I'm even more encouraged after 
today because the bulk of the power we buy, we get it from 
PG&E. So I'm satisfied.
    Mr. Ose. How about at the airport? I know we have--we have 
a single carrier coming into the airport from foreign--Canadian 
Air, can they fly into Sacramento airport?
    Mr. Ferguson. Personally, I'm not familiar with all the 
carriers out at the airport. I did want to mention one other 
public--quasi-public utility. Sacramento County and the Office 
Communication Information Technology operates Sacramento 
Regional Radio System, which supplies public safety radio 
services to all the agencies in the region. We operate a system 
that contains about 8,000 portable and mobile radios and 
supplies communication services to the sheriff, the police 
department, utilities, the fire districts. That system has been 
tested and is Y2K compliant.
    Mr. Ose. Well, gentlemen, I want to say that I appreciate 
you coming down here. What I hear you saying is the systems are 
going to be ready, and I can tell you as a representative of a 
large agricultural area and numerous urban areas, you give me a 
great deal of comfort in that respect. I'm going to hold you 
accountable.
    Mr. Chairman, anything else?
    Mr. Horn. No, that's it. That was asked.
    Mr. Ose. I got this covered. Let's go ahead and release 
this panel. Again, our appreciation and bring the third panel 
down.
    So we need to have Kathleen Tschogl, Alan Rabkin, Guy 
Koppel and Holly Delaney.
    I saw Kathleen walk out the back of the room. Better get in 
here, we're waiting on you.
    Mr. Willemssen, you might want to just sit up here because 
you'll probably have to move back up here eventually.
    As we have with other panels, I would like to swear you in 
as we do with every other congressional testimony, so if you'll 
rise.
    Do you solemnly swear that the testimony you will give 
before this subcommittee will be the truth, the whole truth, 
and nothing but the truth?
    Let the record show the witnesses answered in the 
affirmative.
    [Witnesses sworn.]
    Mr. Ose. We're going to start with Kathleen Tschogl from 
Raley's. She's the manager of governmental and regulatory 
affairs with Raley's Supermarkets. Please go to the podium to 
present your testimony.

   STATEMENTS OF KATHLEEN TSCHOGL, MANAGER, GOVERNMENTAL AND 
REGULATORY AFFAIRS, RALEY'S SUPERMARKETS; ALAN RABKIN, GENERAL 
COUNSEL, SENIOR VICE PRESIDENT, SIERRA WEST BANK, ON BEHALF OF 
     THE CALIFORNIA BANKERS ASSOCIATION; GUY KOPPEL, CHIEF 
   INFORMATION OFFICER, U.C. DAVIS MEDICAL CENTER; AND HOLLY 
    DELANEY, YEAR 2000 PROGRAM, MERCY HEALTH-CARE SACRAMENTO

    Ms. Tschogl. I didn't bring any pictures because they say 
that a picture is worth 1,000 words. So I just brought 1,000 
words. I hope that's OK.
    Mr. Ose. We have a picture here.
    Ms. Tschogl. OK. On behalf of Raley's Supermarkets, I'd 
like to thank you for the opportunity to speak before you today 
about the issue of Y2K and the food industry. With the year 
2000 only a few months away, resolving this problem is an 
urgent necessity. It's been estimated that the average major 
food company will spend $27 million to become Y2K compliant, 
combining to an industry total of $1.8 billion. You will be 
relieved to know the Grocery Manufacturers of America reports 
that 95 percent of its members have already completed and 
tested their Y2K upgrades. The overwhelming amount of time and 
money invested leaves us confident that the food industry will 
be well prepared for the year 2000.
    At Raley's we began upgrades in 1997 by analyzing and 
testing our current systems, including telecommunications, 
internal software, and point of sale hardware. These upgraded 
systems have been operating successfully since June 30th of 
this year. An area of great concern to our customers is the 
electronic funds transfer, the EFT network. Debit and credit 
card terminals at cash registers are run by computers, and many 
people fear they will be either unable to use their ATM cards 
or that inaccurate transactions will take place. To solve this 
problem, Raley's and other supermarkets have completed 
certifications with their EFT network providers on Y2K 
readiness.
    Perhaps even more important than attending to one's own Y2K 
problems is making sure others are taking care of theirs. In an 
industry so heavily reliant upon a network of suppliers, 
manufacturers, shippers and retailers, it is essential that 
every link in the supply chain be strong enough to handle the 
new millennium. We're working closely with vendors and 
suppliers on their Y2K compliance efforts. We keep a list of 
all outside companies who may possibly affect our Y2K readiness 
and receive regular updates on their efforts.
    The great amount of media hype surrounding Y2K have 
customers worried that food shortages will occur and that their 
supermarket's shelves will be empty. The food industry has been 
hard at work since 1997 to make sure that this does not happen.
    We would like to remind the public that grocery stores are 
well accustomed to dealing with natural disasters, storms and 
holiday rushes. We are no strangers to providing goods and 
services during the harshest conditions. We are completely 
capable of ordering and receiving additional supplies as 
necessary. No change in supplies expected. We urge customers 
not to stockpile any more water or food than they would 
normally do in preparation for winter. The bulk of our concerns 
are not internal but related to outside government programs and 
regional utilities. These are areas beyond our control. We as 
an industry urge the government to provide support and 
oversight so that these crucial systems operate efficiently, 
allowing goods to be manufactured, transported, and supplied to 
the public.
    Another possible Y2K concern is connected to the food 
assistance program. Many of our customers rely upon programs 
such as WIC and food stamps. These programs often rely upon 
electronic benefit transfers creating a possible Y2K problem. 
While they are not under the industry control, we have been 
working with the USDA to prepare these systems for the new 
millennium. We request the Government give the necessary 
attention to the programs in connection to the Y2K issue so 
that we may continue to serve the people who rely on them.
    We take our responsibility to provide for the people 
seriously. We've been working to ensure that our customers' 
needs will be met. We have tested, retested, and reinforced our 
systems for the year 2000. Raley's plans to have a Y2K team on 
hand throughout the New Year weekend to handle any 
complications that may unexpectedly arise. We are more than 
prepared for the year 2000.
    Thank you.
    Mr. Ose. Thank you.
    [The prepared statement of Ms. Tschogl follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.128
    
    [GRAPHIC] [TIFF OMITTED] T0954.129
    
    [GRAPHIC] [TIFF OMITTED] T0954.130
    
    [GRAPHIC] [TIFF OMITTED] T0954.131
    
    [GRAPHIC] [TIFF OMITTED] T0954.132
    
    Mr. Ose. Mr. Rabkin, general counsel, senior vice president 
of Sierra West Bank, testifying on behalf of the California 
Bankers Association.
    Mr. Rabkin. Thank you very much. I appreciate the 
opportunity to be here today and to speak to you concerning the 
banks' readiness for Y2K.
    My name is Alan Rabkin. I am the general counsel and senior 
vice president of a regional bank by the name of Sierra West 
Bank, which was recently acquired by Bank of the West.
    Now we serve the eastern California and western Nevada 
markets, so I can speak to you on those issues, but I'm 
generally familiar with what banks are doing nationwide. I'm 
knowledgeable about the banks' security aspect of Y2K since I 
served on SCC panels to formulate rules concerning that issue. 
I've seen firsthand the operational lending and other aspects 
of the year 2000, and I hope I know what I'm talking about.
    Well, I've got good news for you. I think this is the 
shining moment for banks in the United States. We have done our 
work. We have gotten down to business. We have made our 
equipment ready. We have ordered new equipment when it's not 
ready. We have fixed and tested, retested, created plans and 
educated the public and our customers. Together we have 
assessed risks, account risks, loan risks, facilities risks. We 
canceled staff vacations. We've generally taken our lumps on 
1999 earnings. We basically have done what a responsible bank 
should do, but we're not completely done. We always have things 
to do, but we certainly are through the door of compliance and 
we will meet the dawn of the new millennium with completely 
updated, fully compliant Y2K systems.
    I like to say in my public presentations that if Father 
Time needs cash at the new millennium, we will deliver it. So 
what does this mean? What can we expect? Are there going to be 
major problems in the Y2K systems for banks?
    The answer is, I can't predict exactly what will happen, 
but I will tell you that I doubt it. Some of you have read 
about recent problems in Y2K areas dealing with banks. Just 
about a week ago I opened the papers and there was an article 
about a company by the name of Affiliated Computer Services, a 
small Texas-based ATM provider who seems to have some sort of 
Y2K failure in their software systems. But when you look into 
the problem, it wasn't Y2K related at all. Instead, it was 
simply a software upgrade failure. It was simply a lack of 
fully engineered upgrade. And that happens a lot these days.
    Recently in the area I'm in, a local regional airline 
carrier introduced an upgrade not related to Y2K, and that 
upgrade did not take well, and their whole system went down, 
they backed up with their prior system, they made the fixes and 
they came back on line.
    This is the reality of computing in the 1990's. So once you 
get beyond the potential for errors caused by new software 
introduction, I think you'll find that banking has very, very 
few Y2K problems left to it. In fact, I myself still have all 
my money--or most of my money in FDIC-insured institutions. I'm 
fully confident I won't lose one dollar. I'm fully confident 
I'll be able to withdraw as much or as little money as I need. 
I'm fully confident my cash needs will be met on a day-to-day 
basis. I do need money to get through the end of the year and 
probably the best New Year's celebration of the millennium. 
However, I don't think I need my life savings to do that.
    What's more of a Y2K concern to me, however, is the 
misinformation that I see daily. You know Y2K is good theater, 
and I'm getting a little tired of it, especially when it comes 
to ads like those run by KIA Motors Corp. implying that banks 
are not Y2K compliant. Frankly, there's no proof for that. In 
fact, there's opposite proof. All the Federal banking agencies, 
the Securities and Exchange Commission, even Alan Greenspan 
have represented banks as the poster child of Y2K compliance. 
We are the good conduct citizens of Y2K. We got started very 
early.
    So what's all this misinformation about? Well, the L.A. 
Times came out with a story about a week ago saying even though 
it's been shown that banks are 99 percent compliant, that 42 
percent of the consumers still believe ATMs will not operate. 
And 38 percent fear checks will bounce, and 20 percent believe 
that Y2K will shut down the banks.
    So we have to do a better job. We have to market our skills 
better in Y2K. We have to get the word out that banks are fully 
compliant, and if there are any glitches they will be dealt 
with. So we are going to be more proactive. We're going to 
market Y2K just like we market our bank products. I think 
you've seen that recently with banks such as Union Bank who 
have the ``Y2K OK'' campaign going statewide right now.
    Every delivery system will be used to get the word out 
between now and the end of the year; statement stuffers, public 
speaking, these hearings. Everything so that we can get face to 
face with our customers. And we will ask the customers what 
they are not aware of, what they need more information on, and 
we will be good corporate citizens going into the end of the 
year.
    So with that proactive attitude, we continue to win the 
race. We continue to be up front and we feel that Y2K if it's 
not a dud, will certainly be a dud as to banking. So I'm here 
to answer any questions you might have concerning the banking 
industry, but we have arrived. We may have to be at work on 
January 1st just to be sure; but if you see us a little tipsy 
on January 2nd of the new millennium it's because we're 
celebrating a very, very good performance by the banking 
industry.
    Thank you.
    Mr. Ose. Thank you, Mr. Rabkin.
    Mr. Koppel, who is the chief information officer of U.C. 
Davis Medical Center is here to join us, also.
    Mr. Koppel. Thank you and good morning. First, let me 
apologize, I have neither a picture nor a thousand words 
prepared. We had some communications mix-up and we just--last 
evening I found out I was selected to appear here this morning. 
I would like to address the Y2K issues in terms of UCD Med 
Center and the health system. The health system is the 
combination of the school of medicine and the medical center. 
We in the health systems began looking at Y2K issues back in 
1995 and 1996 and we took advantage of opportunities with our 
electronic systems to begin modifying in-house development, and 
making sure we had tractional language for acquisition of new 
systems.
    In 1997 the university office of the president started 
formalizing the process and brought all the university medical 
centers and campuses together and developed a reporting system 
in which we participate. In July 1998 the UC Health Systems in 
Sacramento developed a task force. I co-chair that task force, 
and we have representatives from all across the organization 
that represents major operations and functionality areas. We 
developed an action plan, which tests all the obvious 
processes: Inventory, assessment, renovation, all the things 
that are necessary for Y2K readiness.
    The major areas of concern that we have are--because we're 
in the patient care business, of course, trying to be self-
sufficient in case everything fails. So the areas that we've 
looked at are not only information systems, but our health and 
safety areas with fire alarms, water and power. And I'd just 
like to say in terms of water and power, we're very fortunate 
to have a brand new power plant that is driven by natural gas. 
It has a secondary backup system, diesel. Our third redundancy 
is SMUD, and our fourth redundancy is portable generators that 
will plug into each of our major buildings. As far as water 
goes, we're depending on the city, but we have two wells in 
place right now, the third one going into the infrastructure is 
being constructed. I don't think water and power will be an 
issue.
    Most of the medical equipment that we have is another major 
issue. We've notified vendors. We inventoried all of our 
equipment. We have tested it and set aside funding for 
acquisition of new equipment as we realize in some cases the 
vendors will not be upgrading for Y2K compliancy. Most of the 
orders for the new equipment and replacement equipment have 
been submitted, and will be on hand well ahead of the Y2K time 
period.
    As far as office automation and facilities go, we've taken 
all kinds of measures to make sure that our office automation 
has contingency and business continuity depending on those 
systems. We put into place a program whereby we can interrogate 
and mitigate any PC-related problems in terms of resetting 
clocks, replacing chips or parts in the PCs. We've also 
addressed the issues of contracts, making sure that all of our 
contracts with people we do data exchange have Y2K compliant 
statements. We've notified all of our vendors and have gotten 
responses back from vendors regarding supplies and availability 
of supplies.
    As far as the actual Y2K orientation itself, we have been 
audited by the State Division of Audit and we came through 
fairly good. The audit report would say that there is one 
system that they looked at, that had a plan for testing, but at 
the time they looked at it, it wasn't tested due to the fact 
that we had to add some equipment. That system has now been 
tested and validated. Most all of our electronic systems have 
been modified, replaced, tested and validated. For those that 
are not completed will be completed, those well ahead of year 
2000.
    The plan that we have at the Med Center is that we're going 
into the year 2000 very optimistically, but we also are going 
to hedge our bets by having a full staffing of our disaster 
recovery center, and we're going to be having full staff of any 
major area of concerns.
    Telecommunications, I'd like to talk to you about that for 
a minute. We're self-sufficient. We have our own switching 
system. We have a backup, Pac Bell. We utilize an 800 megahertz 
radio system which is connected for emergency purposes to the 
county of Sacramento, and we also have an emergency phone 
system that is hard wired throughout the medical center in case 
of failure of Pac Bell or in our own switching systems.
    I think that kind of concludes what I'd like to say, and 
I'd be happy to answer any questions.
    Mr. Ose. Thank you, Mr. Koppel. We're going to take 
questions at the end of all the testimony.
    Finally, our last panelist is Holly Delaney, who is in 
charge of the year 2000 program with Mercy Healthcare 
Sacramento.
    Ms. Delaney. I'd like to thank you, Congressman Ose and 
Chairman Horn, for the opportunity to present here today Mercy 
Health-care Sacramento's Y2K preparedness status. As you may or 
may not know, Mercy Healthcare Sacramento is a division of CHW, 
which is located down in San Francisco. They are a 48 Facility 
Healthcare System. We here in Mercy Healthcare Sacramento have 
seven hospitals, including skilled nursing facilities, home 
health organizations and clinic locations known as Med Clinic 
in the area.
    We began our year 2000 program in 1997 by developing an 
impact analysis. At the time the study identified 21 
application system upgrade projects at a total of $2 million. 
In addition to that, we developed a Project Management Office 
at the corporate level that addresses all Y2K processes; 
including testing methodologies, standards for application 
systems, biomedical devices, facility equipment, computer 
hardware and network electronics. The PMO has tested all of our 
biomedical devices throughout our 48 facilities, our clinic 
locations and home health locations, et cetera, facilities 
equipment, which means elevators, alarm systems, fire 
suppression systems, et cetera, application systems and PC 
hardware, network and telecom.
    We, like most organizations, have utilized the seven-phase 
Y2K compliance approach, which I'm sure you've heard a little 
bit about today: Inventory, assessment, planning, upgrade, 
testing, remediation and contingency planning. With limited 
staff resources and a set time for completion for Y2K, Mercy 
instituted a Y2K project prioritization process to ensure our 
patient critical Y2K systems were addressed first, so that we 
could continue to provide excellent quality patient care as we 
have for the last 100 years.
    Our current Y2K status, interesting how quickly these 
numbers grow after you continue to investigate, has gone up to 
an estimate of $15 million effort, with 26,000 staff hours to 
make our medical equipment and support systems Y2K compliant.
    Mercy has since identified a total 108 application systems 
upgrade projects, 63 of which we consider patient critical 
systems. And out of a total of 12,829 biomedical devices 
identified only 344, which is about 3 percent, failed our Y2K 
testing and either required replacements or upgrade. So that's 
pretty good news for the community at large that patients 
pretty much can rely on biomedical devices. That would be 
things like IV pumps, EKG machines, defibrillators, et cetera. 
Only 3 percent of these were determined to be noncompliant 
through our testing efforts, and we are in the process of 
remediating all of those.
    Our current status, 84 percent of our patient critical 
applications systems are currently Y2K compliant. They have 
been tested and upgraded. By August 31st we believe 97 percent 
of our patient critical application systems will be Y2K 
compliant. All PC network telecom equipment will be Y2K 
compliant by the end of August, and all biomedical devices and 
facility's equipment will be Y2K compliant by September. All 
contingency plans are currently complete. They have been 
distributed to all the departments in our organization and 
we'll be undergoing a quality review process at--I believe it's 
next week, to test those plans out and our staff's ability to 
follow and understand those plans.
    The various issues that we found in addressing our Y2K 
problem are that hardware and software vendors have continually 
changed their Y2K compliance status, causing us to reevaluate 
our cost, staff resources, and project completion dates. Many 
of our small software vendors are charging excessive fees and 
are slowing down our upgrade process for becoming Y2K 
compliant. These are the one-man, two-man owned shops with PC-
based software that are basically holding us hostage at times 
because they just don't have the wherewithal to complete all 
the upgrades.
    Third party software providers, we call them trading 
partners or EDI trading partners, both the data people and the 
vendors that we get supplies from at times cannot be tested or 
upgraded by Mercy. This includes some of our electronic claims 
remittance providers. We do have some risk in that area. 
However, we've mitigated this risk through contingency planning 
and basically we have manual processes in place by which we can 
continue to submit claims in a manual method.
    In addition, small isolated PC-based systems were difficult 
to inventory. And I'm sure everybody who is dealing with the 
Y2K effort has identified that. Thus, they're being identified 
as we complete our PC upgrades. This provides very little time 
for us to remediate. However, these are not patient critical 
systems, and they are mostly business systems used for 
efficiency, not the core critical business system processes.
    We're concentrating on contingency planning for these 
systems and basically people will have to do these efforts 
manually. Thank you.
    Mr. Ose. Thank you, Ms. Delaney.
    If you followed our panel list, you'll see that panel one 
is largely State and local government with a municipality. 
Panel two is largely utilities; and panel three is largely 
food, money, and health care kind of thing. So there is some 
sense or some method to our madness.
    If I may, Mr. Chairman, I'm going to proceed with my 
questions; and you can wrap up, and we'll do the paperwork, if 
you will, kind of thing.
    Ms. Tschogl, one of the questions I have is it--and it 
relates to Mr. Rabkin, also. The electronic funds transfer 
mechanism that many of your customers use, I want to make sure 
people understand that that's going to work when they come in 
at the end of the year, that the transactions are going to be 
accurate, that the system is going to be available. As I 
understood your testimony, that was the case that you have 
spent considerable effort making sure in conjunction with your 
partners, your business partners, that that will be available 
for folks?
    Ms. Tschogl. Our information services people have confirmed 
to me that they are absolutely certain that the electronic 
funds transfer mechanism will be working. You can probably talk 
more about the electronics.
    Mr. Ose. Turn that mic.
    Ms. Tschogl. Turn this?
    Mr. Ose. There you go. Much better.
    Mr. Rabkin. Mr. Chairman, fortunately, the regulators--
banking regulators have not stopped at banks. They've gone out 
to the vendors of banks and have examined vendors of banks on 
both mandatory and cooperative basis. On each of the primary 
Federal regulators both the Fed at fed.gov or fdic.gov or 
occ.gov you'll see listings of critical vendors like First Data 
or FDR, who are the primary drivers of what we call ACH or 
bank-card type transactions, and they've gone out and rather 
than make each bank test their driver of these systems, they've 
gone out and tested them with all the resources of the 
Government, which is very helpful. And, also, some enlarged 
banks have double-checked those findings and have checked the 
primary vendors as well and those noncompliant vendors are 
shown with their noncompliance status; but most, I would say, 
generally all, of the primary drivers of these very critical 
ACH wire transfer-type scenarios have been checked by the 
banking regulators.
    Mr. Ose. ACH is Automated Clearing House?
    Mr. Rabkin. Clearing House, that's correct. So this is not 
just one particular bank telling you that this will happen 
appropriately. It's the banking regulators telling us all that 
it will happen appropriately, and that's why I have comfort in 
it.
    Mr. Ose. So folks are engaged in electronic commerce 
whether they be on vacation or down at the grocery store or out 
in the rural areas buying feed or fertilizer and they wish to 
do electronic commerce. It seems as if the system is prepared 
whether it be at Raley's or at Henry Miller's Implement Dealer 
up in Yuba City or whomever. The system appears to be prepared 
for that ability to be achieved.
    Mr. Rabkin. That's correct. From what I've heard today, and 
prior testimony, we'll have power. We'll have phones. We'll 
have the banking and driver systems. Those are the critical 
elements to transacting any debit/credit transaction in any 
bank or merchant situation. So we have all the critical core 
elements to transact those transactions.
    Mr. Ose. So the financial system will be available. Let me 
explore, if I might, a little bit one issue that comes up 
regularly that we're all very attuned to whether we live in 
cities or in rural areas is food quality. And I know Raley's 
has an ongoing extensive program for food quality.
    Are there--is there any indication that there will be 
anything but a consistent high level of quality of product in 
the grocery stores by virtue of anything related to the Y2K 
problem?
    Ms. Tschogl. Absolutely not. There will be no change 
whatsoever; and as I mentioned earlier, we have dealt with 
power outages before, and in the event in a rural community or 
outlying area there really is a power outage, we've done this 
before and we have backup generators that will operate 
efficiently. Our refrigeration units are going to operate 
efficiently, just like they have every other time that we've 
had a little glitch in the system. This is not going to be any 
different.
    Mr. Horn. If I might just ask a question here. How about 
bottled water, will a lot of people do you think----
    Ms. Tschogl. We predict that there will be people buying a 
lot more bottled water than they normally would, but I don't 
predict they are going to be buying that bottled water a week 
before the new year. I think they are probably going to start 
gearing up for it throughout. It's not necessary, but I do 
think that people will be doing this. There will probably be a 
run on plastic--empty plastic bottles for putting their own 
water in, but it's not going to be a crisis situation at the 
supermarket.
    Every major supermarket has been preparing for this for 
years, and it's not what turned out to be at one point was a 
computer problem has escalated into another problem. That's all 
of our own making in our imaginations here about what's going 
to happen with food shortages.
    Mr. Ose. I hear you saying----
    Ms. Tschogl. And batteries. There will be no price gouging 
either, I might add. I don't know if you were going to ask that 
question, but that is another concern that some people have, 
that batteries are going to go for four dollars each when it 
gets into a crisis situation. I think you may have some of 
that. In some areas it may happen, but it won't happen in any 
of the major supermarkets across the country. I can speak for 
my colleagues in other supermarket chains that I won't mention.
    Mr. Ose. If I may follow on, Mr. Koppel and Ms. Delaney, I 
know that Ms. Delaney's organization just opened a state-of-
the-art trauma center out near my home town, if you will, 
actually it's in Carmichael. We're going to claim it's in 
Citrus Heights anyway. I want to make sure, one thing I heard 
Ms. Delaney talk about was the compliance levels in equipment, 
but I didn't hear Mr. Koppel speak about that. I wanted to come 
back to that, particularly as it relates to embedded chips and 
equipment that's been held for a couple, 3 years. You were very 
clear that you're down to about a 3 percent noncompliance rate.
    Ms. Delaney. That's what we started with.
    Mr. Ose. You're even below that now?
    Ms. Delaney. Correct. We'll be 100 percent compliant with 
our biomedical devices by September.
    Mr. Ose. Is that going to be the case also at the Med 
Center?
    Mr. Koppel. We've identified--I thought I spoke to that 
issue, but I probably brushed over it quickly. We took an 
inventory and made a complete assessment of all of our medical 
equipment and to date we have purchased approximately $270,000 
worth of equipment that we think needs to be replaced such as 
defibrillators, heart fusion pumps and small items. We expect 
there will be a few more. I can't tell you what the percentage 
is, but it's a fairly low percentage in comparison to the 
overall amount of investments that we made. The only medical 
equipment that is outstanding in terms of actual proof testing 
is some of our larger equipment like our MRIs, some CTs, 
cardiac catherization units, and the reason those are untested 
is because the vendors have notified all the users not to test 
these systems in the field. They are being tested at the 
factories and wherever else they have their testing sites. The 
reason being is some of these systems are so complex, if you 
set the time ahead, there's no going back on it. So it will 
just mess up the operating system; but except for that, we have 
plans to replace and we have the funding to replace all 
equipment that is not Y2K compliant, and it will be in before 
Y2K.
    Mr. Ose. Ms. Delaney--I appreciate that. Ms. Delaney, you 
brought up something I thought was particularly farsighted, and 
that was the claims submittal process for people who are 
enrolled in HMOs or who are on Medicare or Medicaid or Medi-
Cal. It's clear that Mercy in particular has given some thought 
to making sure that claim process doesn't bog down and become a 
nightmare either. Can you just kind of go over that for us 
briefly, please.
    Ms. Delaney. The biggest difficulty that we have found is 
in third parties claims administrators. Generally they have 
software that they've developed in-house and one in particular 
we're having difficulty getting upgraded.
    Mr. Ose. Turn that mic around a hundred and eighty degrees. 
There you go. Nope, that's wrong.
    Ms. Delaney. I'll just talk closer. How's that?
    So that is one of the difficulties we are finding. However, 
that won't prevent the provision of patient care. That just 
prevents us from getting our money for the provision of 
patients' care. So although we're concerned about it from an 
organizational standpoint, our patients should not be concerned 
at all. As I said, we do have provisions to submit those claims 
manually, and we are working as a corporation with some of 
those organizations to provide our clout to get those systems 
rectified and Y2K compliant. But that is an issue the third-
party payors are not always compliant.
    Mr. Ose. We have a very large organization in the U.S. 
Government called the Health Care Financing Agency [HCFA] in 
particular has had some difficulty just making sure that they 
are going to be compliant. Are you anticipating any difficulty 
there? And when you're finished, Mr. Willemssen, I'd appreciate 
any input you might have on this particular issue, too, with 
respect to Medicare claims and the like.
    Ms. Delaney. No. I read the reports on HCFA and I'm pretty 
sure--I know--they actually in the past have instituted--for 
example, when they've changed large computer systems, they've 
instituted a continued payment system, so I'm pretty sure that 
if anything should happen with the payment system, what they 
will probably do is just continue the average payments to the 
healthcare systems. So we're pretty confident that that won't 
be a financial risk to us.
    Mr. Willemssen. HCFA and Medicare represent one of the 
highest risk Federal programs that remains. The administrator 
has made a lot of excellent progress, but because they got such 
a late start and they have such a widespread intricate heavily 
computerized set of systems, they still have a long ways to go 
and limited time to do it. They are still overlapping 
remediation and testing activities that are occurring over the 
next few months. So there is still reason for concern.
    Reason for optimism is similar to what she pointed out. 
They have done a lot of good efforts in the contingency 
planning area, so that in the event there are disruptions, they 
will be prepared with backup plans. Those backup plans still 
need some further refinement and testing, however. So overall 
there's still definite room for concern on HCFA and Medicare. 
They are aware of it. They are working as aggressively as 
possible on it.
    If I also might point out, Congressman, in relation to 
comments you made earlier on biomedical equipment, I thought it 
useful to point out, I don't believe the witnesses had 
mentioned that there is a FDA data base on biomedical equipment 
that includes Internet links to over 400 manufacturers, and it 
indicates what those manufacturers say about their items. We've 
looked at that and there are over 35,000 products identified by 
those manufacturers, and about 4,500 of them are considered 
noncompliant. It may be--if the witnesses here haven't already 
done so, it may be worth their while to compare their efforts 
against what's reflected in those websites so it can match up 
any anomalies.
    Mr. Horn. On that point, Mr. Chairman, you were with us at 
the Cleveland hearing, I believe, and the very excellent 
representative from the Cleveland clinic talked about how they 
have this site where all the emergency room equipment could be 
checked against that, and the UC Davis submission is very 
impressive on how you people have been at this for a long time 
and well organized. I'm just curious, have you used the same 
site as the Cleveland clinic and a lot of them are using?
    Mr. Koppel. I'm not aware that we have. I know that we're 
working in conjunction with the purchasing department I know 
they have went out and interrogated these sites, and I'm sure 
they are working very close with our technical engineering 
department along these lines. I personally am not aware of 
that.
    Ms. Delaney. I have a quick comment about biomedical 
devices. CHW, when they began testing or when they chose to 
look at biomedical devices, found it was very difficult even 
from the manufacturer to determine which biomedical devices 
were Y2K compliant, because often the serial numbers didn't 
even reflect what embedded chips, et cetera, were in each 
device. So that's why we chose to go ahead and test all of our 
devices, and that is about 50 percent of the healthcare 
providers chose testing versus reviewing the data bases and the 
various information out there. We did choose to test because we 
started this early on, and we're very confident that we have 
the accurate information about Y2K because of that test.
    Mr. Ose. Mr. Chairman.
    Mr. Horn. I don't have any further questions. I think the 
panel has been excellent. I don't know if Mr. Willemssen has 
anything.
    Mr. Willemssen. Nothing else to add, Mr. Chairman.
    Mr. Horn. Thank you all. You were all impressive. You're 
right about the banks. We had them in our first hearing and the 
Clearing House and Mr. Greenspan and others have been doing a 
great job in making sure they comply, and the banks have done a 
great job.
    Mr. Rabkin. Maybe we should be giving away bottled water 
rather than toasters.
    Mr. Horn. How about plates in the Depression.
    Mr. Ose. Lower interest rates.
    Thank you all for participating.
    Mr. Horn. We have thanks to the staff here. And our staff 
director for the Subcommittee on Government Management, 
Information, and Technology is J. Russell George, and he's the 
chief counsel for the subcommittee. And on my right--your 
left--is Bonnie Heald, the professional staff member 
responsible for this hearing and the director of communications 
for the subcommittee. And the gentleman who was alert and 
moving those microphones around was Grant Newman, our clerk. 
And we had a lot of help from Mr. Ose's staff. And we want to 
thank Dan Scopek and Donna Willborn with Metro Cable, 
production director, and we also had from Mr. Ose's staff, 
Tory--you pronounce it----
    Mr. Ose. Tovey Giezentanner.
    Mr. Horn. Tovey Giezentanner and Peter DeMarco. And our 
court reporter is Maria Esquivel-Parkinson, and we thank you 
very much for sticking with us. It's tough sometimes when you 
can't get a rest or anything else.
    With that, if there are no further comments, I thank you 
for all you've done for this subcommittee.
    Mr. Ose. I do have a closing remark, Mr. Chairman. Under 
your guidance we have been able to bring together here this 
morning government at all levels to talk about the challenges 
we face. We've been able to bring the critical utility 
providers together to talk about their level of preparedness. 
In my opinion, we've brought together the most critical 
elements of private industry, that being banking, food and 
delivery, if you will, and healthcare to talk about their 
relative levels, and this would not have happened without your 
interest and participation and those of us in Sacramento who 
will benefit from this. On their behalf I say thank you for 
taking the time to come.
    Mr. Horn. Well, I thank you because I tell you, we've been 
through a lot of these, Mr. Ose and I and the staff, and just 
by chance and lot of hard work has been a really broad-based 
operation here, and I've been very pleased with the quality of 
testimony, both your oral testimony, your response to 
questions, as well as your written testimony which 
automatically goes in the record the minute the chairman 
recognizes you.
    We're sorry we have to cut it down sometimes to 5 minutes, 
but we want to get to the questioning, and that's where we 
learn the most, we think, because we've already read your 
documents and we thank you all for coming and the panels before 
you.
    And with that, we're going to recess this hearing to 
tomorrow in the Silicon Valley in San Jose. We will have the 
last hearing in
northern California, and then we're going on to the State of 
Washington next week for year 2000 testimony with the help of 
the Discovery Institute, which is a major foundation in 
Seattle. So with that, if there's no further comments, this is 
recessed to San Jose tomorrow.
    [Whereupon, the subcommittee was recessed.]


 THE YEAR 2000 COMPUTER PROBLEM: LESSONS LEARNED FROM STATE AND LOCAL 
                              EXPERIENCES

                              ----------                              


                       SATURDAY, AUGUST 14, 1999

                  House of Representatives,
Subcommittee on Government Management, Information, 
                                    and Technology,
                            Committee on Government Reform,
                                                      San Jose, CA.
    The subcommittee met, pursuant to notice, at 10 a.m., in 
the San Jose City Hall, City Council Chambers, North First 
Street, San Jose, CA, Hon. Stephen Horn (chairman of the 
subcommittee) presiding.
    Present: Representative Horn.
    Staff present: J. Russell George, staff director and chief 
counsel; Patricia Jones, American Political Science Association 
congressional fellow; Bonnie Heald, communications director; 
Chip Ahlswede, clerk; Casey Beyer, chief of staff, Congressman 
Tom Campbell's district office staff.
    Mr. Horn. This hearing of the House Subcommittee on 
Government Management, Information, and Technology will come to 
order. I'd like to welcome the residents of Silicon Valley, the 
San Jose Region for joining us today for the subcommittee's 
11th field hearing on the year 2000 technology challenge.
    The year 2000 computer problem affects nearly every aspect 
of operations in the government and the private sector. In 
Social Security and Medicare to local telephone service, 
electrical power and home personal computers, the year 2000 
computer bug has certainly been a large management and 
technology challenge for all of us. No single organization, 
city, State or even country can solve the year 2000 problem 
alone, nor can they guarantee their computers will work until 
the organizations and agencies that exchange data with them are 
also compliant.
    The year 2000 problem was created in the mid-1960's when 
programmers seeking to conserve limited computer storage 
capacity began designating the year in two digits rather than 
four. In other words, if you had 1967, they saved memory on 19 
and put in 67, and that was pretty soon practice, and you had 
two-digit years. Now they knew there would be a problem when 
there was a year 2000 because it would register 00 and a 
computer probably wouldn't know whether it was 1900 or 2000 or 
whatever it was, and those systems might malfunction, corrupt 
data or shut down completely. But they were optimists. They're 
Americans. They said, ``Technology will solve this.'' The fact 
is technology hasn't solved it. There's no silver bullet. It's 
a serious situation.
    Our first hearing was held in April 1996, and we had the 
clearing house, the banks, a number of key parts of our 
society, and they have been working steadily to make sure that 
those basic economic indicators and processes in our society 
work. But our focus as the subcommittee has been on the 
executive branch of the Government of the United States, and we 
found them ill prepared. And it took them about 2 more years 
despite our prodding to get prepared, and they finally 
appointed an individual to give full-time efforts to it, and 
he's done an excellent job.
    Mr. Koskinen is an assistant to the President and heads the 
Year 2000 Conversion Council, and we have had the pleasure of 
working with them. And our report cards you see out there on 
the desk are one of the prods we use to get them to face up to 
these matters, and slowly this is happening. We're optimistic. 
We think it will all be done prior to January 1, 2000. Current 
estimates show that the Federal Government will spend nearly $9 
billion to fix its computer system in this fiscal year which 
ends September 30th. It might well go into another billion if 
there's the sort of panic mode, shall we say. If that's what we 
worried about in the beginning, let's have careful management, 
good organization and work systematically to achieve the goals, 
and they're finally getting that there. So as I said, I have 
faith that this will work. I have often said the figure will 
reach $10 billion, and it might.
    Recently, the President's Office of Management and Budget 
identified 43 essential Federal programs such as Social 
Security, Medicare, and the Nation's air traffic control 
system. Each day these programs provide critical services to 
millions of Americans. Of those 43 programs, 10 are federally 
funded, State-run programs including Medicaid, food stamps, 
unemployment insurance and child support enforcement. Based on 
the data we received in May, all of these State-run programs 
were not scheduled to be ready for the year 2000 until 
December, leaving little, if any, time to fix unforeseen 
problems.
    Data exchanges and interdependencies exist in all levels of 
government and throughout the private sector. A single failure 
in the chain of information could have very severe 
repercussions. For example, Social Security Administration 
maintains a data base of Social Security payment information 
for eligible citizens. One data base has about 50 million 
citizens registered in it and another 43. When these payments 
are due, the Social Security Administration sends that 
information to the Department of the Treasury's financial 
management service where the check is issued and either 
electronically deposited into the personal bank account of the 
client, or it's delivered by the U.S. Postal Service. Each of 
these agencies has its own network of computers. If even one of 
them fails, the entire system breaks down, and the check will 
not be delivered.
    Indeed, many of the Federal executive branch agencies and 
Cabinet departments have said, ``Well, our contingency plan is 
the U.S. Postal Service.'' When we saw that, we decided to hold 
a hearing with the U.S. Postal Service, and it turned out they 
had no contingency plan for themselves. So we're not sure about 
the various agencies on their fallback. But it will be slow. 
Fortunately, the Social Security Administration has been 
working on the problem for 10 years, and they're in good shape. 
And the only other one at this point 'til our next report is 
what we called in the old days the weather service. They're 
right on target. If there were still a few farms in the Santa 
Clara Valley, those farmers would be very happy. They could get 
all the weather news they want as they drive their tractors 
through the furrows and orchards of Santa Clara County, but 
they're hard to find anymore.
    But even well-prepared computers won't work without power. 
One of the most essential questions involving the year 2000 
challenge, and we'll have some testimony on this before us 
today, will the lights stay on? Without electricity our modern 
society would be relegated back to the proverbial stone age, 
and that would have a major effect on our economy. We remember 
the General Motors strike in Michigan? That would be a drop in 
the bucket compared to power outages, assembly lines stopping, 
hundreds of suppliers that make up some major products such as 
airplanes for my own constituency where Boeing and the former 
Douglas operations, suppliers come from all over America. So 
blackouts, inadvertent or vertent, I guess, they can cause real 
economic damage.
    Our Nation has made great strides in the advancement of 
information technology to which we owe the credit to many 
corporate residents of Silicon Valley. We're extremely 
fortunate today to have as witnesses representatives from high 
technology companies that develop hardware, software, 
microchips and processors that enable our computer systems to 
function on a daily basis. We're very interested to hear how 
these companies have approached the year 2000 technology 
challenge and their experiences in dealing with this issue as 
we approach the new millennium.
    No one can predict what might or might not happen once the 
clock ticks past midnight this New Year's Eve. The only 
certainty is that this January 1st deadline cannot be extended. 
So I welcome today's panel of witnesses.
    [The prepared statement of Hon. Stephen Horn follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.133
    
    [GRAPHIC] [TIFF OMITTED] T0954.134
    
    Mr. Horn. We will have two panels here and panel three 
after that.
    And then the first one, I'd like to call those witnesses 
forward: Joel Willemssen, the Director of the Civil Agencies 
Information Systems of the U.S. General Accounting Office; Mark 
Burton, the Y2K project manager for the city of San Jose; Dana 
Drysdale, vice president, information systems, San Jose Water 
Co.; Ronald E. Garratt, assistant city manager, city of Santa 
Clara; Christiane Hayashi, the year 2000 communications manager 
for the city of San Francisco. If you will come forward, this 
is an investigating committee of the House, so we have the 
following process: We would ask you to stand, raise your right 
hands to affirm the oath to the truth of the testimony, and 
then I'll make some other requirements.
    [Witnesses affirmed.]
    Mr. Horn. The clerk will note that all five witnesses have 
affirmed the oath. As we introduce each one of you, your full 
statement is automatically put in the record, and these records 
get very thick as you can imagine, but you have some excellent 
information in the full statement. We would like you to 
summarize, if you could, to 5 minutes if you need a few more, 
OK. But if you could do it in five, that leaves time for a 
dialog between you and us, and between yourselves, and I think 
that is all very fruitful often, if we get that done.
    So let us start, then, with the first witness we have, and 
he follows us around America, precedes us, and that is Mr. 
Willemssen, the Director of the Civil Agencies Information 
Systems for the General Accounting Office. That is an arm of 
the legislative branch since 1921, and they have given us 
outstanding service in terms of looking at this very tightly, 
both on the economics, on the accounting and on the 
programmatic arrangements. They put out, with every new 
Congress, a high-risk profile on the various agencies of the 
government, and we use that as a model to examine what the 
executive branch is doing. So Mr. Willemssen, it's all yours.

