I S S U E 1 | V O L .8 A P U B L I C AT I O N O F E . R E P U B L I C
T E C H N O LO G Y L E A D E R S H I P I N T H E P U B L I C S E C TO R » F E B R UA R Y / M A R C H 2 0 1 0
ALL EYES ARE
ON LOS ANGELES
CTO RANDI LEVIN
AS CITY DEPLOYS
F E B R UA R Y / M A R C H 2 0 1 0
C O V E R S T O R Y
C ov e r P h ot o b y T e r e nce B r own
In the Spotlight
All eyes are on Los Angeles
CTO Randi Levin as city
deploys cloud-based e-mail.
B y M a t t Wi l l i a m s
F E A T U R E S
additional offices. Postmaster: Send address change to Government Technology’s Public CIO, 100 Blue Ravine Road Folsom, CA 95630 Copyright 2010 by e.Republic, Inc. All Rights Reserved.
Government Technology’s Public CIO (ISSN# 1944-3455) is published bimonthly by e.Republic, Inc. 100 Blue Ravine Road Folsom, CA 95630. Periodicals Postage paid at Folsom, CA and
SUBSCRIPTIONS: Subscription inquiries should be directed to Government Technology’s Public CIO, Attn: Circulation Director, 100 Blue Ravine Road Folsom, CA 95630. (916) 932-1300.
16 28 Checkup
Fire in the Big Sky In massive information technology
Montana Gov. Brian Schweitzer talks
about his ambitious plans for wind transition, U.S. health-care system has
power and growing a new generation less than four years to upgrade disease
of scientists and engineers. diagnosis code sets.
By Ch ad Vand er Veen B y Rus s el l Ni ch ol s
20 IT Fraud
IT fraud in government can be
costly. Here are five ways CIOs can
of the CIO
Insights from the Global Chief Information
prevent and control the problem. Officer Study.
By A lyssa G. Martin B y L y nn Rey es
Paving the Way
Technology is laying the groundwork
for health reform.
By Greg D eBo r and Ro bert W ah
D E P A R T M E N T S
36 Guest Column
Cloud Economics 101
41 CIO Central
News, Reviews and Careers
By Kev in Merritt
38 CTO Strategies
Ready for Your Budget Emergency?
42 Security Adviser
Is the Policy Window on
By D an Lo h rmann Cyber-Security Closing?
B y M ark Weat herf ord
40 Straight Talk
Too Many Chiefs, Not Enough Agencies?
By Liza Lo wery Massey B y Paul W. Tay l or
U P F R O N T
6 Introduction 8 Contributors
2007 MAGAZINE OF THE YEAR 2008 Silver Folio: Editorial Excellence Award
The inside pages of this publication are printed on 80 percent de-inked recycled fiber.
Green Tech: Montana Gov. Brian Schweitzer
describes his state’s efforts to become a leader in green
technology and alternative energy.
Savings: California’s Office of Technology Services
reports savings of $100,000 a month after moving part of
a major data center to a more modern facility.
Infrastructure: Michigan CTO Dan Lohrmann
takes a look at the technology and security preparations
under way for the Winter Olympics in Vancouver.
Cloud Computing: Colorado’s Statewide
Internet Portal Authority seeks contract with a private
cloud computing company to provide hosted services for
state and local governments.
[ INTRODUCTION ]
I n the summer of 2002, campaigns
for 36 gubernatorial races were
beginning to heat up. The economy
was on everybody’s mind in the wake
of the dot-com bust that had left a
the cover. Mark Forman may not have
had the title of national CIO, but he
was then-President George W. Bush’s
point man for the federal government’s
$60 billion IT program. Since the first
leadership. Today’s CIO not only must
understand the complexities of IT, he or
she also must be a great communicator,
relationship-builder and management
guru in order to survive and thrive.
string of bankrupt technology firms issue was published in summer 2003, Despite the relatively low pay and
and lingering questions about the we managed to put the next two federal occasional political whiplash that comes
Internet’s direction and purpose. We CIOs on the cover — Karen Evans and with the job, not to mention the mind-
did the math and realized that a large Vivek Kundra — as well as many state numbing budget constraints, the public
number of state CIO positions would and local CIOs. CIO community continues to attract
be vacant and rookie governors were When we interviewed Forman for the people who want a challenge and want
about to begin new agendas at a time first issue of Public CIO, several of to lead in digital government. That’s
when public-sector IT needed guid- our questions focused on the leading a good thing. Unfortunately many are
ance and leadership. trend: electronic government. It’s hard also leaving the field, making the need
With that as background, e.Republic to believe that just eight years ago e-gov, for new leadership paramount.
CEO Dennis McKenna decided to as many eventually truncated the term, I’ve had the pleasure of editing this
launch a new publication, called Public was so powerful a topic. And as outdated magazine during its first seven years
CIO, dedicated to covering and serving as it now seems, I look back with pride of existence and found the work and
the public CIO community. Despite the that we also covered some topics, such people I covered always interesting.
acute political situation at the state as change management and enterprise Now it’s time to say farewell as I take
level, the goal was to reach the entire IT, that were hardly barn-burner stories up a new position with our newly
spectrum of CIOs, from those who back then but continue to resonate as acquired publication: Governing. It’s
ran IT for gigantic federal agencies issues worth covering for CIOs. been a pleasure serving our readers,
down to modest-sized communities, all Today IT is firmly enmeshed in the and I know that the magazine is now in
of whom needed critical information fabric of government and the public the very capable hands of my colleague
about managing and leading IT opera- CIO’s role and purpose are more impor- Steve Towns. I hope you continue to
tions within government. tant than ever. And just as information enjoy and learn from Public CIO for
With that somewhat ambitious technology has changed a fair amount years to come. ¨
mission statement, we chose to put since 2002, so too has the significance
the nation’s first federal IT leader on and importance of IT management and
BY M AT T W I L L I A M S , A S S O C I AT E E D I TO R
THE HIGH-RISE OFFICES of the Los Angeles Information Technology
Agency (ITA), which manages the IT systems used by 30,000 city
employees, are a model of corporate efficiency — a floor of cubicles
ringed by window-facing rooms. Glass doors define a modest-size
waiting room, where a flat-screen plays the city government TV
channel on loop. A tall trophy case displays the department’s victo-
ALL EYES ARE ON
CTO RANDI LEVIN
ries. An organizational chart shows photos of CTO and ITA General
Manager Randi Levin and her executive team.
AS CITY DEPLOYS
It’s all ordinary enough to make one temporarily forget that the
iconic L.A. City Hall building, a tower made famous as a scene-setter in
well known motion pictures, is across the street. Believe it or not, this
Hollywood reference point is tangentially relevant, at least for Levin.
Whether she likes it or not, Levin has become the star of her own
story — partly of her own doing, partly due to forces beyond her
control. Levin’s front-and-center introduction to the mainstream
world came last year, when she led the ITA on a procurement that
will replace the city’s aging e-mail system with a new Web-based
enterprise solution. At the core, Levin had two simple goals in mind:
improve service and save money.
PHOTO BY TERENCE BROWN
LO S A N G E L E S C TO R A N D I L E V I N
L E D T H E M O V E TO A D O P T
G O O G L E ’S G M A I L A S T H E C I T Y ’S
E N T E R P R I S E E - M A I L S YS T E M .
PHOTO BY TERENCE BROWN
When the city picked Google’s productivity tools along like many IT departments, Levin was facing the prospect
with its popular e-mail service Gmail, what initially of shrinking budgets due to the recession’s lingering effects.
was thought to be a run-of-the-mill IT project quickly The problem would only get worse, she thought. On-premises
morphed into something bigger and more complex. The e-mail just wasn’t a cost-effective option anymore, in her mind.
decision stoked a period of intense lobbying from L.A.’s So the ITA put together an RFP with the option of a
existing e-mail provider (Novell) and Google’s biggest software-as-a-service product or a hosted solution. Levin
competitor (Microsoft), rivals who likely saw the city’s said the agency received 10 responses, from the likes of
decision to adopt Google’s hosted services as something Google, Microsoft and Yahoo. After mulling over the deci-
that could potentially crack the state and local govern- sion with an intradepartmental group of IT managers, last
ment market’s inertia when it comes to cloud computing. summer officials chose a proposal that would implement
Levin was unexpectedly pressured from within, as L.A. Gmail on more than 30,000 desktops, and later adopt the
fire and police officials expressed concern that moving Google Apps productivity suite, which includes calendar,
their sensitive data onto Google’s off-site servers could word processing, document collaboration, Web site sup-
pose a security problem. Levin said she has since quelled port, video and chat capabilities, data archiving, disaster
those concerns and the political pressure. recovery and virus protection.
The script, if you will, continues to be written. Los The five-year deal, valued at $17 million, made L.A. the
Angeles is now slowly marching toward a full implemen- first government of its scale to choose Gmail for the enter-
tation of Gmail for the city work force. If successful, the prise — a somewhat surprising bit of information that
project could open the floodgates for other governments made approving the project much more complex.
that are awaiting a successful test case before entering the “We were under the assumption that Washington, D.C.,
cloud computing environment. had already fully implemented Google for its e-mail solu-
tion, which it had, but not in the way we’re doing it. But
A MISSING DATA POINT we didn’t really know that at the time,” Levin said.