    STATEMENTS OF JOEL WILLEMSSEN, DIRECTOR, CIVIL AGENCIES 
   INFORMATION SYSTEMS, U.S. GENERAL ACCOUNTING OFFICE; MARK 
 BURTON, Y2K PROJECT MANAGER, CITY OF SAN JOSE; DANA DRYSDALE, 
VICE PRESIDENT, INFORMATION SYSTEMS, SAN JOSE WATER CO.; RONALD 
 E. GARRATT, ASSISTANT CITY MANAGER, CITY OF SANTA CLARA; AND 
 CHRISTIANE HAYASHI, YEAR 2000 COMMUNICATIONS MANAGER, CITY OF 
                         SAN FRANCISCO

    Mr. Willemssen. Thank you, Mr. Chairman. As requested, I'll 
briefly summarize our statement on the Y2K readiness of the 
Federal Government, State and local government and key economic 
sectors.
    Regarding the Federal Government, reports indicate 
continued progress in fixing, testing and implementing mission-
critical systems. Nevertheless, numerous critical systems must 
still be made compliant, and must undergo independent 
verification and validation. The most recent agency quarterly 
Y2K reports due to OMB yesterday should provide further 
information on agency progress.
    Our own reviews of selected agencies have shown uneven 
progress and remaining risks in addressing Y2K, and therefore 
point to the importance of business continuity and contingency 
planning. Even for those agencies that have clearly been 
Federal leaders such as the Social Security Administration, 
some work still remains to ensure full readiness. If we look 
beyond individual agencies and systems, the Federal 
Government's future actions will need to be increasingly 
focused on making sure that its high priority programs are 
fully compliant. In line with this, OMB has identified 43 high 
impact programs such as Medicare and food safety.
    Available information on the Y2K readiness of State and 
local governments indicates that much work remains. For 
example, according to recently reported information on States, 
about eight States had completed implementing less than 75 
percent of their mission-critical systems. Further, while all 
States responding said that they were engaged in contingency 
planning, 14 reported the deadlines for this as October or 
later. State audit organizations, including the California 
State Auditor, have also identified significant Y2K concerns in 
areas such as testing embedded chips and contingency planning.
    Another area of risk is represented by Federal human 
services programs administered by States, programs such as 
Medicaid, food stamps, unemployment insurance and child support 
enforcement. OMB recorded data on the systems supporting these 
programs showed that numerous States are not planning to be 
ready until close to the end of the year, and further, this is 
based on data that have not been independently verified.
    Recent reports have also highlighted Y2K issues at the 
local government level. For example, in July we reported on the 
Y2K status of the 21 largest U.S. cities. On average these 
cities were reporting completing work on about 45 percent of 
their key services.
    Y2K also remains a challenge for the public infrastructure 
and key economic sectors. Among the areas most at risk are 
health care and education. For health care, we've testified on 
numerous occasions on the risks facing Medicare, Medicaid and 
biomedical equipment. In addition, last month we reported that 
while many surveys have been completed on the Y2K readiness of 
health care providers, none of the 11 surveys we reviewed 
provided sufficient information to assess the true status of 
these providers.
    For education, last week's report of the President's Y2K 
Conversion Council indicates that this continues to be an area 
of concern. For example, according to that report, many school 
districts could have dysfunctional information systems because 
less than one-third of institutions were reporting that their 
systems were compliant.
    That completes the summary of my statement, and after the 
panel is done, I'll be pleased to address any questions. Thank 
you.
    Mr. Horn. Thank you very much for that very helpful and 
thoughtful statement.
    [The prepared statement of Mr. Willemssen follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.135
    
    [GRAPHIC] [TIFF OMITTED] T0954.136
    
    [GRAPHIC] [TIFF OMITTED] T0954.137
    
    [GRAPHIC] [TIFF OMITTED] T0954.138
    
    [GRAPHIC] [TIFF OMITTED] T0954.139
    
    [GRAPHIC] [TIFF OMITTED] T0954.140
    
    [GRAPHIC] [TIFF OMITTED] T0954.141
    
    [GRAPHIC] [TIFF OMITTED] T0954.142
    
    [GRAPHIC] [TIFF OMITTED] T0954.143
    
    [GRAPHIC] [TIFF OMITTED] T0954.144
    
    [GRAPHIC] [TIFF OMITTED] T0954.145
    
    [GRAPHIC] [TIFF OMITTED] T0954.146
    
    [GRAPHIC] [TIFF OMITTED] T0954.147
    
    [GRAPHIC] [TIFF OMITTED] T0954.148
    
    [GRAPHIC] [TIFF OMITTED] T0954.149
    
    [GRAPHIC] [TIFF OMITTED] T0954.150
    
    [GRAPHIC] [TIFF OMITTED] T0954.151
    
    [GRAPHIC] [TIFF OMITTED] T0954.152
    
    [GRAPHIC] [TIFF OMITTED] T0954.153
    
    [GRAPHIC] [TIFF OMITTED] T0954.154
    
    [GRAPHIC] [TIFF OMITTED] T0954.155
    
    [GRAPHIC] [TIFF OMITTED] T0954.156
    
    [GRAPHIC] [TIFF OMITTED] T0954.157
    
    [GRAPHIC] [TIFF OMITTED] T0954.158
    
    [GRAPHIC] [TIFF OMITTED] T0954.159
    
    [GRAPHIC] [TIFF OMITTED] T0954.160
    
    [GRAPHIC] [TIFF OMITTED] T0954.161
    
    [GRAPHIC] [TIFF OMITTED] T0954.162
    
    [GRAPHIC] [TIFF OMITTED] T0954.163
    
    [GRAPHIC] [TIFF OMITTED] T0954.164
    
    [GRAPHIC] [TIFF OMITTED] T0954.165
    
    [GRAPHIC] [TIFF OMITTED] T0954.166
    
    [GRAPHIC] [TIFF OMITTED] T0954.167
    
    [GRAPHIC] [TIFF OMITTED] T0954.168
    
    [GRAPHIC] [TIFF OMITTED] T0954.169
    
    [GRAPHIC] [TIFF OMITTED] T0954.170
    
    [GRAPHIC] [TIFF OMITTED] T0954.171
    
    [GRAPHIC] [TIFF OMITTED] T0954.172
    
    [GRAPHIC] [TIFF OMITTED] T0954.173
    
    [GRAPHIC] [TIFF OMITTED] T0954.174
    
    Mr. Horn. Our next witness is Mark Burton, the Y2K project 
manager for the city of San Jose, and, Mark, we're delighted 
with the kindness of the city administration to let us use 
their City Council Chamber today. So we thank you.
    Mr. Burton. Thank you. Good morning. Thank you for 
opportunity to speak before the subcommittee on the city of San 
Jose's efforts in preparing for a rollover in the millennium 
and how we're addressing the year 2000 computer problem.
    The city began its year 2000 efforts in the summer of 1997, 
and since that time has allocated over $10 million toward this 
effort, with $6 million of that at our airport alone to 
mitigate the impacts of Y2K computer interruptions.
    The Y2K Office in the Information Technology Department has 
had the responsibility for coordination of planning and 
remediation activities for Y2K efforts. In addition, the 
Information Technology Department has responsibility for the 
mitigation and year 2000 readiness for the city's traditional 
computer systems. Individual departments have focused on their 
internal systems and operational issues, and the Y2K task force 
comprised of representatives from all departments have focused 
on coordination activities between the departments and acted as 
a clearing house for Y2K information.
    In early 1999, recognizing the potential impacts of service 
interruptions on our critical health and safety services, a 
second Y2K Public Health and Safety Task Force was created to 
concentrate on the readiness for these services. This Public 
Health and Safety Task Force's focus is on emergency and health 
issues. Some examples include water service, waste water 
treatment, emergency medical response, emergency police 
response, sewage collection and storm drainage.
    Our year 2000 project has four major areas: Computer 
systems, embedded systems chips, business continuity planning 
and public information. In the computer systems area, systems 
and hardware were inventoried and assessed for operation into 
and through the year 2000. We inventoried and assessed over 160 
systems and 150 applications for computers and servers. After 
Y2K assessment, decisions were made to repair, upgrade, replace 
or retire in-house and vendor supplied software. 15 systems 
remain in the remediation process at this time.
    For embedded systems chips, in critical service areas 
including our Convention Center, police and fire departments, 
municipal water service, telecommunications and streets, the 
city obtained services of expert contractors in embedded chips 
to assist in the inventory assessment. In these six 
departments, 2,500 pieces of equipment were inventoried and 
assessed. While the majority of the equipment was found to be 
year 2000 compliant in the assessment phase, over 30 percent 
was found questionable, and just over 1 percent not Y2K 
compliant.
    While interesting to find embedded systems chips in 
equipment, appliances and other things taken for granted both 
at home and work, it was surprising to find non-year 2000 
compliant chips in our fire department's defibrillators. They 
are now year 2000 compliant, and Deputy Chief McMillan will go 
into more detail about the defibrillators.
    In late 1998 the city began its business continuing 
planning with development of department Y2K contingency 
strategies for mission critical and essential services and 
equipment. Preliminary plans were developed between December 
1998 and March 1999 with more comprehensive plans recently 
completed in July. We are not only preparing the computer 
systems for the date change, we are also preparing contingency 
strategies which will be implemented, if required, to minimize 
disruptions of critical services. In the case of a temporary or 
more extended service interruption, we must be prepared with 
recovery strategies to bridge the gap and continue supplying 
critical services.
    With our dependency on others for services and products in 
our complex industrial technological society, we are taking the 
steps to ensure the continuation of critical city services 
should there be interruptions. Staff has developed detailed 
contingency plans for all critical services and systems. These 
contingency plans are based on our existing emergency 
operations plan, and they detail the procedures necessary to 
mitigate service impacts related to year 2000 failures, either 
locally, or in the event of power-grid outages or utility 
systems malfunctions. Dr. Winslow's testimony covers some of 
the training and practice exercises used to prepare staff and 
tune our contingency plans.
    The last component of our Y2K project I want to speak of is 
the public information phase. The city with the assistance of a 
media consultant is in the process of developing a public 
outreach campaign to reach out to residents to assist them with 
year 2000 home readiness. We're coordinating this with Santa 
Clara County and targeting our initial release for October to 
coincide with the 10th anniversary of the Loma Prieta 
earthquake. The emphasis will be on emergency preparedness, not 
only for year 2000, but for any emergency, be it earthquake or 
other natural disaster. Another area of concentration will be 
to educate city employees in home preparedness so they will be 
ready to respond to any Y2K problems with the knowledge that 
their families are OK.
    The city of San Jose has made good progress on its systems 
readiness for Y2K. However, due to our reliance on others for 
key services and supplies, the city is taking steps to be ready 
for Y2K interruptions whether they come from within or from a 
third party. The city's goal is clear, to be prepared for Y2K. 
Mission-critical systems and services must be ready for the new 
millennium, and at this time we see no reason that the city 
should not meet this goal.
    In conclusion, I'd like to thank the committee for the time 
to speak on the city of San Jose's year 2000 efforts.
    Mr. Horn. Well, thank you very much for your well-organized 
description of what you've gone through and what some of the 
implications are, and we'll get back to some of this in the 
question period.
    [The prepared statement of Mr. Burton follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.175
    
    [GRAPHIC] [TIFF OMITTED] T0954.176
    
    Mr. Horn. Dana Drysdale is the vice president, information 
systems for the San Jose Water Co.
    Mr. Drysdale. Thank you, Chairman Horn. In the interest of 
time, I will skip our greeting and summary that's in the 
written statement and go directly to some detail which will be 
of use to you. We're very pleased to be here today. In my 
testimony, San Jose Water Co. will be referred to as SJWC.
    SJWC's Y2K readiness program can be summarized into six 
major steps. These steps are: No. 1. Customer contact. Every 
customer that requests information regarding San Jose Water 
Co.'s Y2K readiness program receives a personal written reply. 
Additionally, there is Y2K information on sjwater.com. That's 
our website.
    Step 2. Major power and water supplier contact. Both 
Pacific Gas and Electric Co. and the Santa Clara Valley Water 
District are critical to the normal operation of Silicon 
Valley's water system. These organizations have a Y2K readiness 
program. SJWC and all local water retailers meet quarterly as a 
group with the Water District. The April 21, 1999 meeting was 
devoted to a discussion of Y2K.
    The district shares knowledge of State and Federal water 
project readiness levels. As of June 1999, SJWC understands 
that the State completed the modification to its network to be 
Y2K ready and that these modifications are being tested by a 
consultant. As a result of the April 21st meeting, the district 
and SJWC identified a continuous supply of electrical power as 
a concern. Additional information about this is included in 
Step 6, contingency planning.
    Step 3 of our program. Review of software and hardware 
products. SJWC uses standard commercially available computer 
hardware and software packages. This means we do not have a 
significant development environment at the San Jose Water Co. 
All SJWC hardware and software suppliers perform significant 
Y2K testing of their products. In many cases, these software 
and hardware providers also engage independent testing 
organizations, such as ITAA or NSTL. To the best of our 
knowledge, all software and hardware products used in SJWC's 
water system are Y2K ready.
    Where practical, SJWC repeated aspects of these tests. For 
example, water distribution for most of Silicon Valley is 
controlled by SJWC's sophisticated SCADA System. SJWC performed 
a successful Y2K system test of the SCADA System's servers and 
remote telemetry unit's hardware and software.
    Step 4. Contacts with governments, other suppliers and 
business partners. All replies from these folks indicate a Y2K 
readiness program.
    Step 5 of the program. Employee awareness and education. 
SJWC's executive committee regularly discusses the Y2K 
readiness program. SJWC's chief financial officer, controller, 
and vice president of information systems--that's three 
different people--participated in a Y2K test of SJWC financial 
and materials systems.
    The company's technology committee meets quarterly or as 
needed to ensure that SJWC uses technology appropriately. The 
technology committee is also involved in Y2K readiness. For 
example, this committee has an ``embedded controller'' project. 
Committee members identified functions in their area that might 
be subject to control of a computerized clock and contacted the 
manufacturer to ensure Y2K readiness. Please note that SJWC's 
water-related computer systems typically manage water based on 
demand and not time.
    Step 6 of the program. Contingency planning. The chief 
contingency planning concerns for Silicon Valley's water supply 
include the import water and electrical power concerns 
identified in step 2 above. SJWC contingency plans are common 
for many possible situations in Silicon Valley, including 
earthquakes.
    Water resources in the valley are managed under an 
integrated plan by Government Agencies, by the Water District 
and by water suppliers such as SJWC. 50 percent of our water is 
imported from State and Federal water projects, and is treated 
at District treatment plants.
    Approximately 35 percent and 15 percent, respectively, of 
Silicon Valley's water is supplied by SJWC operated wells or 
through local surface water. Local surface water depends on 
local rainfall. In the event of a disaster or emergency that 
impacts ground water supplies--excuse me--import water 
supplies, significant additional ground water is available from 
SJWC operated wells.
    SJWC has excellent working relationships with Pacific Gas 
and Electric Co. and other power suppliers. In the event of 
power interruptions, SJWC's experience is that power is 
restored as quickly as possible. SJWC also has emergency 
generation facilities that operate the water system during 
power interruptions such as those experienced during the 1989 
Loma Prieta earthquake. However, sustained regional power 
outages have serious impacts on water operations.
    The SJWC portion of Silicon Valley's water system is 
designed with local finished water storage reservoirs. This 
means that water is in the valley. In many cases, full local 
reservoirs and tanks will gravity feed water to customers. 
Power is needed to initially fill these reservoirs.
    On the morning of a typical January day, SJWC will have 
approximately 2 days of finished water in Silicon Valley in 
these reservoirs. If power is completely interrupted for more 
than 2 days, water would be supplied using SJWC emergency 
facilities alone. Operating the water system under emergency 
conditions during a sustained regional power outage is very 
different than typical water delivery, this is beyond that 
first couple days, and may result in some water supply outages.
    Disaster planning and generation facilities are coordinated 
with county and city agencies and the California Public 
Utilities Commission. SJWC customers and employees enjoy many 
benefits from participating in regional emergency preparedness 
and encourage everyone to take advantage of their city and 
county emergency planning services.
    San Jose Water Co. thanks Chairman Horn and House staff for 
the opportunity to present testimony. Additional information is
available at sjwater.com or by phone at (408) 279-7900.
    Mr. Horn. Thank you. That's a very thorough presentation, 
and you're talking about a key ingredient for all of us. We 
don't last too long without water. Thank you for coming with 
that.
    [The prepared statement of Mr. Drysdale follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.177
    
    [GRAPHIC] [TIFF OMITTED] T0954.178
    
    Mr. Horn. The next witness is Ronald E. Garratt, assistant 
city manager for the city of Santa Clara. Mr. Garratt.
    Mr. Garratt. Thank you, Mr. Chairman. I thank you for 
inviting me to speak today on the subject of Y2K readiness in 
the city of Santa Clara. I'm both the assistant city manager 
and year 2000 project manager for the city.
    Before I describe the city's Y2K readiness program, I would 
like to briefly acquaint you with the city of Santa Clara. 
Santa Clara is a full-service municipality providing police, 
fire and utility services to approximately 103,000 residents 
and over 10,000 businesses. Somewhat unique to Santa Clara, we 
are one of only four cities in the greater Bay Area that own 
and operate an electric utility. Later on this morning you will 
be hearing from Karen Lopez, Silicon Valley Power's Y2K program 
manager.
    The city of Santa Clara is either headquarters for or 
services a major campus site for a number of leading 
internationally known high-tech companies: Intel, Sun 
Microsystems, Hewlett Packard, 3Com, Applied Materials and 
National Semiconductor to name a few.
    Like other organizations, the city of Santa Clara knows the 
importance of year 2000 readiness, and is focused on our 
ability to store and manage data through the millennium change 
and into the next century. The city's formal year 2000 program 
began in 1997. However, the city's actual remediation efforts 
commenced approximately 5 years ago through the systematic 
replacement of major departmental computer systems. In point of 
fact, replacement of the city's then existing mainframe driven 
COBOL based operating programs were driven as much or more by 
the need for increased performance and enhanced user 
functionality as the need to eliminate the expression of a year 
in a two-digit field.
    Over the past 5 years, the city has spent nearly $22 
million replacing critical computer systems. $7\1/2\ million in 
public safety systems, including the new 911 emergency dispatch 
system, the new 800 MHz trunked radio system, new police and 
fire records management systems and telephone system upgrades. 
$5\1/2\ million for utility systems including the electric 
substation telemetry control, power scheduling and water system 
pump control upgrades. $5 million for finance systems including 
a new utility building system and a finance system data 
warehouse. $2 million for computer network improvements 
including the upgrade to Y2K compatible personal computers for 
all system users, and the upgrade of all network hardware and 
software to Y2K compatible standards. $1 million for public 
works systems including the upgrade of the city's traffic 
control system.
    The city is working aggressively toward being a Y2K ready 
organization for all major systems no later than September 1999 
with the exception of two departmental computer systems that 
will be fully operational by November 1999.
    The city's Y2K readiness focuses on two major strategies: 
Replace or repair. As I mentioned earlier, it has been the 
city's primary goal to replace non-Y2K compatible systems 
rather than repair them with one major exception. In 1997 it 
was determined that replacing the COBOL based core accounting 
system, comprised of the general ledger and payroll systems, 
with a Y2K compliant enterprise accounting system could not be 
accomplished in the time remaining. The city engaged a 
consultant to modify the program code to accept year 2000 day 
calculations. These core accounting systems were tested and 
verified as Y2K ready in 1998.
    The city has inventoried departmental computer systems, 
both hardware and software. Y2K readiness has been determined 
through a combination of vendor validation, system testing and 
third party consultant review. The city has employed 
verification and validation software to test all desktop user 
hardware and software for Y2K compliancy. Where appropriate, 
external computer interfaces have been validated. Examples 
include the city's 911 interface with the regional phone system 
and the city's financial interface with our primary bank.
    One primary goal of the city's Y2K strategy is to ensure 
residents and businesses that the city of Santa Clara is 
working diligently on their behalf to minimize disruptions 
caused by the potential year 2000 computer problems. We've 
communicated our progress through a number of channels: Face-
to-face meetings with major businesses and the Chamber of 
Commerce, regular updates posted on the city's website, cable 
cast over the city's Government channel, and printed in the 
city newspaper which is distributed to all residents and 
businesses. Additionally, we're in the process of holding a 
series of Y2K meetings throughout the community to update and 
advise neighborhoods on individual and family emergency 
preparedness. Over the next 3 months, we will be mailing out 
materials on home and small business preparedness for possible 
Y2K caused disruptions.
    As we have moved in to the later portion of 1999, 
contingency planning has surpassed remediation as the primary 
Y2K focus for the city. We are both encouraged and assured by 
Y2K remediation efforts occurring in both the private and 
public sectors in the Silicon Valley, but we also understand 
our day-to-day reliance on complex, far-reaching interconnected 
computer systems. Given the millions of lines of programming 
code contained in these systems and the thousands of embedded 
chips that control these systems, we fully anticipate the 
possibility of Y2K disruptions in the community and the region 
as a whole. We are advising the community to prepare for 
possible Y2K disruptions much in the same manner as a household 
would prepare for an earthquake or flood threat. We are 
advising moderation in food and supply stockpiling and the 
amount of cash kept on hand. The Y2K preparedness checklist 
would contain certain unique characteristics such as advising 
households to keep hardcopy financial records for the later 
part of 1999. We do not believe Y2K preparedness needs to be 
dramatically different than typical household emergency 
preparedness.
    The city has been preparing for possible Y2K disruptions 
through a series of tabletop exercises and problem simulations 
that allow staff to practice and perfect the emergency response 
systems. By the completion of this series of emergency 
exercises we will have involved agencies such as the school 
district, our local hospital and the Red Cross to enhance the 
ability to coordinate our emergency response. Additionally, the 
city departments are reviewing manual work-around procedures 
that would allow at least a basic level of city services to be 
maintained in critical areas if computer systems were to fail.
    The city's emergency operation center will be open and 
fully staffed over the New Year's period. We will track Y2K 
related events over the Internet as they unfold through the 
dateline through Asia into Europe and across the Eastern United 
States. We will maintain a telephone bank to quickly respond to 
community concerns or rumors. In the event of a major regional 
disruption in electric power or communications, the city has 
fall-back alternatives available on a very localized basis. We 
are prepared for an extended Y2K response period if that 
becomes necessary.
    In closing, I want to thank the committee for the 
opportunity to speak this morning. On behalf of the City 
Council of the city of Santa Clara, I extend our appreciation 
to the committee for your diligence and efforts in determining 
year 2000 readiness throughout this nation. Thank you.
    Mr. Horn. Thank you. We appreciate your remarks.
    [The prepared statement of Mr. Garratt follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.179
    
    [GRAPHIC] [TIFF OMITTED] T0954.180
    
    [GRAPHIC] [TIFF OMITTED] T0954.181
    
    [GRAPHIC] [TIFF OMITTED] T0954.182
    
    [GRAPHIC] [TIFF OMITTED] T0954.183
    
    [GRAPHIC] [TIFF OMITTED] T0954.184
    
    [GRAPHIC] [TIFF OMITTED] T0954.185
    
    [GRAPHIC] [TIFF OMITTED] T0954.186
    
    [GRAPHIC] [TIFF OMITTED] T0954.187
    
    [GRAPHIC] [TIFF OMITTED] T0954.188
    
    [GRAPHIC] [TIFF OMITTED] T0954.189
    
    Mr. Horn. Christiane Hayashi is the year 2000 
communications manager for the city of San Francisco. Thank you 
for coming.
    Ms. Hayashi. Thank you, Mr. Chairman, I want to thank the 
subcommittee for the opportunity to participate in the national 
dialog on this topic. I also want to take the opportunity to 
personally thank the General Accounting Office for all the 
invaluable information that they have passed along that has 
been of use to the State and local governments, and I'm sure 
even private businesses as well.
    I brought with me as written testimony a rather long report 
to the San Francisco Board of Supervisors. Unfortunately it was 
prepared as an internal document and it's hot off the presses. 
I didn't get a chance to repackage it for external viewing. So 
the only clue that it's from San Francisco is the CCSF acronym 
at the top corner of the page. I apologize for that. We'll take 
care of that when we get back to the office.
    Mr. Horn. When you say it's an internal document, you can 
be sure the press will want that one more than any.
    Ms. Hayashi. There are 75 copies on the table, so 
everyone's welcome to it. It's a document that we prepared. 
It's the most recent Y2K status for the San Francisco Board of 
Supervisors, and it contains detailed status reports for each 
of the 14 mission-critical departments in the city as 
designated for the focus of this Y2K preparation. But actually, 
I'd like to talk about something that's not in that report, and 
I'd be happy to take any specific questions on status as well.
    Everyone who's dealt with Y2K for any period of time can 
rattle off the improved procedures, inventory assessment, 
remediation, testing, contingency planning, supplier 
verification, and most recently identified some elements of due 
diligence as independent validation and verification, and the 
city is, of course, actively engaged in this process. But what 
has emerged as one of the most important elements of Y2K 
preparation is public awareness.
    It's become apparent to many jurisdictions as you've heard 
in prior testimony that whether Y2K has seriously harmful 
effects to society could depend on the individual citizen's 
level of preparation for it and how they react to it. And by 
public awareness, I mean, first of all, that we get accurate 
information to the public so that they can evaluate whether 
their government's efforts are addressing all of their needs in 
a due diligence process, and so that the public can share the 
Government's confidence when certain systems are certified as 
Y2K ready, and also so that each person and household can 
assess what their risks are based on their personal needs and 
priorities. For example, the person who requires medication 
might assess the risks to the pharmaceutical industry and 
decide how much medication to keep around the house in the 
event of need.
    And also by public awareness, I mean that we get 
information to the public about how they should prepare. At 
this point, enough agencies and businesses have accomplished 
enough work so that those following Y2K progress are breathing 
a little easier about the potential effects of New Year's Eve 
on the social and economic fabric of the United States, at 
least from a technical perspective, although we do recognize 
much work remains to be done.
    The banking and utility industries and their associated 
regulatory agencies have expressed pretty good levels of 
confidence that their services will continue uninterrupted. 
Consumer automobiles have been warranted by the manufacturers 
and most central systems of public and private organizations 
will have received at least some attention by the end of the 
year. Most governments have achieved substantial readiness and 
rapid progress continues.
    But the fact remains that we can expect some surprises from 
Y2K, and a significant danger remains that a public panic 
reaction could have severely detrimental effects. People need 
to understand that they can expect Y2K-related headaches in the 
first half of next year, so that they shouldn't run screaming 
into the streets the first time that the lights flicker. They 
also need to take advantage of this opportunity to prepare to 
be just a little bit self-reliant.
    Personal Y2K preparation is like buying fire insurance. Is 
it likely that your house will burn down? Not really, but there 
is a chance, and the value of your home and its contents are 
sufficiently important that you take the time and spend the 
money to protect it against that eventuality. Having purchased 
that fire insurance, you can feel secure that come the worst, 
you have some protection.
    Similarly in the Y2K context, it's looking very unlikely 
that there will be serious infrastructure breakdowns. However, 
because of the complex interdependencies of our high-tech 
society, what could fail and for how long remains a great 
uncertainty. Just as agencies have looked over their 
inventories assessing the compliance, fixed their non-compliant 
systems, tested their fixes and made back-up plans, so the 
citizens should identify their personal priorities for the 
mission-critical systems, like insulin to a diabetic. They 
should assess their risk of failure of those systems such as 
checking the websites of the manufacturers of the elements that 
you might have at home. They should fix what they can, such as 
downloading fixes for their personal computing systems from 
manufacturer's websites, and they should identify the 
alternatives to those things that could fail, but are beyond 
their individual capacity to fix, such as keeping a supply of 
essential and nonperishable groceries of the household needs.
    Above all, people should be prepared for Y2K by remaining 
rational and avoiding hysteria about the millennium. Panic 
could result in long-term economic problems, rioting, looting 
and other socially unproductive behavior. Now is the time for 
people to remember that we are low-tech human beings. There's 
nothing standing between us and the earth and the sunlight and 
the air we breathe. Our families and friends don't have 
computer chips. Our social network will remain intact. Since no 
one has ever suggested that Y2K will result in spontaneous 
combustion, we should have most of our personal possessions 
around us.
    With just a little bit of preparation, we can provide 
ourselves with Y2K insurance. In California where we've had at 
least three major earthquakes, raging fires, power outages and 
alternating drought and floods during this century, it's merely 
common sense to make your household self-reliant in a few 
fundamental respects: Nonperishable food, water, necessary 
medicine, flashlights, a little cash, security of important 
documents.
    But for ourselves and each other, we can use this 
fascinating Y2K historical event as an opportunity to 
strengthen our human bonds and improve our collective future. 
That's the message of optimism and personal empowerment that we 
feel is an important part of San Francisco's readiness effort. 
Thank you.
    Mr. Horn. Well, thank you. That's very well stated, and you 
are right on the mark, and as I listen to you, I think you 
probably get the last word when you see the mayor who is used 
to having the last word. So thanks for coming and sharing those 
insights with us. We appreciate it.
    [The prepared statement of Ms. Hayashi follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.190
    
    [GRAPHIC] [TIFF OMITTED] T0954.191
    
    [GRAPHIC] [TIFF OMITTED] T0954.192
    
    [GRAPHIC] [TIFF OMITTED] T0954.193
    
    [GRAPHIC] [TIFF OMITTED] T0954.194
    
    [GRAPHIC] [TIFF OMITTED] T0954.195
    
    [GRAPHIC] [TIFF OMITTED] T0954.196
    
    [GRAPHIC] [TIFF OMITTED] T0954.197
    
    [GRAPHIC] [TIFF OMITTED] T0954.198
    
    [GRAPHIC] [TIFF OMITTED] T0954.199
    
    [GRAPHIC] [TIFF OMITTED] T0954.200
    
    [GRAPHIC] [TIFF OMITTED] T0954.201
    
    [GRAPHIC] [TIFF OMITTED] T0954.202
    
    [GRAPHIC] [TIFF OMITTED] T0954.203
    
    [GRAPHIC] [TIFF OMITTED] T0954.204
    
    [GRAPHIC] [TIFF OMITTED] T0954.205
    
    [GRAPHIC] [TIFF OMITTED] T0954.206
    
    [GRAPHIC] [TIFF OMITTED] T0954.207
    
    [GRAPHIC] [TIFF OMITTED] T0954.208
    
    [GRAPHIC] [TIFF OMITTED] T0954.209
    
    [GRAPHIC] [TIFF OMITTED] T0954.210
    
    [GRAPHIC] [TIFF OMITTED] T0954.211
    
    [GRAPHIC] [TIFF OMITTED] T0954.212
    
    [GRAPHIC] [TIFF OMITTED] T0954.213
    
    [GRAPHIC] [TIFF OMITTED] T0954.214
    
    [GRAPHIC] [TIFF OMITTED] T0954.215
    
    [GRAPHIC] [TIFF OMITTED] T0954.216
    
    [GRAPHIC] [TIFF OMITTED] T0954.217
    
    [GRAPHIC] [TIFF OMITTED] T0954.218
    
    [GRAPHIC] [TIFF OMITTED] T0954.219
    
    [GRAPHIC] [TIFF OMITTED] T0954.220
    
    [GRAPHIC] [TIFF OMITTED] T0954.221
    
    [GRAPHIC] [TIFF OMITTED] T0954.222
    
    [GRAPHIC] [TIFF OMITTED] T0954.223
    
    [GRAPHIC] [TIFF OMITTED] T0954.224
    
    [GRAPHIC] [TIFF OMITTED] T0954.225
    
    [GRAPHIC] [TIFF OMITTED] T0954.226
    
    Mr. Horn. Let me ask some general questions for the panel 
as a whole. I've long felt since I got into this in 1996 that 
this is a management problem, not just a technological problem, 
and I'd sort of like to know from you now that you've been 
through this process, what are the management principles you 
followed that you think, for those that haven't really become 
involved in this, you could give them a little guidance?
    So let's just go right down the line. I think I'm going to 
let you pass, Mr. Willemssen. Let's have your colleague there, 
Mr. Burton, from the city of San Jose. What's the management 
approach you've taken and where responsibility is being placed 
and so forth?
    Mr. Burton. I think the No. 1 issue has been awareness, and 
that's for managers throughout the organization to be aware. 
Whether or not it's from a standpoint of the general issue of 
the year 2000 preparedness or the individual services and key 
equipment items, to ensure that they are year 2000 compliant. 
It's, I think, self-realization you have to begin with, and if 
you're in denial, you certainly wouldn't begin addressing the 
problem.
    Mr. Horn. Mr. Drysdale.
    Mr. Drysdale. Our management approach is based on 
communication, participation and involvement by really 
everybody. So when I mentioned that our executives participated 
in the test, that was true. We were all there on Saturday 
working on it, and the same thing is true of our staff. We work 
together as a team. So primarily involvement, participation, 
continued good communications, we try to practice every day at 
work. That's just a common approach.
    Mr. Horn. Mr. Garratt.
    Mr. Garratt. I think the fact that I have been assigned as 
the Y2K project coordinator from the city manager's office 
rather than a chief information officer is indicative of the 
visibility the council and the city management chose to give 
this issue. We have departments who have been working in very 
rigorous ways to solve their individual proprietary situations, 
but it does require a certain level of oversight and 
coordination and a constant message that enough is never quite 
enough. And that's the approach we've taken.
    Mr. Horn. Ms. Hayashi.
    Ms. Hayashi. In the city of San Francisco which is a fairly 
decentralized city, the multiple programs primarily take 
responsibility for all their own operations. It was an 
important step in the Y2K effort to create a central, city-wide 
organization that existed to help coordinate the efforts 
between the departments, coordinate the communications about 
the interdependencies between departments, because a lot of 
departments that rely on the phone services, for example, are 
dependent on another city department for providing those 
services. Also for centralizing some of the issues to avoid 
duplication of work, and directing resources also, because as 
we've seen departments that perhaps don't have enough resources 
in their own pockets, that we could direct some personnel and 
some expertise to them so that they can get the job 
accomplished quickly.
    So the central oversight has been critically important, and 
I think I agree with the message of motivation as well, that 
everybody needs to keep working as hard as they can.
    Mr. Horn. Since we have three cities on this panel, San 
Francisco, Santa Clara and San Jose, I'm curious if any of you 
have had the type of exercise that Rockville, MD and Lubbock, 
TX ran through where they advanced the date forward, in a 
department in the middle of the night and then see what happens 
to your emergency coordination operation. Has any of you done 
that at this point, or have we just dealt individually with 
adaptation of codes?
    Ms. Hayashi. That has been done in San Francisco, but 
again, many of these year 2000 readiness preparations were done 
on a department-by-department basis. So we haven't had a city-
wide exercise, but there has been a lot of date simulation 
testing in individual departments.
    Mr. Horn. Because certainly when you have department 
responsibility, the question is do they have connection with 
other departments to get their job done?
    Ms. Hayashi. Exactly. And that's why the central program 
management office is the grease that keeps those wheels moving.
    Mr. Garratt. I have heard the Rockville staffers and the 
Lubbock staffers explain the exercise they went through. We 
have not attempted to perform something like that. We pushed 
certain systems beyond the millennium. We had the unique 
experience in one system where it went beyond and operated, but 
it was very difficult to pull it back. And there was a bug in 
the software from that perspective. But we've been fairly 
limited and judicious on pushing these systems as a unit.
    Mr. Burton. In the city of San Jose we have pushed the date 
forward on our network, our city-wide network, to the year 2000 
and exercised the system. I believe that was back in March, and 
have a plan to do that again in September over the Labor Day 
weekend. In addition, for our computer clusters for 
applications we have tested systems with the system dates 
rolled forward, as well as the individual applications, flexing 
them with functionality in the next century. Our first test in 
that was in the month of May this year. We actually have a test 
underway today in our computer center with a date rolled 
forward to the year 2000. We also have one scheduled for August 
28th and again on Labor Day, as I mentioned.
    Mr. Horn. Some have mentioned over the last few years that 
there are some additional dates we need to be concerned with, 
and your comment on September, I thought I'd use that, 
September 9, 1999 bothers some people as it might mess up some 
computers because that apparently was used as a symbol for a 
number of computer programs in the past, and the other being 
the fact that we have a little extra day in February 2000.
    Does any of that concern you one way or the other?
    Mr. Burton. We identified 19 key high-risk dates 
potentially. The high risk dates have been examined against the 
application to find out what dates that application would have 
at risk. Our testing plan includes flexing a minimum of two of 
those dates for applications: most assuredly the roll over as 
well as leap day, and then identification of some other date. 
For instance, not only do you face January 1st and leap day, 
but with remediated code, et cetera, we're concerned about 
month end closes, quarterly closes, fiscal year closes and 
calendar year closes in these remediated applications. So there 
are quit a few dates that we're looking at.
    Mr. Horn. Mr. Garratt, any thoughts on that?
    Mr. Garratt. As I mentioned in my presentation, we've 
replaced a good number of our systems with object-oriented 
programming languages, C++, that deal with the year as a four-
digit equation. Our finance system has been remediated, and we 
are aware, and we will be watching very carefully certainly on 
September 9th. The programmers have looked into the system to 
make a determination if that could be a problem. They did not 
believe it will be a problem.
    Mr. Horn. That's very interesting, and I wonder how about 
San Francisco? Have you done that?
    Ms. Hayashi. Yes, yes. Leap year and other potentially 
sensitive dates are a part of what we have taken into 
consideration in examining the IT systems.
    Mr. Horn. Mr. Drysdale, you've given us very helpful 
information on the water, and as understand it, there are 
200,000 public water systems regulated under the Safe Drinking 
Water Act that serve about 240 million people in our country. 
The remaining population obtains most of their drinking water 
from private wells. So I'm curious, is the San Jose Water Co. 
ready for January 1, 2000, to ensure that there are no 
violations associated with the Safe Drinking Water Act?
    Mr. Drysdale. Yes, Chairman Horn, our water quality staff 
is part of the group that would be available that evening. But 
typically, our staff that works around the clock monitors for 
different types of matter that can be in water that might 
indicate a violation of the Safe Drinking Water Act. Generally, 
when the water is tested here in the valley for all the 
required different types of chemicals and matter that can be in 
the water, typically we have non-detectable traces. It's not 
possible to detect anything that would be required by current 
regulations. So as far as wells, private wells, here in town 
are, the oversight for that is the Santa Clara Valley Water 
District. So we work with them as far as monitoring our own 
wells, but private wells, we don't have that responsibility.
    Mr. Horn. Does the Santa Clara Valley Water District 
include all of southern Santa Clara County? How does that work?
    Mr. Drysdale. Yes, it does. In general, that would be a 
fair description of their service area.
    Mr. Horn. That includes the Pajaro River, which is a river 
on the southern end of the county, marks the border.
    Mr. Drysdale. I believe it would.
    Mr. Horn. I'm just curious, because you've mentioned 
Federal and State water that you have access to, which I assume 
is coming through the San Luis Reservoir, isn't it?
    Mr. Drysdale. Yes, it is. There's San Luis Reservoir water, 
and there's also water that's directly piped into the valley to 
the two treatment plants that the district operates. One is on 
the east side of the valley, and one is on the west side of the 
valley.
    Mr. Horn. Is there projected, given the population growth 
in San Jose and Santa Clara County, is it projected that it 
will have a very tight situation on water whether it be the 
year 2000 or not?
    Mr. Drysdale. I'm not familiar with those projections, but 
I don't believe that there's a problem. I do attend some of the 
water retailer meetings with the district, and there's never 
been expressed any concern for that.
    Mr. Horn. Now for the agricultural use where they do have 
wells on a number of these farms. What's been the water level? 
Has it been going down substantially in the last 20, 30 years?
    Mr. Drysdale. No. On the contrary, with the use of import 
water, the primary supply for the valley ground water is at 
record levels.
    Mr. Horn. Where do you touch the water supply? What's the 
footage digging a typical well?
    Mr. Drysdale. Depends upon the usage, the nature of the 
soil, the nature of rock. There are different levels. But one 
very good example not far from here, we have a local highway 
that's about 15 or 18 feet below the surface level and water is 
percolating through that highway right now, and that's a 
problem that people are trying to deal with. So the water is 
typically quite high.
    Mr. Horn. That's interesting. In Los Angeles what many of 
us know as the Century Freeway named after my predecessor, Glen 
Anderson, who chaired the Transportation Committee of the 
House, turns out they have exactly that problem, that water's 
coming up there, and the water replenishment agencies are now 
billing the State Highway Department for taking their water. 
It's having its amusing aspects, but it becomes very difficult 
when your freeway starts moving around. So that's happening 
here. That's fascinating.
    Let me ask Mr. Willemssen who has gone through many panels, 
that raises good questions as his colleagues do in GAO.
    Mr. Willemssen. One issue that was briefly touched upon by 
one or two of the witnesses that I would encourage all the 
organizations here to keep in mind is the value of independent 
verification and validation efforts, especially to the extent 
that you can publicize those efforts and let citizens know that 
another set of eyes has indeed gone in and taken a look at your 
most important systems and made judgments about their 
compliance status. That can go a long ways in further assuring 
citizens' readiness. That's one thing to keep in mind.
    An additional item, and you touched on this in one of your 
questions, there are tremendous value in testing business 
continuity and contingency plans. There are things that come up 
during these test exercises that were never considered early 
on, so I would also encourage the organizations to consider 
that.
    In addition, I believe the city of San Francisco 
representative mentioned the importance of communicating to the 
citizens during the rollover period. I believe the States and 
localities will be hearing much more from FEMA regional offices 
and from the executive branch on the plans of John Koskinen's 
information coordination center in this regard with their 
purpose of trying to get out reliable, consistent information 
to the public during the rollover period. The individuals here 
should be playing a role in that and will be getting further 
information on it.
    Mr. Horn. Thank you. Any questions you'd like to ask of 
your colleagues now that you've heard all of this, and any 
questions we should have asked but didn't have the brains to 
ask, we'd like to take those questions too. So anybody have 
some additional thoughts after hearing the dialog?
    OK. Everybody's satisfied there. Driving home to San 
Francisco you're not going to say, ``Gee, I should have asked 
that''?
    Ms. Hayashi. I think we'll have other opportunities to talk 
to each other.
    Mr. Horn. At midnight, January 1st?
    Ms. Hayashi. No. I think the interagency dialog has been 
very valuable, and everybody is taking advantage of it.
    Mr. Horn. I should ask, where are you all going to be that 
night, January 1st? I assume you're in your command 
headquarters on water, electric and all the rest. Yeah.
    Well, I'll be flying on a plane. We'll see what happens 
there. I've told the FAA Administrator don't upset the 
controllers that day, will you. Leave them alone.
    Anyhow, thanks for coming. You've had very thorough things. 
There's some excellent work where people could be used either 
on bills or everything else to get the message over. I think 
we'll steal liberally from all of your ideas. Thank you.
    Ms. Hayashi. Please do.
    Mr. Horn. OK. We're moving to panel two. Panel two consists 
of some of the key corporations in Silicon Valley as well as 
Pacific Bell and the San Jose International Airport. We'll be 
glad to fly in and out of. It's a fine airport.
    We have Mr. Whitworth, Mr. Cavaney and Mr. Hall and Mr. 
Latino, Mr. Tonseth. I think that's it.
    OK. Gentleman, if you raise your right hands.
    [Witnesses affirmed.]
    Mr. Horn. The clerk will note that all five have been 
affirmed, and we will begin with Mr. Whitworth. And as I 
mentioned earlier, you might not have been here, automatically 
that full statement of yours goes in the record. We'd like you 
to summarize it so we'll have more time for questions and 
answers and dialog, but we appreciate all of your hard work and 
thank you for coming.
    Mr. Brad Whitworth is the Y2K marketing & communications 
manager for Hewlett Packard Co. We're glad to have you here, 
very distinguished name in computing.

STATEMENTS OF BRAD WHITWORTH, Y2K MARKETING AND COMMUNICATIONS 
 MANAGER, HEWLETT PACKARD CO.; PAT CAVANEY, YEAR 2000 PROGRAM 
 MANAGER, CUSTOMER SERVICE AND SUPPORT GROUP, HEWLETT PACKARD 
 CO.; RICHARD HALL, DIRECTOR, CALIFORNIA GOVERNMENTAL AFFAIRS, 
  YEAR 2000 PROGRAM MANAGER, INTEL CORP.; TOM LATINO, PRODUCT 
MANAGER, PACIFIC BELL; AND RALPH TONSETH, DIRECTOR OF AVIATION, 
                 SAN JOSE INTERNATIONAL AIRPORT

    Mr. Whitworth. Good morning, Mr. Chairman. I am pleased to 
be with you today to talk about the year 2000 program at HP. 
The timing for my appearance really couldn't be better. We just 
passed an important internal milestone in HP's Y2K program that 
I'll tell you about in just a moment.
    HP is a worldwide electronics company, yet we're here in 
Silicon Valley. 1998 revenues over $48 billion. We employ about 
120,000 people and conduct business in more than 120 countries 
around the world. We are the second largest computer company in 
the world, the 14th largest company in the Fortune 500. 
Probably best known for LaserJet and InkJet printers, PCs and 
our high performance computer systems. We're also the maker of 
hand-held calculators for students, patient monitoring systems 
for intensive care nurses, gas chromatographs for chemists.
    Y2K takes on three dimensions for us as an organization. 
First is that we had to make sure that the 36,000 products that 
we sell and ship today are all Y2K ready. Second, we want to 
make sure that customers who purchased products from HP in the 
past know the Y2K compliance status of their HP products and 
that they understand the need to check the readiness of HP gear 
in their own environment. And third, we're working hard to make 
sure that Y2K doesn't create any problems for our own 
operations. So we've been checking everything from orders 
processing systems in our Atlanta sales office to the 
electricity supplied to our Puerto Rican manufacturing facility 
to the phone system in our Beijing, China, operation.
    I'll spend some time talking about the first and third 
points in our Y2K program on products and our own operations, 
and then my colleague, Pat Cavaney, will tell you about the 
ways we've been working with our customers around the world and 
how we're helping them prepare for the move to the next 
century.
    Let me start with that third dimension to our Y2K program, 
our internal readiness. I mentioned we just passed an important 
milestone in our Y2K program. We had an internal readiness date 
of July 31st. We picked that date as the one by which we'd have 
all of our critical information technology systems and business 
processes ready for Y2K, and based on the reports from our 
managers around the world, we made it. In only a few instances 
do we still have some exceptions remaining, but we're confident 
that we'll be resolving those in the next few weeks.
    Meeting that target date of July 31st was not a trivial 
matter for a company of our size and complexity. For example, 
it meant checking the Y2K readiness of 150,000 personal 
computers, another 24,000 computer workstations, about 8,500 
critical business software applications, 300 PBX systems, 
13,000 servers, 2,700 routers, and all of these located in HP 
offices in more than 50 countries. That means we also had to 
check with more than 110,000 suppliers all over the world. We 
rely upon them for about 600,000 parts that we use to 
manufacture our products. They provide us everything from 
microprocessors to monitors. We're generally satisfied with 
their readiness programs.
    However, the complexity of that supply chain and that 
chain's reliance on a global network of transportation 
providers to move raw materials subassemblies and finished 
products does represent HP's largest Y2K vulnerability. This is 
particularly true outside the United States where we've 
discovered, as have Y2K experts like the Gartner Group, some 
countries have been late in addressing Y2K. So we're working 
closely with all these suppliers. But because many of these 
issues are beyond our direct control, we're spending a lot of 
time developing contingency and backup plans. I would certainly 
say that this is the area of focus for us for the rest of the 
year.
    Now let me tell you about the HP products that I mentioned. 
When we launched our Y2K program, we needed to make sure that 
all of today's products were Y2K compliant. We also needed to 
work back through thousands of products we've delivered in 
prior years to determine if they're Y2K ready, and also we 
needed to put in place a process to make sure that all of our 
future product offerings are also ready for Y2K.
    When we started a few years ago, there was no industrywide 
definition for year 2000 compliance, no testing standard. So we 
developed our own, based in part on GTE's Y2K test pattern that 
our IT organization had been using since 1996. We've been using 
it companywide ever since, and it's become a model in the 
industry to organizations like I-Triple E and NSTL, who 
developed their standards. Most important for us, it's now 
embedded as part of our ongoing test processes we use for every 
new product we introduce.
    So where do we stand today with our products? Well, all of 
the products that we've introduced since July 1, 1998 are Y2K 
compliant, and almost half of 115,000 products in our 
compliance data base are fine with Y2K simply because they 
don't process dates at all. There are large families of some of 
our largest and most popular products where there are no Y2K 
problems. For example, our DeskJet printers, our scanners and 
all but early versions of one model of our LaserJet printer are 
all Y2K compliant. We do have some older products that are not 
Y2K compliant. Most of these non-compliant products have been 
obsolete for some time. They are no longer supported by HP.
    However, we've made an important commitment to our 
customers on these older products. For every product that we've 
delivered since January 1, 1995, we will have a Y2K update or a 
replacement product available, and available at no additional 
charge if the product is covered under a support contract or 
warranty. One of the industry consultants who has studied our 
program calls this commitment to customers the most generous 
he's seen. But really, Y2K isn't about our policy or products 
or internal operations. Y2K is really about our customers and 
making sure that they have the information and the know how 
that they need to get their own computing environments ready 
for Y2K and continue their businesses.
    So I'd like to ask Pat Cavaney to share with you some more 
details about our customer Y2K programs, and what we've done so 
far, and what we'll be doing in the months ahead.
    [The prepared statement of Mr. Whitworth follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.227
    
    [GRAPHIC] [TIFF OMITTED] T0954.228
    
    [GRAPHIC] [TIFF OMITTED] T0954.229
    
    [GRAPHIC] [TIFF OMITTED] T0954.230
    
    [GRAPHIC] [TIFF OMITTED] T0954.231
    
    [GRAPHIC] [TIFF OMITTED] T0954.232
    
    [GRAPHIC] [TIFF OMITTED] T0954.233
    
    [GRAPHIC] [TIFF OMITTED] T0954.234
    
    [GRAPHIC] [TIFF OMITTED] T0954.235
    
    [GRAPHIC] [TIFF OMITTED] T0954.236
    
    [GRAPHIC] [TIFF OMITTED] T0954.237
    
    [GRAPHIC] [TIFF OMITTED] T0954.238
    
    [GRAPHIC] [TIFF OMITTED] T0954.239
    
    [GRAPHIC] [TIFF OMITTED] T0954.240
    
    [GRAPHIC] [TIFF OMITTED] T0954.241
    
    Mr. Cavaney. Good morning, Mr. Chairman. I appreciate the 
opportunity to speak with you today regarding Hewlett Packard 
and our approach to Y2K readiness in our role as a provider of 
customer support for our products. My name is Pat Cavaney, and 
I'm the year 2000 manager for Hewlett Packard's Customer 
Service and Support Group.
    HP has employees and authorized distributors in 120 
countries providing service and support all the way from homes 
to small businesses to large Fortune 500 corporations. Our goal 
is to help our customers achieve their own Y2K readiness. In 
his statement, my colleague mentioned the extensive products 
evaluation HP has performed on our current and past products 
and what we're doing to offer Y2K updates for our previously 
shipped products.
    I'd now like to briefly address how HP has approached 
informing and supporting our customers through extensive 
proactive and communication efforts. This is the most far-
reaching customer communication program that HP has ever 
undertaken. A key goal for HP is to reach as many customers as 
possible to make sure they check the status of their HP 
equipment as well as the readiness of their entire IT 
environment. Under the umbrella of the company-wide effort to 
inform customers, each of HP's major business segments has 
initiated a customer outreach program. Let me highlight a few 
of these for you.
    Our customer support organization has mailed Y2K 
information to all of its current customers under a support 
contract and informed them of the compliant status of every 
product covered under a support agreement. Today I've brought 
two such brochures that we've used in period mailings to our 
customers to inform them of the need to take action. Our 
Enterprise Computing sales organization has conducted Y2K 
meetings with several thousand of larger customers around the 
world. Hewlett Packard has also informed our customers of any 
computing and health care products purchased directly from HP 
since 1995 which is not compliant, whether it's under a support 
agreement or not. Last, we provided our channel partners who 
resell HP products with Y2K information which they can provide 
to their customers.
    In addition, these proactive communications programs HP's 
year 2K program offices around the world respond to customers' 
requests daily for information about the Y2K readiness of our 
products. These groups of HP employees answer questions, 
letters, faxes and surveys that customers may pose about Y2K. 
We've also made sure that all HP call centers and response 
centers worldwide and staff are trained to handle Y2K 
questions. HP's field organization is being equipped with the 
latest information on product compliance, services, upgrade 
programs for our customers and tools to assist customers with 
their Y2K readiness.
    HP's central Y2K website has been active since early 1997 
and is now attracting more than 250,000 visitors a month. Our 
website contains our product compliance data base listing 
status of the more than 100,000 current and past HP products 
Brad mentioned. For customers who do not have access to the 
Internet or our website, our call centers and sales and support 
offices will respond to any Y2K inquiry we receive.
    We're working hard to inform the millions of customers who 
are not on a support contract with HP about our Y2K efforts. 
We're including a Y2K message in every press release the 
company issues in 1999, in the annual report, in select 
advertisements and direct mail campaigns in many countries and 
in key messages at trade shows and conventions such as at HP 
World next week in San Francisco.
    The other manner in which Hewlett Packard will assist its 
customers' transition successfully to the next millennium is 
through our enhanced customer support capacity and providing 
additional self-help tools directly to our customers. HP 
expects that the year 2000 issue will increase the number of 
phone calls for support into our call centers and response 
centers. While we can't precisely predict exactly how many 
calls we will receive for year 2000 support, we anticipate an 
increase in customer demand as we reach the latter stages of 
1999 and 2000, particularly around the New Year's period for 
the rollover weekend. We believe that we'll see the greatest 
increase between the period of November 1st, 1999 and March 
3rd, 2000. To address the needs for additional customer 
assistance during this period, we've taken specific action as 
part of our enhanced support capacity program. We have 
increased the staffing at our support call centers over this 
past year. We have developed specific employee work policies 
governing employee vacations and availability not only over the 
rollover weekend, but also in the surrounding months as well, 
not only for our call center and engineering personnel, but 
also the labs that are the escalation paths for those 
organizations. We have plans to redirect other HP resources on 
customer assistance activity should that be the case, and we've 
implemented new support tools and technology to more easily 
provide assistance to our customers including enhanced self-
help tools that are available on our year 2K website.
    The year 2K rollover weekend and surrounding period is 
certainly not expected to be business as usual. Our customer 
support response centers will be open for the rollover weekend 
to provide Y2K assistance for our customers. In fact, for that 
weekend we will also expand our after-hours coverage staffing 
in our response centers to provide additional support. As 
another way additional information and assistance will be 
provided to our customers around the clock, HP will be 
implementing a fast track method to identify, analyze and 
report Y2K issues through our electronic support center website 
to customers worldwide later this year. This is an enhancement 
under an already existing feature that we have in our support 
response centers.
    In conclusion, the year 2K rollover and the surrounding 
period will be a time HP will ask all employees to focus on 
assisting our customers. HP is committed to making the 
transition to the next century a successful one for our 
customers and for our company, and certainly Hewlett Packard 
thanks you for the opportunity to share our year 2000 program 
with you today.
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.242
    
    [GRAPHIC] [TIFF OMITTED] T0954.243
    
    [GRAPHIC] [TIFF OMITTED] T0954.244
    
    [GRAPHIC] [TIFF OMITTED] T0954.245
    
    [GRAPHIC] [TIFF OMITTED] T0954.246
    
    [GRAPHIC] [TIFF OMITTED] T0954.247
    
    [GRAPHIC] [TIFF OMITTED] T0954.248
    
    [GRAPHIC] [TIFF OMITTED] T0954.249
    
    [GRAPHIC] [TIFF OMITTED] T0954.250
    
    [GRAPHIC] [TIFF OMITTED] T0954.251
    
    [GRAPHIC] [TIFF OMITTED] T0954.252
    
    [GRAPHIC] [TIFF OMITTED] T0954.253
    
    Mr. Horn. Well, thank both of you very much. If I had my 
checkbook here, I'd sign up right now. You two are real 
marketers.
    So I'm looking forward, Mr. Hall, to your marketing also. 
You're with one of the great firms of this valley, and that's 
the Intel Corp. Richard Hall is the director of California 
governmental affairs and the year 2000 program manager.
    Mr. Richard Hall. Thank you, Mr. Chairman. Actually, as I 
listened to Hewlett Packard's testimony, I could probably say 
ditto to about 99 percent of it, because our programs are very 
much in parallel with theirs as a similarly structured company 
in the same industry. But let me stick to my planned remarks 
with a few extra comments.
    First, I want to express our thanks as an industry and 
company to this subcommittee. I believe that in unison with 
Chairman Bennett's committee in the other house, that you have 
achieved a very high level of public attention for the year 
2000 problem that otherwise would not have been achieved. In 
particular, the report card methodology that you've used on a 
quarterly basis has focused media and public attention to that, 
and to me it's really a case study in how to succeed in getting 
attention to something that's very difficult to get attention 
to on a good day.
    Mr. Horn. Well, thank you. It does have its impact. The 
State Department finally cleared up their small number of 
mission-critical systems, and somebody asked them from a 
computer journal, ``How did you finally do it, the move from 
the F to the A-minus stage?'' And they said, ``Well, I guess my 
boss was just tired of all those Fs.'' So it helped.
    Mr. Richard Hall. Precisely. In that context, it's not in 
my prepared testimony, but in listening to the public sector 
representatives this morning, I wanted to make this remark. For 
another presentation I did on the year 2000 recently on July 
30th in a nice place up in South Lake Tahoe, I did an analysis 
of 1 day's news media coverage regarding the year 2000. I 
picked an interesting day. It was July 21st, 9 days before I 
was up there, and on that day there was a good news development 
on the year 2000 and a bad news development.
    The first was Mrs. Garvey's announcement that the FAA had 
achieved, and she said without qualification, full compliance 
on the year 2000, and the public should have no concerns. On 
that same day, Mrs. Williams-Bridgers of the U.S. Department of 
State testified before the Congress that one-half of the 161 
countries that the U.S. Department of State had analyzed around 
the world for year 2000 capability had the potential for severe 
infrastructure disruptions which would in turn effect U.S. 
trade and commerce in significant ways.
    Now, the following day, July 22nd, in the 30 major U.S. 
daily newspapers there were seven stories about Mrs. Garvey's 
announcement and about Ms. Bridger's testimony. There were 130 
stories about day six of the Kennedy/Bessette tragedy, a 16 to 
1 ratio. I'm not drawing a value judgment there, but I'm 
pointing out where attention has been focused in the American 
public mind and conscience about this, and a concern that I 
would express is that as we get closer, today we have 139 days 
remaining until the date rollover, as we get closer, the public 
and media attention will shift from very low gear to extremely 
high gear. We'll go from an under reaction to an overreaction, 
and this parallels comments made by some of the representatives 
today of the municipalities who are struggling to develop and 
execute public information campaigns.
    Now after my editorial diversion, I will return to my text 
and a few comments, and I'll tell you about Intel. The other 
task that this subcommittee and Chairman Bennett's committee on 
the Senate side played such an important role in achieving was 
the final passage of H.R. 775, known as the Y2K Act, signed by 
the President on July 20th. I took note at the time that that 
bill was signed by the President Pro Tem of the Senate, Senator 
Thurmond, who will turn 97 years old on December 5th, still the 
oldest American political leader, electronically signed the 
bill and transmitted it by e-mail to the White House for the 
President's signature. I thought that was an historic 
development in and of itself. It creates a necessary legal 
framework for potential litigation over the year 2000 and over 
the next 3 years, and was a milestone development for this 
country.
    Let me offer you in my brief time four observations from 
Intel Corp.'s standpoint. First of all, 10 days ago we 
announced internally, and I'm delighted to announce the same 
externally today, that Intel Corp. had achieved 100 percent, 
and again, 100 percent, not 99.9 percent, compliance of all 
internal systems. Of all the applications and systems that run 
Intel's business systems worldwide, we are now complete.
    No. 2, as of today, by our own internal measurement 
methodology, 95 percent of our mission-critical and priority 
suppliers around the world are either year 2000 capable or have 
contingency plans in place that have satisfied us in terms of 
the capability of continued support of Intel's business.
    Third, on a less bright note, we continue to have concerns 
at Intel about the readiness of external infrastructure, power, 
telecommunications, water, transportation in certain critical 
foreign geographies. Our experience, my own experience as part 
of Intel's year 2000 team traveling to a number of foreign 
countries, I spent nearly 2 weeks in Japan in May as one 
example, parallels what the State Department has found. In 
fact, I coincidentally crossed paths twice with the State 
Department team in the month of May. We were on some of the 
same airplanes and going to some of the same places, meeting 
some of the same people. That experience also parallels what 
the GartnerGroup has publicly described for the U.S. Congress 
and the media about the concerns regarding foreign 
infrastructure and its readiness, particularly in Asia and the 
Pacific.
    Last, in brief summary I'd like to say, as Hewlett Packard 
remarked, our public website which is www.intel.com contains a 
vast wealth of information about our year 2000 readiness, our 
products, our strategies, our programs, far more than I could 
adequately summarize today. Under the guidance of Congress 
established in October 1998 under the first major Federal law 
that was passed, we have done as full a job of disclosure as I 
think we are able to do about all aspects of Intel's year 2000 
readiness.
    So again, I'd like to thank you, Mr. Chairman, and your 
subcommittee for an excellent job of oversight and drawing 
public attention. We'd like to thank you for the legislation 
passed in July, and I hope that I've given you an adequate 
overview of Intel's position today at 139 days before the date 
rollover.
    Mr. Horn. Well, that's a very helpful statement, and we'll 
get into some of the foreign experiences in the question period 
here. They're very important.
    [The prepared statement of Mr. Richard Hall follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.254
    
    [GRAPHIC] [TIFF OMITTED] T0954.255
    
    [GRAPHIC] [TIFF OMITTED] T0954.256
    
    [GRAPHIC] [TIFF OMITTED] T0954.257
    
    [GRAPHIC] [TIFF OMITTED] T0954.258
    
    [GRAPHIC] [TIFF OMITTED] T0954.259
    
    [GRAPHIC] [TIFF OMITTED] T0954.260
    
    Mr. Horn. Next we have a 2-day involvement with this 
subcommittee. Tom Latino is the product manager for Pacific 
Bell. He was with us in our Sacramento hearing yesterday, and 
we're delighted to see you again.
    Mr. Latino. Good morning. My name's Tom Latino and I am the 
director of the public safety organization for Pacific Bell. I 
appreciate the opportunity to update to you on SPC's readiness 
for the year 2000, and I'm happy to say we have some great news 
to share.
    The bottom line is that when you pick up the phone on 
January 1st, our network will be ready to serve you just as it 
always has, and so will the wireless, data, Internet and other 
services we provide. We spent nearly 4 years preparing for the 
Y2K issue. As of June 30th, virtually all necessary Y2K 
upgrades have been completed. A very few upgrades are scheduled 
to be completed by September.
    As we wrap up these upgrades, we will continue to focus on 
testing and finalizing our business continuity plans. All of 
our services will be tested and retested in simulated year 2000 
environments prior to January. Our testing efforts also go well 
beyond our own network as SPC is working with the Alliance for 
Telecommunications Industry Solutions, or ATIS, to test our 
services in conjunction with other communication companies and 
other industries. As a matter of fact, ATIS recently announced 
the successful completion of recent Y2K tests involving 
communication networks serving the credit card and financial 
industries. SPC and other communication carriers had no 
difficulty in transmitting financial data in the simulated 
environment.
    We have also worked closely for Telephone Year 2000 Forum 
which in December completed tests showing that local networks 
are prepared to provide uninterrupted service. This internal 
and third-party testing provides further evidence that Y2K will 
be a non-event for our customers, and while we strongly believe 
that will be the case, we also recognize that factors outside 
of our control could potentially impact our service. To further 
ensure continuous quality service, SPC is enhancing its 
business continuity plan to prepare for Y2K contingencies. The 
plans are an extension of Southwestern Bell's existing 
procedures for providing service in the event of an emergency 
or natural disaster.
    As part of these business continuity plans, SPC will 
increase staffing and customer support at business centers 
during peak periods leading up to and including the New Year's 
holiday. We are also establishing command centers throughout 
our service territory to ensure a smooth transition to the New 
Year.
    As you can tell, Y2K readiness has been a very big job. All 
told, SPC has spent nearly $200 million to prepare for Y2K. 
SPC's Y2K project management team is led by an officer of the 
company and each of our major business units have a dedicated 
Y2K coordinator responsible for managing our year 2000 issues 
within their organizations. To keep our customers up to date on 
our progress, SPC's Y2K team maintains a comprehensive website 
with the latest information available. Anyone looking for 
detailed information on our Y2K readiness can access the 
preparing for the millennium section on SPC's website at 
www.spc.com. This site includes a section that allows you to 
check on the readiness of the central office switch that serves 
your community. You can also register at the website to receive 
a copy of SPC's final readiness report.
    Thank you again for the opportunity to provide this update.
    Mr. Horn. Well, thanks very much, and we do want to list 
all your numbers so people can reach you. That's a very good 
service you all have on that.
    Mr. Ralph Tonseth is director of aviation for San Jose 
International Airport. I must say I always enjoy coming in and 
out of San Jose. You run a very good operation there. Where 
does that rank in the airports in California, just as a 
curiosity?
    Mr. Tonseth. Mr. Chairman, San Jose International Airport 
is currently the fourth largest airport in the State of 
California, currently handling more than 11 million passengers 
annually and 250 million pounds of air freight annually. At the 
current time, we also are the employment site for more than 
5,300 individuals and are the only commercial airport in the 
Santa Clara County, and therefore the Silicon Valley for the 
provision of commercial air services, and so we therefore take 
the responsibility very seriously to support all of these great 
corporations and the transportation needs both for individuals' 
trips and for air cargo services.
    I'd like to thank you, Mr. Chairman, for the opportunity to 
present to this subcommittee the report of San Jose 
International Airport on our Y2K program. Like many others, we 
have long recognized the need to address what has been called 
the millennium bug problem, and we began our program in the 
summer of 1997, and since that time have expended internally 
more than 10,000 staff hours and expended more than $6 million 
to reduce the chance of service interruptions related to 
potential Y2K problems. I'd like to give you just a very brief 
overview of our program, since it really does integrate many 
sectors of our local economy.
    Under specific direction from the FAA, we have identified 
all mission-critical systems related to air transportation, 
both in hardware, software and embedded chips that may impact 
airport operations for the year 2000. We've also been working 
on an ongoing basis with suppliers both from the private and 
public sectors to ensure us that their systems that we use are 
compliant and therefore will not negatively impact passenger or 
freight customers.
    Early on we performed a set of risk analyses and set 
priorities for compliance, and we have, to the best of our 
ability, confirmed by means of testing that all airport 
critical systems and equipment do meet the year 2000 
requirements. We expect to have all of our airport systems, 
with the exception of our parking and revenue control systems 
ready by September 30th, 1999. That system, the Parking Control 
System will be Y2K compliant by November. We've developed 
detailed contingency plans for all systems, and those plans 
have been antiquated with our existing emergency operations 
programs.
    The scope of our program at the airport has been extensive. 
We have identified 54 critical systems containing over 4,000 
individual components. Each of these systems has been 
thoroughly reviewed and assessed to determine the level of 
risk, and in addition, each of these system's potential for 
health, safety and other impacts have been evaluated.
    We also have invested in hiring two independent consultants 
and have gained from them considerable insight into the year 
2000 program. The first of these was a consultant that provided 
an embedded chip inventory, which we completed in May 1998. And 
the second firm provided us a project management and 
documentation expert.
    The current status as of today is that eight critical 
airport systems that were found to be deficient have been 
replaced totally or upgraded and tested. 26 systems were found 
not to have embedded time/date components within them. These, 
however, have been also tested and replaced or upgraded where 
feasible. Five systems are currently being replaced as we speak 
and are expected, as I mentioned earlier, to be completed by 
September 30th. And we are currently working with other city 
departments, tenants or others and FAA to complete the 
compliance process for the remaining 15 systems we've 
identified.
    We have made good progress, I believe, in dealing with this 
problem. We have allocated the appropriate time in staff and 
resources to deal with it. Our main concern as of today, 
really, is our dependence upon public utilities, fuel 
suppliers, telecommunication suppliers and others whose 
services are beyond our control. However, we will continue to 
work with these people to coordinate our efforts to make sure 
that we have everything up to date by the year 2000.
    We will have on staff on the evening of December 31st, 40 
additional personnel that would not normally be on station. We 
will open our emergency response center to deal with any 
potential problems that may arise, and as you may know from the 
new requirements from the FAA, we will, between midnight and 
the time we open for first operation the next morning, test, 
verify and report to the FAA at headquarters verification that 
all of our systems are working.
    In conclusion, I'd like to thank the committee for coming 
to our nice city and holding this hearing, and I'd like to 
assure you that San Jose International Airport is up to date 
and really do aspire to make sure that if you do choose to land 
here on the morning of January 1st in your aircraft, I will be 
happy to meet you at the gate.
    Mr. Horn. Thank you. We might do that. I was born in Santa 
Clara County, so I'm pretty familiar with this county.
    [The prepared statement of Mr. Tonseth follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.261
    
    [GRAPHIC] [TIFF OMITTED] T0954.262
    
    Mr. Horn. Now, let's go back, and if we can get Mr. 
Willemssen at the table, I think, my friend, that there's a 
chair right there. And I'd like to ask Mr. Willemssen, Joel, 
what have you heard from this panel that you'd like to bring to 
the floor, and we can talk about it.
    Mr. Willemssen. I thought of a couple things that might be 
interesting, especially with HP and Intel here, is if they can 
give us a general perspective on what they think about embedded 
chips and the Y2K issue. Because if you look back at Y2K and 
how it's rolled out over the last several years, in the early 
years, this was really viewed as a mainframe issue, COBOL, and 
then after that, the embedded chip issue got a lot of play, a 
lot of concern. I think that's leveled off to some degree.
    So to the extent that one can generalize on the embedded 
chip issue and on the extent of the IRTC problem, I think that 
would be useful.
    Mr. Horn. How about that, gentlemen?
    Mr. Whitworth. With embedded chips at Hewlett Packard, most 
of what we're looking at is as a user of these, whether it's a 
manufacturing production environment, or things that you read 
about, the elevators and escalators in office buildings and 
those sorts of things. In our testing, both in the facilities 
side of things and the manufacturing groups, as they've gone 
through testing, embedded chips have really not proven to be a 
significant issue at all. In very rare instances we found some 
things, usually in working with the manufacturer of that 
particular piece of equipment, we found that it's much lower 
expectation, or actual results than what we had expected to 
find. So it's been almost a non-issue for HP in terms of the 
embedded chip problem.
    Mr. Horn. How about it, Mr. Hall? What's the Intel view on 
this?
    Mr. Richard Hall. Two points: One is it's ironic in that 
about somewhere around 90, 99 percent of all of the chips or 
microprocessors that Intel has ever manufactured are the kind 
that go inside personal computers or servers, and by their very 
nature, they never have, now nor ever could have, any date 
dependent functionality. The software that runs on them may 
very well, but the hardware itself does not.
    Over the years as really more of a sideline, we have 
manufactured as a company embedded process control chips, and I 
would concur with HP's general view both in terms of our 
internal operations and in terms of those products which over 
the years Intel has sold for embedded process control, that the 
problem turned out to be defined down to a much smaller scope 
than what was originally feared. A much smaller percentage of 
embedded process controllers actually have date sensitive 
functions, and most of those in turn have proven easier to 
remediate than originally thought.
    However, there's a simple human fact here. It relates back 
to the observation, Mr. Chairman, that you made, which is one 
that we agree with. Year 2000 is a management and resource 
problem more than it is a technical problem, and even though 
the embedded process control issue in the United States with 
Intel or Hewlett Packard or worldwide is smaller than 
originally conceived as we've talked about, the fact is that if 
you don't go in and fix the thing, it will not operate 
correctly, and those organizations in any country's public or 
private sector that don't go in and fix and test directly are 
going to have significant failures, and that's an issue of 
management attention and resources. Those would be some 
observations I have.
    Mr. Horn. How many embedded chips does Intel put out in 
year?
    Mr. Richard Hall. I don't have that number today, Mr. 
Chairman. It's a relatively small number. If you look in terms 
of microprocessors we're probably manufacturing and selling 
somewhere around 10 million a month. Embedded process control 
would be a tiny fraction of that today. Very small. In the few 
100,000, perhaps, if that.
    Mr. Horn. Would it be fair to say that half of your sale of 
those would be to foreign countries and industry in foreign 
countries?
    Mr. Richard Hall. About 55 or 60 percent of the 
corporation's sales today as a whole are outside of North 
America. So if the pattern parallels, for embedded process 
control parallels that, yes, sir, that would be correct, but I 
do not have full data for you today.
    Mr. Horn. Could you just run through off the top of your 
head what the average citizen might run, think about, in terms 
of embedded chips in things that are very close to them in 
their house or in driving to work or in traffic signals, this 
kind of thing?
    Mr. Richard Hall. All of those that you just mentioned, 
plus inside their VCR, their cellular telephone and several of 
the appliances they have around their home. All of us over the 
last few years have added more and more embedded process 
control in our lives. By some estimates, the average American 
has somewhere between 50 and 100 embedded process control 
devices surrounding him or her, and they have not ever seen a 
single one or actually know what they do.
    Again, the good news is the vast majority, for instance, 
those in vehicles, primarily to the extent that they have a 
measurement of time, they measure things like the cycles that 
the engine turns over, not time according to the Gregorian 
calendar established by Pope Gregory IV in 1563, which is what 
actually got us into this problem. If you want to trace it back 
historically. I have a humorous story about that, I won't 
burden you with today.
    Mr. Horn. Why not?
    Mr. Richard Hall. Well, I've said in a few other venues 
that if you wanted to bring the ultimate witness before a 
public body, particularly the U.S. Congress, it would have to 
be Julius Caesar, because he established the Julian calendar in 
the first century. That calendar was with 12 months and X 
number of days and weeks and all that which we take for 
granted.
    That calendar was then modified by Pope Gregory IV in the 
year 1563, and over the next four centuries, as Western Europe 
became economically and militarily and politically dominant, 
there is a period of European colonization, the rest of the 
world adopted the Gregorian calendar which originated in 1563.
    Then in the second half of the 20th century, we taught the 
Gregorian calendar to our machines, and that's the historical 
lead-up to why we have this problem. If we developed a 
different calendar using some different counting system tracing 
back to Julius Caesar we wouldn't have had this hearing today. 
That's the historical reason for the year 2000 problem.
    To try to answer your specific question, to complete my 
answer to your specific question, Mr. Chairman, in summary, the 
number of embedded process control chips that everyone relies 
on today is very large, but the vast majority of them, in fact, 
do not have date sensitive functionality that is going to cause 
them to fail at the millennium rollover. I hope that's a good 
summary answer.
    Mr. Horn. It's very helpful. In some of our hearings we've 
been curious in terms of reactors, let's say nuclear reactors, 
other types of equipment that might be related to a power 
supply of one sort or another, and could something happen in 
terms of the distribution system once that energy is generated. 
Because obviously, we'll get more into it in the next panel, 
it's one of toughest problems we face is will your suppliers, 
let's say, have sufficient power to keep their lines going, and 
if they don't, we ought to know about it, because that really 
would be a problem.
    So I don't know if any of you have any reaction to that.
    Mr. Latino. Certainly from SPC's perspective we have 
extensive power generation capabilities. We have reviewed all 
of our contracts with fuel suppliers to ensure that we will 
have a steady stream of fuel, and if you may remember, Mr. 
Chairman, approximately a little over a year ago a major 
municipality suffered or endured a power failure; the phone 
systems kept on working.
    Mr. Horn. That's good news. Good ol' Ma Bell still lives.
    Well, any other comments on Mr. Willemssen's point down 
there? How about it? You satisfied?
    Mr. Willemssen. If I could, Mr. Chairman, indulge you in 
one related issue, yesterday you heard from two witnesses from 
two major health care providers that they have elected to test 
on their own their biomedical equipment rather than rely on 
what the manufacturers say. Most manufacturers of biomedical 
equipment say not to do that for fear of disrupting the device 
or getting false readings. HP mentioned early on in their 
statement that among their products are patient monitoring 
systems and other biomedical equipment items.
    I was curious about what Hewlett Packard's view might be on 
major health care providers going out and testing biomedical 
equipment items on their own and what kind of impact it could 
have.
    Mr. Whitworth. We actually have been encouraging all of our 
customers, whether it is a health care provider or a major 
corporation or nonprofit organization to do the tests.
    But I think what happens in the industry is the HP 
equipment is used in an environment where it might be attached 
to another computer system, and you need to check those relays, 
the interface between the two. So while we can test our 
products in our labs, and we can come up with a company-wide 
testing process that we use for everything from our personal 
computers to our health care products, we then encourage people 
to take those products and test them in their own environment. 
So we are probably just the opposite of what you have heard, 
which is please do test and make sure that in your own 
environment, which is probably different from our own test 
labs, the thing behaves the same way that it does for us, and 
if it doesn't, tell us. We want to see if there is some sort of 
a problem that we haven't been able to discover, and 
fortunately that has not been the case in the health care side 
of things for HP.
    Mr. Horn. When we were in Cleveland last year, we had a 
witness from the Cleveland Clinic, which is a rather well-known 
hospital complex in America, that they were checking all of 
their equipment, obviously, in the emergency room, and that 
there was a website where hospitals around the country could 
put on, A, the manufacturer's name, the model number, all the 
rest, and they wouldn't have to reinvent the wheel every day 
around the Nation.
    Are you familiar with that, and are there other websites or 
other corporate websites you have where they can check your 
equipment and note what model they have and should they be 
concerned?
    Mr. Whitworth. One of the beautiful things about the web, I 
think, it's allowed that degree of specialization to exist 
within industry groups and special user groups. We cooperate 
fully, provide them with the information that we have, and I 
think the sharing within the industry is also very, very 
important.
    As I mentioned, a Hewlett Packard PC might have an Intel 
chip. It might be running a Microsoft piece of software and 
application, and we have established consortia where we will 
try to make sure the technical response is coordinated so that 
we don't end up pointing fingers at one another, and we come up 
with the adequate response that a customer might want. So 
somebody calls in to Microsoft and they determine it's HP, they 
know exactly where to go in HP to get the response, and the 
flip of that is true as well.
    Mr. Horn. How about Intel on that? Is there a way your 
customers can get back in in relation to the chip problem?
    Mr. Richard Hall. Yes. We have a large number of people, in 
fact, coincidentally most of them reside where my office is 
located near Sacramento in a town called Folsom. Several 
hundred people in our customer support division, just like HP, 
who are fully trained to deal with all of the year 2000 issues, 
and also have people in all of the Intel sales and marketing 
geographies around the world who are prepared to cover all 
these issues in detail as they come in on the 1-800 line system 
that our company has, just like HP's.
    Mr. Horn. Mr. Willemssen, any more comments on that?
    Anybody have any more questions you'd like to raise having 
heard all of your colleagues on the subject? Phone company we 
know is happy.
    But anyhow, I just have one more and that gets back to your 
suppliers yet. I take it you've all done an inventory of your 
suppliers to see if anything would slow up. I don't know if 
you're using a Japanese inventory system where it's flowing 
into your assembly line on a steady basis.
    Have you had any problems with suppliers being 2000 
compliant?
    Mr. Whitworth. We have at HP. In fact, one of our 
departments, the corporate procurement department that manages 
the relationship for some of the key suppliers that are common 
to a number of HP organizations made it a priority to first set 
up a survey to find out what our suppliers were doing. If they 
didn't get the answers that they were looking for, we would go 
and spend time and do in-depth interviews with some of our key 
suppliers.
    We have in some instances moved from a single source supply 
to dual sourcing because we weren't comfortable with the 
conditions, and we also said some of the companies we were not 
comfortable with, we would eliminate from future possible 
business within HP. So we have made that sort of a condition 
for doing business with HP. But it hasn't been in a, let's call 
it a mean-spirited way. Part of our job is to get with that 
supplier and work with them to see if we can improve their own 
Y2K readiness following some of the patterns and some of the 
lessons that we've learned at HP. So we're trying the best we 
can to do that. It's being done all over the world, not just 
here in the United States, because our supply chain is 
everywhere.
    And I'd say the general response we've gotten has been 
very, very positive from the suppliers. But that probably is 
the biggest degree of uncertainty, because each of those 
suppliers then in turn relies upon someone else who relies upon 
someone else, and it's very difficult from a corporate 
standpoint at HP to follow that chain all the way up and down 
and really take total ownership for guaranteeing the answers 
are right.
    Mr. Horn. Mr. Hall, is that pretty much the way Intel has 
handled it?
    Mr. Richard Hall. Yes. We've cut off some suppliers, not a 
large number, but we've stopped doing business with some. 
Before the end of the calendar year, there are more that we'll 
have to stop doing business with, and I doubt we will resume 
doing business with them, because the failure to address and 
manage the year 2000 problem is a demonstration of incompetence 
which would disqualify them from doing business with us in the 
future. It's unfortunate, but I think you're going to find this 
phenomenon accelerating very rapidly as the calendar goes by 
toward December.
    Mr. Horn. It sort of surprises me when they've got major 
firms such as yours and HP that they wouldn't conform to assure 
you the supply source that they are. I would think what's 
doing? Have they got other customers that just don't care about 
it, or what would they do?
    Mr. Richard Hall. I don't know the answer. I have the same 
question, and I don't know the answer.
    Mr. Horn. Well, if we have any, I'd be fascinated by that, 
because I think it's a major problem down the line for all of 
you, and I'm glad you're on top of it.
    That's all the questions I have on this subject. We might 
send a few to you afterwards, if you wouldn't mind just 
replying to us. We'll put in that objection at this point in 
the record.
    I wish a good part of America tuned in and listened to this 
panel and the last panel, because I think they would have 
learned a lot. So I thank you all for coming out on a Saturday 
and not sailing or whatever you do on Saturdays, and thanks for 
coming.
    We're down to panel three now.
    Garth Hall, the manager of project 2000 is with the Pacific 
Gas & Electric Co.; Karen Lopez, division manager, 
administrative services, Silicon Valley Power; Dr. Frances E. 
Winslow, director, Office of Emergency Services, city of San 
Jose; William Lansdowne, chief of police, city of San Jose; 
John McMillan, deputy fire chief, city of San Jose.
    Please come forward. I think you can see those signs. OK. 
We've got everyone behind the right sign. I see. If you don't 
mind, please stand up; raise your right hands.
    [Witnesses affirmed.]
    Mr. Horn. The clerk will note that all five witnesses 
affirmed.
    And we will start with Mr. Hall. We're delighted to see him 
again. He was with us in our statewide hearing in Sacramento 
yesterday, and I notice your statement is even larger today. 
What did you do? Work all night? We didn't get the full version 
yesterday.