Ever since Levin began leading the ITA two and a half It turned out that Washington, D.C., was using Gmail
years ago, she repeatedly heard from employees who for disaster recovery and giving employees the option to
were dissatisfied with the unreliability of the city’s exist- use it as their primary e-mail. During the decision-mak-
ing e-mail system, Novell GroupWise. It had too much ing period, Levin didn’t think L.A. would be the first large
downtime, and users were frustrated by the lack of fea- government to fully adopt Gmail. “Nor did we think it was
tures and the user experience. The product itself wasn’t going to be as political as it turned out to be,” she added.
inherently unreliable, Levin said, but the ITA lacked the That knowledge wouldn’t necessarily have changed the
necessary money or manpower for its proper upkeep. And city’s decision, Levin said, but it would have given the city
a heads-up that lobbying and outside interest from the
public was coming.
The lobbying was “extensive,” said L.A City Council
President Eric Garcetti, who presided over the Council’s
unanimous vote in October 2009 to adopt the plan. As many
as five companies made their presence known in the cor-
ridors of City Hall, he said, as misinformation reigned and
unfounded rumors flourished. Attempts at deal-making
continued until minutes before the Council voted. Levin said
those temptations were never a factor. “We tried to maintain
a very rigorous [procurement] process, and we really wanted
the integrity of the process to stay intact.” LO S A N G E L E S C I T Y CO U N C I L
PRESIDENT ERIC GARCETTI
CRUNCHING THE NUMBERS, SQUEEZING THE BUDGET P R E S I D E D O V E R T H E O C TO B E R
The incessant lobbying spurred troublesome misinfor- 2 0 0 9 CO U N C I L V OT E TO A D O P T
mation, particularly about the solution’s cost and security, T H E C LO U D CO M P U T I N G P L A N .
The cost and potential savings confused outside observ-
ers and elected officials because the ITA wanted to accu-
rately reflect the city’s deteriorating economic condition,
Levin said. That meant the projections were changed more
“It became more and more important to focus on cash the difference between ROI and cash savings, she said. By
as opposed to a true ROI [return on investment],” she the time the numbers were made clear, some people inac-
explained. This changed the numbers. The ITA had, at dif- curately believed Gmail would be more expensive than the
ferent times, estimated savings of $8 million to $30 million. existing solution. Although, in a limited sense, that was
“From the cash perspective, we looked at what software true because the city will pay for both GroupWise and
and hardware would be removed as we went to a new Gmail for one year as the migration occurs. (Ironically the
solution — what wouldn’t we have to buy anymore or pay ITA will offset the added cost by using money from a prior
maintenance on.” anti-trust settlement with Microsoft.)
Levin felt it was important to do an “apples-to-apples” After a few attempts at numbers crunching, the city esti-
comparison. Unfortunately some people didn’t understand mated $5.5 million in hard-cost savings from the Google
adoption, and an additional $20 million
‘GEECS’ SQUAD savings in soft costs due to factors like
better productivity. The ITA expects appli-
Prior to the Gmail pilot, a working group from within the Los Angeles Informa- cations like Google Docs will help reduce
tion Technology Agency (ITA) began testing the feel and functionality of the solu- some of the redundant paper pushing that
tion. The group — nicknamed “L.A. GEECS,” a.k.a. the Google Enterprise E-mail and plagues bureaucracies, and it hopes some-
Collaboration System — isn’t short on work. day to utilize Gmail’s mobile functionality
There’s a laundry list of new issues that must be addressed, several of them and ease-of-use to drive further savings
unique to government usage on the Google platform. The group must hash out through increased collaboration.
how to provide enough customizable options for the city’s 44 departments, Moving the city’s data to Gmail will
while still maintaining consistency and control. Tasks include: let the ITA reassign and/or cut nine
• Writing policies for when chat and video may be turned on and off, employees who were working internally
in order to fulﬁll e-discovery requirements. on the GroupWise system, Levin said, and
• Determining how Freedom of Information Act requests will be handled it will eliminate 92 servers from the city’s
through Google’s search and archiving capabilities. data center — a sprawling basement-level
• Building in customization so that individual departments may allow facility in the ITA building. Those savings
their employees to make cosmetic tweaks, like changing the skin of are significant, she said, because as of
the Gmail interface.
mid-November the ITA faced the prospect of losing 60 or migration. Google employees who have access to L.A.’s
70 employees to early retirement, as well as additional cuts data will be certified by the state Department of Justice.
to the 800-person ITA organization. Google, for its part, is building a segregated “government
“We have servers of every shape, size, brand and year cloud” that will house data owned by public-sector cus-
here,” Levin said. “And with diminished staffing, we’re try- tomers, like Los Angeles. The government cloud will be on
ing to figure out where’s the best use of our resources, and servers located somewhere within the contiguous 48 states,
although L.A. won’t know exactly where its data is — the
unknown location is part of Google’s security model.
“WE’VE WRITTEN [THE CONTRACT] The government cloud will be up and running “sometime
AS IRONCLAD AS WE CAN. WE’VE ALSO in 2010,” according to David Mihalchik, business develop-
ment executive for Google federal. Crawford said he’s been
WRITTEN INTO THE NONDISCLOSURE told the new cloud will be ready by June, in time for L.A.’s
THAT THE DATA BELONGS TO US IN full implementation. The company also is in the process of
securing Federal Information Security Management Act
PERPETUITY; IT WILL OUTLIVE THE (FISMA) certification.
CONTRACT ITSELF.” L.A.’s agreement with Google is written so that it’s clear
the city owns the data at all times, Crawford said. “That’s a
KEVIN CRAWFORD, DEPUTY CTO, LOS ANGELES very big deal for us. We’ve written [the contract] as ironclad
as we can. We’ve also written into the nondisclosure that the
we think it’s really more in the applications area — in public data belongs to us in perpetuity; it will outlive the contract
safety related to their radio systems and some of their other itself,” he said. That means if the city wants to switch to
applications, and also for the other departments’ Web sites another vendor after the contract ends, the city will be able
— doing a lot in terms of transparency and getting data out to recall its archived data. Officials also negotiated unlimited
to the public, and more self-service.” and liquidated damages in the event that there’s a breach of
SECURITY FEARS, RELIABILITY CONCERNS Crawford said the bottom line is that Google’s security
Data security was another contentious issue. The public apparatus is far superior to the ITA’s for the simple fact
at large continues to debate the security of cloud comput- that the company has the resources to devote many more
ing and hosted services, particularly as it relates to putting people to it. In Google-speak, L.A.’s data will be “sharded,”
the public’s data — which may well include addresses, meaning it will be shredded into multiple pieces and stored
Social Security numbers and other sensitive information on different hard drives — a security encryption method
— on servers in unknown locations that are managed by a the ITA can’t do from its in-house data center. Garcetti too
corporation. said he’s comfortable with the security of cloud computing:
After some officials from the L.A. police and fire depart- “At the end of the day, I trust Google’s security as much as
ments expressed worry that their departments’ sensitive any individual city, town or village to protect themselves
data would be vulnerable if stored on off-premise servers, because [Google] is that much more experienced.”
the ITA worked hard to ensure that the security parameters Of course, reliability is part of security. Crawford said
met California Department of Justice requirements, said Gmail had only about 10 percent of the downtime in 2009 as
Kevin Crawford, Levin’s deputy in charge of the Gmail the city’s current e-mail. And if disaster strikes — L.A. sits
C O N T I N U E D O N P A G E 37
SELLING THE PLAN
According to Los Angeles City Council President Eric Garcetti, there was a valuable lesson to be learned from how L.A. presented its
Gmail adoption to the public and internal stakeholders: Address human issues as well as technical concerns.
“There was an assumption by some of the IT professionals that this would sell itself or that people would trust them because the
IT professional is recommending this,” he said. But IT ofﬁcials shouldn’t be expected to sell change for an integral system like e-mail,
Garcetti said. Instead, they should rely upon public communicators, which include the elected members of the City Council, to make
“The stakes are high, and people will be lobbying one way or the other,” he said. “But people have to think it through not just from
the technology side, but from the human side.”
CLOUD COMPUTING: FOUR QUESTIONS TO ASK YOUR VENDOR
Data location, access and security are crucial to cloud computing contracts. BY STEVE TOWNS, EDITOR
AS CLOUD COMPUTING INITIATIVES take hold in government, agencies points that are worthwhile to negotiate. It’s very important to have
need to consider the contracting implications of this new technology a vendor that can actually respond to a subpoena. They need to pull
model. Managing a relationship where government data could reside only the information relevant to the subpoena and not put other
on privately owned computing infrastructure located anywhere in cloud-based information at risk.”
the world demands that agencies ask some crucial questions of cloud Also, ﬁnd out how much your vendor intends to charge for
vendors before they close the deal. responding to a FOIA or e-discovery request. “That can be a very big
Daren Orzechowski, an intellectual property attorney who special- surprise,” he said. “You may even want to prenegotiate the rate for
izes in IT and outsourcing issues, said government agencies need that type of work when you do the initial contract.”
answers to four fundamental questions before they choose a cloud
3 How secure is my data?
Cloud vendors need to satisfy two types of security require-
1 Where is my data?
Server virtualization technology allows cloud vendors to opti-
mize their use of computing hardware and other IT resources. That
ments: physical and logical.