STATEMENTS OF GARTH HALL, MANAGER OF PROJECT 2000, PACIFIC GAS 
 & ELECTRIC CO.; KAREN LOPEZ, DIVISION MANAGER, ADMINISTRATIVE 
 SERVICES, SILICON VALLEY POWER; FRANCES E. WINSLOW, DIRECTOR, 
    OFFICE OF EMERGENCY SERVICES, CITY OF SAN JOSE; WILLIAM 
    LANSDOWNE, CHIEF OF POLICE, CITY OF SAN JOSE; AND JOHN 
         McMILLAN, DEPUTY FIRE CHIEF, CITY OF SAN JOSE

    Mr. Hall. Mr. Chairman, it is indeed a pleasure to be here 
again today on behalf of PG&E Corp. I oversee all of the 
companies within our nation-wide energy business, including the 
utility, which of course is a major area of interest today, and 
I can assure you again, as I did yesterday, that the standards 
for our Y2K readiness across all lines of business has been 
equally as high as it has been in the utility.
    Our program, of course, had all the elements that have been 
discussed from the beginning of inventory all the way through 
contingency planning that I mentioned yesterday. We have been 
through all that process with all of our affiliates including 
the utility, and in July we were very pleased in the utility, 
PG&E, to inform the North American Electric Reliability Council 
which received a request from the Department of Energy to 
oversee the utilities nation wide in terms of their electrical 
reliability, in July we were pleased to report that all of our 
electric delivery systems are Y2K ready. That includes our 
hydro and our fossil power plants that we still own. And in 
addition to that, we have a handful of items left to test 
across our gas and nuclear energy arenas, and expect to achieve 
full compliance with those very soon, by September.
    Even though we are very confident in our internal systems 
that I've just summarized, we're still taking our external 
dependencies very seriously. We have up to 2000 mission-
critical business partners, suppliers and government agencies 
that we have identified, and have developed for each of those a 
contingency plan in case they fail to supply the service to us. 
Even though in almost all cases we have received very 
satisfactory responses back from them, and we have a fairly 
high degree of confidence based on that, and have had dialogue 
with them that they will be ready as well, we have still taken 
that precaution, because of social responsibility to provide 
high quality electric power and gas supply, to make sure that 
we have contingency plans in place to assure the public we will 
be ready.
    At a higher level, as mentioned yesterday, we have 
performed two rounds of high-level business recovery drills, 
which is our customary practice to deal with storms, 
earthquakes and similar disasters, focussing now to make sure 
that the teams that would respond to those kinds of disasters, 
including the IT teams, are very well prepared to deal with any 
Y2K events, which, of course, we do not expect.
    We also recognize, again, the importance of communicating 
to our customers and others our readiness, and we have met with 
over 100 external customer groups and have assured them and 
demonstrated our program, answered their questions about how 
they should interact with us, and have prepared everyone to be 
ready.
    In fact, we will have, over the New Year's weekend, the 
transition period, we'll be elevated to the highest state of 
readiness we have within our capability, which is the level at 
which we deal with any major outage or any storm-related or 
earthquake outage. We will be at that level of deployment, 
ready for any emergency over the New Year weekend. That 
includes all of our distribution emergency centers, including 
those here in Santa Clara County. That's where we have our 
closest connection with emergency services of fire departments, 
police departments, and Offices of Emergency Services. Those 
connections will be well established.
    We have also met with many customer groups, as I mentioned, 
Hewlett Packard, Wells Fargo, Catholic Healthcare West for 
example, Shell Oil, government agencies, city of Milpitas for 
example, Santa Clara County, also trade groups, for example the 
California League of Food Processing. All of these groups we 
have shared information with. They have, to our best knowledge, 
been very satisfied with that information, and we have opened 
opportunities for them to hear more if they need to. We have a 
website available at www.pge.com, which has a Y2K section with 
current status information and other information as well.
    With that, I conclude my remarks. Thank you again.
    Mr. Horn. Thank you.
    [The prepared statement of Mr. Garth Hall follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.263
    
    [GRAPHIC] [TIFF OMITTED] T0954.264
    
    [GRAPHIC] [TIFF OMITTED] T0954.265
    
    [GRAPHIC] [TIFF OMITTED] T0954.266
    
    [GRAPHIC] [TIFF OMITTED] T0954.267
    
    [GRAPHIC] [TIFF OMITTED] T0954.268
    
    Mr. Horn. We now have Karen Lopez the division manager, 
administrative services for Silicon Valley Power.
    Ms. Lopez. Mr. Chairman, thank you for inviting the city of 
Santa Clara's Electric Utility, Silicon Valley Power, to 
address you today on the year 2000 readiness.
    Mr. Horn. Do you want to move that right in front of you. 
Mics are difficult nationwide.
    Ms. Lopez. I usually don't have a problem with speaking too 
loudly, so we'll try that.
    My name is Karen Lopez. I am the division manager for the 
administrative services for Silicon Valley Power, and I'm also 
our year 2000 project team leader. I would first like to tell 
you a little bit about Silicon Valley Power.
    Silicon Valley Power is the municipal electric utility for 
the city of Santa Clara. As you heard earlier from Mr. Ron 
Garratt, our assistant city manager, Santa Clara is a charter 
city located in the heart of Silicon Valley. The city offers 
electricity and energy services through the trademarked name of 
Silicon Valley Power. Since 1896, the city has provided 
electric service to the businesses and citizens within its 
boundaries. Santa Clara has an estimated population of 103,000 
people. At the end of December 1998, Silicon Valley Power 
served approximately 46,500 customers, and had a total sales of 
2,506 GWh with a peak demand of 443.8 MW. Almost 87 percent of 
Silicon Valley Power's energy sales are made to industrial 
customers such as Intel, 3COM, Sun Microsystems and other 
internationally known corporations.
    To provide electric services within its service area, 
Silicon Valley Power owns and operates generation, transmission 
and distribution facilities. Silicon Valley Power also 
purchases power and transmission services from others, and 
participates in several joint power agencies with other 
municipalities.
    Silicon Valley Power has a year 2000 readiness project plan 
that articulates the steps that we have taken over the past 
several years to be ready to maintain a reliable supply of 
power to our customers into the next millennium. As a part of 
this plan, Silicon Valley Power formed a project team 
consisting of representatives from each of our divisions to 
coordinate our activities. The project team has established 
milestones, assigned responsibilities and monitors our progress 
toward minimizing the year 2000 risks to our customers and to 
our continued reliable supply of services to those customers.
    Silicon Valley Power internally inventoried and assessed 
all computing systems, equipment and software, for year 2000 
readiness. We also contracted with an external vendor for the 
inventory and assessment of all other Silicon Valley Power 
equipment for potential year 2000 risks from embedded systems. 
That inventory and assessment were both completed in 1998 and 
continue to be updated as changes occur.
    Silicon Valley Power has not identified any internal system 
critical to our supply of electrical service to our customers 
that is not year 2000 ready. All of our business critical and 
non-critical systems and equipment either have been remediated 
or are in the process of being remediated. This process is 
expected to be completed before September 1st. The testing of 
all systems capable of being tested without impact to our 
customers will also be completed by September 1st. Due to the 
constant demand of supply of electricity to our customers, it 
is not fully possible to test all of our equipment without 
disruption of that supply. However, let me say again, that 
Silicon Valley Power has not identified any non-year 2000 ready 
system or equipment that is critical to our ability to supply 
electricity to our customers.
    The amount of dollars that Silicon Valley Power has and 
plans to expend in total on our year 2000 readiness efforts has 
not been formally developed, since year 2000 concerns have been 
incorporated into our technology projects over the past several 
years. However, since those concerns, or those technology 
projects and concerns were not exclusive drivers to these 
projects, a breakdown of costs that relate directly to the year 
2000 would be extremely difficult to perform.
    Our staff has met with all of our business partners 
regarding their and our year 2000 readiness efforts. We send 
representatives to and participate in the year 2000 readiness 
meetings of various agencies including the Western Area Power 
Agency, the Northern California Power Agency, the North 
American Electric Reliability Council, the California Municipal 
Utilities Agency, and the Independent Systems Operators.
    Although there are no plans at this time for Silicon Valley 
Power to be a formal participant in interagency testing, 
Silicon Valley Power has, and will continue, to monitor the 
year 2000 readiness activities of our partners, suppliers, 
vendors and customers for any potential impact on our ability 
to continue to supply those services to our customers. Silicon 
Valley Power will remain vigilant in this area.
    For over 100 years Silicon Valley Power has provided a 
reliable supply of electrical services to our customers. During 
this time, the city of Santa Clara has experienced several 
major natural disasters such as floods and earthquakes. From 
these experiences we have developed contingency plans and 
emergency plans to minimize any external impact on our ability 
to continue to provide electrical services. In addition, we are 
in the process of developing year 2000 specific contingency 
plans. On April 9th, in conjunction with the North American 
Electric Reliability Council's drill, Silicon Valley Power 
conducted an internal year 2000 readiness contingency planning 
drill with representatives from all Silicon Valley divisions, 
power divisions, and several other city departments such as our 
Fire and Police. We will also hold a year 2000 rollover 
staffing simulation and readiness preparation exercise on 
September 9th, concurrent with the planned North American 
Electric Reliability Council drill.
    Silicon Valley Power has been extremely active in its 
efforts to educate and to communicate regarding our concerns 
and efforts for year 2000 readiness. We have held educational 
meetings with all Silicon Valley Power staff, with our major 
industrial customers, both individually and in groups, with our 
commercial or small business customers, our residential 
customers and through our City Council. Future meetings are 
scheduled with each of these groups to not only continue our 
educational efforts, but to provide informational updates on 
our year 2000 readiness status.
    In closing, I want to thank the committee for the 
opportunity to be here today, and on behalf of the city of 
Santa Clara's City Council, I want to extend our appreciation 
to this committee for its efforts in trying to look at this 
throughout the Nation.
    Mr. Horn. Well, thank you very much, Ms. Lopez.
    [The prepared statement of Ms. Lopez follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.269
    
    [GRAPHIC] [TIFF OMITTED] T0954.270
    
    [GRAPHIC] [TIFF OMITTED] T0954.271
    
    [GRAPHIC] [TIFF OMITTED] T0954.272
    
    [GRAPHIC] [TIFF OMITTED] T0954.273
    
    [GRAPHIC] [TIFF OMITTED] T0954.274
    
    [GRAPHIC] [TIFF OMITTED] T0954.275
    
    [GRAPHIC] [TIFF OMITTED] T0954.276
    
    [GRAPHIC] [TIFF OMITTED] T0954.277
    
    [GRAPHIC] [TIFF OMITTED] T0954.278
    
    [GRAPHIC] [TIFF OMITTED] T0954.279
    
    [GRAPHIC] [TIFF OMITTED] T0954.280
    
    [GRAPHIC] [TIFF OMITTED] T0954.281
    
    [GRAPHIC] [TIFF OMITTED] T0954.282
    
    [GRAPHIC] [TIFF OMITTED] T0954.283
    
    [GRAPHIC] [TIFF OMITTED] T0954.284
    
    [GRAPHIC] [TIFF OMITTED] T0954.285
    
    [GRAPHIC] [TIFF OMITTED] T0954.286
    
    [GRAPHIC] [TIFF OMITTED] T0954.287
    
    [GRAPHIC] [TIFF OMITTED] T0954.288
    
    [GRAPHIC] [TIFF OMITTED] T0954.289
    
    [GRAPHIC] [TIFF OMITTED] T0954.290
    
    [GRAPHIC] [TIFF OMITTED] T0954.291
    
    [GRAPHIC] [TIFF OMITTED] T0954.292
    
    [GRAPHIC] [TIFF OMITTED] T0954.293
    
    [GRAPHIC] [TIFF OMITTED] T0954.294
    
    [GRAPHIC] [TIFF OMITTED] T0954.295
    
    [GRAPHIC] [TIFF OMITTED] T0954.296
    
    [GRAPHIC] [TIFF OMITTED] T0954.297
    
    [GRAPHIC] [TIFF OMITTED] T0954.298
    
    [GRAPHIC] [TIFF OMITTED] T0954.299
    
    [GRAPHIC] [TIFF OMITTED] T0954.300
    
    [GRAPHIC] [TIFF OMITTED] T0954.301
    
    [GRAPHIC] [TIFF OMITTED] T0954.302
    
    [GRAPHIC] [TIFF OMITTED] T0954.303
    
    [GRAPHIC] [TIFF OMITTED] T0954.304
    
    [GRAPHIC] [TIFF OMITTED] T0954.305
    
    [GRAPHIC] [TIFF OMITTED] T0954.306
    
    [GRAPHIC] [TIFF OMITTED] T0954.307
    
    [GRAPHIC] [TIFF OMITTED] T0954.308
    
    [GRAPHIC] [TIFF OMITTED] T0954.309
    
    [GRAPHIC] [TIFF OMITTED] T0954.310
    
    [GRAPHIC] [TIFF OMITTED] T0954.311
    
    [GRAPHIC] [TIFF OMITTED] T0954.312
    
    [GRAPHIC] [TIFF OMITTED] T0954.313
    
    [GRAPHIC] [TIFF OMITTED] T0954.314
    
    [GRAPHIC] [TIFF OMITTED] T0954.315
    
    [GRAPHIC] [TIFF OMITTED] T0954.316
    
    [GRAPHIC] [TIFF OMITTED] T0954.317
    
    [GRAPHIC] [TIFF OMITTED] T0954.318
    
    [GRAPHIC] [TIFF OMITTED] T0954.319
    
    [GRAPHIC] [TIFF OMITTED] T0954.320
    
    Mr. Horn. Our next witness is Dr. Frances Winslow, the 
director of the Office of Emergency Services, city of San Jose. 
Nice to have you here.
    Ms. Winslow. I guess it's still good morning. We appreciate 
your coming to visit us.
    Mr. Horn. Not by my watch. It's afternoon now. One of us is 
wrong. This has been on my wrist for 50 years, so who knows.
    Ms. Winslow. We appreciate the opportunity to have you come 
to us here in Silicon Valley to discuss the topic that perhaps 
is of greater interest here than in other parts of the country, 
because not only are we consumers, but as you heard from our 
previous panel, our economic base is greatly involved with the 
high-tech community. I brought a formal testimony which I know 
that you received, so I'd like to make a few informal remarks 
to you here instead.
    Earlier one of the panel members mentioned the impact the 
media has had and how unfortunately the coverage is perhaps not 
what we might have hoped. But I've been encouraged to see in 
the last couple of weeks an increasing amount of interest in 
the media. I brought a couple of examples today. I'm a member 
of the American Planning Association. They have a whole article 
on what planners can do to prepare. I'm sorry I didn't have it 
last July instead of this July, but I guess better late than 
never. Also there's a publication called Emergency Preparedness 
News that covers hurricanes and FEMA and terrorism, and now 
also Y2K readiness, and then here is the Kiwanis Club's most 
recent magazine, and one of their cover stories is Y2K.
    Why do I mention this? Because one of the biggest parts of 
my job is dealing with the community here and answering 
questions that citizens have about emergency preparedness. Five 
years ago most of the questions were: What do I do if there's 
an earthquake? But in the last 12 months most of the questions 
have been: What do I do on December 31st? But it's been an 
opportunity for my office to benefit, because it was very hard 
to get people interested in things they think would never 
happen like big earthquakes. But they see a date, and they have 
something to focus on.
    I think for us in the emergency management community, Y2K 
has actually been a benefit because it helped us to get our 
community aware of the need to be prepared, not only for Y2K, 
but for the earthquakes that we know are inevitable in the 
area. We have three faults. And also for the winter storms that 
we have unfortunately on a repeated basis, and other kinds of 
natural, technological and man-made disasters that could 
potentially occur in our community.
    And so the message that we're trying to send is that if 
you're prepared for a major earthquake, you're prepared for 
Y2K, because our estimate is that the most direct impact Y2K 
may have on the average community could be some temporary 
infrastructure blips that will be rather quickly remedied, but 
if people are unaware of what they might be, they could become 
frightened. Whereas by trying ahead of time to make them aware 
of some of the potential issues and also the things they can do 
to deal with those issues, we hope to lower the stress level, 
prevent anyone from feeling a sense of panic, and help them to 
be reassured that we are all living in a technological society, 
and sometimes things don't work.
    We are fortunate in our community to have a group of very 
dedicated volunteers. We call them ``San Jose Prepared!'' 
They're a community emergency response team. We're part of 
FEMA's nationwide effort in this field, and our team is growing 
every quarter as we add new trained folks. But right now we 
have over 500 members who are scattered throughout the 
community of over 900,000 community members. They have received 
16 hours of training and gone through a 2-hour exercise. It's 
usually an earthquake scenario, but it gives them some 
confidence that they can deal with unexpected disasters. We 
also equipped them with some skills, so that if our normal 
public safety systems are temporarily overwhelmed they can 
begin to provide some of those services to their own neighbors 
in their own communities until professionals are able to triage 
them into the system.
    That group began preparing actively in January of this year 
for Y2K, and in the packet that I gave you, you have a copy of 
the Y2K newsletter that we distributed to those folks. They're 
our ambassadors throughout the community. They contact their 
own neighbors and friends and pass this word along. In 
addition, we have a website for our group, and one of the 
elements on our website is the Y2K page so that they can refer 
neighbors and friends who are computer oriented to get this 
information for themselves.
    The American Red Cross also followed this spring with the 
creation of a brochure, and I've given that to you as well, and 
that's available on the American Red Cross website. That's 
another place where people can go to get basic personal 
preparedness information which is good not only to get through 
January, but also for the potential of earthquakes and floods 
in the future.
    The other part of my office's responsibility, however, is 
to the internal organization of the city of San Jose to assist 
departments in developing contingency plans and to maintain the 
emergency operation center for the city. In order to help those 
who might be working in the EOC, we have worked with Mark 
Burton and others to develop some exercises and testing 
opportunities for the city staff.
    We began with what we call a facilitated discussion where 
the leaders of the various departments came together to say 
what they thought their plans were, and we thought it was very 
important for them to hear each other, because some plans 
interacted with other plans, and if everybody plans to use the 
same generator at the same time, that was going to be a 
problem. So the facilitated discussion allowed us to begin to 
review what kind of plans each department had and how they 
might interact with other departments with the goal of being 
able to support each other through this time period.
    In addition, we have a tabletop exercise scheduled for just 
a couple of weeks which, now building on the facilitated 
discussion, we hope will allow us to have a much smoother plan, 
one that will be fully integrated and where all of the support 
pieces are in place. However, we have also scheduled a third 
one for October to make sure as a kind of second test that the 
plans are working, that the expectations have been fulfilled, 
and we are scheduling this in the middle of the month of 
October so that if there are still last minute things that need 
to be cared for, there's an adequate timeframe available for 
the departments to do any last minute procurement or planning 
for personnel staffing before the time comes when they need to 
be activated.
    In most communities, New Year's Eve is a busy time for the 
public safety community just because people like to go out and 
party; they drive around sometimes when they shouldn't be 
driving, and they create a certain level of demand for medical 
services, police services and other kinds of response services 
under very ordinary New Year's conditions. This year isn't an 
ordinary New Year. Most people unaware of history really do 
think that this is some sort of a turn of the millennium or 
some sort of cataclysmic date, and so there are plans for big 
parties, big religious celebrations and other kinds of big 
community gatherings. So in the downtown, we have the potential 
to have more people than usual present in one area at one time. 
In addition it's winter, and as part of California that can 
mean rain and sometimes very heavy rain.
    And then finally, of course, everything that we do on New 
Year's Eve depends on infrastructure. We expect the roads to 
get us there and get us home. We expect the food suppliers to 
have the food and the water suppliers to have the water and the 
electricity to stay on so the band can play. And if all those 
things continue as we hope they will, it will just be a bigger 
than usual New Year's Eve party, and the community will wake up 
on the 1st with a happy feeling, and we will all have enjoyed 
being together on New Year's Eve.
    But because we have to be prepared for things to go less 
than optimally, we have a plan to open our emergency operation 
center at 3:30 p.m. Initially it will be staffed by our amateur 
radio operators who will be communicating with their colleagues 
in Australia, New Zealand, Japan, other parts of Asia and 
Europe, places where Y2K will have already been experienced or 
will be in the process of being experienced. We hope to be able 
to learn something from that surveillance that may assist us in 
last minute preparations. In addition, we will have our 
emergency public information officers present to survey the 
media to see what kind of information is being given out to the 
public by the media, and to see how the East Coast cities will 
experience the event first and are discussing their issues.
    At 8:30 we will have the members of the senior staff of the 
city of San Jose join the city manager in the Emergency 
Operation Center, and we will be there for as long as we are 
needed or until 8:30 the following morning, whichever comes 
first. If it turns out that issues occur that do require 
continued monitoring and presence, we will then be replaced for 
the next 12 hours by our executive staff of the city. I think 
this is important, for the Congress to be aware of the high 
level of importance that's placed on this event by the 
leadership of the city of San Jose. It's not the most junior 
person who gave up their New Year's Eve party with the family, 
but the most senior. And I think that that level of commitment 
is indicative of the level of commitment that exists throughout 
this organization, not only for Y2K, but for all events that 
can impact our community.
    We have a help line that's always in place, 277-HELP. We've 
used it for many years during flood events in the winters. The 
public is familiar with it. This will be staffed to allow 
people who may have concerns or questions to easily reach us 
without impacting our 911 or 311 systems.
    We hope that we're prepared, and we hope that our 
preparations turn out to have been an appropriate level of 
caution rather than a needed event. Thank you very much for 
coming to visit us, and we hope you'll come back sometime when 
you can just have fun.
    Mr. Horn. Thank you very much, Dr. Winslow.
    [The prepared statement of Ms. Winslow follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.321
    
    [GRAPHIC] [TIFF OMITTED] T0954.322
    
    [GRAPHIC] [TIFF OMITTED] T0954.323
    
    [GRAPHIC] [TIFF OMITTED] T0954.324
    
    [GRAPHIC] [TIFF OMITTED] T0954.325
    
    [GRAPHIC] [TIFF OMITTED] T0954.326
    
    Mr. Horn. Pardon my ignorance, but what's a 311?
    Ms. Winslow. I should probably let the chief answer that 
question.
    Mr. Horn. How about it, Chief? You're next anyhow. We're 
delighted to have you.
    Mr. Lansdowne. Thank you very much, Mr. Chairman. I'm Bill 
Lansdowne, and I'm very honored to be the police chief of this 
great city of San Jose. I intend to respect everybody's time 
and your time here in this meeting and follow the three ``Bs'' 
of testimony: Be right, be brief, and be quiet.
    As it applies to our systems and our preparedness for the 
San Jose Police Department, community of San Jose, there are 
three major systems within police communications which handle 
police and fire calls. They are the telephones, the radio and 
the CAD system, and the telephones are two separate systems. 
One is the 911 emergency dispatch CAD system, and the other is 
311, which is the non-emergency line. That is being monitored 
on a 24-hour basis, and takes some of the pressure off 911. 
There are three existing systems like that in the country. We 
were one of the pilot programs, and it's been very effective 
for us to really provide the best possible service.
    Mr. Horn. What type of calls would you get on that 311 
line? Do people really differentiate it?
    Mr. Lansdowne. Very much so, Mr. Chairman. On the 911 line 
we get the emergency calls where there's a possibility of 
violence or a need for a emergency dispatch. Under 311 calls, 
we get the information for reports that can be taken at later 
dates, and many cases just information that the public wants to 
call in to the police department to determine or get an answer 
for.
    Mr. Horn. Go ahead. I just wanted to learn what this was.
    Mr. Lansdowne. Yes, sir. I would be delighted to give you a 
tour of our system. It's been very effective, and I think 
you'll see it's copied throughout the country.
    Mr. Horn. Yes.
    Mr. Lansdowne. The telephone and radio systems have been 
tested and are Y2K compliant, and the CAD system which is the 
backbone of the entire process, will be certified prior to 
January 1st, and we expect it to be certified very shortly. 
However, in the event of a partial or complete failure of any 
of the three systems and the expected calls for service, the 
following contingency plans have been developed and will be put 
into place for police services.
    To provide for our ability to handle the expected increased 
calls for services, the communications personnel will be on 12-
hour shifts for a 48-hour period to help us make a 
determination of what level of service that we need to continue 
to provide the community of San Jose. The telephone system has 
a backup failsafe system that allows the telephone calls to be 
rerouted to lines that will accommodate both emergency and non-
emergency calls from the public.
    Our dispatching of officers in the field can be converted 
to manual operation if the computer aided dispatch service 
loses power and begins to go down. In the event of a partial 
loss of radio power, our system has the ability to transfer 
units to other radio channels. In the event of a complete loss 
of radio power, we are prepared to use the portable radio 
systems referred to as the dispatcher-in-a-box system. This 
system is designed to be placed out at a remote location in the 
city, and will provide our communication link throughout the 
city of San Jose. The contingency plans to use five Fire 
Battalion stations also in place as remote transmitting 
locations.
    As it applies to our police patrol staff, selected patrol 
division watches are scheduled to work 12-hour shifts for a 48-
hour period. The Special Operations Division which is a very 
large section within our organization of the San Jose Police 
Department is being called back, and the officers are scheduled 
also to work 12-hour shifts, which will give us approximately 
100 additional officers for that particular night to be 
available for calls for services.
    Patrol staffing following New Year's Eve will be based on 
evaluation of the previous night's events. Similar to the other 
major events, the Police Department has a contingency plan to 
put in place 12-hour shifts. We have extensive experience for 
natural disasters here in the city of San Jose, and we can 
immediately go to emergency operation.
    I'd like the assure this subcommittee and the community of 
San Jose that we have planned for the new millennium for the 
Y2K problem very well, and there is nothing that's going to 
happen that this city and this police department is not fully 
prepared to handle quickly and efficiently, providing that same 
level of service to this community that they have learned to 
expect, appreciate and demand.
    And with that is my short comment.
    Mr. Horn. Well, I appreciate it. Those were very succinct 
and to the point.
    [The prepared statement of Mr. Lansdowne follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.327
    
    [GRAPHIC] [TIFF OMITTED] T0954.328
    
    Mr. Horn. And your colleague from the fire department, John 
McMillan, deputy fire chief, city of San Jose, we're glad to 
hear from you.
    Mr. McMillan. Thank you, Mr. Chairman. Good afternoon and 
welcome, also your staff. We appreciate having you today, and 
I'm honored to have the opportunity to be a witness and speak 
for today.
    San Jose Fire Department has evaluated mission-critical and 
mission-essential core services for our Y2K readiness in the 
city of San Jose. As of this submission, the department is 
confident that we will be able to fulfill our mission serving 
the citizens of San Jose. Fire department staff continues to 
evaluate these mission-related systems and processes and is 
developing a contingency method of service delivery in the 
event that any unforeseen Y2K problems should occur. We are 
specifically focusing on and making decisions in the following 
areas: One of the very interesting topics for us over the last 
4 or 5 months is our defibrillators that we have on all of our 
advanced life support fire engines. It's a very good moment for 
me at this point in time, and Mark Burton mentioned it earlier, 
all 50 of our emergency medical defibrillators are now Y2K 
compliant. They all received two new embedded chips that will 
now allow those to be fully serviceable through the Y2K 
process.
    We placed a hold on releasing all of our surplus fire 
apparatus. We are in good times. Over the last 5 years we 
purchased practically an entire fleet of new fire engines and 
aerial ladder trucks, but by buying these types of apparatus, 
we also were buying apparatus that's state-of-the-art and have 
a lot of embedded systems. To prepare for any unforeseen 
problems, we have not released any of our old apparatus we had. 
We are very proud to say today that we have 15 fire engines in 
reserve we're holding until well into the next year to see how 
we survive going through Y2K.
    Mr. Horn. Just out of curiosity, were your old ones 2000 
compliant?
    Mr. McMillan. Very good question, sir. What we can say is 
many of those apparatus were 1970's, early 1980's, that did not 
have the complex computer systems on them. They were the kind 
of apparatus that you or I might be able to open the hood of 
our car and change a spark plug or know where the distributor 
is. They're very basic, not really complicated, and they were 
apparatus we had around between 15 and 30 years, so we can't 
guarantee anything, but one thing we do know, that if anything 
goes down, we have a lot of equipment to back it up, and 
that's, at this point, what is most critical to us, that we 
would have a fleet that's in good service and ready to go with 
back-up.
    Mr. Horn. The reason the subcommittee's interested in fire 
equipment is one of our first hearings was in New Orleans with 
the Baton Rouge chief there also, and one said to the other, 
``Well, gee, we haven't even thought of the fire trucks yet.'' 
And one had a pumper that was compliant and a ladder that 
wasn't, or vice versa, as the case may be, and I just wondered 
if you have that kind of relationship. Sometimes where one 
wasn't working at all, you could squirt the water up there, but 
you couldn't get up on the ladder, but you could get the ladder 
up, but you couldn't get the water out and so forth. So I was 
just curious what you found out in your equipment.
    Mr. McMillan. We're confident that our equipment is going 
to work, but like any other organization that provides services 
to citizens, we're doing everything we can to have back-ups. We 
feel good that we do have this reserve fleet right now that can 
support us. What we understand about embedded systems is that 
maybe just a specific engine or truck out there might fail that 
night. If that's the case, we're ready to back it up with other 
equipment that's going to pump just as well.
    We have sent a memorandum to our city Y2K coordinator, Mark 
Burton, identifying resources that the fire department will 
need around the Y2K millennium period, and this memorandum 
includes additional food, water, sanitation electrical pumps 
and dispatching equipment that we feel will help support us 
through the period.
    We've also, over the past year, upgraded all of our 
computers. We were all MAC based, and we are now all PC based 
that are all Y2K compliant. All of our embedded systems, this 
includes over 420 pieces of equipment, are now compliant. This 
has been accomplished by either a letter of compliancy from the 
manufacturer or actual chip upgrades installed by the 
manufacturers.
    We are working currently with the city General Services 
Department to identify fuel and power needs for our fire 
stations and apparatus.
    And just giving you an example of one of the issues we 
wanted to deal with right up front, we go through about $50,000 
worth of latex medical gloves every year. We are required when 
our fire fighters go out on any type of medical call to don 
latex gloves, and we found out earlier this year that they come 
from Asia. And because we don't know what the Asian nations are 
doing as far as Y2K preparedness, we have placed an order 
through an open P.O. We have annually with the vendor to buy 
practically $50,000, our full allotment, all at one time. We 
haven't figured out where we're going to warehouse it, but 
we're going to have all the gloves here early and not later so 
we don't have a problem in the next 6 months.
    At this point in time, we have no information that would 
lead us to believe that our ability to deliver critical and 
essential services will be impaired by Y2K problems. There are 
two core service areas in the fire department in San Jose that 
we have identified that we are working, when we talk about our 
fire department contingency plan for the city of San Jose, 
these are the areas that we're working closely with. One's our 
Bureau of Field Operations. This is our first core service, and 
its responsibility is to mitigate emergency incidents in the 
community including fires, medical emergencies, hazardous 
material events, rescue situations and natural or terrorist 
caused disasters.
    The emergency response system is effective when all 
components necessary for service delivery are readily available 
and functioning harmoniously. Just to give you an example, we 
have, in the city of San Jose, we will have 31 fire stations 
open during Y2K, and we will have everybody around the clock, 
194 positions, assigned to those 31 fire stations. We also have 
an effective way of implementing call-backs systems to notify 
people if we need additional staff to support us during periods 
of need.
    Our second core service is providing emergency dispatch and 
communication services for all our emergency response 
operations for the San Jose Fire Department, and the 
responsibility for all emergency communications systems is 
shared among the police department, fire department and our 
information technology department.
    The key elements for Y2K readiness that we will be working 
on in the immediate future include establishing a final 
staffing plan and making necessary notifications to personnel 
impacted. We will be working closely with the police and 
information technology departments on the final Y2K upgrades on 
the city's CAD system. We will be working with our own Bureau 
of Field Operations staff and our Bureau of Fire Prevention 
staff, our fire inspectors. What we hope to do is get our fire 
prevention inspectors, our Haz. Mat. inspectors, our engineers 
on board where they can be in service and enabling during any 
field operations emergencies during Y2K. Finalizing 
contingencies in case private utilities such as water supplies, 
sanitary sewer systems and power supplies fail.
    And one thing that we've just decided to do over the last 
week is we want to put together a package for all of our fire 
department employees on how they can be more Y2K compliant in 
their own residences. What we're feeling is if we could get 
them to be a little less apprehensive during any kind of 
emergency over Y2K, they might be more apt to be available to 
come down to the city of San Jose and help us in need.
    In summary, the San Jose Fire Department has prepared this 
plan assuming a worst-case scenario, similar to how we may have 
to operate in a major disaster. If all or some technology 
systems fail, we will be prepared to operate in a manual mode. 
As in any situation where a high demand is placed on our 
resources, and our capabilities and effectiveness may be 
limited by a number of external forces, our goal is to provide 
the highest level of emergency services possible. To do this 
will likely result in prioritization of emergency calls in 
order to mitigate the most serious incidents.
    Thank you, sir.
    [The prepared statement of Mr. McMillan follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.329
    