Your agency may have speciﬁc physical security requirements.
Background checks, ﬁngerprinting or drug tests may be required for
can cut costs, especially as the volume of cloud computing customers staff working in data centers that house your data. Make sure your
grows and vendors achieve economies of scale. But virtualization cloud computing vendor understands and can comply with these
also has a downside. rules. Luckily vendors are becoming more accustomed to meeting
“Your data could be broken up — or the instance of your appli- these requirements, Orzechowski said.
cation could be broken up if it’s a platform provider — so your data Large cloud computing providers also are becoming more trans-
and software could be in a lot of different places. In the government parent about their logical security processes, and they’re typically
space, I think this is particularly important to have a handle on,” subject to regular security audits and penetration testing. Still,
said Orzechowski, a partner in the New York City law ﬁrm of White cyber-terrorism and hacking represent the biggest threats to cloud
& Case. “On one hand, you have to recognize that the provider gets computing, especially in the government space, Orzechowski said.
an economic beneﬁt from being able to break up the data and store “As you have more and more customers going to certain cloud
it in different places, or virtualize it. At the same time, depending on providers, and those providers become bigger and are housing more
the sensitivity of the data, the government needs to know where that data, they’ll become bigger targets for hackers and terrorists,” he said.
information is.” “What will happen the ﬁrst time there’s a real big hit, especially if there’s
Keeping your data within the United States should be a key require- government data housed with that vendor? A terrorist or major hacker
ment, he said. attack is a test that in the back of everyone’s mind may be coming.”
“When you look at what people’s expectations about their rights
are, they come at it with a very American-centric view. In a lot of places
that are popular for offshoring — like India and China — your rights
may not exactly be what you think they are. So there’s a comfort level
4 How portable is my data?
The last point to cover during contract negotiations is what
happens when the deal is over. How will you get your data out of one
with keeping data within the U.S. borders.” vendor’s cloud and into another, or back into your own data center?
“There’s been talk among some of the big players on having data
2 How do I access my data?
Cloud computing involves accessing remote applications and
data through a client interface, typically a Web browser or perhaps a
standards for the cloud space. As a consumer, you probably are very
interested in that,” Orzechowski said. “You want to have your data
in a form that can easily be ported over to a new vendor. It may not
mobile device. Government cloud customers should consider nego- always be in your current vendor’s interest to allow for this because
tiating service-level agreements for routine access and system they want to keep you captive.”
uptime. The key is to avoid being held hostage, he said.
In addition, agencies need to understand how their cloud vendor “This is something to think about when you’re negotiating. What is
will help them respond to specialized data requests. the template, what are the data sets and how are the ﬁelds deﬁned?
“What happens if there is litigation?” Orzechowski said. “What Get a sense of this and understand it,” Orzechowski recommended.
happens if there is a subpoena? Or since we’re talking about govern- “From there, negotiate for migration assistance. Find out how the
ments, it’s very possible you’ll have a FOIA [Freedom of Information vendor will help you move to someone else, and how much they’ll
Act] request. How will the vendor pull this data for you? These are charge to do that.”
FIRE IN THE C H A D VA N D E R V E E N
A S S O C I AT E E D I TO R
TALKS ABOUT HIS
FOR WIND POWER
AND GROWING A
W hat’s the biggest problem with alternative energy?
The simplest explanation is that burning coal
and oil for electricity generation is supported by
existing infrastructure, while clean energy sources like
wind and solar aren’t. Specifically alternative energy has
In Montana, one of the country’s windiest places,
Gov. Brian Schweitzer is trying to solve that transmission
and storage challenge by adopting the “build it and they
will come” approach. Wind farms are popping up across the
state, and Schweitzer believes it’s only a matter of time
a built-in hurdle — how do you store solar power when the before the technology follows.
sun isn’t shining and how do you transmit wind energy Schweitzer is passionate about transforming Montana
when the wind isn’t blowing? into a renewable energy leader. In a recent interview, he
Some nascent technologies may provide the answer. But discussed this and other issues important to Montana’s
by and large, the storage and transmission technology future, such as the Real ID Act and how to foster a new
that would make these energy sources more feasible generation of students who are interested in math, science
doesn’t exist. and engineering.
YOU WANT MONTANA TO BE A LEADER IN ALTERNATIVE We do need to add to our transmission capacity, and that’s
FUELS AND ENERGY SOURCES. HOW DO YOU MAKE THOSE why Montana leads the entire world in digitally cataloging
GOALS A REALITY? our wildlife corridors. So when people are deciding where
According to recent studies, Montana has the second-best they’re going to build transmission lines, we already know
wind energy resources in the country and some of the best on where the antelope, bears and elk need to move — and we
the planet. We have 30 percent of the coal in America — 10 build those transmission lines so that we’ll be able to main-
percent of the coal on the planet. We’re increasing our oil pro- tain our quality of life and a transmission system that deliv-
duction at the fastest rate in the country. We have many energy ers Montana wind power to California cars.
resources that can be cleaner and greener.
Whether we’re talking about capturing car- YOU’VE ADVOCATED FOR SYNTHETIC FUELS,
bon dioxide from existing coal-fired plants IN ADDITION TO WIND AND OTHER ENERGY
or creating new kinds of coal-capturing SOURCES. CAN YOU EXPLAIN WHAT SYN-
devices for new kinds of plants, we’re excit- THETIC FUELS ARE AND WHY THEY’RE NOT
ed about developing our coal. And we’re A LARGER PART OF THE ENERGY MARKET?
excited about developing our wind. I’m most excited about crops that pro-
The most important thing is we have duce oil for biodiesel — crops like canola
to develop storage technology. We actu- and camelina in Montana, and jatropha in
ally have an unlimited supply of energy, the tropics. All told, they could be 5 or 10
whether it be tidal, wind or solar. But the percent of our fuel supply. Ethanol is inter-
wind isn’t blowing all the time, and the sun esting because most of the ethanol plants
isn’t shining all the time. As consumers, we were built in the Midwest and the fuel was
demand electricity when we want it, not corn. Most of the future ethanol plants are
just when the sun is shining or the wind is likely to be in the West — and the energy
blowing. So that means the most important source will be trees. In Montana, we have
technology of our time — and for the next about 3 million acres of dead and dying
decade — will be storage technology. trees from a pine beetle kill. These are
To give an example, if every car, light great sources of energy that can be used to
truck and SUV in America had a battery that could get the make ethanol or some kind of biomass to create electricity. So
first 40 miles on a charge before it switched to another source you have trees that are dying and they become a fuel source,
of energy, we could eliminate two-thirds of the oil we import. either for a liquid fuel or for an electricity supplier.
Those cars exist today. What we don’t have is the resolve to
buy those cars and put them on the highways. YOU’VE TALKED ABOUT “CLEAN COAL,” A CONCEPT THAT CAN BE
DIFFICULT TO UNDERSTAND. WHAT IS CLEAN COAL?
WIND FARMS ARE BOOMING IN MONTANA. BUT ISN’T THE COST The first cleanup of coal was to remove the sulfur, mer-
OF BUILDING TRANSMISSION LINES ALWAYS BROUGHT UP AS cury and nitrogen. But more recently, we’re concerned with
A REASON NOT TO BUILD THEM? HOW DO YOU OVERCOME the CO2. There’s approximately two tons of CO2 produced
THAT OBJECTION? for every ton of coal we burn. Many of us believe CO2 is
Part of the solution to transmission is storage. We need to contributing to the greenhouses gases that are contributing
build more transmission so we can get the electricity to those to climate change. If we can capture a portion of that CO2
who are using it. But understand — we build transmission immediately, it starts to make coal cleaner. And if we use coal
for peak demand. For example, in California at 10 a.m. on gasification — plants that are already built around the world,
a Tuesday they have peak demand. But by Friday night at including in our region, that capture 100 percent of that CO2
2 a.m., they’re only using half as much electricity. So if we — and then if that CO2 is pumped back into the earth, either
could build a transmission system that had storage on the for enhanced oil recovery or for storage geologically in some
other end — so that consumers with batteries in their cars deep saline formations, or even to be made into bricks as a
could either be buying electricity in the middle of the night fuel source for making more biodiesel, that means we capture
or selling it back into the grid at 10:00 in the morning — we the CO2, sulfur and mercury. And if coal is zero emission,
would need less transmission. that’s clean coal.
IS COAL GASIFICATION SIMILAR TO PLASMA GASIFICATION, THE And that’s true of most children. We’d like talented young
PROCESS OF USING A PLASMA TORCH TO REDUCE WASTE DOWN people to aspire to designing a ball, not hitting a ball; to
TO ITS ELEMENTAL STATE? aspire to creating new sound systems, not playing rock ‘n’
It’s very similar. The traditional way of producing ener- roll guitar. If we can get more of these young people to aspire
gy from coal is you ignite the coal; it makes a ball of flame, to be engineers and not journalists, we think we can change
which you direct onto a water source. That water becomes the world one scientist at a time.
steam, which turns a turbine and generates electricity.
With coal gasification — think of a Thermos jug, the kind HOW DO YOU MAINTAIN STUDENTS’ INTEREST IN MATH AND SCIENCE?
steel workers used to carry. Now think of a Thermos that’s We pound it in. We continually talk about how cool sci-
150 feet high and 40 feet in diameter. The top comes off, ence is. We have Montana science trading cards. Elementary
you dump 30 tons of coal into it, and you screw it back school kids can trade these cards that have cool science facts
MONTANA’S JUDITH GAP WIND MONTANA GOV. BRIAN SCHWEITZER
FARM, WHICH BEGAN OPERATING SAYS GRADE SCHOOL IS THE TIME
IN 2005, GENERATES 135 MEGA- TO INTEREST KIDS IN MATH AND
WATTSP T I O EMPLOYS 10 PEOPLE.
C A AND N SCIENCE.
on. Then you heat it. And with high temperature and high about Montana. You have a governor and first lady who
pressure, methane gas — or natural gas — and CO2 actu- continually talk about how cool science is, who continue
ally comes off the coal. You separate the CO2, pump it back to give accolades to the best science and math teachers
into the earth where it came from, and then that natural — those teachers who bring math and science to life — those
gas can run your cars, heat your homes or make electricity. are the people we like to reward.
That’s coal gasification 101. It’s a controlled environment
so there are no emissions. There is no smokestack with LET’S TALK ABOUT THE ROCKY MOUNTAIN SUPERCOMPUTING
this process. CENTERS IN BUTTE. IN WHAT WAYS WOULD YOU LIKE TO
LEVERAGE THAT TECHNOLOGY?
IS YOUR VISION FOR MONTANA AS A HUB FOR ALTERNATIVE Look at the remarkable geology of Montana: God has
ENERGY THE REASON YOU WANT TO GET STUDENTS INTERESTED blessed us with some of the best resources for hydrocarbons.
IN TECHNOLOGY, SCIENCE AND MATH INITIATIVES? We have the only platinum and palladium in the Western
My wife Nancy and I are scientists, and we want more Hemisphere. We have copper, silver and gold. When you
young people to study science and math. She and I were are trying to map the earth’s strata, it’s three-dimensional.
talking about the channel that sent us into science: It wasn’t Montana is the size of New York, Pennsylvania, Ohio and
in college or even high school; it was fourth or fifth grade. three of those other little states combined, so you have a
large area to map geologically. The supercomputer can help and people who had committed no crime, who were sim-
us with that. ply German immigrants or who spoke German, or those
It can help us when we are injecting CO2 8,000 to 10,000 who were critical of the war effort were rounded up and
feet deep into these geologic structures to geologically put in jail.
store it so we can measure the pressure at 10,000 feet, 5,000 This card, simply stated, would have allowed the federal
feet, 4,000 feet. It can help us as we attract bioengineering government — in a digital way — to follow every place you
to Montana. come and go. When you get on a plane, it would have stored
Everybody gets an opportunity to rent a little space on that information forever so that everyone would know where
that supercomputer. This isn’t just for scientists working you went, how you got there and how you got home. That
in a laboratory, but also for applied research and science isn’t the way you treat free citizens — and in Montana we
across Montana. It gives an opportunity to the 950,000 value freedom above anything else.
AND FIRST LADY NANCY
SCHWEITZER BOTH HAVE
BACKGROUNDS IN SCIENCE.
GOV. BRIAN SCHWEITZER, SHOWN
HERE TOURING A MONTANA COAL
MINE, ADVOCATES DEVELOPMENT
OF CLEAN COAL TECHNOLOGY.
people of Montana to share the supercomputer. Businesses A NEW BILL, PASS ID, IS WORKING ITS WAY THROUGH CONGRESS.
large and small can rent a space on that computer and help SOME CALL THIS JUST A REBRANDED OR WATERED-DOWN REAL
their business grow. ID ACT. WHAT DO YOU THINK?
The devil will be in the details. If Pass ID will allow
MONTANA WAS AMONG THE FIRST STATES TO OPENLY OPPOSE Montana residents to cross the border into Canada without
AND EVENTUALLY OPT OUT OF PARTICIPATION IN THE REAL a passport, that would be OK. If the federal government has
ID ACT. WHY? no capability of collecting digital information of private
There are several reasons. They told us the reason every- citizens’ travel or how many times they went to a federal
one in America has to carry a card that’s standardized is so courthouse, that would be OK. So we’ll wait and see what
that we can stop another 9/11 from occurring. But we know the rules are. If it’s helping citizens through a common iden-
that virtually every one of those hijackers and the other tification system without infringing on their civil liberties,
terrorists we’ve caught would have qualified to have this we can support that. ¨
so-called Real ID.
Second, while the federal government isn’t bad, we
know it has abused individual civil rights before. We
know that during World War I, it passed the Sedition Act,
IT Fraud IT fraud in government can be costly.
Here are five ways CIOs can prevent
and control the problem.
BY ALYSSA G. MARTIN | WEAVER AND TIDWELL
water department cashier extracts residents’ personal information from a
database and then sells that data. A municipal court employee improperly
accesses the system to alter values for citations issued.
Everyday reliance on technology makes it possible for so many fraudulent
schemes to unfold. The Computer Security Institute (CSI), an educational
organization for information security professionals, conducted its 13th Annual
Computer Crime and Security Survey in 2008. The survey found that financial
fraud ranked as the costliest type of IT incident, with an average reported cost of
$500,000 per incident.
In its 2008 Report to the Nation on Occupational Fraud and Abuse, the Association of
Certified Fraud Examiners (ACFE), a national society of fraud investigation profession-
als, reported that government organizations were the victims in 18 percent of 959 fraud
cases its members investigated between February 2006 and January 2008.
Technology presents many opportunities for fraud. Fortunately it also offers many
capabilities for combating these crimes. In a preventative role, technology enforces
defined segregations of duties. It restricts IT access and limits functions individuals
Technology also helps officials more promptly detect and respond to potential inci-
dents. The ACFE reports that a typical fraud scheme goes undetected for two years. As
a result, much is lost and never recovered. Continuous monitoring technology, however,
alerts managers whenever any suspicious IT-related activity occurs, thereby limiting the
IT systems deployed in public-sector entities vary monitors provisioning within Windows server systems.
immensely, but the following universal concepts aid in AS 400, IBM and other server platforms incorporate simi-
addressing and combating technology-related fraud. lar oversight through the distribution of access.
When someone attempts to sign on for any IT function,
GENERAL FRAUD PREVENTION CONTROLS access is granted or denied, based on the login, password
By continually emphasizing the importance of ethical and user provision information in the IT directory.
behavior, public officials create an internal culture that values
maintaining trust and safeguarding public assets. That culture 2. CHANGE MANAGEMENT
sustains all fraud prevention concepts and controls. Public To commit fraud, someone may install unauthorized
CIOs can control and prevent IT fraud in the following ways: software or make unapproved changes to an existing net-
work component, essentially compromising or disabling
1. LOGICAL SECURITY security settings.
How easily can an individual gain unauthorized IT access Sound change management policies must direct any
to manipulate or extract data? Logical security measures IT installations or modifications. File integrity agents
address that concern. detect all file changes, and not just recent modifica-
Firewalls and software for blocking spyware and viruses tions. Regularly comparing those findings to an autho-
provide network perimeter security against common rized change log helps administrators more easily detect
external attacks. Virtual private networks (VPN) and improper alterations.
various whitelist approaches that allow only authorized
applications to run on any hardware provide additional 3. DATABASE ADMINISTRATION
malware defense. Databases house crucial information that can lead to
Within the network, authorization and authentication immense losses when altered or stolen. Database admin-
policies that go beyond standard login/password practices istration controls define and enforce individual action,
provide greater security for crucial files and applications. object and constraint rights.
Passwords and logins should require regularly updated An action includes insert, read, modify or delete
alphanumeric and special character combinations that responsibilities. Granting authorization only for work-
cannot be easily guessed. required actions could deter a state transportation
department’s regional supervisor from inserting a record
for a nonexistent vendor.
VARIOUS METHODS OF DATA ENCRYPTION ASSURE Object limitations restrict the types of database records
THAT CRUCIAL INFORMATION REMAINS IN AN someone can access. With object restrictions, a public
hospital administrator, for example, could not access
UNUSABLE FORMAT IF ACCESS CONTROLS FAIL. individual patients’ records.