    [GRAPHIC] [TIFF OMITTED] T0954.330
    
    [GRAPHIC] [TIFF OMITTED] T0954.331
    
    Mr. Horn. Thank you. That's most useful, and I look forward 
to the details on that.
    Let me ask our power suppliers, Pacific Gas and Electric, 
Silicon Valley Power. There are about 3,200 independent 
electric utilities, I think, in the United States, and there's 
about 80 percent of the Nation's power generation comes from 
250 investor owned public utilities. We all know it takes a 
high degree of automation, and you've mentioned that, to 
operate our country's national power grid.
    But just to get it in the record at this point in terms of 
the lights being able to stay on, the assembly lines being able 
to run, I guess I would ask what is being done to keep home 
owners and businesses informed about potential failures in 
their energy management system, or are you just assuming with 
the general education, which has been very good, that you've 
let out to your customers, either in bill or special sessions 
or whatever, I'm just curious, are people, are some of your 
customers worried that there might be an interruption, and if 
so, what? Is there a back-up to that, either within the grid or 
if we talk about hospitals and emergency rooms, some of them 
say we've got 72 hours of power based on diesel generators and 
all that. I don't know. Is that really useful? I mean, it will 
work for awhile, but suppose we have 3 or 4 days out, and they 
can't get the fuel and they're sort of just behind the eight 
ball?
    So I'd just be curious what your thoughts are on this.
    Mr. Garth Hall. From PG&E's point of view, I would say that 
our customer base has an uneven, on average a modest level of 
interest and concern about it. Our website, which I mentioned 
earlier, receives about 9,000 hits a year in the section that 
deals with Y2K--sorry, 9,000 a month. That's the current rate 
of hits, which given our service territory is not very large.
    We have, of course, bill inserts that have gone out to 
inform the public, the customers, as to our readiness and 
direct them to normal preparedness, that I think Dr. Winslow 
suggested, will be appropriate for this time of the year as 
we're going into the winter storms, and for earthquakes. That's 
a good opportunity to brush up on the type of items that you 
would typically want to have in store for these types of 
emergencies. Y2K is an opportunity for folks to think about 
preparedness for general emergencies like these.
    But in addition to that, I did mention that we have had, 
for all the customer groups that have expressed an interest, 
we've had face-to-face meetings with them and presentations to 
point where I think we've seen them tail off in that type of 
demand for a meeting, although we're ready at any time to meet 
with folks who are interested.
    We plan additional inserts into the bills that go out to 
our customers to just keep them updated. We think that there is 
going to probably be some level of increased interest as we 
approach the end of the year, and we will definitely be 
updating our website to provide any current status information. 
We think that our call centers which people, customers, well 
know, which has a 1-800 number, will be very, very capable and 
well prepared to answer any questions that people have if they 
want to call in with any need for information. During the New 
Year transition timeframe we expect that the press will be very 
interested in what's going on, and we're preparing ways in 
which we can keep them informed in real time as to what's going 
on.
    Those are some of the steps we've taken. We'll probably do 
additional things as we go through.
    Mr. Horn. Ms. Lopez, do you want to add anything to that?
    Ms. Lopez. Actually, it's pretty much the same thing as we 
are doing. I think we have one advantage in being a small, 
local municipal service. We have many of our citizens that are 
concerned actually drop in and talk to us. But we do have, 
which we have sponsored and we have two more scheduled to be 
sponsored, meetings within the communities themselves, at the 
library, one at a local park. Plus, as I said, we have done 
with all the commercial and industrial customers, had several 
meetings, and we will have more.
    I think it's not a matter of awareness. I am, I guess, 
amazed somewhat at the level of concern and that the number of 
individuals seems to be very small that have concerns, but of 
those that are concerned or even partially aware, electricity 
does seem to be their No. 1 priority.
    As to your question regarding generation, we are 
encouraging all of our households, have back-up fuel as a 
concern. We have allocated within the city areas where we can 
have extra fuel that could be delivered if it were needed. We 
don't believe it will be, but we have made preparations for 
that.
    We also have--we don't have within our city the ability to 
completely supply generation for all of our needs. We must rely 
on ol' PG&E for that. We do have some measures available, 
particularly for emergency type facilities and situations that 
we think will be adequate if anyone would need them.
    Mr. Horn. I was going to ask you on the point you just 
raised, which was, PG&E is the source for what percentage of 
your power? You buy it from them at a good deal, is that it?
    Ms. Lopez. Yes, sir. Probably, not probably, definitely the 
majority of our power, we would be unable to sustain service, 
other than very minimally with our in-city generation.
    Mr. Horn. What percent of your total power is provided by 
PG&E?
    Ms. Lopez. I think it's somewhere around 95 percent.
    Mr. Horn. 95?
    Ms. Lopez. 95 percent.
    Mr. Horn. And you generate the last 5 percent how?
    Ms. Lopez. Yes, sir. Well, we don't normally generate it. 
We normally use 100 percent from without, but we do have 
abilities within our city for some generation.
    Mr. Horn. What is that? Your own generators?
    Ms. Lopez. Yes, sir. Our own power.
    Mr. Horn. Fuel operated?
    Ms. Lopez. Yes, sir.
    Mr. Horn. Now, if PG&E is in a caught, how many of those 
contracts do you have out that you supply from PG&E, and if you 
were in a squeeze, do you cancel those contracts or can they 
count on it?
    Ms. Lopez. Would they cancel? We wouldn't cancel those 
contracts.
    Mr. Horn. Well, would PG&E cancel them, I guess what I'm 
asking Mr. Hall is, in other words, if you're put with a major 
disaster on your hands, do you just cancel the contracts for 
small power companies and feed your more prominent customers or 
areas that might not have small companies?
    Mr. Garth Hall. That's not the approach at all. Let me just 
mention in a sound byte that the electric restructuring that 
has been initiated across the Federal terrain has had a very, 
very big impact over the last 2, 3 years in California. Right 
now, the power that is delivered to Santa Clara and many other 
very language cities and customers, often they have very, very 
little now comes from PG&E. They contract for supply from 
independent providers. I think you mentioned that in your prior 
question, of which there are many thousands of individual 
generators now. That is the bulk source of most of the power.
    Our primary responsibility in the electric side is in the 
delivery, and that is the area where, in fact, cities like 
Santa Clara and many others do depend on us very much for our 
reliability, we've focussed very much on that.
    Let me just mention one additional thing that might be 
reassuring, that the Western Systems Coordinating Council, 
which is a part of the North American Reliability Council in 
dealing with the western systems reliability, have announced 
plans over the New Year transition, which would be several 
hours before midnight hour and several hours afterwards, 
whereby all of the power plants within that jurisdiction will 
have additional reserves. The way they will do that is bring 
additional power plants online and back all of those that are 
online down a bit. So that if there are, heaven forbid, some 
power plant failures due to microchip problems or whatever, 
that they will have additional reserves to instantly step up 
and provide additional power.
    In addition to that, the demands, I think, even Santa Clara 
would receive from the Pacific Northwest, by the entire 
Northwest, those vulnerabilities, if there are any, will be 
reduced by reduced schedules across the entire so that we are 
more self-sufficient for that vulnerable period, just with the 
normal state. So I think very prudent measures have been made 
to avoid the types of failures that we have contemplated 
nationally amongst power plants.
    Finally, I will say that since we're an owner of a very 
large independent power producer with more than 25 power plants 
across the United States, I have personally overseen their Y2K 
compliance efforts they have been through, and I believe this 
is fairly typical, as stringent a Y2K program as anything that 
the utility has done. So I think their readiness is equally as 
strong as I'm representing for the utility.
    Mr. Horn. Mr. Willemssen has joined us at the table. Let me 
ask you what we didn't ask you yesterday just for this record. 
Santa Clara is a very urbanized county and very complex, and 
great demands on power. Get across the Pajaro River into San 
Benito County, you have people, farms stretched out over, maybe 
a mile apart, half mile apart, 10 miles apart.
    What do you find in terms of the rural part of the PG&E 
jurisdiction as you go up, let's say, Sierra County and Plumas 
and all the way to the Oregon border. Are you finding different 
reactions to the year 2000 in the rural areas where they don't 
have the money to sort of adapt to whatever systems they're 
using? What's been the experience?
    Mr. Garth Hall. We have found it to be fairly uneven. 
Yesterday we had a representative from, I believe, Siskiyou 
County, and I think that was interesting, because they 
demonstrated a very high level of awareness for a county with a 
relatively small population.
    That is uneven in our experience. Wherever there is a need 
or interest, we have been responsive and tried to provide the 
information. As I mentioned, most of them, in fact, all of the 
them, in their emergency services at the police level and at 
the Office of Emergency Services level, are very aware of the 
distribution emergency centers that we have uniformly 
positioned across our service territory, and are well versed in 
interacting with those centers at times of emergencies.
    So from the staff who deal with emergency, from their point 
of view, we think we have excellent contact. From the general 
public point of view, again, fairly uneven.
    Mr. Horn. Interesting.
    Do you want to add anything, Ms. Lopez, based on your 
experience?
    Ms. Lopez. No, sir.
    Mr. Horn. Let me ask the chief and Dr. Winslow and Mr. 
McMillan, the deputy fire chief, how ready are we on the 911 
systems that typically rely on older telecommunications and 
computer equipment? Do you feel that if there's a flood of 
these calls because people are just upset or whatever; they 
don't know; it's like having an eclipse nobody told us about; 
it's awful dark outside. We'll phone you. So what's your 
reaction to that system?
    Mr. Lansdowne. Mr. Chairman, Bill Lansdowne from the police 
department. We have planned for this. We will have additional 
persons who will be on standby and actively working the phones. 
So we will easily be able to handle any anticipated increase in 
the number of calls.
    We just recently upgraded our 911 system. It's state-of-
the-art. It's compliant. I don't think that we're going to have 
any trouble at all handling the 911 increase in calls. I'm very 
proud to state that we currently handle our pickup of 911 calls 
within 2.2 seconds, which is one of the fastest in the Nation 
of any city this size. Of course we handle 900,000 people here.
    Mr. Horn. On the frequencies that different police forces 
have within Santa Clara County, I'm curious, is there a united 
frequency here? I went through this in L.A. County several 
years ago, and we have 81 cities in that county and 10 million 
people. We've got the Sheriff. We've got the University of 
California, California State University, State Police, all 
different little jurisdictions, if you will.
    Is there any problem here that you lack the frequencies 
that you need to communicate to smaller groups within various 
cities and police forces?
    Mr. Lansdowne. None of our systems are compatible right now 
with the State agencies, Highway Patrol and the local 
jurisdictions, Santa Clara and San Jose, and the county 
jurisdiction. But the communication systems are linked, and 
that will be the way that we will have to communicate from 
department to department, if we are required to do a Mutual Aid 
System. I think we are very fortunate in the State of 
California that we have a very comprehensive Mutual Aid System, 
and all of the agencies, the sheriff, the local agencies in the 
Bay Area regions are prepared to provide whatever mutual aid 
which will be requested from us, and we have that system in 
place.
    Mr. Horn. You could provide that in terms of triggering it 
by what? Telephone? Radio frequency?
    Mr. Lansdowne. The system triggering is calling the sheriff 
who is the natural disaster person within the county, and then 
they would trigger at the level they need. My understanding and 
maybe the panel can add to that, is that the State will be up 
and ready to put that system in place and operate it during the 
New Year's.
    Mr. Horn. Now, will that be a permanent system or is that 
just for potential emergencies?
    Mr. Lansdowne. It's for potential emergencies, natural 
disasters of which this State has a lot of experience.
    Mr. Horn. That's for sure. We have the biggest number of 
disasters in the Nation. When you look at it from the 
Mississippi, they have floods. We outdo them with earthquakes. 
I think the Loma Prieta is still the most expensive Federal 
investment isn't it?
    Ms. Winslow. Northridge.
    Mr. Horn. Northridge is still? I know there's a few things 
not settled yet on hospitals and whatnot, but so what's that? 
About 16 billion?
    Ms. Winslow. That's the FEMA cost. If you look at the 
insurance loss on top of that, it's a much bigger number.
    I'd just like to clarify on the Mutual Aid System. The 
Mutual Aid System has been in place since the 1950's, and it's 
maintained at all levels of law enforcement on one chain and 
fire on the other chain. At the top of the chain is the State 
Office of Emergency Services. They will be opening the State 
Operations Center and the Regional Operations Centers in each 
regional office, which is Sacramento, Oakland and in your area 
it's at the Los Alamitos former reserve center. Those will be 
open December 30th, and they will open through the 2nd.
    Mr. Horn. Now, are the National Guard and the Army Reserve 
also tied into these? What sort of relationship would you have 
there? Let's say you had a riot.
    Ms. Winslow. The National Guard is called out by the 
Governor on a request from the local chief of police, and the 
military is only activated under very unique circumstances 
where the Governor and the President concur.
    Mr. Horn. All right.
    Mr. Lansdowne. I would like to say, Mr. Chairman, that they 
are on standby, and they will have people in the operation of 
Emergency Services Centers during a 72-hour period. They could 
be activated at a moment's notice with a call to the Governor 
of the State of California.
    Mr. Horn. And those frequencies exist with the Federal 
portion like the Reserve and the National Guard, so there is 
rapid communication there other than telephone? Let's say with 
all due respect to Pacific Bell, but.
    Mr. Lansdowne. Yes, sir. Those systems are in place. We can 
have Federal assistance very quickly.
    Mr. Horn. Mr. Willemssen, what do you have to add to this 
panel? I saw you taking a lot of notes.
    Mr. Willemssen. I just thought that you, Mr. Chairman, 
might also get some value out of hearing in the Y2K emergency 
services area what kind of assistance and interaction that the 
individuals here received from FEMA and any kind of 
communications they received recently from the newly formed 
Information Coordination Center headed by General Kind. There 
are a lot of activities under way that will involve not only 
the FEMA regional offices, but all the States and localities, 
and I think it would be of interest to hear what kind of 
communications have occurred at this point.
    Mr. Horn. Yeah. Well, don't all rush to the microphone now.
    Ms. Winslow. I guess I'll just have to deal with this one 
because my office deals with people the most. I don't think 
there's really a politically correct way to say this. We 
haven't heard anything from anybody.
    Mr. Horn. In other words, there's a lot of work to be done 
between now and December.
    Ms. Winslow. I only know what I read in the newspaper.
    Mr. Horn. I see. So how's the system supposed to work? Is 
it supposed to work through the FEMA regional office or 
directly out of Washington or what?
    Ms. Winslow. No. In California we have a structure called 
the Standardized Emergency Management System, which establishes 
the way that we relate to each other. So the cities together 
with the county are called an Operational Area, and we're the 
Santa Clara County Operational Area. We're part of the Coastal 
Region which goes from the Oregon border to the southern border 
of Monterey County, and from the ocean to the coastal 
foothills, and along that strip, we are joined through that 
office in Oakland, which serves as a head of that. We have 
periodic meetings, four times a year, with the Coastal Region 
Leadership. Generally information that we get from FEMA comes 
through the State through the Coastal Region to us at those 
meetings.
    Mr. Horn. And you're meeting twice a year?
    Ms. Winslow. No. Four times.
    Mr. Horn. Four times a year.
    Ms. Winslow. In fact, there's a meeting at the end of this 
month. So perhaps that's the time. This is a relatively new 
effort on FEMA's part. It may be that at the August meeting 
they'll present the information, but to date we haven't 
received anything that I'm aware of.
    Mr. Horn. OK. Mr. Willemssen.
    Mr. Willemssen. I would just add that the newly formed ICC 
and FEMA are planning a major exercise September 9th. It's 
supposed to involve the unifying State contacts. The plan is 
that each of the unified State contacts is supposed to supply 
information upwards to individual FEMA Regional Offices, which 
will then be supplied upwards to the national level. You may be 
hearing more about that shortly.
    Mr. Horn. September, 9th, 1999, is also the nationwide 
power grid drill; is that correct? Is that tied in with the 
same thing by FEMA?
    Mr. Willemssen. No. Those are predominantly separate 
efforts, although John Koskinen will obviously be monitoring 
both simultaneously.
    Mr. Horn. That's the representative to the President, the 
executive branch.
    Any other questions we have? Any other thoughts any of you 
have after having listened to three panels including yourself?
    Well, if you have them, we'll be glad to put them in. We 
keep the record open for a week or so, and we'll put them in at 
this point. And we have several questions from the audience, 
and we will be writing to the relevant panel members, and we'll 
put them in at the appropriate place in the record. So without 
objection that will be done.
    I just want to say as one that was brought up in this area, 
I appreciate very much all of the fine work that these three 
panels have done. I think that's been very helpful that you 
sort of restore our confidence in the degree to which local 
government, the county, the particular groups whether it be 
hospitals that we had on the panel of yesterday, police today, 
and all the rest of it, that people are cooperating and are 
working together, and that is, I think, impressive.
    Let me just thank the staff that have worked on this 
particular hearing. J. Russell George, staff director. There we 
are, down, front row seat. Did you pay a high ticket price for 
that? He's our chief counsel also.
    To my left and your right is Patricia Jones. Patricia is 
with us as a fellow, congressional fellow of the American 
Political Science Association.
    And Bonnie Heald, our communications director, is also in 
the front row, a professional staff member.
    And Mr. Ahlswede is not here. He's already ahead of us in 
Portland, and he is the clerk.
    And then Seann Kalagher, an intern, is around here 
somewhere. There you are. Good to see you.
    And then from Mr. Campbell's staff, Casey Beyer is the 
chief of staff, and we thank him for his help.
    And Sally Wilson is our court reporter, and we thank you 
very much for going through 3 hours of this yourself.
    And with that we wish you well, and we recess this meeting.
    [Whereupon, at 12:50 p.m., the subcommittee was recessed, 
subject to the call of the Chair.]


 THE YEAR 2000 COMPUTER PROBLEM: LESSONS LEARNED FROM STATE AND LOCAL 
                              EXPERIENCES

                              ----------                              


                        TUESDAY, AUGUST 17, 1999

                  House of Representatives,
Subcommittee on Government Management, Information, 
                                    and Technology,
                            Committee on Government Reform,
                                                       Seattle, WA.
    The subcommittee met, pursuant to notice, at 9 a.m., at the 
Henry M. Jackson Federal Building, 915 Second Avenue, Seattle, 
WA, Hon. Stephen Horn (chairman of the subcommittee) presiding.
    Present: Representative Horn.
    Also present: Representatives McDermott and Dunn.
    Staff present: J. Russell George, staff director and chief 
counsel; Matthew Ryan, senior policy director; Patricia Jones, 
congressional fellow; Chip Ahlswede, staff assistant; and Grant 
Newman, clerk.
    Mr. Horn. Good morning. I'm Steve Horn, chairman of the 
House Subcommittee on Government Management, Information, and 
Technology. This hearing, which recessed in California on these 
issues, will now come to order.
    I particularly welcome and thank my two colleagues from the 
Seattle area, Congresswoman Jennifer Dunn and Congressman Jim 
McDermott. We're delighted to have them with us, and they will 
participate as full members in terms of asking questions, 
opening statements, whatever. We will treat them with great 
courtesy because they are major leaders within the House of 
Representatives and their respective parties.
    And we are here to discuss a topic of worldwide interest, 
the so-called year 2000 computer problem, also known as Y2K, 
and commonly referred to as the millennium bug. The year 2000 
technology challenge affects just about every aspect of 
Federal, State and local government operations. Furthermore, it 
affects private sector organizations and could impact the lives 
of most individuals. From Social Security to utilities to local 
emergency management, the year 2000 computer bug has certainly 
been a huge and large management and technological challenge 
for all of us. No single organization, city, State, or even 
country, can solve the year 2000 problem alone.
    We have 136 days before January 1, 2000. There is only one 
certainty with the year 2000 problem: that date is certain, and 
no one is certain as to what will exactly happen on that day.
    Our goal is to ensure that citizens' vital services are 
maintained. There are many unknowns, including international 
readiness.
    The problem, of course, dates back to the mid-1960's, when 
programmers, seeking to conserve limited computer storage 
capacity and memory, began designating the year in two digits 
rather than four. In other words, the year 1967 became '67 in 
the computer. And they knew at that time that when you got to 
the year 2000, it would come up 1900, and the computer wouldn't 
know if it was 2000 or 1900. The computer would be confused. 
And that's what we have been working on for the last 4 or 5 
years.
    And they said at the time, ``Well, we won't have to worry. 
After all, we're Americans, and technology will solve this.''
    Well, it won't. It hasn't. And just hard work and going 
through those codes and everything else is what it has taken to 
prepare for the January 1, 2000 situation.
    Our subcommittee has the jurisdiction over the executive 
branch agency and Cabinet departments on matters of economy, 
efficiency, and effectiveness. We held our first hearing on the 
problem in the spring of 1996. Since that time, we've held over 
30 hearings and issued eight report cards to monitor the status 
of the Federal Government's year 2000 computer solution.
    You will hear today from the State of Washington that they 
have 423 mission-critical, or essential, computer systems. The 
Federal Aviation Administration, one Federal agency, has 
roughly the exact same number.
    This is a situation that relates to interoperability 
between the Federal Government, the State government, the 
county governments and the local and city governments.
    Current estimates show that the Federal Government will 
spend nearly $9 billion to fix its computer systems. I've often 
said the figure will probably reach about $10 billion by the 
end of the December 31st calendar year.
    And we have also worked on looking at business continuity 
and contingency plans as well as Federal. We work with Mrs. 
Morella's Committee on Technology of the House Science 
Committee that relates to Mr. Bennett's Senate committee. The 
Senate didn't start on this until 2 or 3 years after we did, 
and they started in roughly February 1998. The administration 
started with putting a full-time person on the job in April 
1998.
    These plans that we have looked at on a quarterly basis 
provide critical insurance in the event of unforeseen problems.
    Recently, the President's Office of Management and Budget 
identified 43 essential Federal programs, such as Social 
Security, Medicare, the Nation's air traffic control system, 
the weather system. Each day, these programs provide critical 
services to millions of Americans. Of these 43 programs, 10 are 
federally funded, State-run programs, such as Medicaid, food 
stamps, unemployment insurance, and child support enforcement. 
Several of these State-run programs are not scheduled to be 
ready for the year 2000 until December, leaving little, if any, 
time to fix unforeseen problems.
    Data exchanges and interdependencies exist at all levels of 
government and throughout the private sector. A single failure 
in the chain of information could have severe repercussions.
    For example, the U.S.' Social Security program has been 
ahead of everybody else on its own initiative. No President 
ever had to tell them what to do. They decided in 1989 to do 
it, and they were the first Federal agency to have 100 percent 
compliance.
    The Social Security Administration maintains data 
containing pertinent Social Security payment information for 
eligible citizens. When payments are made, the Social Security 
Administration sends payment data to the Department of the 
Treasury's Financial Management Service. Now, that was way 
behind this year. They are now coming up to snuff. This service 
cuts the Federal checks, which are generally electronically 
deposited directly into the person's bank account at a local 
financial institution.
    Three organizations move and manipulate data to make these 
payments happen; each uses a network of computers. If a payment 
is mailed to the individual's home, the U.S. Postal Service 
plays a key role. And most of the Federal agencies told us that 
their contingency was the U.S. Postal Service.
    We then held a hearing with the Postal Service, and it 
turns out they had no contingency plan. So there are problems 
there.
    The bottom line is, if any one of these entities fails, 
from the Federal Government to the local bank or with the 
Postal Service, the checks going to the home of a deserving 
individual simply might not ever get there.
    Now, multiply this situation by the 43 to 50 million 
different checks Social Security makes out in 1 month and you 
can appreciate the magnitude of just one aspect of the year 
2000 issue.
    Fortunately, the Social Security Administration has been 
working on the problem, as I said, since 1989, and it's 100 
percent compliant.
    But for computers to work, we need energy, electric power, 
whether it be hydro, nuclear, wind, whatever, and that is 
essential. And we will hear today from the local utilities. 
We've done that in every city we've been in, which are roughly 
about 20 city and State visits.
    One of the most essential questions concerning the year 
2000 challenge is, ``Will the lights stay on?'' Without 
electricity, the assembly lines of one sort or another simply 
stop, and people would be let off after a certain period if 
there was a drastic blackout that went beyond just a few days, 
and our modern society might seem to be in the Stone Age when 
there is no power. We look forward to hearing today from the 
Bonneville Power Administration, Seattle City Light, and Puget 
Sound Energy to answer that question.
    From a personal standpoint, I realize that when confronted 
with a personal emergency--and you do, too--I can call 911 for 
assistance, and we should feel confident that that phone will 
be answered promptly and that a competent authority will 
respond rapidly. So we will be hearing from public safety 
individuals, as we do at every city hearing.
    Year 2000 computer problems present other potentially 
serious threats at local levels, from the potential 
interruption of a city's call for fire or police assistance to 
delays in a State's ability to request emergency or disaster 
assistance from the Federal Government.
    One thing is certain: there are only 136 days until January 
1st, and the clock is ticking. Accordingly, the testimony we 
receive today will help our understanding and the community's 
understanding of the full extent of the year 2000 problems in 
the State of Washington.
    Today, we have three knowledgeable panels to provide a 
picture of year 2000 readiness in both the public and private 
sectors, and I welcome all of our witnesses. But first, I'd 
like to call, in terms of seniority, which is the way we 
resolve these conflicts in the House of Representatives, the 
gentleman from Seattle and State of Washington, Mr. McDermott, 
for any opening statement he might wish to make.
    [The prepared statement of Hon. Stephen Horn follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.332
    
    [GRAPHIC] [TIFF OMITTED] T0954.333
    
    Mr. McDermott. Thank you very much. Welcome to Mr. Horn, 
the good representative from Long Beach, where I spent a couple 
of years back in 1968 to 1970 during the Vietnam War. So I know 
a little about your district, and it's good to have you here.
    I really do not have an opening statement because I really 
came to hear what's going on. We've had lots of hoopla and 
we've passed bills to get rid of liability for Y2K and all 
these sorts of things in Congress, but I've not yet heard in my 
own community, in an organized way, where we stand. So I'm very 
eager to hear what we have today, and I thank you for coming to 
Seattle to have this hearing.
    Mr. Horn. I'm delighted to have my classmate from the 
elections of 1992, Jennifer Dunn, who has been a real leader in 
her party and an excellent representative from her area, here.
    And as you know, Washington is one of the most progressive 
States in the country. And with your great port, The Boeing 
Aircraft Co., which I also have a part of--in other words, 
Douglas Aircraft, which is now Boeing, is in my district--so we 
have a lot in common. And Norm Dicks and I won't have to argue 
with each other.
    Ms. Dunn. That's a relief.
    Steve, we're so happy you're here with us today. And it's 
certainly the pleasure of all of us, those joining us in the 
audience, to welcome you on what's something like the 20th 
hearing on Y2K problems that may be in existence, and success 
stories that we know certainly do exist around this Nation.
    I want to thank, too, Bruce Chapman of the Discovery 
Institute. Bruce, perhaps you could stand at the back of the 
audience. Bruce has been a great facilitator of this meeting 
today, as we invited Congressman Horn to join us in Seattle. 
And Bruce Chapman will host him at lunch today so that we can 
hear a little bit more about what's happening behind the scenes 
on Y2K.
    I also want to mention a couple of the folks in the 
audience that are particularly important to me. We have three 
members of my Youth Advisory Council sitting in the audience 
today, and they came because they are interested in what's 
going on in this Nation. And they are 3 among 30 young people 
who advise me on issues across the board and give us a point of 
view that we often do not receive, which is that of young 
people who are operating in the real world out there.
    So I'd like to ask Mary Basinger and Nicole Leonce and Omar 
Hakim to stand. Mary is from Green River Community College, and 
Nicole goes to Kentwood High School, and Omar is a student at 
Newport High School. And we're delighted that you could be here 
today with us.
    As most of us would agree, the importance of preparation 
and readiness for year 2000 simply cannot be understated. So 
much of Americans' daily lives revolve around computer 
transactions and digital events that most people probably are 
not even aware of.
    Now, I'm an old systems engineer with the IBM Co. during 
the 1960's, and that was my job out of Stanford University. And 
I see you're a graduate, too. But I came home to Seattle and 
did a lot of work, and I remember the long hours of turning 
people's accounting systems into computer programs, and then 
the even longer hours of debugging those programs.
    And so my particular concern is how the testing of the 
programs that have been started and that we'll hear about 
today, how the testing is going and whether we will be reliably 
sure that by the time we have that turnover, those tests will 
result in successful systems.
    It's up to all of us to be sure that when the clock turns 
to midnight on December 31st of this year, water, power, and 
emergency services are on line and are working for the 
residents of our State. So I, too, look forward to hearing the 
testimony of the folks who have joined us here today.
    We also need to know about the interactions among the 
companies and the agencies we'll hear from today, and the 
Federal agencies that Jim McDermott and I actually oversee, 
since we're members of the Oversight Subcommittee of the Ways 
and Means Committee in the U.S. Congress.
    Now, we have participated in a large number of oversight 
hearings on the readiness of Federal agencies under the 
jurisdiction of the Ways and Means Committee, like the Social 
Security Administration. And as Congressman Horn says, 
fortunately that administration is well ready to get those 
checks in the mail, and that's something we're very concerned 
with.
    The IRS is another agency under our jurisdiction, not in 
quite such good shape, unfortunately, but doing better under a 
great manager who has taken over the IRS.
    Medicare and the U.S. Customs Service are also under our 
jurisdiction, so we have heard hearings from those agencies.
    Now, they are all in different stages of readiness for Y2K, 
and they all have comprehensive plans to fix the problem ahead 
of time and to deal with emergencies should those arise.
    As the clock winds down on the millennium, it's our job to 
continue to oversee these efforts. And the fact that 
Congressman Horn has seen fit to come into the Seattle area and 
offer an opportunity for us to hear from the different agencies 
should be certainly congratulated, and I think it will do us 
all a lot of good to hear what's going on in the Seattle 
community and the State of Washington today.
    I want to thank you particularly, Congressman Horn, for 
coming here and doing this for us.
    Mr. Horn. Thank you very much, Representative Dunn.
    Let me just explain how this subcommittee functions. We'll 
have three panels. Each one will probably take about an hour. 
The individuals in each panel will be as they are shown in the 
agenda. We simply go down the line.
    We have their written papers. They automatically become 
part of the record when we introduce them. We'd like them to 
summarize those remarks and presentation in about 5 minutes. 
And counsel here will sort of keep track. And the reason for 
that is we'd like a dialog within the panel and between the 
subcommittee and my two colleagues from Washington and the 
individuals here who think we get at the questions and the 
understanding best that way. And we thank you very much for the 
very fine papers you've filed with us.
    We will also, as an investigating committee of the House, 
swear in all panels. If you have staff back of you that 
supports you, please, we'll have them stand with you--the clerk 
will note who has affirmed the oath--and that permits the 
testimony to be taken.
    So if the first panel would stand and raise your right 
hands. And anybody in your support staff, please have them 
stand. I only do one baptism. We have five at the witness 
table, two behind.
    [Witnesses sworn.]
    Mr. Horn. I take it the two back there look like they also 
affirm. So the clerk will note that, and we'll proceed. Now, 
our lead witness in every panel we have across the Nation is a 
representative of the General Accounting Office. The General 
Accounting Office was established by law in 1921, when the 
President was also given a Bureau of the Budget, and the 
Congress, which is the legislative branch. And it's the GAO, 
the General Accounting Office, that works for us, and they work 
on both fiscal matters and programmatic matters.
    And Joel Willemssen, who will be the first witness here, 
the Director of Civil Agencies Information Systems, has been in 
every one of our panels.
    Now, we had several going last week. He happened to fly to 
Washington on Saturday and come back Sunday so he could be here 
in Seattle. And we also ask Mr. Willemssen to join us at each 
panel in the dialog, because he can pull it together on a 
national experience and relate it for us in what he has heard 
in this particular series of experiences.
    So Mr. Willemssen, Director of Civil Agencies Information 
Systems, General Accounting Office, we're delighted to have you 
start the panel.

  STATEMENTS OF JOEL C. WILLEMSSEN, DIRECTOR, CIVIL AGENCIES 
INFORMATION SYSTEMS, GENERAL ACCOUNTING OFFICE; CHRIS HEDRICK, 
DIRECTOR, WASHINGTON STATE YEAR 2000 OFFICE; CLIF BURWELL, Y2K 
   PROGRAM MANAGER, KING COUNTY, WA; MARTY CHAKOIAN, PROJECT 
 MANAGER, CITY OF SEATTLE YEAR 2000 OFFICE; AND BARBARA GRAFF, 
      EMERGENCY PREPAREDNESS MANAGER, CITY OF BELLEVUE, WA

    Mr. Willemssen. Thank you.
    Mr. Chairman, Congresswoman, Congressman, thank you for 
inviting GAO to testify today. As requested, I'll briefly 
summarize our statement on the readiness of the Federal 
Government, State and local governments, and key economic 
sectors.
    Regarding the Federal Government, reports indicate 
continued progress in fixing, testing, and implementing 
mission-critical systems. Nevertheless, numerous critical 
systems must still be made compliant, and must undergo 
independent verification and validation. The most recent agency 
quarterly reports, which were due to OMB last Friday, should 
provide us more updated information on where the Federal 
Government stands.
    Our own reviews of selected agencies have shown uneven 
progress and remaining risks in addressing Y2K, and therefore 
point to the importance of business continuity and contingency 
planning. Even for those agencies that have clearly been 
Federal leaders, such as the Social Security Administration, 
some work remains to ensure full readiness.
    If we look beyond individual agencies and individual 
systems, the Federal Government's future actions in the months 
remaining will need to be increasingly focused on making sure 
that its highest priority programs are year 2000 compliant. In 
line with this, OMB has identified 43 high-impact priorities, 
such as Medicare and food safety.
    Available information on the Y2K readiness of State and 
local governments indicates that much work remains. For 
example, according to recently reported information on States, 
about eight States had completed implementing less than 75 
percent of their mission-critical systems. Further, while all 
States responding said that they were engaged in contingency 
planning, 14 reported their deadlines for this as October or 
later.
    Another area of risk is represented by Federal human 
services programs administered by States, programs such as 
Medicaid, food stamps, child support enforcement, unemployment 
insurance.
    OMB-reported data on the systems supporting those programs 
show that numerous States are not planning to be ready until 
later this calendar year. Further, this is based on data that 
has not been independently verified.
    Recent reports have also highlighted Y2K concerns at the 
local government level. For example, last month we reported on 
the Y2K status of the 21 largest U.S. cities. On average, these 
cities reported completing work for 45 percent of their key 
services.
    Y2K is also a challenge for the public infrastructure and 
key economic sectors. Among the areas most at risk are health 
care and education.
    For health care, we've testified on numerous occasions on 
the risks facing Medicare, Medicaid, and biomedical equipment. 
In addition, last month we reported that while many surveys had 
been completed on the Y2K readiness of health care providers, 
none of the eleven surveys we reviewed provided sufficient 
information to assess the true status of providers nationwide.
    For education, this month's report of the President's 
Council on Y2K Conversion indicates that this continues to be 
an area of concern. For example, according to the Council 
report, many school districts could have dysfunctional 
information systems because less than one-third of institutions 
were reporting that their systems were compliant.
    Mr. Chairman, that completes the summary of my statement. 
Thank you again for the opportunity. And after the panel is 
done, I'll be pleased to answer any questions.
    [The prepared statement of Mr. Willemssen follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.334
    
    [GRAPHIC] [TIFF OMITTED] T0954.335
    
    [GRAPHIC] [TIFF OMITTED] T0954.336
    
    [GRAPHIC] [TIFF OMITTED] T0954.337
    
    [GRAPHIC] [TIFF OMITTED] T0954.338
    
    [GRAPHIC] [TIFF OMITTED] T0954.339
    
    [GRAPHIC] [TIFF OMITTED] T0954.340
    
    [GRAPHIC] [TIFF OMITTED] T0954.341
    
    [GRAPHIC] [TIFF OMITTED] T0954.342
    
    [GRAPHIC] [TIFF OMITTED] T0954.343
    
    [GRAPHIC] [TIFF OMITTED] T0954.344
    
    [GRAPHIC] [TIFF OMITTED] T0954.345
    
    [GRAPHIC] [TIFF OMITTED] T0954.346
    
    [GRAPHIC] [TIFF OMITTED] T0954.347
    
    [GRAPHIC] [TIFF OMITTED] T0954.348
    
    [GRAPHIC] [TIFF OMITTED] T0954.349
    
    [GRAPHIC] [TIFF OMITTED] T0954.350
    
    [GRAPHIC] [TIFF OMITTED] T0954.351
    
    [GRAPHIC] [TIFF OMITTED] T0954.352
    
    [GRAPHIC] [TIFF OMITTED] T0954.353
    
    [GRAPHIC] [TIFF OMITTED] T0954.354
    
    [GRAPHIC] [TIFF OMITTED] T0954.355
    
    [GRAPHIC] [TIFF OMITTED] T0954.356
    
    [GRAPHIC] [TIFF OMITTED] T0954.357
    
    [GRAPHIC] [TIFF OMITTED] T0954.358
    
    [GRAPHIC] [TIFF OMITTED] T0954.359
    
    [GRAPHIC] [TIFF OMITTED] T0954.360
    
    [GRAPHIC] [TIFF OMITTED] T0954.361
    
    [GRAPHIC] [TIFF OMITTED] T0954.362
    
    [GRAPHIC] [TIFF OMITTED] T0954.363
    
    [GRAPHIC] [TIFF OMITTED] T0954.364
    
    [GRAPHIC] [TIFF OMITTED] T0954.365
    
    [GRAPHIC] [TIFF OMITTED] T0954.366
    
    [GRAPHIC] [TIFF OMITTED] T0954.367
    
    [GRAPHIC] [TIFF OMITTED] T0954.368
    
    [GRAPHIC] [TIFF OMITTED] T0954.369
    
    [GRAPHIC] [TIFF OMITTED] T0954.370
    
    [GRAPHIC] [TIFF OMITTED] T0954.371
    
    [GRAPHIC] [TIFF OMITTED] T0954.372
    
    [GRAPHIC] [TIFF OMITTED] T0954.373
    
    [GRAPHIC] [TIFF OMITTED] T0954.374
    
    [GRAPHIC] [TIFF OMITTED] T0954.375
    
    Mr. Horn. Thank you very much. Our next witness is Chris 
Hedrick. He is the director for the State Year 2000 Office for 
the State of Washington. Mr. Hedrick.
    Mr. Hedrick. Thank you very much, Mr. Chairman, Congressman 
McDermott, Congresswoman Dunn. I appreciate the invitation to 
testify before the committee.
    Washington State government is a complex organization. 
We've got 39 major agencies with over 400 mission-critical 
computer systems and 43 agencies with embedded chips in systems 
that support vital public services and a higher education 
system that's very broad.
    As long ago as 1993, State agencies recognized the 
challenge and began working on this issue. In 1995, the State 
Department of Information Services established a central 
program to get computer data systems for State agencies and 
higher educational institutions ready for the date transition.
    We've adopted a phased approach: conducted inventories, 
identified the resources needed to correct the problems, and, 
in cases, asked the State legislature for those resources, 
conducted pilot projects, and actually converted the systems. 
All along, we've had independent assessments of our progress, 
outside auditing, and rigorous testing. All State agencies have 
also established and completed contingency plans in case vital 
public services are interrupted by other factors.
    In 1997, Governor Locke established two goals for State 
government's Y2K efforts: no interruption of vital public 
services, and no loss of accountability for public resources. 
We've spent over $80 million trying to achieve those goals, and 
we've made some progress.
    Risk assessment and independent auditing have been really 
key to our efforts. Here's how the process works. The State 
agencies have contracted with independent risk assessors who 
evaluate all the mission-critical computer systems and embedded 
systems. Then another contractor compiles this assessment data, 
analyzes it through a standardized process, and issues regular 
progress reports, such as this one.
    This contractor gives us a report card based on our 
progress. We get either red, yellow, or green ratings, or blue 
if the system is certified. As you can see from this page, our 
most recent report is all blue and green. Over 98 percent of 
State government computer systems are now fully compliant.
    The important part about this independent risk assessment 
is that the information is released to the cabinet with the 
governor in his regular cabinet meetings and to the press on 
the same day, and we've found that to be a powerful management 
tool.
    As I said, over 98 percent of our mission-critical data 
systems have satisfactorily completed the test for Y2K 
compliance. Those few programs that are not done will be 
completed over the next several weeks. And all computer systems 
in State agencies and higher educational institutions have 
established contingency plans. We have adopted the General 
Accounting Office standards for contingency planning, and those 
have been very useful in our efforts.
    We've had some initial successes. In January of this year, 
our unemployment claims system made a successful transition. 
That system looks forward a year for eligibility benefits. Last 
month, our State financial systems had a successful transition 
to fiscal year 2000. And these successful efforts give us 
increasing confidence in our ability to deal with the calendar 
year change next January.
    But in addition to our efforts to take care of our own 
computer systems and ensure that they'll make the transition 
successfully, we've taken on the responsibility of providing 
the public with information and an array of tools to ensure 
their own preparedness. We've conducted a series of workshops 
across the State, both for the public, for small businesses, 
and for local governments.
    We've been very aggressive about our use of the Internet in 
providing public information. In fact, we're building a system 
where every individual citizen can go to our website and pull 
down their own personalized profile with information about the 
readiness status of each local government, electricity, natural 
gas providers----
    Mr. Horn. Let me suggest--I'm an expert now on 
microphones--you need to get that pointed very close to you, 
otherwise they won't hear you in the back of the room.
    Mr. Hedrick. Thank you. Readiness status of local 
governments, electricity, natural gas providers, financial 
institutions and government benefit programs.
    Underlying all of our work in public information is our 
belief that people make good choices if they have good 
information. And we think it is our responsibility not to sugar 
coat that information, but to provide the public with the best 
information available.
    In assembling that information, we have also provided, both 
in print and on the web, two volumes of the Washington State 
Year 2000 Readiness Report. The third volume will come out in 
November. These reports are written with the help of staff from 
various State agencies, from local governments, and from our 
private sector advisory group, which includes representatives 
of all the major industries.
    They include information about the Y2K preparedness in 
Washington State of a variety of sectors, including local and 
State government, electricity, telecommunications, financial 
services, natural gas and petroleum, water supply and 
treatment, emergency management, health care, environmental 
quality programs, insurance, food supply, public safety, and 
transportation.
    We believe that we've been pretty responsible about making 
our house in order, but we also believe it's our responsibility 
to ensure that the citizens of Washington State have a pretty 
good idea of how messy or clean the Y2K house is for the rest 
of the State.
    In that effort, Mr. Chairman, at the State level, we share 
your national goal, and we appreciate what you've been doing on 
the Federal level. Thank you for the opportunity to testify. 
I'll be happy to take questions at the conclusion.
    Mr. Horn. We'll do it when all the panel has participated.
    Let me say that we will take questions from the audience 
written out on a card. And staff will be going up and down each 
side, and if you have paper--I think staff have the paper and 
the index cards--please feel free to write them out, and then 
we will put
those questions that you have into the dialog at the end of 
this panel.
    And so let us now go to Mr. Clif Burwell, the Y2K program 
manager for King County. Thank you for coming, Mr. Burwell.
    [The prepared statement of Mr. Hedrick follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.376
    
    [GRAPHIC] [TIFF OMITTED] T0954.377
    
    [GRAPHIC] [TIFF OMITTED] T0954.378
    
    Mr. Burwell. Thank you very much, Chairman Horn, 
Congresswoman Dunn, Congressman McDermott. Can you hear me?
    Mr. Horn. You'll have to talk into that microphone or you 
won't be heard past your colleague to the left.
    Mr. Burwell. OK. I'm very happy to be here on behalf of 
King County. I'm wondering if I would be in trouble if I 
admitted that I was one of those programmers in 1967 that you 
mentioned that was compressing those dates. I think now I'm 
having payback now by being----
    Mr. Horn. Were you using COBOL?
    Mr. Burwell. We were using COBOL.
    Mr. Horn. Well, I actually made a little program in COBOL, 
not as many as the two of you. But I must say, they are 
suddenly gaining justice. The Federal Government has permitted 
anybody that knows anything about COBOL--they'll still get 
their Federal pension check, and they can sign a $100,000 
contract to solve the problem.
    Ms. Dunn. Now we'll get a little credit there. We get to 
earn a few paychecks by restoring the problem that we created.
    Mr. Horn. Right.
    Mr. Burwell. King County took this problem very serious in 
1996, and the Council initiated a proviso. The executive 
supported that proviso in establishing the Y2K Program Office. 
And we started our work in three phases. Phase I was the 
mainframe/centralized system, which King County, at that time, 
had a lot of systems. Then we moved to the agency systems. And 
then the third phase is the independent audit and 
certification.
    Our project overall is--King County now is 88 percent 
complete at this time, with most mission-critical systems being 
done. The systems that aren't done are primarily vendor systems 
that had to be replaced because they were not compliant.
    Our project was organized by business area, and I'd like to 
quickly go through that. The four business areas that we're 
addressing are law, safety, and justice, general government, 
transportation and land use, and health and human services.
    In the area of law, safety, and justice, basic police 
services in King County are Y2K-ready. The E-911 system within 
King County is Y2K-ready. Criminal investigation, fingerprint 
identification, special operations, et cetera, all within the 
public safety area, are ready. Our fingerprint system is being 
replaced, and that will be implemented in October. Prosecuting 
attorney systems are ready. Superior court systems, ready.
    Adult detention and youth detention systems are ready. In 
the youth services area, we had one system that had to be 
replaced, a major system, and that is scheduled for October. 
All of our infrastructure systems, wide-area network, those 
kind of systems, have been tested and audited and are ready.
    Our 800-MHz communication system which interfaces 
throughout the region is ready. I mentioned the E-911 system 
for King County is ready. We're monitoring several public 
safety answering points in the region as far as their progress, 
and all 911 systems supported by our system with U.S. West will 
be ready in September.
    Our elections management systems, animal regulation 
systems, finance systems, construction systems, ready.
    One of our challenges has been in the transportation area 
with transit. The transit division is heavily laden with 
computer systems, and we've made excellent progress in that 
area, and expect to have everything ready by September.
    An important part of our program is working with the 
community, and we've done that through what we've called a 
stakeholders committee, involving both the private sector and 
the public sector. And we operate this committee through our 
Emergency Operations Center. Members of that committee include 
the State, Boeing, Banking Association, city of Seattle, 
Weyerhaeuser, and several other agencies.
    The objective of that committee is to really do the 
outreach program so that we can communicate and educate not 
only the other jurisdictions, but the citizens and our 
employees.
    So overall, King County is 88 percent ready with mission-
critical systems, and we expect to be ready no later than 
October. And again, I would be happy to answer any questions at 
the appropriate time. Thank you.
    [The prepared statement of Mr. Burwell follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.379
    
    [GRAPHIC] [TIFF OMITTED] T0954.380
    
    [GRAPHIC] [TIFF OMITTED] T0954.381
    
    [GRAPHIC] [TIFF OMITTED] T0954.382
    
    [GRAPHIC] [TIFF OMITTED] T0954.383
    
    [GRAPHIC] [TIFF OMITTED] T0954.384
    
    [GRAPHIC] [TIFF OMITTED] T0954.385
    
    [GRAPHIC] [TIFF OMITTED] T0954.386
    
    [GRAPHIC] [TIFF OMITTED] T0954.387
    
    [GRAPHIC] [TIFF OMITTED] T0954.388
    
    [GRAPHIC] [TIFF OMITTED] T0954.389
    
    [GRAPHIC] [TIFF OMITTED] T0954.390
    
    [GRAPHIC] [TIFF OMITTED] T0954.391
    
    Mr. Horn. Thank you very mucn. Mr. Marty Chakoian is the 
year 2000 project manager for the city of Seattle. Thank you 
for coming.
    Mr. Chakoian. Thank you. And on behalf of Mayor Paul 
Schell, I'd like to welcome you to Seattle.
    The city of Seattle, of course, provides essential life and 
safety services--police, fire protection, emergency medical 
services, traffic control--to our half-million residents. We 
also are directly responsible for many local utilities: 
electricity, drinking water, sewer and drainage services, solid 
waste removal. Those are services provided by city departments, 
and you'll be hearing from them on the next panel.
    Many of these services depend to one degree or another on 
computer systems, and they will not be disrupted by the year 
2000 problem.
    I was asked last February to establish a central project 
office to coordinate this effort, city-wide. Since then, we've 
adopted a date standard, promulgated a formal methodology. 
We've trained departments on how to use tools and techniques to 
be successful. We've prioritized the work of the city. We have 
an overall project plan with activities and milestones.
    And we're assisting departments directly with their 
embedded systems, the evaluation of products and services, 
testing, and contingency planning. We're not finished yet, but 
we will finish, and we'll finish on time, and we've laid the 
foundation to ensure success.
    Let me tell you where we are at this point. Over 93 percent 
of our physical computer systems are now Y2K compliant. The 
city's fiber backbone data network has been upgraded and is 
compliant. A new police 911 center has been installed, and 
we're doing an end-to-end test with U.S. West this week.
    Likewise, we've evaluated our radios, mobile data 
terminals, other essential equipment, and determined it to be 
Y2K compliant.
    Of our 90 mission-critical applications, over 80 percent of 
those have now been remediated. And that includes the most 
critical things, like police and fire dispatch, electrical 
energy management system, water laboratory information system, 
our library system, our municipal court system, our core 
financial and payroll systems.
    The ones that we're still working on, things like a system 
in our parks department that schedules ball fields, a receipt 
payment system for building permits, and the system that 
assigns staff to events at the Seattle Center, those systems, 
as well as our minor systems, will also be remediated.
    But we're not stopping there. We have, in addition, a 
formalized testing program that we require our applications to 
go through under the direction of the project office, using a 
test plan template that we've adopted from the State. We've 
also gone through our embedded systems to ensure that our water 
and electrical systems, our wastewater system, solid waste 
systems, communications equipment, fire boats, police stations, 
emergency medical equipment, even the equipment at our zoo and 
our aquarium is Y2K compliant.
    We're working with our vendors, with other government 
agencies to ensure that they likewise will be able to continue 
to work with us. And each city department is developing 
contingency plans. Some of those have already been exercised. 
We're going to have a city-wide exercise in October.
    And, like other government agencies, we're working closely 
with the public. We have materials now at our libraries and 
community centers. We've produced a video that we're sharing 
with the public on how neighborhoods can work together. And 
we're doing more and more direct personal contact with our 
senior citizens and community groups.
    One thing, however, does concern us about the year 2000. 
Seattle, as you know, is an international city. We're going to 
be hosting the World Trade Organization this November. Port of 
Seattle is the fifth largest port in dollar volume in the 
Nation, and the Port of Tacoma not too far behind. It's been 
estimated that, per capita, Washington State is the most trade-
dependent State in the country, with one of every four jobs 
related to international trade.
    And so I was concerned when I read the testimony of 
Jacquelyn Williams-Bridgers, who is the Inspector General for 
the Department of State, talking to the U.S. Senate, reporting 
that the global picture is cause for concern.
    She says that the global community is likely to experience 
Y2K-related failures in every sector, every region, and at 
every economic level. She says that this may result in creating 
economic havoc and social unrest in some countries, and in 
addition to the impact on the families living in those 
countries, she says that it could extend to the international 
trade arena, where a breakdown in any part of the supply chain 
would have a serious impact on the United States and world 
economies.
    So we in Seattle are very grateful for the work that your 
committee has done to ensure that the Federal Government will 
be Y2K compliant, and we would appreciate your continued 
support of those efforts, as well as working with the Federal 
agencies. We're trying to ensure that our international trading 
partners can also be Y2K compliant and continue to work with us 
in the future.
    In conclusion, I'd like to simply invite you to come back 
to Seattle to spend New Year's Eve with us at the Seattle 
Center if you happen to be in the neighborhood. We're going to 
have over 100,000 people there, and I think it's going to be a 
great place to ring in the new year. Thank you.
    [The prepared statement of Mr. Chakoian follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.392
    