Constraint restrictions assign limitations for authorized
Personal authentication practices provide an additional actions. Based on assigned constraints, a public utility
layer of protection. Authentication measures include chal- employee would face dollar restrictions in crediting a resi-
lenge questions, smart cards or portable electronic tokens dent’s account.
that store a PIN, digital signatures, fingerprints or other
form of unique identification information. That information 4. DATA STORAGE
transmits to a desktop PC, laptop or mobile device via a card Where does critical data reside? Is it on a workstation or
reader, RFID, USB port or Bluetooth wireless technology. laptop hard drive, a secure or unprotected server, within a
User provisions define what IT access rights individu- data warehouse or in an offsite repository?
als need to perform work-related duties. Those provisions Data storage considerations must reflect the data’s
encompass specific application functions and modules, nature, with more crucial information requiring more
and enable organizations to enforce defined segregations secure storage and tighter access restrictions. Police 911
of duties as they relate to IT needs. calls and ambulance response reports should reside on a
IT directories maintain employee groupings and IT secure file server in a searchable directory.
access levels granted to each individual, based on assigned A register of deeds office may hold thousands of build-
user provisions. Microsoft’s Active Directory manages and ing permit files. A secure data warehouse may be the best
location for those records. Data that needs to be archived, Various methods of detecting inappropriate or unexpected
such as death certificates from past decades, should reside activity exist. Exception reports identify data anomalies or
in an offsite storage repository. Nonpublic information changes to protected data. Data analysis compares data sets
that isn’t needed for future purposes should be properly to identify transactions — based on rules — that indicate
disposed of to alleviate data security concerns. incongruent or inappropriate activity.
5. DATA ENCRYPTION SEGREGATION OF DUTIES IS A CRUCIAL FRAUD
Various methods of data encryption assure that crucial
information remains in an unusable format if access con- PREVENTION CONCEPT. A CIO OR CHIEF
trols fail. For online transmissions, secure sockets layer INFORMATION SECURITY OFFICER MUST ALIGN
(SSL) encryption is commonly used to keep intercepted data
from being read. ACCESS RESTRICTIONS WITH SEGREGATED
Within the network, data encryption technologies let- WORK ROLES AND RESPONSIBILITIES.
managers protect vital information while retaining common
file management practices. Data encryption, for example, Newer technologies also incorporate instant detection and
secures driver’s license numbers while maintaining the notification capabilities. Database activity monitors (DAM),
metadata and existing file system view. for example, continuously oversee all database activity and
Such general IT controls provide a first line of defense issue alerts whenever uncommon or improper activity occurs.
against fraud and are supplemented by automated detec- Security information and event management (SIEM) sys-
tive systems that immediately call out or suspend ques- tems also automatically send notifications whenever unusual
tionable IT-related activities. transactions, security infractions or other suspicious activi-
ties happen. That SIEM oversight may cover a lone applica-
THE POWER OF SEGREGATION tion or numerous programs, as well as other IT components.
Segregation of duties is a crucial fraud prevention con- Administrator-defined business rules and standards of
cept. A CIO or chief information security officer must normal IT activity determine when DAM or SIEM systems
align IT access restrictions with segregated work roles and provide alerts. An alert may occur when someone spends
responsibilities. This allows managers to most effectively too much time viewing a read-only file containing stu-
deploy application controls and other automated, preventive dents’ Social Security numbers. Managers may also get
measures. alerts when the monthly volume of closed traffic citations
User provisions provide the foundation for establishing exceeds normal averages, or when a public safety officer’s
and enforcing segregation of duties within IT systems. The work shift hours exceed the legally allowed limit.
user provision incorporates the least privilege concept, Screenshot files and audit trail features document activity
which restricts a person’s IT access rights to components sequences. Some systems also immediately suspend user
required for defined, segregated duties. activity whenever suspicious actions unfold. Such imme-
IT directories maintain employee groupings and each diate detection eliminates the costly time lags and other
individual’s IT granted access levels. When someone logs potential difficulties associated with manually evaluating
on to any IT element, access is granted or denied, based on IT logs to detect anomalies or exceptions.
login, password and user provision information.
In conjunction with the IT directories, user provisions MAINTAINING CONTINUAL VIGILANCE
automatically ensure that segregation of duties remains in The public sector faces constant internal change in per-
place for all processes requiring IT access. sonnel, processes and the IT systems it uses. Keeping pace
with such change and providing optimal fraud protection
DAM: GOOD DETECTION requires continual vigilance.
Even with the best preventive measures, individuals may Sustaining that vigilance takes money and time, but those
still find ways to commit fraud. Preventive IT controls cumulative costs are generally less than the expenses associ-
can’t fully protect against collusion. Someone may misuse ated with just one fraud discovery incident. The resources com-
granted authorization or share access information, while mitted to preventing and detecting fraud function as a form of
another individual may devise means to circumvent pre- insurance, a form of insurance that saves significant potential
ventative controls. taxpayer expense and provides immediate peace of mind. ¨
IS LAYING THE
BY G R E G D E B O R A N D R O B E R T WA H | C S C
O ver the next five to seven years, major federal health-care
initiatives will offer new and significant industry direc-
tion and funding for health IT investment.
STATES MUST ACT QUICKLY
Providers, the federal government and the states are coming
together, in many cases for the first time, as a result of health
The American Recovery and Reinvestment Act will pump IT efforts — specifically about health information exchange
billions of dollars into health IT through the act’s Health (HIE). The federal Office of the National Coordinator for
Information Technology for Electronic and Clinical Health Health Information Technology issued a request for proposals
(HITECH) provisions. These provisions offer an estimated in August 2009 for states, territories and nonprofit organiza-
$2 billion in seed funding and $45 billion in incentives for tions to participate in the State Health Information Exchange
the “meaningful use” Cooperative Agreement Program. All eligible states and ter-
of electronic health ritories applied for funds in October 2009 and received pre-
records (EHRs), as liminary budget determinations ranging from approximately
defined in recent reg- $4 million to $40 million in federal funds over the next four
ulations proposed by federal fiscal years (through October 2013).
the U.S. Department States will use these funds to plan and implement exchange
of Health and Human capabilities designed to enable EHR systems in provider
Services, payable organizations, and state and federal agencies, so they are
through the Centers for interoperable and share data for specific purposes. HIE funds
Medicare and Medicaid are essentially a down payment on providers earning their
Services (CMS). portion of the larger CMS incentives. In fact, HIE funding
At the same time, represents the first small wave of health IT investment that’s
major health-reform legislation at the federal level relies expected over the coming years — to be followed by a larger
on health IT to implement payment reforms, new capabili- investment in EHRs and, finally, an even larger wave of invest-
ties and cost savings. Although many aspects of the reform ment in a fully wired and reformed health economy that would
debate and federal regulations for health IT adoption remain be capable of providing population health analysis, manage-
unresolved, there seems to be one issue that all participants ment and decision support.
and policymakers — from government to employers, health The new responsibilities require states to have high levels of
plans, providers and consumers — tend to agree on: Health organization, expertise and support, but states are currently all
IT is a foundational and essential element of health-care over the map in their plans for HIE. Some, like New York, have
reform. been investing in their own for years. Others have been plan-
ning for investment, but their plans may not be aligned with
HISTORIC OPPORTUNITY the federal guidelines detailed in the national coordinator for
Guided by this new federal policy push and its associated health IT’s RFP The majority, however, have only begun plan-
funding, health IT investment over the next few years will ning as a result of the RFP and are now crafting an approach
likely have three main focal points: for investment, implementation and operation that takes
Health-care providers will use federal impetus and funding into account the five areas of concentration directed by the
to move their business plans and agendas forward. Recovery national coordinator for health IT: governance, finance, tech-
Act funds are significant, but only available for a short time nical infrastructure, business and technical operations, and
and will have the desired effect of getting the private sector to legal/policy. The states are encouraged to incorporate public-
begin moving toward adopting health IT. private investment and representation into their plans and to
Federal agencies will look to use broader IT capabilities in “leverage existing regional and state level efforts and resources
health care to streamline processing and payment of benefits that can advance HIE,” including regional health information
— and to track the nation’s health and improve health out- organizations and their Medicaid Management Information
comes through programs and policy. Systems infrastructure.
States and territories will provide an important multiplier To continue to qualify for HITECH implementation fund-
effect for federal efforts and a critical concentration point for ing, states have three to eight months to complete their plans,
providers seeking assistance and connection to federal efforts. depending on where they are in the process. They have heavy
incentives to move quickly because funds are only available commercial policies purchased through the connector have
for four years and state-matching requirements increase used its Web site, www.mahealthconnector.org. Many states
annually under the federal program. In fact, there is no match- are looking to create similar portals to expand coverage, and
ing requirement in year one (the current federal fiscal year). the connector’s self-service capabilities can serve as a model
State HIE plans must include an approach to becoming fully for keeping educational and support costs associated with
self-sustaining by year five. coverage expansion as low as possible.
Finally Europe may provide further lessons for the U.S. in
LOOKING TO MASSACHUSETTS AND EUROPE FOR GUIDANCE using health IT to improve quality and outcomes for patients,
At least one state, Massachusetts, already has a self-sus- while simultaneously lowering costs. Although Europe’s
taining HIE model as a result of a public-private partnership efforts are far smaller than what will be required in the U.S.,
known as the New England they are comparable in size to
Healthcare Exchange Network state-level efforts and often
(NEHEN), which was created THE FIVE HEALTH INFORMATION have encountered many of
in 1997. The network is funded the same challenges and risks
by large and small private-sec- TECHNOLOGY CONCENTRATION associated with interoperabil-
tor providers in Massachusetts AREAS AS DIRECTED BY THE ity, privacy and sustainabil-
and Rhode Island, commer- ity. In particular, efforts under
cial health plans, and the NATIONAL COORDINATOR ARE: way or completed in the UK,
Massachusetts government. 1. GOVERNANCE 2. FINANCE Denmark and the Netherlands
NEHEN is standards-based represent successful, complex
and includes administrative 3. TECHNICAL INFRASTRUCTURE projects that are showing posi-
and payment processing and 4. BUSINESS AND TECHNICAL tive results.They can provide
clinical information exchange lessons for how the U.S. feder-
functions, such as e-prescrib- OPERATIONS AND 5. LEGAL/POLICY al government and states can
ing, laboratory results retriev- undertake HIE and health IT
al and sharing clinical sum- planning and implementation,
maries. The inclusion of administrative functionality with as well as offer guidance on technical and policy issues on
a demonstrable cost-saving, efficiency-oriented business sensitive topics likely to be encountered along the way, such
case has been key to its sustainability, along with a tiered as privacy, security or patient identification.
subscription fee model as its core financing mechanism. At
times, NEHEN has used federal, state and private-sector DRIVING HEALTH INFORMATION TECHNOLOGY ADVANCEMENT
grants to augment its participant-based fees, but it doesn’t The HIE is a critical component of achieving the wide-
rely on such sources and has operated for more than 12 spread and meaningful use of health IT and attracting
years by providing real business value to its stakeholders. federal funding for EHRs. The federal government, through
NEHEN participants claim that the HIE has lowered their the Office of the National Coordinator for Health Information
cost for some interactions anywhere from dollars to pennies Technology, is funding HIE and EHR adoption to a much
per transaction. greater extent than in the past. The caveat is that states
Beyond HIE, Massachusetts also offers lessons learned for must demonstrate that the federal investment will be well
implementing state-level tools for providing affordable, uni- managed for the benefit of patients and taxpayers.
versal health insurance. The Massachusetts Commonwealth Planning for HIE or EHR adoption may at first look
Health Insurance connector is the nation’s first and only daunting for states, but it is, in fact, achievable — lessons
example of the type of exchange or gateway for purchasing exist in U.S. and European case studies. At this exciting
insurance that has been part of national health-care reform time, states, health-care providers and other stakeholders
proposals. Massachusetts created the Connector as part of in the health economy must work together in a public-
its landmark universal coverage law in 2006 and established private partnership to make the most of these lessons to
an interactive Web site that educates consumers on state find new ways to use health IT to improve care, lower costs
law. It also lets them browse and purchase affordable health and save lives. ¨
insurance online. Coverage in Massachusetts has increased
from approximately 94 to 97 percent, and the majority of
Calling all readers to join the discussion as experts dispatch witty
observations and tackle the tough C-level issues. Converse with like-minded
views, or agree to disagree. We look forward to the debate!
Chief Information Security Officer
FastGov: CA Office of Information Security
blogs on the latest rumors
Paul W. Taylor and news in the government
Chief Strategy Officer cybersecurity arena.
Center for Digital Government
blogs on the continuing
campaign for government
Notes from Infrastructure:
a City CIO: Dan Lohrmann
Bill Schrier Chief Technology Officer
Chief Technology Officer Michigan
City of Seattle blogs on the virtual tsunami
blogs on making technology of IT challenges and options
work for city government. government faces today.
We want to hear your viewpoints! public-cio.com
CHECKUPIN MASSIVE INFORMATION
R U S S E L L N I C H O L S | S TA F F W R I T E R
As hospitals switch to the latest disease diagnosis and
procedure codes, industry observers say the technical and
economic impact to the U.S. government and health-care
TECHNOLOGY TRANSITION, community, could eclipse the much-hyped system upgrades
at the turn of the century.
U.S. HEALTH-CARE SYSTEM HAS “It’s going to affect anybody who touches the health-care
LESS THAN FOUR YEARS TO system,” Cleland said. “If not done correctly, this change
has the potential to be even more painful than anything in
UPGRADE DISEASE DIAGNOSIS the health-care debate that’s going on.”
For decades, U.S. medical organizations have used ICD-9,
CODE SETS. the ninth revision of the code sets. But ICD-9, developed in
the 1970s, is showing its age: With fewer than 20,000 codes,
the system struggles to accommodate modern medical
T hey say it’s a bigger deal than the Y2K bug — not so
much in terms of mass hysteria, but in scope.
In 2013, the United States will upgrade to the latest ver-
practices and new technology. The latest version, ICD-10,
offers more than 155,000 codes, reflecting advances in dis-
ease detection, genetic research and connecting the country
sion of the International Classification of Diseases (ICD) to a global medical communication network.
system — the standard diagnostic taxonomy by the World For many state and local health providers, the prospect
Health Organization — a move that represents “the largest of upgrading an entire system is a real pain. But there’s no
health-care systems modernization effort in history,” said choice — the deadline for compliance is Oct. 1, 2013. These
Bartlett Cleland, senior policy director at TechAmerica, a organizations must also implement the Health Insurance
technology industry association. Portability and Accountability Act (HIPAA) 5010 elec-
tronic transactions standards by Jan. 1, 2012, an updated quality and effective delivery of patient care.” The CSC
version that improves health-care transactions and accom- report also claimed that only two-thirds of hospitals have
modates ICD-10 code sets. taken the first step: identifying system gaps to meet the
requirements for meaningful use.
A PAINFUL PROCEDURE
In the global ICD-10 adoption race, the U.S. could use a A PLANNING PROCESS
booster shot. The new code set was completed in the early The Medical Group Management Association estimates
1990s. About 100 other countries, such as the UK, Sweden and that the average cost of upgrading to ICD-10 for a three-
Canada have already introduced ICD-10 editions. physician practice will be $84,000.
Of course, the U.S. health-care system is complicated. To make the transition easier for states, the Centers for
But with the constraints of ICD-9, the U.S. can’t as easily Medicare and Medicaid Services (CMS) developed an ICD-
compare health-service records with other countries. 10 training package that includes 12 training segments to
Take asthma, for example. ICD-9 has two ways to clas- assist with implementation.
sify asthma: intrinsic and extrinsic. But ICD-10 classifies For instance, the CMS recommends that as a first step,
asthma as mild, moderate and severe. With a system that states conduct a business and technical assessment of the
more precisely diagnoses diseases, patients can receive entire agency. It also examines the benefits of ICD-10 and
more accurate treatments and physicians can better com- emphasizes the value of creating a team of trained experts
pare data for clinical, research and payment purposes. to lead strategy and project teams. In addition, experts
Unfortunately no software exists that can precisely say, looking at the system transition solely as an IT issue
upgrade ICD-9 codes with the click of a button, which won’t work.
means the transition will require a “massive wave of sys- “You have to approach it from a statewide perspective,”
tem reviews, new medical coding or extensive updates to said Brian Erdahl, Deloitte’s principal in the public-sector
existing software, and changes to many system interfac- practice and leader of the state health IT practice. “Not
es,” according to ICD-10: Turning Regulatory Compliance just the technical impacts, but also the business impacts.
into Strategic Advantage, a paper from the Deloitte If you don’t look at it broadly enough, it will cost you sig-
Center for Health Solutions, the health services research nificant heartburn down the road.”
arm of Deloitte. Even though the United States is years behind other
ICD-10 is divided into two major parts: ICD-10-CM countries in adopting ICD-10, Cleland said, the delay gave
classifies diseases and ICD-10-PCS contains procedure industry analysts time to see what practices did or didn’t
codes. “Because of the complex structure of ICD-10 work rather than leaping blindly. “At the end of the day,
codes, implementing and testing the changes in [electronic it obviously affects the patients,” Cleland said, “and we
medical records], billing systems, reporting packages, and don’t want them to be the guinea pigs.”
decision and analytical systems will require more effort
than simply testing data fields,” the paper states, “it will A PATIENT PRIORITY
involve installing new code sets, training coders, remap- The biggest difference between the ICD-10 transition
ping interfaces and re-creating reports/extracts used by all and Y2K, Cleland said, is that nobody seems to be talking
constituents who access diagnosis codes.” about ICD-10.
The move will affect providers, health plans, claims He attributes that mostly to a lack of public awareness,
clearinghouses, technology vendors and more, and Deloitte although “it affects something intimate and private to all
noted that it has the potential to spur innovation and pro- of us.” Pushing back the deadline, he added, won’t help
duce a gigantic wave of IT spending. industry professionals make it a priority.