    [GRAPHIC] [TIFF OMITTED] T0954.393
    
    [GRAPHIC] [TIFF OMITTED] T0954.394
    
    [GRAPHIC] [TIFF OMITTED] T0954.395
    
    [GRAPHIC] [TIFF OMITTED] T0954.396
    
    Mr. Horn. Well, I appreciate the offer. Ms. Dunn says be 
sure the elevator works. And we'll get into microdots and 
microchips later.
    But I have already committed myself, in almost every 
hearing, to do my usual trip to California from Dulles 
International to Los Angeles International. And I've got the 
FAA Administrator, who is a very able person, to also go on a 
trip. I've offered the east-west stuff, but last time she was 
going from National in Washington to La Guardia in New York. 
And I told her, ``Hey, just don't upset the controllers before 
I get on board, if you don't mind.'' So I might take you up on 
that.
    OK. Last member of this panel is Barbara Graff, the 
emergency preparedness manager for the city of Bellevue. Thank 
you for coming.
    Ms. Graff. Thank you. Good morning, Congressmen Horn and 
McDermott. Congresswoman Dunn, welcome home. In decades past, 
Bellevue has been referred to as the bedroom community of 
Seattle. These days, we refer to Seattle as the dining-room 
community of Bellevue.
    I am the emergency preparedness manager for the city of 
Bellevue, and though my costume implies that I am a single 
department representative, our division is in charge of an all-
hazard program for all city services and departments.
    Our city has been dealing with the problems posed by the 
year 2000 using a team effort. The technological problems 
associated with Y2K have been mitigated under the leadership of 
our Information Services Department. An interdepartmental 
preparedness plan to deal with any consequences has been 
developed by our emergency preparedness organization.
    My division has been responsible for educating the public. 
And our city council and senior staff team have been 
responsible for providing support, leadership and resources to 
prepare the community.
    The city of Bellevue has been actively addressing year 2000 
issues for several years. A strategic plan was developed in 
1997. 24 major computer systems were evaluated to determine the 
cost benefit of replacement versus modification. Programming 
updates have been completed, tested and implemented for all 
systems for which modification was determined appropriate. The 
remaining seven systems are in various stages of replacement, 
and will be completed and operational by the end of September.
    As a precautionary measure, however, contingency plans have 
also been developed for remediating or running parallel 
modified systems through the new year.
    Research has been conducted on the more than 500 products 
which contain process controllers or microchips, and an 
independent consultant has recently studied, tested and 
validated the city's Y2K remediation work.
    Early this year, the city's Emergency Operations Board 
developed a Y2K readiness plan outlining contingency measures 
to ensure no disruption of critical services for our customers, 
similar to the State of Washington's goal. This augments a 
comprehensive all-hazard emergency operations plan that had 
already been in place for 8 years. This includes: one, an 
aggressive public outreach self-preparedness campaign; two, 
working closely with our partners in service delivery, such as 
Puget Sound Energy, Overlake Hospital, and the Seattle Public 
Works Department; and three, preparing our own employees so 
they'll be ready to assist the community in any circumstance.
    Our Emergency Preparedness Division has applied the same 
philosophy to Y2K preparedness that we have given to the 50,000 
people in our community over the last 8 years about earthquake 
preparedness. The better informed our community is about 
potential problems, the more likely that they will take 
appropriate self-preparedness steps and the less likely that 
emergency services will be overwhelmed.
    We're making use of all possible public education formats, 
including videos on local governmental and community college 
channels, newsletter and newspaper articles, classes and 
workshops. Our ``Stomp on the Millennium Bug'' brochure is 
available at all city facilities, it's on our city webpage, and 
we display it throughout the community. We also make sure it's 
in the hand of every fifth grader at all public and private 
schools. They're the ones who get their parents to take action.
    We've met with the Chamber of Commerce and Bellevue 
Downtown Association regarding specific concerns for small to 
medium-sized businesses who may not have the resources or 
inclination to engage in general disaster preparedness, let 
alone prepare for this specific threat.
    We've directly mailed a letter to all city B & O taxpayers 
and the chamber of commerce mailing list providing resources 
and information to prepare their businesses.
    We're encouraging neighborhoods to organize themselves 
according to the Strengthening Preparedness Among Neighbors 
program that recognizes that many times your best source of 
help in region-wide disasters is your neighbor.
    Emergency generator power is available at parks department 
community centers, which could be used as mass care shelters. 
Protocols are already in place to fuel our vehicles, top off 
our water tanks, utilize manual procedures where appropriate, 
and assign appropriate staff to work through critical time 
periods.
    Our emergency management organization has already conducted 
two tabletop exercises this year to identify any weakness in 
our contingency plans and improve our operational readiness.
    Bellevue, like many jurisdictions, will be activating our 
Emergency Operations Center on December 31st, and we will be 
appropriately staffed and ready to respond to any circumstance. 
Arrangements are already in place with other important 
partners, such as our ham radio operator group, churches, the 
Red Cross, service clubs, and city volunteers.
    A great deal of progress has been made. Many people are 
preparing themselves for the same harsh conditions that a 
winter storm would bring: cold weather, scattered power 
outages, difficulties with communications and transportation. A 
lot of work has been done to fix the technological problems. 
Still, we believe there is reason for concern.
    Triaged, or sorted, fixes for many organizations means that 
a lot of work remains undone, opportunists with malicious 
intent, just-in-time delivery of goods and services, and the 
ripple effect of inadequate fixes for basic problems.
    Although no organization, public or private, can 
realistically offer a guarantee that Y2K will have no effect on 
their service, we can offer the assurance that we're ready to 
meet any consequence of the date change.
    Bellevue is treating Y2K as an opportunity to practice 
consequence management. First, we're aggressively mitigating 
our own technological problems before they can occur. Second, 
we're strengthening the partnership we had already created with 
our community in disaster preparation. Third, we're preparing 
to deal with whatever consequence may come our way in the new 
year. In any event, at the end of this year, we'll be better 
prepared to have our community and governmental services ready 
for the next earthquake or real disaster.
    Bellevue, however, is only one part of the picture. There 
are countless agencies related to each other through the common 
use of products and services. The year 2000 will be, among 
other things, a great revelation of just how dependent we are 
on one another. It's also an extraordinary opportunity to 
strengthen our ability to count on one another. Thank you very 
much.
    [The prepared statement of Ms. Graff follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.397
    
    [GRAPHIC] [TIFF OMITTED] T0954.398
    
    [GRAPHIC] [TIFF OMITTED] T0954.399
    
    [GRAPHIC] [TIFF OMITTED] T0954.400
    
    [GRAPHIC] [TIFF OMITTED] T0954.401
    
    Mr. Horn. That's a fascinating presentation. This is the 
first time I've heard of fifth graders involved, and I think 
it's a terrific idea. And a number of cities are trying to use 
their billing method and everything else to get messages, but 
if you hit all the citizenry, that, too, is amazing.
    Now, what I'd like to ask is one or two questions, then I'm 
going to ask my colleagues to do it. And staff will go around 
and get your written questions, and we'll work those into the 
dialog. And then Mr. Willemssen will close out the dialog based 
on what he's heard this morning.
    So let me begin. And we'll start with Mr. Hedrick and all 
of you. I'd like to go down the line. You've been immersed in 
this for a number of years, each of you.
    I've said from the very beginning this is a management 
problem, not a technological problem. Sure, we use this or 
that, experts in computers and whatnot. But now that you've 
been through this, if you could do it over, what would you do 
that you didn't do? And you sort of might have stumbled into it 
like everybody else has stumbled into it.
    So what would you contribute to us, Mr. Hedrick, on what 
relates to you, that you wish you had done 2 or 3 years ago?
    Mr. Hedrick. Well, I agree with you that this, at the very 
beginning, was a technology issue and rapidly evolved into a 
management issue. And we've actually learned some very good 
lessons in State government about how to manage complex 
problems that we're adapting for some future use.
    For example, our group of deputy directors at State 
agencies has met twice a month to assess our progress on Y2K, 
and is now continuing to meet twice a month to map our progress 
on building more digital government and electronic commerce.
    If we had to change something, I think we would have looked 
at the problems of embedded systems earlier than we did. As I 
mentioned in my testimony, we've been looking at our IT systems 
for 6 years now, and those are complete, essentially. Our 
embedded systems, though we've found fewer problems than 
perhaps we expected, we had to address more rapidly than we 
probably should have.
    Mr. Horn. Mr. Burwell, any suggestions, now that you've 
gone through this exercise? What would you like to have done 
over, earlier?
    Mr. Burwell. Well, I think one of the things would be, 
again, the embedded systems. We didn't really understand the 
impact and how to test those.
    I think one of the things we found early on, we were 
treating it like just a technology problem, and clearly it 
wasn't. And I think we would get agency involvement from the 
business side involved earlier. When we started our process, we 
were really working technology with LAN administrators, et 
cetera, not the people that knew the business and what were 
really the essential services.
    I think early on, also, we would have shifted the emphasis 
from resolving and fixing PCs and desktop equipment. That was 
our easiest job. That was absolutely the most easy job. It was 
dealing with applications and vendors and that sort of thing. 
And so we would have addressed that sooner on in the project.
    And finally, we weren't prepared to deal with and archive 
and index the volumes and volumes of information that my office 
was getting from the agencies. And that can be a real benefit 
in getting that information from all of the agencies and it 
becoming the base for a business and a technology inventory.
    Mr. Horn. Mr. Chakoian.
    Mr. Chakoian. I certainly agree with what my colleagues 
have said. I guess I would answer the question a little bit 
differently in terms of what have we learned that we can now 
institutionalize? What are the lessons we have learned that can 
become part of our way of doing business?
    And certainly having a better understanding of the 
relationships between our applications and the business 
functions that they serve; keeping business people more closely 
involved in decisions about the computer systems; 
standardization has been a big boon for us; really learning how 
to do good testing, we need to make that part of our way of 
doing business; and contingency planning.
    I think we have made huge strides in having good 
contingency plans in place that will not only serve us for Y2K, 
but for any kind of problem or emergency that we face. So all 
of those things need to become part of our way of doing 
business.
    Mr. Horn. Ms. Graff, if you had to do a few things over, 
what would they be?
    Ms. Graff. One of the easiest things about preparing for 
Y2K was the fact that we already had an all-hazard emergency 
operations plan for the city in place. Therefore, what we did 
for this specific threat was simply take a close look at our 
planning assumptions to figure out what's different about this 
event than any other regional disaster, such as an earthquake.
    I think what we would have done differently, had we had the 
opportunity, was lobby for exactly the actions that Congress 
took, which actually led the way to more businesses and 
entities sharing information with each other, rather than under 
the incentive of watching out for a lawsuit, trying to keep 
themselves in business. And those are the kind of partnerships 
that prepare any type of region or single entity for a 
disaster. Hopefully, like Marty mentioned, we'll learn and 
carry into the future some of the benefits of how we prepared 
for Y2K.
    Mr. Horn. Let me now yield to my colleagues here, and start 
with Ms. Dunn, on any questions she might have of the panel.
    Ms. Dunn. Let me just ask Mr. Willemssen a question off the 
top, because you caught my attention, Mr. Willemssen, when you 
talked about the Social Security Administration and you said 
that there is some work, minimal work, that remains to make 
sure that the Social Security Administration is fully ready.
    Can you tell us what that work would be?
    Mr. Willemssen. I testified approximately 2\1/2\ weeks ago 
on Social Security, and the testimony touched on Y2K.
    Among the areas that SSA still had to work on is one of 
their mission-critical systems had not yet been certified as 
compliant. Second at that time, they had approximately six data 
exchanges with outside entities that had not been fully tested 
and certified.
    Third, SSA was using a quality assurance tool, after 
everything had been remediated and tested and implemented, as a 
double-check to see if there were any problems that could be 
identified with this independent quality assurance tool, and 
they did find some problems that they are now following up on.
    And finally, another key area was that SSA had still 
remaining testing of their key contingency plans that they had 
to do.
    So there were a number of remaining tasks, but I'm 
confident that they'll get them done, because one thing that 
has been very evident among the Federal agencies is that Social 
Security is the leader. They've been very responsive to us 
whenever we've raised issues, and they immediately take action 
to address those issues.
    Ms. Dunn. Thank you very much. That's good to know.
    Let me ask a question of Mr. Hedrick. We recently read that 
three States are now Y2K compliant. You say that 98 percent of 
our State computer systems are fully compliant. How long will 
it be until we become a member of that wonderful list of only 
three now?
    Mr. Hedrick. There are six State agency computer systems 
that have some testing remaining to do that will be completed 
over the next 6 weeks.
    We also, as part of the auditing and assessment process, 
have looked at the status of higher educational institutions in 
the State, and there are a couple of those that have systems 
that will be completed over the next 6 to 8 weeks, also.
    Ms. Dunn. Thank you very much. I wanted just to mention to 
Ms. Graff, because your city is part of my district, and I'm 
very proud to represent more than half of Bellevue, I liked 
your comment about Seattle being the restaurant community for 
Bellevue. That's pretty appropriate these days.
    In the work that you are doing on behalf of the city, have 
you run into problems of fear of liability from companies that 
you've been dealing with? Is this what you were saying to us 
earlier?
    Ms. Graff. Not as much fear of liability as generic apathy 
to get ready for any type of disaster. In other words, they're 
in about that third phase of denial, that this really won't be 
that bad.
    And we'd just as soon that they would treat it in such a 
way that this might not be that bad, but the earthquake will 
be. Get ready once and you're ready for everything.
    So I wouldn't say that there's too much of that negative 
kind of energy on the local level from the businesses that 
we've talked with or the Chamber or the Bellevue Downtown 
Association, but it's a matter of getting their interest level 
up to do something.
    Ms. Dunn. Good. Mr. Chakoian and Mr. Burwell, I wanted to 
just ask you, as you have been so involved in organizing this 
for King County and Seattle, what are you most fearful of? Is 
there some area that comes to the top of your mind if you were 
asked what are you worried about? What are you worried about 
maybe for your families or your community as we move toward 
Y2K?
    Mr. Burwell. That's a good question. And I get that 
question an awful lot from friends and family and colleagues. 
My biggest fear is really the public hype and what's going to 
happen if you see your neighbor buying extra loaves of bread or 
filling up every vehicle and going to the bank and that sort of 
thing, and that we have to deal with with education.
    But that's my fear, more than the technology or power 
outage or that sort of thing, is having to deal with citizens 
overdoing it and not being educated. That really, this is just 
like--treat it like a storm, a three to 5-day storm, not a 
Seattle storm of one flake of snow, but a Chicago storm where 
you might be without transportation for 3 or 4 days.
    But to me, it's what I'm calling the public hype that I'm 
worried about, that things might get exaggerated. We've heard 
rumors of possibly a couple of movies coming out the last 
quarter of this year, and what is that going to do to the 
public minds? So that's my concern.
    Mr. Chakoian. Other than the long-term economic factors, 
which I've already mentioned I'm concerned about, I think in 
the short term, I have to agree with Clif. We will be ready to 
operate as normal. It will be a normal time for us because 
we'll be prepared. And if the public behaves normally, then 
we'll all get through this fine.
    If everybody picks up the phone at the stroke of midnight 
and calls 911 to see if it works, it won't work because the 
lines will be jammed. But if everybody acts in a normal, 
responsible way, I think we'll be fine.
    Ms. Dunn. Thank you. So as one of the members of our 
audience, Mr. Lloyd Robbins, has said in a question that I 
would submit to be asked later, he has said that we must be 
able to provide the public with adequate assurance that any 
possible problems after January 1, 2000, will be minimal, and 
that this will be quickly corrected. Thank you.
    Mr. Horn. The gentleman from Washington, Mr. McDermott.
    Mr. McDermott. Thank you, Mr. Chairman. It's always 
heartening to hear that everything is perfect and it's going to 
work well. And I've been around long enough to always wonder if 
that's exactly true.
    Are there any systems at either the State or city or county 
level that you think are liable to fail in this period? 
Important systems, let me make that clear, because one of the 
systems you said you were still working on was the distribution 
of ball fields. And I'm not sure, on January 1st, how important 
whether or not you can get the lights on at the Queen Anne 
Community Center to play soccer is. So I'm talking about 
important systems.
    Mr. Chakoian. Well, the parks department considers that an 
important system. It is on their mission-critical list, and it 
will be ready by January. But other systems also will be ready. 
There is no system on our mission-critical list that I can 
think of that I'm particularly worried about.
    On the other hand, we'll have contingency plans in place in 
case any of our external interfaces don't work. So if there's a 
problem with any of our vendors or suppliers, we'll have work-
arounds for that.
    So I'm not saying today that everything will be perfect, 
but I am saying we'll be ready for whatever happens. And the 
mayor has given us the charge of ensuring that there is no 
disruption in basic service to the public, and we will honor 
that and we'll achieve it.
    Mr. McDermott. King County?
    Mr. Burwell. Well, I am worried. I'm confident, and I feel 
that we are ready, but I am worried because there are so many 
variables involved in this project, from the outside, from 
vendors, from power sources, from interfaces with other 
systems, our systems with the State of Washington, et cetera, 
and anything can cause a problem.
    But I'm confident in that we can fix the problems. We have 
contingencies. We have backups. We have test plans for the 
actual rollover weekend. And I've been in this business a long 
time, and we're good at solving problems quickly, if there are 
problems. And like Marty from the city, we don't expect 
problems. We think we're prepared. But there's probably going 
to be some problems, but we're prepared to fix them quickly.
    Mr. McDermott. The State?
    Mr. Hedrick. We've identified over 400 mission-critical 
systems. Every single one of them is going to be fixed and 
tested. But we live in a very interdependent environment where 
it is impossible to test every conceivable interface with other 
data, for example, from the Federal Government, but we will 
ensure that we meet the government's goals of no interruptions 
in service or loss of accountability.
    But we've established very detailed contingency plans. As 
other panelists have mentioned, this has been a great 
opportunity to do contingency planning that we should have been 
doing in any case and have been doing in any case, but have 
improved a number of those contingency plans that will be 
useful in the case of any disruptions.
    Mr. McDermott. One of the things that troubles me about 
this whole business is you all mention vendors, the interface 
between government and the vendors. And what's a little bit 
troublesome to me was Congress passing a bill giving blanket 
freedom from liability to vendors. And because that takes the 
pressure off, it seems to me, to get up and get running, 
exactly what was suggested by Ms. Graff, that some people say, 
``Well, it's not going to be much of a problem. No problem, 
we'll fix it by and by.''
    I wonder to the extent of what vendor areas do you see as 
the most difficult ones where you interface with the vendors 
from the outside? What are the most difficult ones?
    Mr. Chakoian. I guess I'll take a crack at that. We've 
identified 396 key vendors and suppliers that the city of 
Seattle depends on, and we're contacting those one by one and 
going through with them, trying to ascertain what is their year 
2000 program, how are they doing, what level of confidence do 
we have of them.
    And so far, those discussions are going very well. Most of 
the companies that we deal with are larger companies that have 
the resources, and so on, to do the same kinds of things that 
we're doing.
    What does concern me is not that somebody won't be in 
business the first couple of weeks in January, but that 
overall, the worldwide connectivity of suppliers and products 
that these vendors depend on in the long term could have an 
impact.
    So I don't expect to see anything in January or February 
where a company that we depend on can't do business with us. 
I'm concerned about, over the first 6 months, seeing some of 
our key business partners perhaps have some difficulties based 
on their international dependencies.
    Mr. Burwell. Without getting specific on a specific vendor, 
vendors and ourselves are reluctant to use the word 
``compliant.'' We've been advised by our prosecuting attorney 
not to use that word; ``We're Y2K-ready,'' or, ``We will be 
Y2K-ready,'' again, because there are so many variables.
    And so that's kind of how we answer questions about our 
state of readiness, that we're trying to avoid the word 
``compliant.''
    But I've found with some vendors, one in particular that I 
would rather not mention, that is so reluctant that they won't 
give us a status, and we have to go to sources like the web and 
those kind of things to get information, but is one pretty 
critical vendor who we believe is ready but will not give us 
any statement of readiness.
    Mr. McDermott. Is that a liability question, a legal 
question? They don't want to set themselves up having said, 
``I'm compliant,'' and then it turns out that----
    Mr. Burwell. I think it is. I think it is. And just 
recently I got a phone call, and it was a recorded message from 
a vendor, and it went on for minutes, what they will and what 
they won't do, and if you do this and if you don't do this, and 
blah, blah, blah, our product is not ready.
    And it was a very disappointing statement to me that a 
vendor would announce their readiness, or lack of it, via a 
recorded phone message.
    That's just kind of two examples of what I've faced, but 
there's a reluctance by many to say ``we're compliant'' because 
of the variables and outside influences on their ability to be 
compliant. So they're reluctant to communicate that.
    Mr. McDermott. At the State level?
    Mr. Hedrick. We have tested every vendor-related 
information technology issue. But State government is dependent 
upon a wide variety of vendors, from the buildings that we 
lease--and we've asked for Y2K assurances on all of those--to, 
for example, foster care and health care that State government 
contracts for.
    We do not have the capacity, for example, to independently 
audit every single one of the Y2K statuses of all health care 
providers in this State which we regulate and, in many cases, 
are vendors because we pay bills.
    Our Department of Health has sent letters to every single 
health care provider that we regulate and demanded assurances 
that they're dealing with the Y2K problem, and let them know 
that they're going to be responsible for carrying out their 
responsibilities come the beginning of the year, and demanding 
a response back.
    And one of the interesting things that we've done is, last 
week, we released on the World Wide Web and to the press the 
names of every hospital, for example, in the State that sent us 
back the letter, and every one that didn't. And that got their 
attention pretty quickly once that was released.
    So again, it goes back to our fundamental belief that we 
need to provide the public with as much information as 
possible, and that people will make good decisions based upon 
that good information. But we live in a world of uncertainties.
    Mr. McDermott. I didn't mean to exclude Bellevue. Have you 
had problems with vendors?
    Ms. Graff. We're pretty much in the same boat as Seattle 
is, that it's very difficult to get a clear compliancy 
statement from absolutely all of our vendors. A lot of us are 
in this form-letter chain system right now where they send us a 
form letter, we send one back, we send a more complicated one, 
they send a more complicated form letter back.
    I think that one of our biggest concerns, quite frankly, 
are the testing procedures that still need to be done 
throughout the remainder of the year. I think we're all aware 
of the fact that unless you have the folks from the vendors or 
the manufacturers available to help in the testing procedures 
for equipment that has microprocessors or microchips, you may 
well invalidate the warranty associated with that equipment.
    And I think that more and more people who are just now 
getting to the testing phase, and if their schedule is perfect 
and nothing interrupts them and there's enough technicians to 
go around, they'll say, ``Yes, we will be done by such and such 
a day later this year,'' whether or not there's actually enough 
folks to go around to do that. So I still have a little caution 
about the testing procedures.
    Mr. McDermott. Thank you, Mr. Chairman. I think it's an 
issue that we need to look at carefully in terms of what kind 
of liability exclusion we give people.
    Mr. Horn. Let me just ask a brief question, just because it 
comes up in different cities and counties and States. In the 
case of State prisons and in the case of county jails, those 
systems, in terms of releasing people, we've found in a couple 
of cases that they had real problems with that regard. And I'm 
just curious what the jail and prison situation is?
    Mr. Hedrick. All of our correctional institutions are fully 
compliant.
    Mr. Horn. So you won't be letting people out that shouldn't 
be out?
    Mr. Hedrick. The default is to close the doors, not to open 
them.
    Mr. Horn. How about King County?
    Mr. Burwell. I heard the default was to open the doors.
    But in King County, our adult detention facilities, 
including the Regional Justice Center in Kent, are all Y2K 
compliant. And we have very strong contingency plans for 
recovering if there are any problems. But they've all been 
tested and are Y2K-ready.
    Mr. Horn. I want to get in the audience questions very 
rapidly. So one of them here is: would the Y2K problem affect 
the stock market?
    The answer is: they're OK. Back in our first hearing in 
1996, they were working on this. They have done extensive 
testing in terms of the stock exchanges, and there's no problem 
there. There's no problem with the clearinghouse. There's no 
problem with the banks. I talked to Chairman Greenspan 4 years 
ago on this, and he delegated it to Mr. Kelley, one of the 
governors, and the banks are in great shape, basically. So we 
don't have to worry about that one.
    And then: what's the status of the Health Care Financing 
Administration? And my colleagues have an interest in that 
because that relates to Medicare and Medicaid.
    And we do have a problem with some of the fiscal 
intermediaries, and we will be holding another hearing on that. 
But they have a very able administrator, and I think she's 
going to be on top of it. But it is a major problem without a 
question there.
    Mr. Willemssen, do you want to add something to that?
    Mr. Willemssen. Just to concur with your statement. The 
Health Care Financing Administration and Medicare remain one of 
the highest-risk Federal agencies. HCFA is busily working at 
Y2K, and also busily working at the contingency plans in the 
event that there are disruptions.
    Mr. Horn. Now, here's a question for Mr. Burwell, that 
organizations such as the city of Seattle have been working 
since 1993 to 1996, and have reached 80 to 88 percent 
compliance, says this individual in the audience. How can they 
fix the remaining 12 to 20 percent in 90 days, at least by the 
end of September?
    Mr. Burwell. I guess that was addressed to me, even though 
they were mentioning the city.
    For King County, we're at about 88 percent right now of our 
mission-critical systems. Where we're waiting is basically for 
vendor systems that are replacing noncompliant systems. Those 
systems are installed and being tested. So we really don't feel 
there's a problem with reaching that.
    Mr. Horn. But that was the question the person had. You've 
said 88 percent, and they were wondering how you get the 
remainder, and would you be able to do it in a timely way, 
either in the city or the county?
    Mr. Burwell. And we would, because it's just a matter of 
installation.
    Mr. Chakoian. It's the same with the city of Seattle. It's 
not like we're now starting on those remaining 20 percent of 
the systems. In fact, much like King County, we've already 
purchased the software. It's been installed. It just hasn't 
been put into production yet.
    Mr. Horn. Does either the county or the city have a 
hospital that's a public hospital?
    Mr. Burwell. Yes. We support, at least in part, Harborview.
    Mr. Horn. Now, the emergency rooms have been one that we've 
had a lot of testimony on. And when we were in Cleveland with 
the Cleveland Clinic, which is one of the top hospital 
facilities in America, they talked about the World Wide Web 
system that all hospitals can access in terms of manufacturer, 
manufacturer's model, date of this equipment, and so forth. So 
they don't have to reinvent the wheel, nationwide. The 
information is there from the contractor and manufacturer, as 
well as the hospitals.
    So I just wondered if you were making use of that?
    Mr. Burwell. I'm not personally--the University of 
Washington is overseeing the medical programs there and at 
Harborview. And I apologize. The only thing I can respond to is 
that I've heard them say at our stakeholder meetings that they 
are Y2K-ready.
    Mr. Hedrick. Those are actually state-funded institutions. 
The University of Washington Medical Center, as part of our 
assessment process, have gone through our outside auditing 
process and they are ready. They had some problems early on, 
but they've resolved those.
    Mr. Horn. Here's a question, and Mr. Willemssen, I'll let 
you answer that one. Please define ``Y2K-ready'' and ``Y2K 
compliant.'' Are they the same?
    Mr. Willemssen. No two people will give you the same answer 
on that. I think it was touched on, I believe, by Mr. Burwell a 
little bit earlier, about, that generally speaking, the term 
``Y2K-ready'' is held in a bit lower level of stature, and 
``Y2K compliance'' is considered a more difficult standard to 
achieve.
    But in order to really understand those terms, you've got 
to get to the actual definitions and exactly what the vendor, 
in this case, is referring to by that particular term.
    Mr. Horn. Here is one really for all. Are there score cards 
or report cards for other municipalities and internationally? 
Are there these cards?
    The answer is no. It's simply been our subcommittee's view 
that, working with the General Accounting Office, we could 
translate all the gobbledygook of the quarterly reports and 
sort of give a view to the Nation, because we're all familiar 
with grading.
    And this is not a pass/fail thing. We actually have worked 
out between the ``Fs'' and the ``Ds'', and the administration 
as a whole has gone through ``Ds'', ``C-minuses'', ``C-
pluses''. They're now at ``B-minus''. We're confident they'll 
get to the ``A'' in a bit.
    And the State Department, which was mentioned a little 
while ago, the State Department is particularly interesting. 
We've given them ``Fs'' consistently for several years. And 
then finally, they moved from ``F'' to ``A minus''. And one of 
the computer newspapers said to one of the supervisors there, 
``How did that happen?'' And the supervisor said, ``I guess my 
boss just got tired of having them give me `Fs.' '' And so it's 
the last-minute student that's very bright and works all night 
and finally gets it.
    So the State Department has been in that situation. And, of 
course, the problem there is a lot of interconnections. Not as 
many as we think abroad, because they are pretty much self-
contained in a lot of their computer systems.
    But we have a major problem in terms of developing nations. 
And the World Bank, I had asked 3 years ago for the Secretary 
General of the U.N. to put an international conference 
together. They finally did a year ago, and 120 nations showed 
up. And Mr. Koskinen and I both went up for that one, and it 
was really an excellent dialog.
    And just recently, the U.N. again held a meeting, and as I 
remember, 173 nations showed up. The World Bank picked up the 
tab for a lot of this. So it's a last-minute bit, but we have 
real problems in some of the developing nations in this regard. 
And a lot of that relates to our trade, to businesses. And if 
businesses in certain countries can't connect--especially with 
your great port here--with their subsidiaries in the United 
States or in Europe, we have problems. And so that's still an 
open matter.
    Then one question was: how do we safeguard ourselves 
against opportunistic groups that want to take advantage of Y2K 
failures?
    That's a very good question. There will be a lot of nuts 
that come out of the woodwork, and they'll want to scare you 
out of the whole building, and you need to not bite. And this 
was said very well by Ms. Graff. You look at it as just a 
regular emergency. In the case of California, I think about 
earthquakes, think about fires, think about floods. We have all 
of them. And so do you in many ways.
    And we just have to systematically be prudent and say, 
``Keep a little bit of food around.'' When I tell my Mormon 
friends, ``Gee, we ought to have at least a couple weeks or 
couple months,'' they say, ``Look, we've been doing a couple of 
years forever. So don't worry about us.''
    But that said, just be prudent and get a battery supply and 
all the rest of it. So I wouldn't worry on that if we, as was 
said, use common sense. And that's important.
    And then Mr. Willemssen; could computers that read 2000 as 
1900 cause problems? How severe?
    That's the problem. I don't know what else we can say to 
it.
    Mr. Willemssen. That's the subject of today's hearing.
    Mr. Horn. Exactly.
    In your written statement, they said to Mr. Willemssen, 
that the Federal Office of Management and Budget established 
target dates for agencies to complete business continuity and 
contingency plans. Has OMB implemented your suggestions? Why or 
why not?
    Mr. Willemssen. They have not implemented our suggestion of 
establishing specific dates on when the business continuity 
plans need to be tested, which we recommended those plans be 
tested no later than September 30th.
    It's one thing to have a plan on a piece of paper and put 
on a shelf, but you have to test the plan to make sure that 
it's actually going to work should some of these risks realize 
themselves.
    We're not aware, as of right now, that OMBL, established 
that date. We know they are putting a lot of emphasis in the 
area of contingency plans, but essentially leaving it up to the 
agencies to determine when they're going to test.
    Mr. Horn. I might add that with OMB, when Dr. Raines was 
director--that's one or two directors ago--he did a first-rate 
job in taking over on an attempt at the reporting. And the key 
there is what some of you mentioned. We've had outside 
verification.
    Well, in the case of the executive branch, we asked the 
inspectors general, which have been created by Congress in all 
the major agencies, to be that verifier, because when we ask 
the agencies to produce what are their mission-critical 
systems, that's strictly an agency determination, and it's the 
right way to go at it because they should know what is most 
important for them. And I suspect the State looked at it the 
same way.
    Ms. Dunn says Dr. Raines is from Seattle. Obviously, a good 
person, right? He's now with Fannie Mae. You can tell he's a 
bright person and got out of the executive branch. That's not 
said about any administration. It's just that you can't beat 
being at Fannie Mae, and he went there.
    The letter of Mr. Robbins and Mr. Bevan of JHB Consulting 
wanted us to ask this question: who did the independent 
verification and validation on your systems? And I guess we 
just go right down the line.
    And Mr. Hedrick, who did it in the case of the State?
    Mr. Hedrick. Well, as I mentioned before, we have a two-
level system of assessment and auditing. There are a number of 
different computer consultants that have done assessments at 
different State agencies and higher educational institutions. A 
company called Sterling & Associates did the overall risk 
assessment and this rating.
    Mr. Horn. Let me state the rest of the question: if you did 
your own internal remediation and testing, why didn't you have 
your software systems validated and verified by an independent, 
outside organization?
    So that's the whole question.
    Mr. Burwell.
    Mr. Burwell. And that's a very valid point. And we did do 
that with an outside consultant, and I hired outside 
contractors to conduct that IV&V.
    Mr. Horn. Mr. Chakoian.
    Mr. Chakoian. Yes, we've worked with Data Dimensions to do 
our assessment, and they're continuing to work with us to do 
this ongoing audit of our systems and processes.
    Mr. Horn. Ms. Graff.
    Ms. Graff. The city of Bellevue used Coda Consulting, Inc.
    Mr. Horn. Well, as they say here, ``We hope that your 
hearings will be able to provide the public with adequate 
assurances that any possible problems after January 1st, 2000 
will be minimal and quickly remedied.''
    And we thank you all. We're going to have to move to the 
next two panels, but we really appreciate the dialog here.
    Mr. Willemssen, do you have any point in particular before 
they get up? I'm sorry I didn't call on you sooner, but I 
wanted to get those questions in.
    Mr. Willemssen. Just one quick point that was mentioned 
earlier about concern of public overreaction. In my experience, 
the best way to counter that is by providing, transparently, 
data on readiness that has been independently verified.
    I think you've heard from the witnesses on this panel that 
they are doing that or plan to do that. And again, our 
experience shows that's the best way to counter public 
overreaction.
    Mr. Horn. I think you've got it absolutely. Put all the 
cards on the table.
    Thank you, each of you, for coming. A very helpful dialog 
and very helpful statements. Thanks for coming.
    We now will call forward the second panel. And members of 
the second panel are Mr. O'Rourke, chief information officer, 
Bonneville Power Administration; Jerry Walls, the project 
manager for embedded systems, Y2K, at Puget Sound Energy; James 
Ritch, deputy superintendent, finance and administration, 
Seattle City Light; Marilyn Hoggarth, manager, Washington State 
public affairs, General Telephone; Dave Hilmoe, division 
director, water quality and supply, Seattle Public Utilities; 
and Brad Cummings, Y2K program manager, University of 
Washington Academic Medical Center.
    Ladies and gentlemen, if you'd stand and take the oath. And 
anybody who is going to talk behind you stand, too. So I think 
we've got eleven covered.
    [Witnesses sworn.]
    Mr. Horn. The clerk will note all the witnesses and their 
supporters and assistants behind them have taken the oath.
    So we will begin, Mr. O'Rourke, with you. And I enjoyed 
seeing the Bonneville Dam recently. And you are the chief 
information officer of the Bonneville Power Administration, so 
we look forward to hearing you.
    Mr. O'Rourke. Thank you, Mr. Chairman.
    Mr. Horn. And again, we're talking about summarizing the 
statement. Don't read it. We've got it. That's automatically in 
the record right now.
    Mr. O'Rourke. I understand.