This transition comes as hospitals are increasingly push- TechAmerica has been working to help spread knowl-
ing use of electronic health records systems — from 10 per- edge and lend support on the issue from a technology
cent in 2009 to 55 percent by 2014, according to Computer standpoint. In publicizing the ICD-10 transition, Cleland
Sciences Corp. (CSC). Despite growing activity, however, said, the group is trying to find a balance between stress-
hospitals still have a long way to go. A survey released ing its importance while minimizing fear.
in January by CSC revealed that “U.S. hospitals are only “Y2K had the potential to be a disaster and it wasn’t,”
halfway to qualifying for government incentive payments Cleland said. “We don’t want a Y2K-esque fear around
aimed at controlling health-care costs while improving the this. We just want it to work.” ¨
BY LY N N R E Y E S , I B M
“IT’S A NEW WORLD.” Or, “we’re in a new normal.” These are
INSIGHTS FROM increasingly common phrases, but certainly palpable in the
THE GLOBAL wake of the financial crisis, which is now a global economic
slowdown. What’s clear is that the nature of change has not
CHIEF INFORMATION only become more complex and intertwined — it has acceler-
ated. But it’s more than the events of the past year; the world
OFFICER STUDY. has been rapidly evolving, with cultural and demographic
shifts and technological advances that have raised expecta-
tions for creating value.
Many governments around the world are in the middle of
this and are facing more complex decisions and tremendous
transformation and service delivery challenges. Information,
communications and technology are crucial to both. And with
heightened expectations for greater visibility, transparency
and accountability, the stakes are high.
Public CIOs are at a critical stage in the evolution of their areas to apply information and technology in innova-
role. On one hand, they’ve never been more central to govern- tive ways that address complex public challenges and
ments’ plans to modernize and transform. There’s growing deliver results.
recognition by politicians and public-sector leaders that 2. Improving the value on IT investment. Government CIOs will
better use of information, communications and technology is need to enable better use of information for decision-
central to making it happen. making, communicating more effectively and delivering
On the other hand, it’s unclear if government CIOs results, while increasing efficiency.
have the full confidence of citizens or their management 3. Expanding the impact of IT on programs and missions beyond
colleagues to deliver on these heightened expectations. the IT function, so that a professional IT function is work-
Politicians and colleagues don’t always appreciate the ing with colleagues on programs that not only transform
complexity of driving IT change through complex pub- the agency, but also government as a whole.
lic organizations. Government IT projects that fail to The survey found some encouraging results. Government
deliver or suffer cost overruns are highlighted in the CIOs reported that they are actively represented at senior
press. Public CIOs fear budget cuts at a time when invest- management levels in developing and presenting strategy.
ment in information, communications and technology is This was even higher at state and local government levels,
needed most to deliver efficiencies across the public sec- perhaps because they are closer to the delivery of services
tor while accelerating progress toward desired program to citizens. They also reported a strong interest in innova-
and mission results. tive technologies, such as virtualization, mobility solutions
22 % OF GOVERNMENT CIOs IN ALL JURISDICTIONS SAID PROGRAM AREAS VIEW
INFORMATION TECHNOLOGY AS A CRITICAL ENABLER OF THE AGENCY
MISSIONS AND BUSINESS VISIONS.
In short, with IT increasingly recognized as government’s
“central nervous system,” CIOs have an opportunity to
and collaborative solutions, and were keen to drive innova-
tion across the organization. In all these areas, the results
establish themselves at the heart of government. But they for government CIOs were noticeably higher than their
must choose to do so, while delivering quickly and well to private-sector counterparts. It may be that government has
program/mission colleagues and partners — or they face lagged behind the private sector in this area and what we
the prospect of budget cuts and a downward spiral, strug- might be seeing is an acceleration of government’s own IT
gling to meet demands for basic services. revolution in light of the “new normal.”
IBM carried out a comprehensive global survey of the However, the survey also points to areas where govern-
CIO’s role, conducting face-to-face interviews with 287 ment CIOs must improve their performance. Above all,
government CIOs from 48 countries, as part of a cross-
industry survey of more than 2,500 CIOs. Sixty-one of
those government CIOs were from the U.S., cutting across
federal, state and local jurisdictions. (This article focuses
on the findings for government CIOs in the U.S.) The sur-
A CROSS-INDUSTRY SURVEY OF MORE
vey identified the key goals for CIOs and their organiza- THAN 2,500 CIOs FOUND THAT ONLY
tions in the years ahead; the roles that CIOs will need to
fulfill to achieve them; what many government CIOs are
24 PERCENT OF FEDERAL GOVERNMENT
doing to adapt to these roles compared with their private- CIOs REPORTED THEY HAD A STRONG AND
sector counterparts; and a point of view on what this might
mean for government CIOs in the future.
EFFECTIVE DATA GOVERNANCE MODEL IN
Government CIOs need to deliver on three key goals: PLACE; 26 PERCENT OF STATE AND
1. Making innovation real. Achieving this goal is more
likely when mission and public outcomes are aligned.
LOCAL GOVERNMENT CIOs RESPONDED
CIOs will need to work with program and mission THE SAME.
54 % OF PRIVATE-SECTOR CIOs SEE BUSINESS MODEL CHANGES AS ONE
OF THEIR GREATEST CHALLENGES, COMPARED TO ONLY 38% IN THE
FEDERAL GOVERNMENT AND 50% IN STATE AND LOCAL GOVERNMENT.
they need to turn their visionary plans into capabilities HOW THE BUSINESS LOOKS AT THE ROLE
that help their agencies deliver results, accelerate progress
toward public outcomes and improve financial perfor-
OF INFORMATION TECHNOLOGY
mance for the public sector — closing the gap between the
expectations of politicians and citizens, the aspirations of
CIOs, and actual results. For all government organizations, Critical enabler
of the mission
there’s a long way to go before the potential of IT is real-
ized. To achieve this, CIOs need to: vision
1. Expand their impact at senior levels, so they can secure the 18%
resources needed for the right IT investments with the Provider of
right commitments from senior management to sponsor
joint action that will speed up implementation. While
to support the
CIOs report that they are invited to participate in setting
strategy, it’s not clear as to what degree they influence the
business agenda. of organizational 17%
2. Tackle public-sector barriers to change. Many CIOs expressed
efficiencies 23% 43%
interest in innovative solutions, but referred to difficulties
in implementing in government. They must identify these 40%
Provider of core
constraints, help their program/policy colleagues and
public officials better understand them, and work with
them and external partners in challenging and overcoming
barriers. CIOs also will need to consider radical approach- U.S. Federal Government
es and innovative solutions, including new business and U.S. State and Local Government
operating models. The private sector has been more active Private Sector
here: 54 percent of private-sector CIOs see business model
changes as one of their greatest challenges, compared with ing that it’s reliable and secure (e.g., through effective data
only 38 percent in the federal government. However, that governance). Only 24 percent of federal CIOs reported that
figure rose to 50 percent in state and local government. they had a strong and effective data governance model in
Government CIOs must challenge why they cannot imple- place, and 26 percent of state and local CIOs said the same.
ment these changes in their organizations. Many CIOs reported that they were overwhelmed with
3. Get the basics right. In particular, they need to make the the routine demands of delivering an IT service. Only by
appropriate data readily available and useful while ensur- improving the efficient delivery and productivity of these
services (e.g., through standardization or centralization)
can time be freed up for CIOs to spend on the more strategic
elements of the role.
PUBLIC OFFICIALS AND GOVERNMENT 4. Demonstrate how they can deliver improved public value and con-
LEADERS ARE SEEKING A NEW BREED OF tribute meaningfully to outcomes through better use of
information. There are many excellent examples where
CIO — THEY ARE EXPECTED TO RESOLVE government organizations have delivered services using
TENSIONS BETWEEN THREE PAIRS OF new channels or increased transparency by sharing infor-
mation with citizens. And CIOs are enthusiastic about
COMPLEMENTARY ROLES: INSIGHTFUL innovating in government. But there’s much progress still to
VISIONARY AND ABLE PRAGMATIST; SAVVY be made. CIOs will need to overcome public-sector culture
and processes that focus on lowest cost rather than best
VALUE CREATOR AND RELENTLESS COST value in public procurements. It’s also particularly difficult
CUTTER; AND COLLABORATIVE BUSINESS to get support for projects where value is created across
organizational (and budgetary) boundaries. The key ingre-
LEADER AND INSPIRING INFORMATION dient for both scenarios: outcomes, especially as CIOs make
TECHNOLOGY MANAGER. design choices that optimize value and cost.
Lead ing the Way to
Ne w OpportunITies
Join state, federal and local CIOs for the 2010 NASCIO Midyear Conference. NASCIO conference attendees include the
highest-profile government and corporate technology experts in the nation. In addition to state, federal and local CIOs,
and our corporate partners, past NASCIO conference attendees have included governors, state and federal legislators, and
other elected and appointed officials.
NASCIO is the premier network and resource for state chief information officers and an effective advocate for
information technology policies at all levels of government.
Register now at www.nascio.org.
WITH THE FOCUS ON VISIBILITY, TRANSPARENCY AND ACCOUNTABILITY, THE GOVERNMENT
CIO’s ROLE HAS BECOME BROADER, MORE VISIBLE AND INCREASINGLY INFLUENTIAL.
5. Learn from and work with private-sector colleagues on how to
increase the visibility and accountability for IT costs.