    STATEMENTS OF JOE O'ROURKE, CHIEF INFORMATION OFFICER, 
BONNEVILLE POWER ADMINISTRATION; JERRY WALLS, PROJECT MANAGER, 
   EMBEDDED SYSTEMS, PUGET SOUND ENERGY; JAMES RITCH, DEPUTY 
SUPERINTENDENT, FINANCE AND ADMINISTRATION, SEATTLE CITY LIGHT; 
  MARILYN HOGGARTH, WASHINGTON STATE PUBLIC AFFAIRS MANAGER, 
 GENERAL TELEPHONE CO.; DAVE HILMOE, DIVISION DIRECTOR, WATER 
    QUALITY AND SUPPLY, SEATTLE PUBLIC UTILITIES; AND BRAD 
    CUMMINGS, Y2K PROGRAM MANAGER, UNIVERSITY OF WASHINGTON 
                    ACADEMIC MEDICAL CENTERS

    Mr. O'Rourke. Thank you, Mr. Chairman, distinguished 
members of the House subcommittee. In the role of chief 
information officer, I am responsible to the administrator for 
BPA's Y2K readiness. We appreciate the opportunity to appear 
today, and I appreciate your continued support for this 
important issue.
    Let me get right to the bottom line. Bonneville is 
confident that our system will operate safely and reliably on 
New Year's Day, 2000. We are Y2K-ready, and we're confident the 
lights will stay on.
    I don't say that lightly. BPA has taken Y2K very seriously. 
We're keenly aware of the importance of the power system to the 
safety and welfare of the Pacific Northwest. We have a long 
history of exemplary customer service of providing safe, low 
cost, reliable electricity, and we don't intend allowing Y2K to 
affect that.
    I'd briefly like to talk today about three major reasons 
why we are so confident BPA will meet the Y2K challenge. First, 
we've had a methodical program in place since 1995. Second, we 
have worked closely with our business partners to coordinate 
Y2K preparations. And third, we're not resting on our laurels. 
We continue to monitor our systems and redefine and refine our 
contingency plans right up to and beyond January 1st, 2000.
    BPA is a Federal power marketing agency. We sell about 40 
percent of the electrical power and about 75 percent of the 
transmission service in Oregon, Washington, Idaho and western 
Montana.
    We do not own or operate generating facilities. The 
wholesale power we sell is generated by 29 Federal dams on the 
Columbia and Snake Rivers that are owned and operated by the 
Army Corps of Engineers and the Department of Interior's Bureau 
of Reclamation, and one nuclear plant owned and operated by 
Energy Northwest.
    We saw early that Y2K was critical. We started an inventory 
of our systems in 1995, and eventually we inventoried over 700 
systems, hardware, software and embedded systems and chips.
    We made testing mandatory for mission-critical and mission-
essential systems and equipment. Where needed, we remediated, 
then we retested. Then we subjected the program process and 
test results to an independent review and verification of 
findings.
    Our Y2K-ready systems are on line now, operating the 
transmission system. We've already passed two critical Y2K 
dates, December 31st, 1998, and April 9, 1999. By the time 
January 1, 2000 rolls around, we will have dealt with a third 
critical date, September 9, 1999.
    Secretary Richardson has called our BPA program an example 
of just plain hard work. And certainly working with the 
Department of Energy CIO office and their Y2K management team 
has helped us achieve BPA's objective and the Department's 
objective: as of March 31st, 1999, BPA is Y2K-ready.
    In our efforts, we've worked closely with our generation 
partners and Federal dams, the nuclear plant and the Western 
Systems Coordinating Council, or WSCC, and with our utility 
customers.
    The Corps of Engineers and Bureau of Reclamation both 
announced they were Y2K-ready March 31, 1999. Energy Northwest 
announced its Y2K readiness June 30, 1999.
    The 107 power systems in the WSCC plan to operate their 
transmission grids interconnected over the New Year's weekend. 
The WSCC grid is designed to operate more reliably when 
interconnected. If load and generation is lost, the generators 
in the WSCC can help each other stabilize their system. WSCC's 
Y2K task force is planning operations for critical Y2K dates, 
and conducting Y2K drills and training.
    Since our customers' transmission and distribution systems 
interconnect with ours, they can impact our reliability. We 
have inventoried the places where our transmission grid 
interconnects with theirs and collaborated on Y2K readiness, 
and, as well, we have emergency communications systems set up 
with all of our wholesale customers.
    Finding, testing and remediating, while important, is only 
one piece of our program. Contingency planning and clean 
management is where we're focusing our program at this time. No 
one can predict the future on January 1, 2000, or even 
tomorrow. That's why we do contingency planning, because there 
are no guarantees.
    BPA has, for years, been bringing the system back on line 
quickly, seamlessly, following winter storms and lightning 
strikes, often when end users don't even know it.
    The foundation of BPA's Y2K contingency plan is to operate 
our system so that we have more cushion over the New Year's 
weekend. BPA's hydro system actually provides more cushion than 
a system that uses mostly thermal plants. Hydro power can be 
brought on and off line quickly in response to changes.
    Our partners at the Federal dams will also be prepared to 
operate on manual controls. So dispatchers, and BPA's system as 
well, predates automation. Thereby, our substations can be 
operated manually.
    We've got the components in place. BPA is ready. Our Y2K-
ready systems are up and running. Our generation partners are 
Y2K-ready, and we continue to be vigilant. That's why I can say 
that we're confident that BPA's power system will continue to 
operate safely and reliably at all key Y2K dates.
    Mr. Chairman, that concludes my testimony, and we'll 
certainly be happy to respond to any questions or 
recommendations from the panel on our Y2K readiness program.
    [The prepared statement of Mr. O'Rourke follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.402
    
    [GRAPHIC] [TIFF OMITTED] T0954.403
    
    [GRAPHIC] [TIFF OMITTED] T0954.404
    
    [GRAPHIC] [TIFF OMITTED] T0954.405
    
    [GRAPHIC] [TIFF OMITTED] T0954.406
    
    [GRAPHIC] [TIFF OMITTED] T0954.407
    
    [GRAPHIC] [TIFF OMITTED] T0954.408
    
    [GRAPHIC] [TIFF OMITTED] T0954.409
    
    [GRAPHIC] [TIFF OMITTED] T0954.410
    
    Mr. Horn. That's very helpful information. And we'll wait 
until we're all done, and then we'll have the dialog and 
questions.
    Jerry Walls is the project manager for embedded systems on 
the Y2K project for Puget Sound Energy. Mr. Walls.
    Mr. Walls. Good morning, Mr. Chairman, members of the 
committee. I want to thank you for inviting Puget Sound Energy 
here today to discuss our Y2K efforts.
    Based in Bellevue, WA, Puget Sound Energy is an investor-
owned utility that has served the Puget Sound region for about 
100 years. We have approximately 550,000 natural gas customers 
and 900,000 electric customers.
    We began working on Y2K issues approximately 3 years ago. 
On June 30th of this year, we filed a report with the North 
American Electric Reliability Council stating that we believe 
all of our mission-critical systems are Y2K-ready. This 
conclusion results from both our own internal seven-step 
approach to Y2K readiness, but also as well as working with our 
service providers to ensure that they are also Y2K-ready. In 
addition to our electricity operations, our gas operations also 
were Y2K-ready by our June 30th deadline. And we believe that 
on December 31st, 1999, that we will be conducting business as 
usual in both our electric and gas operation.
    Puget Sound Energy conducted a very extensive program to 
identify and check every component and system. If they found a 
problem, that problem was remediated and fixed.
    As part of that assessment and remediation, we did an 
extensive amount of testing to ensure that our systems were 
Y2K-ready. This included, in many of our systems, what we would 
call an integrated end-to-end test of all of the integrated 
systems. This is both internal and external to our company.
    Our objective, overall, was to learn that our gas 
operations, our electric generation, transmission and 
distribution, and telecommunication systems were all Y2K-ready.
    Through this $14 million process that we've been going 
through for the past 3 years, we physically surveyed more than 
1,500 sites in 11 counties in the State of Washington. And 
through that process, we evaluated more than 25,000 separate 
items for date sensitivity that could have caused Y2K problems.
    However, interestingly enough, throughout this process, our 
Y2K team did not find a single item that we felt would have 
caused a severe disruption of either our gas or electric 
systems.
    However, working with those systems that either control or 
monitor our energy systems or telecommunications, we did find 
Y2K issues, and these would have hampered our operations and 
caused us to use manual backup systems that we've used in past 
times. But again, by June 30th, all the problems I just 
mentioned were Y2K-ready and they've been tested.
    In addition to those items I discussed, in our field areas, 
in the sites we visited, we replaced more than 500 separate 
devices that were not Y2K-ready. And probably close to two 
dozen separate computer systems were remediated, to some 
extent, for those systems that monitor or control our energy 
systems or our telecommunications systems. Again, in total, of 
all of the items that we looked at, less than 2 percent of 
these required remediation.
    Beyond the assessment and remediation of our own embedded 
systems, another important part of our work was contact with 
our critical service providers of energy and other critical 
services such as telecommunications. They have reported to us 
that they are Y2K-ready, and we have confidence in what they 
tell us.
    While we are pleased with our own Y2K initiative, it's 
important to have backup plans in place. And as we reported to 
NERC on June 30th, we cannot make absolute guarantees, of 
course, because Y2K is very complex. However, we have, as part 
of our readiness effort, a comprehensive contingency plan. 
Contingency planning is not new to Puget Sound Energy. We have 
had emergency plans in place for the 33 years that I've worked 
at this company, and before.
    Our comprehensive plan defines what we would think as 
unlikely Y2K scenarios that could occur on any part of our 
system. And part of the plan also includes detailed procedures 
and plans, how we would address any misadventure that could 
occur during the Y2K period.
    The plan includes staffing plans. We have more than 250 
people onsite throughout our company, in mission-critical areas 
in our company, as well as, well before the rollover period, 
we'll have our Emergency Operations Center open, as we do 
during any company emergency.
    Our contingency planning has also included participation in 
the nationwide NERC drill on April 9th, which was a 
telecommunication drill. And we will also participate in the 
NERC drill on September 8th and 9th. We will be participating 
in that.
    Also, we have internal drills that we will conduct from now 
throughout the year, as we do every year when we prepare for 
wintertime.
    And with that, Mr. Chairman, that concludes my remarks.
    [The prepared statement of Mr. Walls follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.411
    
    [GRAPHIC] [TIFF OMITTED] T0954.412
    
    [GRAPHIC] [TIFF OMITTED] T0954.413
    
    Mr. Horn. Thank you very much.
    Mr. Ritch. Mr. Ritch is the deputy superintendent, finance 
and administration branch for Seattle City Light.
    Mr. Ritch. Thank you, Mr. Chairman and honorable members. 
Thank you for inviting Seattle City Light to testify regarding 
our utility's year 2000 readiness. I'm especially pleased to be 
here, since it's another opportunity to let our customers know 
that we are highly confident that our power will not be 
interrupted by the transition into the year 2000.
    In the way of background, Seattle City Light serves over 
350,000 customers. In a typical year, we supply approximately 
75 percent of our load from our own hydroelectric plants in the 
northwest. Seattle City Light is the seventh largest 
municipally owned utility. We are very proud that Seattle City 
Light offers the lowest cost, most reliable electricity in 
urban America. It is our mission to give our customers safe, 
economical, reliable electric service. We take this mission 
very seriously.
    We have taken the Y2K rollover challenge very seriously as 
well. Seattle City Light has been working to solve our Y2K 
problems since 1995. In February, Seattle City Light created a 
central Y2K project office to facilitate Y2K legal review, 
maintain project records, and coordinate the assessment and 
remediation testing and contingency planning for critical 
business functions.
    In order to keep track of what's critical, we broke our 
business into essentially eight critical functions, half of 
which involved the generation and delivery of power, the other 
half involved things like billing, payroll, paying vendors, 
getting materials, et cetera.
    On the business application side, we have most of our work 
force devoted to field operations. These are the people that 
make sure that the electricity is generated, transmitted, 
distributed to our customers.
    To keep things running smoothly, we use many computers to 
keep track of materials, schedule field crews, even enter time 
sheets. Every day, over 100 different field crews head out for 
work. When we went through our systems, we found that many of 
these business applications could not successfully process the 
year 2000 date.
    We also need to provide accurate billing and account 
information services to our customers. Our computer systems 
generate over 10,000 bills and process over $1 million worth of 
receipts every day. Early on, we determined that many of these 
systems also could not get you from 1999 to 2000. These are 
just two examples of how software works in basically the back 
office of Seattle City Light.
    I'm pleased to report that we have now completely 
remediated all 16 of our mission-critical business 
applications. We're now stepping through the city of Seattle's 
Y2K certification process for these critical systems. And it's 
important to remember that these systems do not affect our 
ability to deliver power to our end customers.
    On the operations side--and the BPA mentioned how important 
this is--the system is very interconnected. Seattle City Light 
has been working with the Western States Coordinating Council 
and North American Electric Reliability Council in coordinating 
our Y2K efforts.
    In early May, the U.S. Department of Energy asked NERC to 
assume leadership in preparing electrical utilities for the 
transition to the year 2000. That was in 1998. June 30th was 
the date for utilities to have remediation and testing 
completed for mission-critical systems. And these systems are 
things like relays, et cetera, that make sure that electricity 
is delivered.
    Only about 5 percent of our electric system's equipment 
contain embedded systems. For example, of the 5,000 protected 
relays that are used in our system, only 80 contain embedded 
systems. The vast majority of our field equipment is made up of 
electro-mechanical devices that pose no Y2K failure risk.
    Since a lot of the work is, and I think the embedded 
systems, at least for us, is one of the more difficult ones, we 
also hired a consulting firm, TAVA/Beck, to go through some of 
the inventorying that we did to make sure that we captured all 
of the potential areas of exposure in the embedded systems 
side. This would include systems at our powerhouses, 
substations, communications facilities, and our system control 
center. Based on their work, we are very confident that we have 
found and remediated those systems that had embedded chip 
issues.
    As of June 30th, all mission-critical generation, 
transmission and distribution equipment used in the production 
and delivery of power has been tested, remediated and declared 
ready for operation in the year 2000 and beyond. In the earlier 
panel, you talked a little bit about supplier readiness. We did 
contact over 400 of our vendors, and we got responses back from 
90 percent. About half of them said they were Y2K compliant. 
Another 25 percent said they would be by the end of the year. 
And the other 25 percent are still trying to figure out how to 
respond to us. So I think that we are experiencing similar 
issues.
    Just one thing about contingency planning. The nature of 
the electricity business is that you have to be ready for any 
kind of emergency, whether it's lightning storms, earthquakes 
or fires, or what have you. We have well-established procedures 
in place to make sure that the power, if it goes out, comes 
back on as soon as possible.
    Over the rollover period, we will have staff at our 
powerhouses and system control centers and elsewhere to make 
sure that things flow as smoothly as possible.
    I guess, finally, we have had our program checked over by 
an independent quality assurance consultant. We have had very 
successful results in that, and that reinforces our confidence 
that Seattle City Light's power will not be interrupted by the 
transition to the next millennium. Thank you very much.
    [The prepared statement of Mr. Ritch follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.414
    
    [GRAPHIC] [TIFF OMITTED] T0954.415
    
    [GRAPHIC] [TIFF OMITTED] T0954.416
    
    [GRAPHIC] [TIFF OMITTED] T0954.417
    
    [GRAPHIC] [TIFF OMITTED] T0954.418
    
    [GRAPHIC] [TIFF OMITTED] T0954.419
    
    [GRAPHIC] [TIFF OMITTED] T0954.420
    
    Mr. Horn. Thank you.
    The gentleman from Washington, Mr. McDermott.
    Mr. McDermott. I just want to ask this question, because 
everybody uses this term, an ``embedded system,'' as opposed to 
what? What's the alternative to an embedded system?
    Mr. Ritch. I guess it would be one that could be attached 
to the side. No.
    The term is something that at least I kind of attribute to 
my technology people, and it's a chip that's embedded, if you 
will, into a device that you wouldn't think of as data 
processing.
    So I think one of the first examples were elevators and 
building control equipment. They have chips, clocks, if you 
will, that regulate when things go on and off, and they get 
called embedded because the device is embedded in the rest of 
the equipment.
    Mr. McDermott. As opposed to a computer system sitting at 
somebody's desk that doesn't have a piece of software in it? Is 
it software versus chip?
    Mr. Ritch. You guys want to take a crack at this one?
    Mr. O'Rourke. An embedded chip is a device, at BPA, for 
example, that is embedded in our transmission system and sends 
signals back to our control center that indicate to us the 
health of that transmission line.
    Mr. McDermott. Those are the problems? The embedded ones? 
You don't see them, you don't have access to them, they're just 
out there. Like in my car, where there's embedded systems all 
through the car.
    Mr. O'Rourke. They certainly are installed by design in our 
transmission system. And again, that's what gives us control 
information of the frequency the transmission system is 
operated at, the quantity of power that's currently being 
transmitted over the transmission system.
    And for additional information, this is Brian Furumasu, our 
technical expert at Bonneville. I'm sure he can answer the 
question much more eloquently.
    Mr. Furumasu. Yes, Representative McDermott. I'll give you 
an example. We use relays to protect our transmission lines. 
Prior to microprocessors, they were electromechanical devices, 
so they had no computers at all. Coils, and it was a mechanical 
device.
    So more recently, within the last 10 years, we've had 
microprocessors now that perform all of those same functions. 
And those relays are called embedded systems.
    Mr. McDermott. Thank you. Thank you, Mr. Chairman.
    Mr. Horn. You're quite welcome. It's a good question. And 
the Pentagon has millions of them, and that's why they're a 
little delayed. And as was noted, you have it in your car, you 
have it in your traffic lights, in most cases you have it in 
your microwave stove that does your sandwich, and so forth. So 
they're around, and they are difficult to deal with.
    We now have Ms. Hoggarth. Marilyn Hoggarth is the manager 
of the Washington State public affairs for the General 
Telephone Co.
    Ms. Hoggarth. Thank you. Well, we, as the other 
organizations, have already tested our systems for Y2K 
compliance as of June 30th, and our entire network is ready to 
go.
    We take the opportunity in what we call the maintenance 
window--after midnight and before 6 a.m.--to repair and test 
our systems, anyway. And during that timeframe, we've been able 
to make sure that everything is Y2K compliant.
    Regarding our vendors, if a vendor was not able to come up 
to the bar by the time we needed to be pretested, they simply 
were not our vendors anymore. We either were able to perform a 
work-around, have the vendor upgrade the system, or we changed 
to something else.
    A good example of this, although a small and I wouldn't say 
critical one, but one that's probably easy to visualize, is in 
Blaine, Washington, an area that we acquired in the ConTel 
merger several years ago, we had a message manager system, 
which is a voice-messaging system, that simply was not fixable. 
That was replaced with the GTE voice mail system. So those 
kinds of decisions were made down the line on all scales of the 
switching network.
    We, too, will be participating in basically a dry run, 
shall we say, on September 9th of this year, fully staffing our 
Emergency Operations Center. That will also be fully staffed on 
December 31st and into January 1st of next year.
    Our Y2K efforts will not end with January 1st. We'll 
continue operating that office for several weeks after that, 
and we'll just have to see how it goes. We're confident that 
the system will work correctly.
    Our biggest challenge is to continue to communicate to the 
public the difference or the demarcation between the public 
switch network and telephone terminal equipment that sits on 
someone's desk or in their home.
    Any telephone that has date and time sensitivity could be 
susceptible to Y2K problems. We have set up 800 number hot 
lines, websites, those types of things, lots of ways for 
customers to contact us regarding their specific situation. In 
the case of our major accounts, and this includes the 911 
centers that we serve, those will receive individual attention 
from account managers.
    On a broader basis, we're, of course, doing press releases, 
issuing public information, doing bill inserts--it's 
questionable how many people read their bill inserts, but we 
try; it's one way to get ahold of everyone--to let them know 
that they have responsibility for the telephone equipment 
that's sitting in their home and business.
    Now, some customers are savvy to the fact that there is a 
difference between the public switch network and many are not. 
They still think of the telephone system as being one 
contiguous, end-to-end system, not understanding the whole 
concept of deregulation there.
    The public switched network, being our responsibility, is 
ready. We do tell people to check with whoever the vendor is 
for their telephone equipment, and that may not be GTE in many 
cases. So there is the potential there for a breakdown of the 
system. If someone has an older PBX, for instance, one of the 
big switchboards, that type of thing, that we don't maintain, 
we don't have responsibility for that specifically, and we have 
been communicating to our customers that they then must check 
with their vendor for that piece of equipment.
    As far as compliance on an international basis, GTE had a 
role in the Year 2000 Forum in late 1998. We cosponsored the 
first major Y2K international government and business meeting 
in London. It was called the Global Year 2000 Summit.
    And in connection with the Summit, GTE also hosted a half-
day working session dedicated to interoperability testing for 
other participants. That's for telecommunications networks and 
systems that will work into the year 2000.
    Being an international company, we, of course, have 
concerns about how everyone will interoperate with 
telecommunication systems and other companies. I can't speak 
for their preparedness.
    We feel, domestically, that the telephone networks are in 
good shape, that there should not be a problem there. We 
certainly expect to have commercial power, but in the instance 
of not having commercial power, just as we would in any storm 
situation, we have backup generators in all of our switching 
offices that have a fuel supply that can keep them going for 
several days, and, as you'd mentioned before, treat this like 
it's a bad storm scenario. That is the preparation we're making 
on that level.
    As the manager of our emergency operation center pointed 
out as he was preparing to staff the center for New Year's Eve, 
we will have the opportunity to watch the news from across the 
world and the Nation. And being on the West Coast, should there 
be anything serious happening on the East Coast, we at least 
have a few hours to do something about it. Not that we 
anticipate having to do that, but that is perhaps the luck of 
the draw for us out here on the West Coast.
    We feel we've anticipated everything, but should there be a 
gremlin out there that we have not anticipated, we're able to 
watch what happens to the East Coast first.
    [The prepared statement of Ms. Hoggarth follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.421
    
    [GRAPHIC] [TIFF OMITTED] T0954.422
    
    [GRAPHIC] [TIFF OMITTED] T0954.423
    
    [GRAPHIC] [TIFF OMITTED] T0954.424
    
    [GRAPHIC] [TIFF OMITTED] T0954.425
    
    Mr. Horn. Thank you very much.
    And next is Dave Hilmoe, the division director of a very 
important resource that we all need. Maybe we can do without 
electricity for a while, but you can't do without water. And 
he's in the Water Quality Supply Division of the Seattle Public 
Utilities. Mr. Hilmoe.
    Mr. Hilmoe. Thank you, Mr. Chairman. Marty Chakoian, who 
was on the previous panel, is actually originally the Seattle 
Public Utilities Y2K director. He was doing such a good job for 
us in Y2K preparedness that he was asked to lead the city 
effort. We hope he's going to come back to us here in another 
year or so. He's covered a lot of the technology issues and 
city-wide issues, and so I've got a bit more of an operational 
focus.
    I'm pleased to be here today to tell this committee and our 
customers that all of our core services--water supply, 
drainage, wastewater conveyance and solid waste removal--will 
be ready for the next millennium.
    SPU began work on Y2K in 1996. Our Information Technology 
Division initiated organizational awareness, inventory, 
assessment and remediation projects. We realize Y2K could have 
been a serious business continuity issue, but through hard work 
and intense investigation, we can now say that Y2K is little 
direct threat to our ability to deliver core services that are 
essential to our customers.
    SPU serves 1.3 million customers, about half directly in 
the city of Seattle and half through wholesale districts.
    Geography and simple technology are the reasons why SPU has 
low inherent risk from Y2K disruptions. The Seattle water 
system, although large, is a very simple, redundant, and 
primarily gravity-fed system. Our main water supplies come from 
the western slopes of the Cascade Mountains. On average, over 
80 percent of the water we supply reaches our direct service 
customers without any pumping.
    We have minimal use of Y2K-vulnerable technology. Our water 
system monitoring and control consists of mostly older 
technology, with a heavy reliance on human decisionmaking.
    That said, let me give you a few specific examples of what 
we've done to get ready. We upgraded our current water supply 
monitoring and control system to a Y2K-compliant version 
earlier this year. We reviewed all of our supply and treatment-
related embedded systems, and replaced those that were not 
compliant. And we remediated all critical business 
applications.
    We needed to hire an outside contractor to complete and 
test the one water Y2K-related project that we could not 
complete on time and with our own staff. We are contacting all 
of our critical suppliers to reduce risk of service disruption. 
For example, an adequate stock of disinfection chemicals is 
going to be on hand, so we have no concerns about 
transportation or production disruptions.
    Our experience with multiple-day power outages at our main 
treatment plants during the 1993 inaugural day storm, and our 
experience with other emergencies have supported the creation 
of detailed, Y2K-specific contingency plans. And the keys to 
those plans are reliable backup communications, trained staff 
that are either on duty or on standby during the Y2K boundary 
period, and the availability of backup equipment.
    We are purchasing additional equipment to remove dependency 
on electricity for water service areas that cannot be gravity 
fed. We have very high confidence in City Light and Puget 
Power. This is part of our plan.
    Our water supply contingency plans have been tested and 
refined with two tabletop exercises, and those plans will be 
integrated now with an additional department-wide testing 
exercise in September, and a city-wide contingency plan test in 
October.
    The story for drainage and wastewater is similar. Our 
system is relatively simple. Runoff and sewage primarily flows 
by gravity from customers to intake points on King County 
Metro's trunk sewer line and the treatment plant. Where gravity 
doesn't do the work, we use lift stations.
    Critical stations already have backup power. The monitoring 
system for the 72 lift stations was determined to have a Y2K 
issue, and is being replaced with a new central system.
    Solid waste services have been reviewed for issues related 
to heavy equipment, contracts for collection and long-haul 
trucking. Scale house software systems have been upgraded. 
Readiness of the industrial trash compactors has been assured, 
and landfill management systems have been addressed. Again, 
prior experience and existing emergency operations plans have 
supported development of specific Y2K contingency plans.
    We have provided our customers with information on Y2K 
readiness directly in bill inserts, a webpage, and 
presentations to community groups--those are going to 
accelerate here toward the end of the year--and indirectly via 
reporting to the city of Seattle, State of Washington, and 
utility associations. And we've been responding to local media 
requests also in a full and timely fashion.
    In short, Seattle Public Utilities is ready for Y2K. We 
have made our very best efforts to ensure that quality drinking 
water will continue to flow, and drainage, sewer and solid 
waste services will all continue to work as usual.
    Thank you, again, for the opportunity to testify.
    [The prepared statement of Mr. Hilmoe follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.426
    
    [GRAPHIC] [TIFF OMITTED] T0954.427
    
    [GRAPHIC] [TIFF OMITTED] T0954.428
    
    [GRAPHIC] [TIFF OMITTED] T0954.429
    
    Mr. Horn. Well, thank you. Water is key.
    Brad Cummings, Y2K program manager with the University of 
Washington Academic Medical Centers. Mr. Cummings.
    Mr. Cummings. Chairman Horn, thank you for this opportunity 
to give you the latest information on our year 2000 preparation 
activities. Again, I'm Brad Cummings. I represent the 
University of Washington Academic Medical Centers, which 
includes the University of Washington Medical Center and 
Harborview Medical Center.
    I'm also accompanied today by Tom Martin, who is the 
Medical Centers' Director of Information Systems and Chief 
Information Officer, and Chris Martin, who is Harborview's 
Administrative Director for Emergency Services.
    The objective of the Medical Centers' year 2000 effort is 
to continue to provide vital services to our patients 
throughout the Y2K rollover period. As two of the largest 
hospitals in the Puget Sound area, we recognize the vital role 
we play in the lives of area citizens, and we have committed 
significant resources to reduce our exposure to the risk and 
disruption due to year 2000 issues.
    We recognize Y2K as not purely a technical problem, but 
also a risk mitigation and business issue, with an approach to 
match.
    As referenced earlier, our efforts have been regularly 
monitored by the State of Washington risk assessment review 
process, which have helped us to further improve our Y2K 
procedures.
    I've been in this role for 2 years. I am pleased to report 
on the progress and share information about our overall 
preparedness.
    At this point, 90 percent of our computer systems are now 
determined to be Y2K compliant, and 100 percent of all systems 
with the highest priority are Y2K compliant. The remaining 
computer systems work consists of lower priority items, and we 
expect to complete that work by September 30th.
    Our clinical engineering directors are in the process of 
completing a major and successful effort to inventory and 
assess the over 6,000 medical devices on hand at each medical 
center. Currently, less than 1 percent of those devices are not 
yet classified as Y2K compliant, and we are upgrading or 
replacing those devices as soon as they become available from 
their respective vendors.
    Any device that is still not considered Y2K compliant by 
December will be removed from service at the hospital and 
alternative procedures will be followed.
    Our hospital facilities' systems are all determined to be 
Y2K compliant at this point. Those include heating, 
ventilation, air conditioning, security systems, fire alarm 
systems, and the system to deliver water, steam, and medical 
gases to where they are needed.
    As hospitals, we are also required for our accreditation 
and licensing to be capable of functioning independently of 
electrical utility power. So in the unlikely event that power 
is disrupted, we will have emergency power generators and we 
will continue to be able to operate vital services at each 
hospital.
    We have recently completed tests at both hospitals in which 
the regular utility power was shut off. Emergency generator 
power successfully took over within seconds, allowing the staff 
to provide vital services and to experience just how the 
hospital would function under such circumstances.
    The Y2K contingency planning we have done has also proved 
worthwhile in assessing our preparation for other potential 
emergencies, such as an earthquake.
    Although we feel confident in our overall preparedness for 
Y2K, the reality is that nobody knows for certain what exactly 
will take place on New Year's Eve, and, as is everyone, we are 
somewhat dependent on events outside of our direct control.
    So we have taken a significant contingency planning effort, 
using our existing emergency preparedness procedures as the 
foundation. This includes not only identifying work-arounds in 
the event that systems or devices are not operating correctly, 
but we are arranging to have increased staffing on hand over 
the Y2K rollover period.
    Our intent is to have both hospitals' Administrative 
Command Centers operational on New Year's Eve, and to also 
closely coordinate with the State and county Emergency 
Operation Centers to monitor and assess the Y2K situation as it 
develops.
    We are emphasizing to all medical center employees the 
important relationship between their preparedness at home and 
their ability to report to work and help maintain full 
operation of our hospitals.
    We are also confident in the area of regional collaboration 
toward Y2K, particularly among hospitals. Traditionally, 
regional hospitals have worked together in time of emergency to 
share needed supplies, take patients if necessary, and perform 
other steps as required to ensure the continuation of patient 
care. We have been working closely with the Washington State 
Hospital Association on Y2K as part of their existing emergency 
preparation activities. The year 2000 issue lends itself well 
to collaboration among hospitals, and we see that as another 
risk mitigation step available to us as necessary.
    Finally, it is important to remember that health care 
services can be provided in a low-tech environment if 
absolutely necessary. The service may not be as efficient as 
far as the utilization of hospital staff, and it may complicate 
billing and collection of payment, but health care is still 
ultimately provided by skilled professionals who are trained to 
provide that care even in the absence of high-tech equipment.
    The concept of triage is also fundamental, and the medical 
centers are staffed with professionals who are trained and 
prepared to allocate potentially scarce hospital resources to 
the patients who are most in need. In the event that Y2K events 
disrupt the hospitals, patients will be triaged appropriately 
to provide the best overall allocation of service the medical 
centers can provide.
    In conclusion, I continue to be impressed with the degree 
of commitment shown by all levels of the medical centers' 
personnel, supported by the highest level of administration, 
for addressing the Y2K issue head-on. And I believe that the 
University of Washington Academic Medical Center is providing 
leadership in this area.
    If citizens need to be in the hospital over the New Year's 
period, they can feel fully confident that Harborview and UW 
Medical Center will, as always, be able to serve whatever vital 
needs they have. That concludes our remarks.
    Mr. Horn. Well, thank you very much, Mr. Cummings.
    Let's start with the question I asked the last panel on the 
management side. If you had to do it over, what have you 
learned from the management side and when would you have done 
something else?
    Mr. Cummings. I think that the earlier you start Y2K, the 
better. However, it's important to keep focused on Y2K. I think 
the contingency planning effort has been vital in this step, 
looking at how we would operate things if they're not 
available. And that's been extremely valuable.
    I don't think that I would change significantly what we've 
done as a result of going through this the first time, but I 
think that, overall, our approach has been good.
    Mr. Horn. Mr. Hilmoe.
    Mr. Hilmoe. Marty Chakoian covered some of that on the last 
panel. I'd say that starting contingency planning a little bit 
earlier would have been of some benefit to us for Y2K. We've 
got an active plan right now, which allowed us to refine that 
not only for Y2K, but also for other emergencies that we may 
see here in the Northwest.
    Mr. Horn. Ms. Hoggarth.
    Ms. Hoggarth. I would say, from preparation of the network 
perspective, there wouldn't be anything that we would do 
differently.
    However, you can never have too much public information. As 
I mentioned before, there will, of course, be people who 
overreact to the whole Y2K concept, or some that simply choose 
not to read the information that we've sent them.
    Of course, we're prepared for those contingencies, but that 
would be the one thing that I would suppose you could do more 
of, but at some point you're at the point of no return.
    Mr. Horn. Mr. Ritch.
    Mr. Ritch. I think that we would try to get ownership of 
the problem from the operations people a little bit sooner to 
get at these embedded systems. It's easy to see where the PCs 
are. It's a little bit harder to see where some of these other 
chips might be. So that's one thing.
    The other thing, I think, would be to think of this more as 
an opportunity to talk to your customers and come up with a 
little better communication strategy for public information.
    Mr. Horn. Mr. Walls, anything you'd do differently?
    Mr. Walls. I don't think we would. We started off using a 
consulting firm that had been through this once or twice 
before. Along the way, we continued to talk with other 
utilities up and down the west coast on what worked for them 
and what didn't.
    However, it did seem like it would have been nice to inject 
somewhat more time in the process. Even though we think we 
started in time, it's an enormous project. And I don't think we 
would change much, if anything.
    Mr. Horn. Mr. O'Rourke.
    Mr. O'Rourke. I'd echo my colleagues. I don't think we 
would change our program significantly, but given Bonneville 
Power Administration's public responsibility, I think we 
probably could have executed a public information campaign much 
earlier to give the status of what we have accomplished and get 
the facts out in the public arena.
    Mr. Horn. Since Bonneville is statewide, I'd like to know 
from each of you the degree, if you have any, of rural 
customers as opposed to urban. And is there a special problem 
there in terms of reaching the needs of rural customers as 
opposed to simply urban, narrow-density, high-density living 
and this kind of thing?
    What about it, Mr. O'Rourke.
    Mr. O'Rourke. Our wholesale customers are comprised of 
metropolitan areas, rural co-ops. And what we have found is, in 
the rural environments of the Pacific Northwest, there's far 
less technology that would compromise distribution of 
electricity.
    Mr. Horn. Mr. Walls? Any rural customers to worry about? Is 
there a difference in readiness between the rural and the urban 
customer?
    Mr. Walls. Not at all. The process we use in downtown 
Bellevue is the same process used in rural Yelm. Same seven-
step process of checking every device to ensure that it's 
ready. There was no difference in the way that we looked at our 
customers.
    Mr. Horn. Mr. Ritch.
    Mr. Ritch. All of our customers are in the greater Seattle 
area.
    Mr. Horn. Ms. Hoggarth.
    Ms. Hoggarth. We do have a large number of rural customers. 
However, our network has been 100 percent digital since 
September of last year, so there's no difference for the rural 
customer and the urban one.
    Mr. Horn. Mr. Hilmoe.
    Mr. Hilmoe. We service 26 wholesale districts, primarily in 
the urban area. Some of them are a bit more rural, some of them 
are relatively small, and we've got active communication with 
all of those customers just to make sure that any 
interdependencies are covered.
    Mr. Horn. Mr. Cummings.
    Mr. Cummings. Although our patients come from a multistate 
area, all of our services are provided here in the greater 
Seattle area.
    Mr. Horn. Let me ask my colleague from the State of 
Washington, Mr. McDermott, if he has some questions.
    Mr. McDermott. Just one sort of personal question after 
listening to all of this. You say, Ms. Hoggarth, that what sits 
on my table at home is mine, that you have no responsibility 
for it. So that means that that AT&T answering machine that I 
bought 10 years ago is compliant or not compliant? What's going 
to happen to me?
    Ms. Hoggarth. Well, you need to check with your vendor. And 
that is our big message. And we do have a GTE Phone Mart at 
Alderwood.
    Mr. McDermott. But if it simply says to me that on January 
2, 1900, Charlie Johnson called me and left the following 
message, I'm going to get the message, or I'm not going to get 
the message, or will the phone ring?
    Ms. Hoggarth. Well, that depends. The different types of 
equipment that are out there are so varied that that is why 
we're taking the position that you do need to check with 
whoever provided that to you. If it's an AT&T system, then 
they, I assume, have an 800 number, as we do. We've also 
provided some 800 numbers, fax numbers, websites here, where 
you can contact us with specific questions about your equipment 
that we will try to answer from our Y2K office in Dallas. If it 
is, though, something that was provided directly from AT&T, for 
instance, we would refer you back to them.
    Time and date sensitivity, it's so varied from one 
telephone to the next. If you're simply looking at the basic 
phone with no caller ID, no date of any kind on it, nothing 
like that, you don't have to worry. But if you're looking at 
something that has the built-in features, like the caller ID 
phones and answering machine, those kinds of things, there is 
cause for concern, but I couldn't answer for the other vendors.
    Mr. McDermott. So what you're really saying is that 
everybody should open their bill and read everything in there, 
including how much they had to pay this month?
    Ms. Hoggarth. At least for the rest of the year.
    Mr. McDermott. At least for the rest of the year. OK. Thank 
you. Thank you, Mr. Chairman.
    Mr. Horn. Here's an interesting one. And I ask all of you 
this, because it's been a major worry, nationally. Have you 
tested compliant systems with noncompliant systems? And if so, 
will the old data corrupt the year 2000 remediated data? What 
degree has that test gone on?
    Mr. Cummings. In some sense, it doesn't make sense to test 
compliant systems with noncompliant systems. The assumption is 
they're going to be compliant.
    The answer is: it is possible to have corrupt data from 
noncompliant systems interface with compliant systems and cause 
problems. What you're doing is looking to isolate yourself from 
the noncompliant data.
    Again, nobody is completely independent. We all interface 
with different people. That's why it's so important to stay in 
contact with all of your interface partners to make sure that 
the data that you are getting is going to be compliant.
    Mr. Horn. How about it, Mr. Hilmoe.
    Mr. Hilmoe. You're asking a civil engineer here, so I need 
to get our technology person up here to answer that one.
    Mr. Horn. As a verification or testing system, did you try 
noncompliant data? Because that's what we've been told from day 
one in 1996 when we got into this, is that even if we 
remediated the code, and that with people abroad, especially in 
developing nations, that that might pollute our work. And I 
don't know.
    If you've got somebody, great. Let them identify themselves 
and title of their job.
    Mr. Deane. My name is Thatcher Deane. I'm the Y2K 
coordinator for Seattle Public Utilities.
    Mr. Horn. Just so we've got the name straight--we've got a 
reporter here that's going to have to translate all this--so 
spell it out for me.
    Mr. Deane. It's Thatcher, T-H-A-T-C-H-E-R, last name is 
Deane, D-E-A-N-E.
    Mr. Horn. Very good.
    Mr. Deane. And I would actually answer the question this 
way and say that Y2K is not a computer virus. We're not talking 
about infection of a compliant system by a noncompliant system. 
We're talking about the interfaces. And yes, we are looking at 
all of our interfaces related to our systems.
    Mr. Horn. That's very helpful. Ms. Hoggarth.
    Ms. Hoggarth. I'll call on Dennis Smith, one of our local 
managers.
    Mr. Horn. Mr. Dennis Smith. And what is your title with 
GTE?
    Mr. Smith. I'm the area manager for network operations.
    As far as testing compliant and noncompliant systems, I 
would agree with the gentleman on the end there that we really 
don't--it is kind of a non-issue, testing compliant with 
noncompliant.
    Mr. Horn. Well, will noncompliant data lead to difficulties 
with those codes that you've already remediated? Does that 
cause you to go backward or what?
    Mr. Smith. I suppose that--and I can't accurately answer 
that question.
    Mr. Horn. In other words, you haven't tried to add corrupt 
data that hasn't been remediated into your system that has 
been?
    Mr. Smith. We would try to isolate one from the other.
    Mr. Horn. OK. Well, that's wonderful if you can know it, 
but a lot of people are going to connect somehow that don't 
know it. So I just wondered what type of defenses do you put up 
in a system like that?
    Mr. Smith. I just don't know that I can accurately answer 
that question.
    Ms. Hoggarth. I would say from our perspective that once 
someone tries to hit the public switch network, say, with a 
telephone that's not compliant, the phone itself isn't going to 
work, so they're never going to get access going back inbound 
into the switching network.
    As far as our old data on customer records, those types of 
things, those have all been updated to new systems over the 
last 4 years. So on an outbound calling basis--we're on a 
network provisioning basis--we don't have the corrupted data in 
the network. So to that degree, we're isolated from it.
    Mr. Horn. Thank you. Mr. Ritch.
    Mr. Ritch. I guess I don't think that I can add much to 
what Thatcher Deane said about going through all of our 
interfaces, hand systems, and how they talk to each other to 
make sure that all of those things are compliant. And in our 
case, we could make a decision to leave something noncompliant, 
but that would mean, at least in my view, that we'd stop using 
it and we would take that system and toss it. So I don't think 
it's much of an issue, either.
    Mr. Horn. Mr. Walls.
    Mr. Walls. During our remediation, for example, on our 
energy management systems, those systems that manage our 
transmission and generation system, anything that that connects 
to, any system that that's integrated with they would test as 
an overall system.
    Literally, Congressman, there are hundreds of tests one 
will do on each one of these systems to ensure. And like the 
others, I've looked at the tests, but I don't recall us 
transporting corrupted data into those systems, because 
everything we integrate with is compliant or Y2K-ready at this 
time.
    Mr. Horn. Mr. O'Rourke.
    Mr. O'Rourke. Congressman, a key component of our Y2K 
program was to migrate all of the information that was 
maintained in our older systems to Y2K-ready systems. So again, 
to echo some of my colleagues here, it became a nonissue.
    Mr. Horn. Mr. Walls, a person in the audience has a 
question for you, and it says: did you check the embedded chips 
in each device, or did you just check one of the devices and 
assume the others with some model number, et cetera, were OK, 
or did you just ask the vendor?
    Mr. Walls. We did a number of things. Obviously, in a power 
system where we have 800,000 electric customers with their 
electronic meters, we did not test all 800,000 meters.
    What we did in all areas, whether they're protective 
relays, metering devices, fault recorders, whatever that device 
might be, we took a representative example of those devices and 
then conducted the test.
    In some situations, we isolated whole sections of our 
transmission or generation system and tested a community of 
devices in an integrated test. So we did not test every device, 
but we tested enough in each one of the releases and revisions 
to ensure that we were confident we were Y2K-ready.
    Mr. Horn. Mr. Cummings, this is directed to you by a member 
of the audience, and it's an interesting problem that we face 
nationwide, and that's prescription drugs. Many are imported. 
What is being done to stockpile imported medications if our 
foreign suppliers cannot provide them because of their own Y2K 
problems? An example is Denmark, which provides one-half of the 
insulin used by diabetics in the United States.
    Mr. Cummings. That's a very good question. We are looking 
at all of our supplies, including pharmaceuticals, really on an 
item-by-item basis, to identify the risk associated with each 
one, and looking at it on a vendor-by-vendor basis as well.
    As I mentioned before, traditionally, hospitals have been 
very collaborative as far as sharing scarce supplies. We are in 
close contact with the pharmaceutical community, with the 
vendors and with manufacturers, and we are relying on the 
information they're providing us.
    The reality is that there is definitely some risk, 
especially as we get outside of the United States. I think I 
would agree with some of the earlier comments that the United 
States is better prepared than any other country. Again, we're 
looking at that as, what are alternatives to different drugs. 
And that's a challenging question.
    Mr. Horn. Thank you. Mr. Willemssen, do you have any sum-up 
based on this panel? Give the gentleman a live microphone. It's 
taped with cement to the carpet.
    Mr. Willemssen. One comment. On the question that was 
raised about data exchanges, and one system being compliant and 
one system not, let me throw out a different scenario.
    Two systems are compliant, according to the organizations. 
One was compliant due to expanding the date field. The other 
one was compliant due to a windowing technique that was used. 
Even though each of those organizations view their systems as 
compliant, when the data exchange occurs, if it hasn't been 
adequately tested and addressed for those differing data 
streams, it won't work properly, and there is the risk of 
corrupted data.
    So going beyond the example that was posed in the question, 
we even have a problem where one organization says it's 
compliant and another one does, but unless they've tested that 
data exchange, you don't know from one end to the other whether 
it will work as intended.
    Mr. Horn. Thank you. That's very helpful.
    Well, we're going to move on now. We thank each of you. And 
we're going to have panel 3: Willie Aikens, the director of 
companywide process and strategy, the Boeing Co.; Don Jones, 
director of year 2000 readiness at Microsoft; Joan Enticknap, 
executive vice president, Seafirst Bank, a Bank of America 
company; William Jordan, deputy superintendent of public 
instruction, State of Washington; Rich Bergeon, consultant, 
NueVue International, Audit 2000.
    If you and your staff that might make a written or oral 
statement would stand up and raise your right hands. And we 
have three staff members and five witnesses.
    [Witnesses sworn.]
    Mr. Horn. The clerk will note all of them affirmed.
    And we'll start with Mr. Aikens, the director of 
companywide process and strategy for the Boeing Co.

STATEMENTS OF WILLIE AIKENS, DIRECTOR, COMPANYWIDE PROCESS AND 
  STRATEGY, THE BOEING CO.; DON JONES, DIRECTOR OF YEAR 2000 
  READINESS, MICROSOFT CORP.; JOAN ENTICKNAP, EXECUTIVE VICE 
PRESIDENT, SEAFIRST BANK; WILLIAM JORDAN, DEPUTY SUPERINTENDENT 
 OF PUBLIC INSTRUCTION, STATE OF WASHINGTON; AND RICH BERGEON, 
       CONSULTANT, NUEVUE INTERNATIONAL, LLC, AUDIT 2000

    Mr. Aikens. Mr. Chairman, the Boeing Co. is excited that 
you are holding this conference. We are very, very pleased to 
share the status of where the Boeing Co. is, and to provide any 
information to the public that would make this challenge less.
    As you'll notice to your right, the Boeing Co. is not an 
island. This is a world challenge. We have customers in 145 
countries, and we operate in 27 States in this country. So my 
challenge is very easy: all I have to do is keep those 27 
States ready for Y2K. And I relish this challenge.
    Now, we started, at the Boeing Co., in 1993. We recognized 
this problem early. Our CEO, Phil Condit, and his staff, were 
involved.
    We report to our board every 2 months. And this has been 
going on for the last 2\1/2\ years. My boss, the CIO, the chief 
information officer, is responsible for this whole challenge. 
And I look at this on a daily basis with all of our operating 
groups.
    Now, this is not a new problem, and this is not a separate 
problem. This is a sustaining, day-to-day situation, and you 
don't need a brand-new organization to conquer this challenge. 
And as you will see in some of my charts, this is the way we 
treated it.
    Each operating group must conquer this challenge. It's not 
something where you can put up a Taj Mahal and say, ``All 
right, you will pull the strings.'' I just happen to be the 
program manager, with some program managers in each of our 
operating groups.
    This is the situation. In 1998, we remediated all of our 
systems. And in 1999--this is what we're all about--they were 
ready in 1998, and the 1999 challenge was to put them back in 
production. That's what the problem is here. 98 percent of 
those are back in production, and the 2 percent are not 
material; they're being replaced before September 30th.
    Now, the key is that we have done, from a business 
standpoint, scenario testing; i.e., in the Boeing Co., we need 
to follow the money. So we start with our customers, and we 
reversed the sequence on processes and systems. And we'll be 
talking that on my presentation. We're not counting critical 
computing systems. They are only tools in our process.
    And once you look at the scenario testing with the partners 
and suppliers, then you'll know if you need to have a critical 
system with a contingency plan. Every system doesn't need a 
contingency plan. The critical system that might break does.
    As you can see, we've followed the normal process of 
looking at everything, finding it, fixing it, putting it back 
into production. When you talk Y2K, if you look at the 
applications, well, we have many applications. They are all 
back in production. But you don't just concentrate--I need a 
dial tone--on computers, but I also have to look at things that 
are outside of my control, and those are the suppliers.
    And more importantly--and I won't go through all of these--
here is the embedded we've been talking about. These are the 
product embedded. They're not all equal, but in order to do the 
Y2K challenge, you need to look at all of these activities, 
with desktops being the lowest priority. We can always do 
those. But those are the things that are in my company.
    So it boils down to contingency planning. And we talk 
contingency planning not as an item, but you're looking at 
rollover and what happens after we cover it.
    We profusely took GAO's information and we made sure that 
we used that guideline. Now we're into making sure that the 
other people are doing what they should do at our sites.
    And as outreach, we've been working at this for the last 4 
years. We've been to London, New York, Washington. We've had 
every meeting with the FAA, and we've had the industries, and 
also we put the biggest armada of customers, 330, in Seattle.
    Now, I could give you more, but you've only given me 5 
minutes. For the last 20 seconds, Mr. Chairman and 
Congresswoman Dunn and counsel, I'd like to take you on a 20-
second ride with our chairman, Alan Mulally, who sat in our 737 
and looked at whether or not we were ready.
    We set the clock back to 11:30 on December 31st. And I'd 
like for you to put on your safety belts, and let's roll.
    [Videotape is played.]
    Mr. Aikens. There are no safety-of-flight issues with our 
airplane. And I invite you to look at our website, because John 
Koskinen asked us to put up a website so the small to medium-
sized businesses could profit. And if you look at our website, 
that's exactly what we have done.
    [The prepared statement of Mr. Aikens follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.430
    
    [GRAPHIC] [TIFF OMITTED] T0954.431
    
    [GRAPHIC] [TIFF OMITTED] T0954.432
    
    Mr. Horn. That's very helpful. I agree with the Minister of 
China, that when Mr. Shuster, chairman of our Transportation 
Committee on which I serve, went over there, and he said, ``No 
Boeing, no going.''
    Now, why some of their cousins are getting an Airbus, I'm 
wound up on that subject this week. So we'll see what happens.
    Anyhow, let us go on now to Mr. Jones, who is the director 
of the year 2000 readiness at Microsoft. Glad to have you here.
    Mr. Jones. Mr. Chairman, on behalf of Microsoft, Bill 
Gates, and Steve Ballmer, thank you for inviting us to testify. 
In addition, we'd like to thank you for your passage and 
support of the Information Readiness and Disclosure Act, as 
well as the recently passed Y2K Act.
    My remarks today center around four key areas. The first is 
Y2K and the personal computer, followed by Microsoft's efforts 
in three areas, internal readiness, product readiness, and 
customer readiness.
    As the year 2000 relates to the personal computer, there is 
some good news. The PC was always designed to support four-
digit dates. There is no two-digit date usage within the PC in 
Microsoft software.
    There's been a lot of discussion today about compliance 
definitions. What we've determined is the compliance 
definitions globally have many different meanings, and they 
vary within the United States, even by agency. This makes it 
very hard for an organization to declare compliance. We've 
applied a set of compliance criteria to our products, and I'll 
discuss that later. What we're seeing as far as customers and 
government and where they're at now with the year 2000 
programs: most have moved on from requesting product 
information from Microsoft to really focusing on contingency 
planning with Microsoft as a vendor. We'll be there for them 
should they have any issues come January 1, 2000.
    We've seen inadequate work to date in contingency planning, 
both within the government sector as well as in small and 
medium businesses, and finally enterprises.
    One concern that we do have is some economic data that's 
beginning to become apparent, and that's that about three-
tenths of 1 percent of the GDP will move into 1999 from the 
year 2000. That means companies are going to stockpile at least 
a percentage of their raw materials preparing for the year 
2000. This could cause a downturn in earnings across corporate 
America in the first quarter of the calendar year 2000.
    Microsoft's year 2000 program has three facets: customer 
preparedness, product readiness, and internal preparedness.
    On the customer preparedness front, there was discussion 
earlier today about quelling the masses as it relates to 
hysteria with respect to Y2K. We've launched a consumer 
campaign which will contact 60 million users of Microsoft 
products across the globe. According to the Postal Service, 
this could be the largest mailing, ever, beyond tax forms.
    We've developed a program which encompasses what the year 
2000 challenge is and made it very simple for our end users, 
our customers, essentially being hardware, software and data. 
With respect to hardware, contact your PC manufacturer; with 
software, we've got a great website, as do the other software 
manufacturers; and finally, data, and that's converting your 
two-digit date data to four-digit date data.
    Of note in the customer preparedness area, all Microsoft 
information, resources and tools are free as it relates to the 
year 2000, as is our customer support or dial-in lines. To 
quantify that for the committee, we expect to ship 
approximately 18 million resource CDs globally, which equates 
to about the same number of CDs we shipped of Windows '95.
    Our internal effort consists of about 300 or so people in 
development, and about 3,000 overall in supporting our 
customers. On the product preparedness front, we've tested 
3,200 products to date. Of those, 98 percent are compliant. Of 
note, the panel members who presented to you earlier today have 
all been testing Microsoft products as well. We feel this is 
the largest industry testing effort, ever. And to date, we've 
had exactly one customer-reported bug as it relates to 
Microsoft products.
    On our website utilization, we have three: a consumer 
website designed for the average home user or small business; 
an IT pro website designed for enterprise customers and large 
businesses; and finally, a developer website, designed for 
people using Microsoft development tools to build applications.
    We've experienced approximately 10 million unique users to 
these three websites in the last year. We've delivered 45 
million page views of information.
    Of note, we're seeing dramatic increases in the last three 
months of small businesses and consumers returning to us for 
information resources. That increase has been on the order of 
about 107 percent per month, month over month, for the last 
three months. We think this is excellent news, and it goes to 
demonstrate the great work being done by the SDA and the 
industry in rallying consumer awareness for the year 2000.
    As it relates to internal preparedness, our definition of 
being prepared internally is: no impact on operations. We have 
the ability to develop and distribute patches and resolve 
customer issues with or without power. We have battery backup 
and generator backup to our product support services locations 
globally.
    One thing I do want to close with--I understand I've got 30 
seconds left or so--one issue that keeps us awake at night is 
the concept of malicious viruses being launched on or about the 
year 2000. To date, we've had seven that have been instigated 
that looked like they were launched from Microsoft, which, in 
fact, weren't. We're working with the Federal Bureau of 
Investigation to find the perpetrators of those and to bring 
them to justice.
    But clearly, we think the year 2000 is an opportunity for 
hackers to develop viruses and launch them either at the turn 
of the millennium or in the new millennium. And that concludes 
my comments. Thank you.
    Mr. Horn. Thank you very much. That's helpful. And I'm glad 
to say the perpetrators have been nailed.
    Joan Enticknap is the executive vice president, Seafirst 
Bank, and you're now a Bank of America company. Welcome. It's a 
great bank.
    Ms. Enticknap. Thank you. Thank you, Chairman Horn and 
Congresswoman Dunn, for this opportunity to testify on the 
important issue of year 2000 preparedness. My name is Joan 
Enticknap, and I am the manager of Commercial Banking for 
Washington and Idaho for Seafirst Bank, a Bank of America 
company. I am also responsible for year 2000 preparedness for 
the Northwest region.
    Seafirst has been serving customers in Washington State for 
129 years, and is Washington State's largest commercial bank.
    Bank of America, with $614 billion in assets, is the 
largest bank in the United States. And the company serves more 
than 30 million households and over 2 million businesses, 
offering customers the largest and most convenient delivery 
network.
    I am pleased to be here today and to share with you the 
plans our company has put in place to make the year 2000 date 
change a non-event for our customers.
    The banking industry is squarely in the center of attention 
because of its critical role in our national infrastructure and 
the role it plays in how our communities perceive and 
ultimately react to the date change.
    I am proud to say that the financial services industry has 
been recognized as a leader in year 2000 preparedness. As one 
example, the GartnerGroup, a technology research and consulting 
group, has stated that the financial services industry leads 
all other industries in preparedness.
    Our various regulators are closely monitoring the banking 
industry's relative strength and readiness in its preparations. 
Our industry is being monitored by the President's Council on 
Year 2000 Conversion, and our industry's state of readiness is 
a matter of public record and can be found at any number of 
regulatory websites.
    As a federally chartered and federally insured bank, we are 
held to rigorous oversight by the Office of the Comptroller of 
the Currency, the Federal Deposit Insurance Corporation, and 
the Board of Governors of the Federal Reserve.
    At Bank of America, our goal is to thoroughly prepare our 
company and its subsidiaries for year 2000, and make the date 
change a non-event for our customers. As part of the Bank of 
America organization, Seafirst Bank has been an active 
participant in these efforts.
    Through its predecessor organizations, NationsBank Corp. 
and BankAmerica Corporation, Bank of America began addressing 
the year 2000 in 1995. Through the second quarter of 1999, we 
have spent approximately $477 million on year 2000 
preparations, and more than 3,000 people have worked on the 
project.
    Our approach included four phases. The first phase, 
analysis, required us to inventory our software and systems, 
including over 4,400 systems and projects that needed analysis 
and possible modification.
    The second phase, remediation, involved replacing, 
modifying, or retiring appropriate components as identified 
during the analysis phase. We were substantially complete at 
the end of 1998 with that process.
    The third phase is testing, which assesses whether our 
systems identify and process dates accurately. This involves 
testing the links between our internal systems as well as 
testing interconnections between our systems and systems 
outside the bank. By itself, testing has made up over half of 
our year 2000 efforts.
    The fourth phase is compliance. In the compliance phase, we 
internally certify that systems, projects and infrastructure 
are ready for year 2000, and we implement processes to ensure 
that these systems, projects and infrastructure will continue 
to identify and process dates accurately through the year 2000 
and thereafter.
    We have successfully met our year 2000 deadline of June 30, 
1999, for testing key processes and technology, and have met 
all Federal regulatory requirements. With this major 
achievement, we are ready for January 1, 2000.
    Now that we are ready for 2000, we are devoting 
considerable effort to maintaining that status. We are also 
devoting considerable effort to addressing and monitoring the 
status of our 13,000 vendors.
    Another important part of our process, which you've heard a 
lot about today, is business continuity planning. We have built 
on our experience of continuity planning, and we've dealt with 
continuity plans routinely in a company of this size. We're 
refining and testing our existing continuity plans to ensure 
that we will continue to serve customers in case of any 
incidents related to the date change.
    Beyond that, we think communication will play a key role in 
how our customers and associates and our communities respond to 
change. Therefore, we're regularly communicating with our 
consumers, corporate and commercial customers, and that 
includes suggested steps to our consumers on how they can 
prepare for year 2000.
    As I stated earlier, our goal is to make the date change a 
non-event for our customers. Just as we do today, we will 
maintain the safety, security, and accuracy of customer 
accounts and account records through the millennium and beyond.
    We are aware, however, that a number of organizations and 
individuals are recommending that consumers take some or all of 
their money out of the bank. We encourage customers to 
seriously consider the security implications of doing this.
    In conclusion, I want to summarize our industry's and my 
company's state of readiness for year 2000. Our industry is a 
leader in year 2000 preparedness, and Bank of America has been 
addressing the date change issue since 1995, and we are ready 
for the year 2000.
    Thank you for the opportunity to update the committee on 
our industry and our company's preparedness.
    [The prepared statement of Ms. Enticknap follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.433
    
    [GRAPHIC] [TIFF OMITTED] T0954.434
    
    [GRAPHIC] [TIFF OMITTED] T0954.435
    
    [GRAPHIC] [TIFF OMITTED] T0954.436
    
    [GRAPHIC] [TIFF OMITTED] T0954.437
    
    [GRAPHIC] [TIFF OMITTED] T0954.438
    
    Mr. Horn. Well, thank you very much. That's most helpful.
    Mr. Jordan is the deputy superintendent of public 
instruction for the State of Washington.
    Mr. Jordan. Thank you, Chairman Horn, Representative Dunn. 
I'm Bill Jordan, deputy superintendent of public instruction 
for the State of Washington. The K-12 education system for 
Washington's 1 million K-12 students includes 296 school 
districts and 2,071 school sites.
    I'm happy to have this opportunity to discuss Y2K concerns 
with you, because this is an important opportunity for Federal, 
State, and local governments to work together in ensuring Y2K 
compliance and assisting community efforts to be prepared for 
any related problems that may arise.
    Most of the Y2K work at the State level in the educational 
organization has taken the form of checking internal electronic 
data systems and mechanical support systems to guard against 
potential blowouts and loss of important electronic data, basic 
heat and light systems, and vendor services.
    As an agency, the Office of Superintendent of Public 
Instruction has contacted the nine educational service 
districts, ESDs, throughout this State to verify activities of 
local districts and schools. Our educational service districts 
have provided workshops, information, and, in some instances, 
considerable technical assistance to help school districts and 
schools prepare for avoiding potential Y2K problems.
    Generally, midsize and larger districts have worked on 
checking electronic equipment and developing Y2K plans. At 
educational Service District 112 at Vancouver, they have been 
very active in helping the 30 districts in their region qualify 
for risk management insurance. They've developed a Y2K planning 
manual and helped districts make plans for a variety of 
contingencies and scenarios that could result from Y2K 
problems.
    Other ESDs and districts----
    Mr. Horn. Excuse me. Do you have a copy of that document?
    Mr. Jordan. I do.
    Mr. Horn. Great. I'd like it inserted in the record at this 
point without objection. Thank you.
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.439
    
    [GRAPHIC] [TIFF OMITTED] T0954.440
    
    [GRAPHIC] [TIFF OMITTED] T0954.441
    
    [GRAPHIC] [TIFF OMITTED] T0954.442
    
    Mr. Jordan. Other service districts have worked in similar 
ways. Potential problem areas are likely to be in smaller 
districts, with limited numbers of staff and resources to deal 
with in-depth planning and preparation. These districts and 
communities need expertise and resources. Community planning 
has often taken the form of planning for a 3-day event. We now 
realize that there is potential for a longer period of 
disruption and the need for a larger coordinated effort to move 
toward full community preparedness.
    Controlled tests of community systems reveal two things. 
First, there is a broad interdependence of community electronic 
systems. A water system may be compliant and functioning, but 
its interactions with other systems may place a strain on both 
systems and lead to failure and resulting problems.
    Tests need to involve the range of community systems--
electronic systems, utilities, transportation, distribution 
systems, and all type of electronic tools and appliances.
    Critical needs, such as heat, water, food distribution, 
transportation, communications, health care and other 
interconnected services could be affected.
    Second, many have focused on the prevention of problems but 
less on contingency plans and broader community preparedness. 
All of us hope that the efforts taken to date will be 
sufficient to avert any disruption. Given the pervasiveness of 
automated electronic systems and the widespread use of embedded 
chips, it's difficult to guarantee that all systems will 
function. It's imperative that communities are prepared to meet 
any problems that may arise.
    Preparation for Y2K should be no different from any other 
form of emergency. Community preparedness for any disruption or 
emergency is the right thing to do. Schools frequently play an 
important role in providing shelter, food and support for other 
needed community services.
    I'm recommending that Federal, State and local governments 
and community agencies join together actively and visibly in a 
careful evaluation and promotion of community preparedness. 
This preparedness must extend beyond the checking of electronic 
systems and include preparedness for related Y2K disruptions as 
well as other possible disasters or emergencies that would call 
on community schools as a resource.
    We recommend the following: citizen education programs that 
provide guidance to citizens about the potential problems that 
might be experienced; local contingency planning and 
preparedness efforts that can give citizens a sense of 
confidence that they will not be left alone to cope with 
problems or emergencies; controlled community preparedness 
tests that build coordinated community interagency capacity to 
deal with emergencies--local emergency management offices can 
provide valuable leadership in this area; the coordination of 
Federal, State and local actions can provide early responses to 
possible needs for water, food supplies, fuel, shelter and 
emergency services.
    I want to thank you again for this opportunity to talk 
about Y2K preparedness in our schools in Washington State.
    [The prepared statement of Mr. Jordan follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.443
    
    [GRAPHIC] [TIFF OMITTED] T0954.444
    
    [GRAPHIC] [TIFF OMITTED] T0954.445
    
    [GRAPHIC] [TIFF OMITTED] T0954.446
    
    [GRAPHIC] [TIFF OMITTED] T0954.447
    
    Mr. Horn. Well, we appreciate that. We haven't really had 
much testimony from the K-12 sector, so I'm delighted to have 
your statement.
    Mr. Bergeon, consultant with NueVue International Audit 
2000.
    Mr. Bergeon. Chairman Horn, Representative Dunn, it's a 
great pleasure for me to be here today.
    I think I have the unenviable task of addressing the small 
to medium business environment, which I've been consulting with 
for quite some time. I'd like to say that given my experience 
here in Seattle, there's probably no city in the country I'd 
rather be in when the clock turns over.
    In the last few years, my work has been going on with 
various commercial banks, and I've been very pleased with the 
kinds of things I've seen coming through the Federal Reserve 
and all of the other agencies as part of that movement.
    I think that we are about to see probably the proof of the 
pudding here in the next few months when the banks are going to 
be asked to really evaluate their credit customers and to 
actually do something about it. It's already been a very active 
movement by the banks, and that has made a world of difference 
in the small and medium business area being aware and making 
the move, but there's still a long ways to go in the small 
business area.
    Just a few months ago I had an opportunity to talk with a 
number of ports. And I've worked with the Port of Tacoma and 
Port of Seattle and know they're moving along extremely well, 
and they should be ready well before the year 2000 arrives.
    But in talking with many of the ports around the area, I 
found that most of them have started relatively recently, and 
they have a certain amount of work that they have to get done 
and to finish that up before the end of the year. So we still 
have, in our port areas, both with the smaller airports and the 
marine facilities in and around the northwest, still have a lot 
of work to do.
    I have had an opportunity to work with a number of 
different business areas. I will give you an example of a 
trucking firm that is in the Seattle area. I found that they 
were aggressive. They had moved on their problem. They had two 
things to worry about: APC and their accounting software. They 
replaced both of those.
    But in going over with them what their exposures were to 
the Y2K, we found something like 19 systems over which they 
were dependent but had absolutely no control. What was even 
more disconcerting is they had no idea about how to approach 
them and had no idea of how to perform or build a contingency 
plan. So we still have that kind of an issue that we have to 
deal with in the small business arena.
    I also reviewed a small manufacturing company that was Y2K 
compliant, and in doing the review, found that they had missed 
seven embedded systems, which reinforces the fact that most of 
these companies that are doing the work by themselves because 
they can't afford outside consultants are potentially going to 
miss some things that maybe a ``professional''--and I want to 
put that in quotes--would capture.
    I've also worked with the fishing boat industry and had an 
opportunity to tour a number of fishing boats and look at the 
computers and equipment on board the fishing boats. I'd like to 
tell you that the navigation systems are, for the most part, 
redundant for the larger ships, and even for some of the 
smaller ones. So that's not going to be an issue unless they 
all give different readings.
    But for the most part, the fishing boats are heavily 
dependent upon equipment with embedded systems, and there has 
not been a lot of communication from vendors to the fishing 
boat operators within the last year.
    I've also had an opportunity to talk with one of those 
fishing boat operators and have reviewed their home system, 
their at-base system, and found that while their programmer had 
gone through and said that they were compliant, he was, in 
fact, unaware of the scope of testing that needed to be done in 
order to achieve compliance.
    So again, there is a difference when you get into the small 
business area about the depth of knowledge and the amount of 
work that has to be done.
    I think that I would like to reinforce the concerns about 
the December timeframe and potential reaction by the public, 
both in the food area and in the petroleum area. There are 
strong concerns amongst the business people about potentially 
not having enough supply to meet demand, that they could get 
out of hand. Education is important and essential, and we do 
have to get out there and do more for them on that particular 
problem.
    I am also concerned, as my co-speaker from Microsoft said, 
about the amount of business that's moving from the first 
quarter of 2000 into the last quarter of 1999. For many small 
businesses, this could have an impact, because their cash-flow 
issues are stronger than most of the larger companies'.
    With that, I'd like to conclude my comments.
    [The prepared statement of Mr. Bergeon follows:]

    [GRAPHIC] [TIFF OMITTED] T0954.448
    
    [GRAPHIC] [TIFF OMITTED] T0954.449
    
    [GRAPHIC] [TIFF OMITTED] T0954.450
    
    [GRAPHIC] [TIFF OMITTED] T0954.451
    
    Mr. Horn. Well, thank you, Mr. Bergeon. Are you familiar 
with the pamphlet that the Small Business Administration put 
out on this?
    Mr. Bergeon. Yes, I am. I'm very glad to have seen it. I 
wish it had come out about a year ago.
    Mr. Horn. Well, it came out last July, actually, is when 
they first showed it to me.
    Mr. Bergeon. I'm thinking the year earlier.
    Mr. Horn. Did you find it useful?
    Mr. Bergeon. Yes. I think most of the companies that have 
seen it were awakened to things that they hadn't realized. And 
as I said, I just wish it had come out probably a year ahead of 
when it did.
    Mr. Horn. Did it tell them enough to deal with the 
remediation, or was something else needed?
    Mr. Bergeon. There again, most of them are trying to do the 
work on their own, with the resources that they have available 
or can bring to bear. Not all of these resources are 
knowledgeable or skilled. The SBA pamphlet has done a great 
deal to remediate that problem, but there are still issues that 
come up that they don't know how to address.
    Mr. Horn. Let me ask the question I've asked the two 
previous panels. If you could rethink where you've been on 
this, what from the management side would you now change and go 
at it in another way if you had to do it over?
    Mr. Bergeon. Well, I started in the Y2K business in 1992, 
and I started with big businesses, because consulting 
companies, for the most part, get the attention of big 
businesses and make most of their money with big businesses.
    I would like to have started with the small business arena 
probably about 4 years ago, and I would think that if we had 
this to do over again, I would do that.
    Mr. Horn. Mr. Jordan, what would you do if you had to roll 
back the clock and say, ``Gee, we should have done this at this 
point in time''?
    Mr. Jordan. We should have spent more time on better 
communication and contingency planning.
    Mr. Horn. Now, when you say ``contingency planning,'' what 
are you thinking of?
    Mr. Jordan. Well, school districts and schools are very 
dependent on vendors, outside sources, to keep us working. And 
we should have started earlier on making plans for the checking 
of integrated systems and vendor sources and contingencies if 
our food supply doesn't come in for food service or fuel supply 
doesn't come in to transport our buses.
    Mr. Horn. With your overview of education in the State, did 
the major cities, such as Seattle, Tacoma, others, have a plan 
in the city school systems? And how would you relate what was 
happening in the rural school systems? And I'm just curious, 
from your perspective, what do you see there and what should 
they have done earlier?
    Mr. Jordan. Probably the best answer--I can defer to one of 
our previous speakers regarding perhaps what's happened with 
the city of Seattle or King County in their relationship with 
the school district.
    My feelings regarding rural school districts are that they 
are in need of resources to find people to check out systems or 
relying on the educational service district to provide 
expertise or support. So they are probably in a position of 
less preparedness than the larger districts.
    Mr. Horn. Well, I'm thinking of when they were wiring 
classrooms. A lot of this was volunteer effort by people that 
were familiar with computers and wanted to help out and provide 
those opportunities.
    And I guess Mr. Jones--we might ask him. Microsoft is, 
without question, probably the largest computer firm in America 
in terms of software?
    Mr. Jones. Second largest.
    Mr. Horn. Second largest. Who is the No. 1?
    Mr. Jones. IBM.
    Mr. Horn. Big Blue is still No. 1.
    Anyhow, I just was curious. You probably remember that 
volunteer effort to wire different rooms in schools. Was there 
anything like that applied to the remediation situation on the 
year 2000?
    Mr. Jones. Well, there have been several things done in 
that area. I mean, we've worked with a number of school 
districts to wire them, the first thing.
    Second, there have been nonprofit organizations in Seattle, 
such as Empower, and what they've done is they've worked with 
all the other nonprofits to prepare them for the year 2000.
    Y2K for nonprofits is a huge challenge. They don't have the 
technical expertise nor the financial means to do a great job 
of preparedness, so they're relying on industry or other 
nonprofits that specialize in supporting them in those areas.
    Mr. Horn. Ms. Enticknap, what's your feeling on it? If you 
could roll back the clock and say, ``Gee, we should have done 
it this way,'' what would you have done differently?
    Ms. Enticknap. Financial institutions benefited from a very 
active regulatory support, and so the Federal Financial 
Institutions Examination Council [FFIEC], came out very early 
with recommendations. We had already started work. So we, as I 
say, benefit from a very active regulatory environment, shall 
we say, so we've been ready.
    Mr. Horn. Well, you're in the corporate culture now of two 
major banks. Was there a difference between how Seattle versus 
Bank of America had approached this from?
    Ms. Enticknap. No. Actually, we've been part of Bank of 
America since 1983, and we just didn't change our name. So 
we've been part of Bank of America and have played an active 
role in the overall corporate planning process and remediation 
process.
    Mr. Horn. Mr. Aikens, how about Boeing? Does Boeing ever 
make a mistake? Would you ever go back?
    Mr. Aikens. I think we've made a mistake.
    Since we started early, the one thing that I think would 
have helped is if we could have resolved the fear that the 
suppliers had. Somehow we needed to resolve that, because it 
limited the communication. Although we started in 1993, working 
with our suppliers in 1994, they were still very reluctant to 
share. And if we could have worked to eliminate that fear, I 
think that would have been better.
    Mr. Horn. Well, that's a good point.
    Allow me just to go through some of these cards that the 
audience has provided. I guess, Mr. Jones, here's one for you: 
please explain the Y2K brochure Microsoft plans to mail out and 
who will receive it.
    Mr. Jones. The brochure is essentially called ``Action for 
Small and Medium Businesses and Consumers.'' Basically, the 
criteria for who will receive that mailing is anyone who has 
registered a product since 1995. For businesses, enterprise 
businesses, we then reduce the duplication in names and only 
send one mailing to the Y2K program manager of a specific 
enterprise.
    Mr. Horn. Are there any Microsoft products that are not Y2K 
compliant?
    Mr. Jones. Of the 3,200 we've tested, about 2 percent, or 
roughly 80. And for those products, we have either an upgrade 
path or a work-around available.
    Mr. Horn. Recent reports illustrate that small to medium-
sized businesses are not doing enough to prepare. What is your 
confidence level--I think it's really directed at you, Mr. 
Bergeon--as to is it a low confidence or high confidence in 
terms of the supply chain?
    Mr. Bergeon. Again, in dealing with the small and medium 
businesses, we're going to cover a lot of territory. And let me 
break it down into two groups first.
    The medium-sized businesses, I think, are coming along 
extremely well. I have a high degree of confidence that most of 
them will be in pretty good shape by the end of this year. They 
will be working heavily into the last quarter.
    Small businesses, it's about 50 percent right now. I'm 
seeing more and more interest, but still a reluctance to do 
anything at this point, because they've got other issues 
they're dealing with and they still have cash-flow issues. Many 
of them still are not aware of things like contingency plans.
    And they have expressed a great deal of fear about why 
should they do something when they still expect some of the 
other systems to fail around them. So there's still a lot of 
hesitancy or a lot of disbelief in government, et cetera. I've 
heard it said the ``close enough for government work'' phrase 
all too often. And so my confidence, I think, with the small 
businesses is not as high. It's only about 50 percent right 
now.
    Mr. Horn. How about the supplier confidence you have, Mr. 
Jordan?
    Mr. Jordan. With the State of Washington, which probably 
most of our school districts rely on for information services 
and data services, we have a high level of confidence.
    With some local vendors, they are also expressing 
reluctance to give us assurance that they will be able to 
supply us with our needed services because they are not sure 
that they will be supplied with the materials and the backup 
that they have.
    So in some of our larger systems, we feel very confident; 
in others--and depending on the size of the business--not very 
confident.
    Mr. Horn. Ms. Enticknap.
    Ms. Enticknap. We are confident that the small businesses 
that we are working with, we've tried to provide as much 
information as possible, including guides, checklists and 
seminars, both for our small and medium-sized businesses. So 
we've tried to outreach to those businesses to provide as much 
information as we could.
    Mr. Horn. Since we've got you here, what impacts could 
noncompliant international banks have on your operations?
    Ms. Enticknap. We've been working very closely with the 
partners internationally that we use, including testing, and 
are confident that we will be able to manage any risks as they 
come up.
    Mr. Horn. What about the confidence you have in your 
suppliers becoming compliant?
    Mr. Aikens. We have something like 33,000 suppliers, and 
we've been working to get that down. We have less than 100 that 
have not responded exactly like we want, and we're dealing face 
to face with those. We are confident that we will resolve that 
issue.
    Mr. Horn. And we have a number here for Mr. Jones. Do you 
want to comment on the suppliers?
    Mr. Jones. I do, actually. An inverse view of that is 
Microsoft is a supplier to many of the people who have 
testified here today. And to quantify that for you, we have 
received approximately 9,000 requests for information from 
Microsoft per week. And we expect by the time the year ends, we 
will have processed well over 1.4 million requests for 
information. And that's above and beyond the website 
utilization that we have.
    Mr. Horn. Someone wanted us to be more specific, and the 
request is this: are Windows 95 and Windows 98 compliant?
    Mr. Jones. Windows 95 and Windows 98 are both compliant. 
There is a software update available.
    Mr. Horn. Is Office 97 compliant?
    Mr. Jones. Office 97 is compliant with software updates.
    Mr. Horn. And here is a nonprofit volunteer in the 
community: please explain the Empower program to help 
nonprofits meet Y2K compliance.
    Mr. Jones. Certainly. Empower is a local nonprofit 
organization designed to support other nonprofits through 
technology. They have database analysts, programmers and 
developers on staff. They launched a program called the Y2K 
Data Service here in Seattle, and that ran about 6 weeks ago, 
and they went and touched about 200 nonprofit organizations, 
and they verified the readiness of their PCs and installed the 
software updates or any patches that were necessary.
    They had volunteers from Microsoft, from Boeing, from many 
of the large organizations within the Seattle area. They're 
going to do another one of those later in the year. And 
``www.Empower.org'' is their website.
    Mr. Horn. The final two questions are for Mr. Aikens, and 
they're along the line of the ones for the banks, and that to 
you is: what contingency plans are being made for employees in 
high-risk areas, like Russia, in terms of Boeing personnel, 
Boeing customers, whatever, in terms of the year 2000 and 
working with Russia?
    Mr. Aikens. Well, we have a normal contingency plan for all 
of our people, and Y2K is no different. We have emergency 
operation centers in 12 States, and also abroad. So we work 
with each one of those countries, and our people will be 
protected.
    Mr. Horn. I just happened to visit your Sea Launch facility 
in my hometown of Long Beach this last week, and it was really 
impressive, with Russian, Ukrainian, Norwegian, United States, 
and United Kingdom cooperation. That's really a great 
endeavour.
    Mr. Aikens. It is a very interesting site.
    Mr. Horn. We'd be glad to have you send some 737 production 
down there, too, before I leave town, please.
    ``What can you tell us about the Global Positioning System 
readiness on August 21st and 22nd, 1999?'' says one member of 
our audience.
    Mr. Aikens. We're completely ready. And what we have done 
is we've contacted the vendors that have the information, at 
least have the satellites, and we have demanded--it sounds 
pretty strong--that all of those systems be ready. Boeing has 
run through its tests, and we are completely satisfied that 
there will be no problem with the Global Positioning System.
    Mr. Horn. I thank you. And I now yield to Representative 
Dunn for the questions she has, and we're delighted she is with 
us here.
    Ms. Dunn. Thanks very much, Mr. Chairman.
    Mr. Jones, you mentioned a couple of times, or it was 
mentioned on your behalf, that you've worked a lot with 
nonprofits. And we haven't heard anybody testify from the 
nonprofit sector. And I am most curious myself, having been 
very involved with this sector in most of my background, what 
kind of progress are the nonprofits making toward compliance 
for Y2K?
    Mr. Jones. I would rank them at the bottom of the list, 
with enterprises being most compliant and nonprofits being the 
least. That's singularly the area that concerns us the most. 
They typically have outdated technology, which, of course, 
induces more areas for Y2K liability. And while they are 
turning their attention to Y2K now, it is relatively late for 
those organizations.
    Ms. Dunn. So we should pay some attention there.
    Mr. Jones. Absolutely.
    Ms. Dunn. I think that's important, Mr. Chairman.
    Let me ask you, in general, a question I know Mr. McDermott 
had asked earlier as I was outside for another meeting on the 
impact on somebody's home. And I think he phrased it in terms 
of whether his answering machine would work or not.
    What else do you see is going to be a problem for the 
ordinary person going through his life on the 1st day of the 
new millennium? What will they notice?
    And then I have another followup question I want to ask a 
couple of you on that. Anything that occurs to any of you in 
any order.
    Mr. Jones. From the PC standpoint, I'll address that 
component. Depending on how you use your PC--say you use your 
PC primarily to surf the web or play games--by and large, you 
could do nothing, turn your PC on on January 1st, and you'd be 
just fine.
    If you use your PC for complex calculations or checkbook 
management, budget management, then certainly you need to take 
some preparedness steps. On average, we're seeing those steps 
take about an hour to do in the home.
    Ms. Dunn. Is there someplace where people can get 
information on how to do that?
    Mr. Jones. Microsoft has a great website, of course.
    Ms. Dunn. Anything else? Anything you're worried about, 
your wife is worried about, your husband is worried about, your 
children are worried about?
    Mr. Bergeon. Having moved into a condo in downtown Seattle, 
I had a lot of things to worry about, including elevators and 
environmental control systems, so we did do some checking.
    We've found that if you have an environmental control 
system that was purchased within the last few years, you're 
pretty safe. But most of the houses have had environmental 
control systems that were installed some time ago, and some, 
some small percentage, do have some computer embedded chips in 
them. It's not clear whether or not those are going to be 
prepared or not. And I haven't done a study of them, but that 
is a concern that some homes might have.
    Ms. Dunn. Anybody else?
    Mr. Aikens. Well, we have a very extensive program within 
Boeing for all of our employees that have PCs. And we have a PC 
assistant that will allow them to take a look to see if their 
computer is Y2K-ready. They can take this kind of information 
to the home as well.
    And in addition to that, the Boeing Employees Credit Union, 
which is not a part of Boeing, has sent out a list of things 
that they need to do. And in that way, they will check with 
Microsoft or any of the other vendors as to what needs to be 
done. By and large, we think that it really won't be that much 
of an impact on the homes.
    Ms. Dunn. Good. Thank you. I have just one last question. 
There was something that alarmed me that I heard earlier in 
this hearing, and that was when one of the folks who was 
testifying said he'd heard there were going to be a couple of 
movies coming out on the Y2K.
    And you can translate that very quickly, having been 
through that era of every possible disaster in the world 
becoming part of a movie. And it's our responsibility here, all 
of us who have taken part in this hearing today, to make sure 
that the institutions we're affiliated with are compliant.
    What happens, though--because we know the psychology of 
this is going to be very important, especially in the 
possibility that you run into all the time, Mrs. Enticknap, of 
people taking their money out of banks, or you run into, Mr. 
Aikens, of people not flying on airplanes--what happens and 
what is the response? And are you prepared with a contingency 
plan if something like this happens toward the end of the year? 
We've got a November release for some big movie. How are we 
going to calm people down and help them understand, especially 
seniors, who worry a lot about things like this?
    Mr. Aikens. I'll take it. Naturally, Boeing is a primary 
target to have a 747 crashing into the Empire State Building. 
These kinds of things come up all the time. And what we think 
is the best way to combat that is with education, and that's 
where we think that our outreach program is very effective.
    The contingency plan is that there is not much we can do 
about Hollywood doing things like this, but we think education 
is the answer. And that's what we want to be sure that we tell 
the public--here's what we're doing--and let's leave it at 
that.
    Ms. Enticknap. From the bank's standpoint, we have an 
active communication program under way. We will be sending out 
and continue to send out statement stuffers. Again, people tend 
to not read their statements, so we also have information on 
our websites and also in our banking centers. And we also are 
working with the Federal Reserve. The Federal Reserve is 
printing an additional $50 billion of currency for the end of 
the year, and all banks are working together to make sure that 
we're monitoring cash usage.
    But more importantly, we're working with senior citizens 
and others to really understand the implications of taking 
their money out, and urging people to recognize that the safest 
place for their money is a bank.
    Ms. Dunn. Anybody else have any comments?
    Mr. Jordan. We agree that education is critical to making 
sense of this. And one of the things we'd like to stress is 
that this is an opportunity for community agencies--profit, 
nonprofit, big and small business--to come together and clearly 
state for the community what is and what isn't. That will belay 
a lot of fear and cut through any media marketing that might go 
along with the production that you scenario.
    But we believe that if a community gets together, and each 
agency says we've done this, this, this, and this, and get that 
out to their local people that trust them and rely on them 
every day, that would have a big impact.
    Ms. Dunn. Thank you.
    Mr. Horn. Thank you very much for coming, Ms. Dunn. She 
does a great job for you in Washington.
    Let me thank a lot of people that have been involved in 
this hearing. We'll start with the two Members of Congress and 
their staff. Congressman McDermott and his Seattle district 
office staff has been helpful--Damian Cordova, legislative 
assistant, Jane Sanders, the scheduler.
    And Congresswoman Dunn's Washington and Mercer Island 
district office staff, Susan McColley, district director, Kara 
Kennedy, the press, Doug Badger, legislative director.
    And for the Discovery Institute, which is also our host in 
Seattle, obviously president Bruce Chapman, who has been a 
great public servant, both nationally and in this State and in 
this city, I've known him for 40 years as a person of honor and 
integrity; Nancy Sclater, the vice president; Rob Crowther, the 
public and media relations; Steve Jost, events coordinator.
    And our faithful court reporter, Jeff Wilson. And then the 
staff of the Subcommittee on Government Management, 
Information, and Technology which has done a great job for the 
last 6 years. J. Russell George, staff director and chief 
counsel, is seated practically outside of the room there in 
back; Matthew Ryan is to my left and your right, he's the 
senior policy director that worked on the hearing.
    And then we have a very fine young lady who is an American 
Political Science Association congressional fellow with 
Congress for a year, and her full-time employment is career 
servant for the National Security Agency, and that's Patricia 
Jones.
    Patricia, are you here? Well, she had to leave.
    Chip Ahlswede, I believe, is here, staff assistant; and 
Grant Newman, the committee clerk. Grant, there they are. 
They're all in the back row.
    So I want to thank you all. I want to thank the people of 
Seattle and your experts that we had as a sounding board, shall 
we say, for our various aspects of the Y2K problem. You've put 
a lot of good information in the record today, and we will make 
use of it and share it with other communities. Thanks for 
coming.
    With that, we are adjourned.
    [Whereupon, at 12:20 p.m., the subcommittee was adjourned.]