HOW INFORMATION TECHNOLOGY IS MEASURED:
Despite pressures on IT spending and budgets, government TOP PERFORMANCE CRITERIA IN 2009
CIOs aren’t measured by their colleagues on cost-effective-
ness as much as their private-sector counterparts are (only 52%
19 percent of federal government CIOs and 33 percent of 56%
state and local CIOs mentioned cost-effectiveness as among
the top three performance criteria vs. 44 percent in the pri- Execution
vate sector). Government CIOs must more effectively plan
and manage IT in year and in life cycle, which will widen Aligning
understanding of and accountability for IT costs and drive & IT 33%
6. Build an IT department with the skills needed for the future. This Budget 18% 27%
includes technical skills in IT, but also expertise in key
areas like innovation, program management, project
delivery and an intelligent customer relationship function
to optimize value from external partners.
The study focuses on the opportunities and challenges Support 26 28%
facing the government CIO. But there are important mes- Stability
sages too for senior public-sector managers and public
officials. Program and business managers need to actively
Management 14% 33%
drive what’s needed from information and technology. To 12% U.S. Federal Government
do so, they need an appreciation of what IT can deliver.
U.S. State and Local Government
Too many managers and officials still perceive IT narrowly
as an overhead — as a “provider of core technology ser-
vices” — rather than a creator of value (43 percent in federal
government and 40 percent in state and local government). was “project execution” — ranking above aligning business
Hence, CIOs also said the top performance criteria for IT and IT, budget control and cost-effectiveness. But what was
also encouraging was that, similar to the private sector, 22
percent of government CIOs in all jurisdictions said program
EXTENT TO WHICH CIOS BELIEVE A STRONG areas also are seeing IT as a critical enabler of the mission
DATA GOVERNANCE MODEL IS IN PLACE and business vision. Colleagues across the organization need
to help CIOs address the constraints that too often hinder
the realization of IT’s potential value to government and the
citizenry. Public officials can help address structural issues
through the legislative and budget processes.
CIOs have an excellent opportunity to propel the transfor-
mation needed and expected of government. Above all, pro-
gram, mission and business colleagues, public officials, CIOs,
and the IT community must develop more productive and
U.S. State and Local
constructive working relationships — working together to
understand and ultimately overcome the constraints that his-
torically held back the rapid implementation and application
of IT that’s now expected. Indeed, flexibility and collabora-
U.S. Federal Government
tion are key to accelerating progress and getting things done.
With the “new normal” upon us all, the time to act is now.
The complete CIO study can be found at www.ibm.com/
Get ahead with our enterprise perspective on IT governance and leadership
strategies for public sector CIOs and C-level executives.
A FREE Bi-weekly eNewsletter
4 News & Best Practices
4 Thought-Leadership Editorial
4 Newsmaker Videos
4 CIO Job Listing
4 CIO Blogs
Subscribe today! www.public-cio.com
Follow us on: www.twitter.com/publiccio
[ GUEST COLUMN ]
Cloud BY KEVIN MERRITT
Economics 101 need for file downloads. A common user
interface needs to provide accessible data
sorting, searching and filtering capa-
bilities, as well as community features
The government is about to open up vast data stores for for commenting, rating and discussing.
public consumption. It should be done in the cloud, says Furthermore, users should be able to
one industry expert. share data easily with other citizens.
But how do we do that without addi-
tional funds? From a fiscal perspec-
N OW IS NOT THE TIME to take
on large capital expenditures.
Yet with the federal govern-
ment and an ever-growing number of
states, counties and cities focused on
made available to the public at large
is just that — public — so it doesn’t
require the level of security needed for
CIOs face three key challenges as the
tive, cloud computing provides CIOs
with the flexibility to make data avail-
able in numerous formats that are both
machine-readable and accessible via
a simple Web browser at a significant
making more data available online, pent-up demand for government data cost savings. Cloud computing allows
the challenge is daunting for CIOs. The reaches its apex: for a pay-per-use model that can be
federal government alone has more • Political: From President Obama to scaled as site traffic increases. Cost
than 24,000 Web sites, many of which our nation’s governors and mayors, savings can be as much as 50 percent
host data. there’s a commitment to open com- compared to the current “post-it-and-
Government transparency isn’t a munication, transparency and civic forget-it” model on many public data
trend that’s going away anytime soon. participation. sites. When compared with creating
CIOs will continue to be measured • Technological: Most government data and maintaining a custom data store,
by their ability to make public data sets are not in a format for consump- government CIOs can expect to save on
available to the masses. As we recently tion by nongovernment audiences. server infrastructure and maintenance,
commemorated the 40th anniversary • Economic: Now is not the time to ask bandwidth, storage, software develop-
of Woodstock, we remember that for for more money. ment and maintenance, support staff,
many the answer was “blowin’ in the The true measure of success for the and training.
wind.” Today for CIOs and CTOs, myriad government transparency and The technical and fiscal resources
the answer to reduced budgets and data projects will be governments’ abil- required to address the three key chal-
increased expectations may be living ity to make the data usable and share- lenges of a government data site project
in the cloud. able for a wide range of audiences, from are massive. CIOs must look outside
Cloud computing will allow CIOs scientists to statisticians to entrepre- their organizations for solutions that
to pay for what they use and combine neurs to everyday citizens. enable them to meet the new demands
purchasing power across agencies, The first generation of government set by their president, governor or
states, towns, cities or counties. And data Web sites has merely focused on mayor. With unreasonable deadlines
it still allows governments to control posting downloadable files in arcane and massive amounts of data to upload,
their data, monitor and measure the formats. The data is difficult for end- it’s time to look for a new way of doing
data’s use, and deliver on promises of users to find and download. For the government business.
government transparency. Many may government entity, the data is expensive Cloud computing has enabled the
argue — fallaciously — that cloud to store and data usage difficult to track private sector to launch huge data
computing is not secure. However, and analyze. stores known as Google, Amazon.com
these arguments largely focus on pri- Now is the time to transform the way and Facebook. American citizens will
vate information, whether it be per- governments of all levels make data require the same ease of use and func-
sonally identifiable or classified data. available to the masses. Governments tionality from government sites.
The cloud actually lets the government should implement solutions that enable It seems rather clear that the answer
better monitor the use of public data. technical and nontechnical audiences to is in the clouds. ¨
Also, let’s remember the data being interact with data online, without the
C O N T I N U E D F R O M P A G E 14
in earthquake country atop a fault zone — two other data
centers outside the geographical location will have a live
version of the city’s data that can be quickly retrieved in
case of emergency. The ITA didn’t have the means for such
robust disaster recovery in its existing configuration.
PILOT TO GMAIL CONTROL
A citywide pilot of Gmail launched in January, led by
Crawford’s team in partnership with CSC, a Virginia-
based integrator that’s partnering with Google on the
implementation. The pilot will continue for 60 days with
3,000 participants — about 10 percent of the city’s work
force. The citywide implementation is scheduled for mid-
June, Crawford said. After the e-mail deployment is done,
the ITA will focus on Google Apps, and all employees will
be trained on video and chat sooner rather than later.
Deployment at the police department will be phased in
last so that Google has time to complete FISMA certifica-
tion and the government cloud.
Crawford said the city will save a significant amount of is on CSC and Google to make this successful,” Levin
money by handling the transfer of e-mail archives to the said, “because obviously they would like to increase their
new system, instead of having CSC perform the task. The sales in the state and local government arena. I have been
city has approximately 14 terabytes of archived data, and assured they will make it work here.”
seven terabytes of live e-mail data. With L.A. in the fold, Google executives are bullish on
The ITA also wrote a piggyback clause into its agree- the state and local government market.
ment with CSC that allows any public-sector agency in “The interest is very strong, and I think it goes back to
California to purchase off that same contract. “The kind the benefits of cloud computing,” said Google’s Mihalchik.
of services and capabilities we’re providing right now “Government spends too much on IT, and particularly as
[to L.A.] are the same as any municipality can get,” said it pertains to e-mail and collaboration solutions that we’re
Mark Kneidinger, managing partner for CSC’s Federal offering — it’s rare to have an opportunity to both reduce
Consulting Practice, who is a former public-sector CIO. costs and improve performance. That’s what happened in
He said the available services include e-mail capacity; the city of Los Angeles, and that’s why other government
e-mail migration; building the architecture and security; agencies are looking at this and are strongly interested.”
end-user services; training; and the system architecture, Mihalchik said the customer base for Google Apps has
design and integration. The vendor can also migrate agen- quickly expanded to include pilots or implementations in
cies’ applications to the cloud. governments across the United States, like Orlando, Fla.,
Kneidinger said smaller municipalities could use the and within 12 federal agencies. Crawford said that as of
piggyback contract to form consortia that would further mid-January, he had talked with more than 70 govern-
cut implementation costs. “What’s happening currently ments that were interested in moving data and services to
among cities — if you have a lot of small towns — and cloud computing.
I know there are a number of areas in the country where So Los Angeles might not be an outlier for long. And
this occurs, is that they’re sharing common e-mail there’s a sense that Levin already is writing the next part
systems. Then basically [Gmail] is just the same overlay,” of this script — and that Web-based e-mail is only Scene
he said. One. She’s exploring options that would outsource city
But so far, according to Crawford, no other governments servers or put them under the management of a public-
have piggybacked on the L.A. contract — he thinks that’s private partnership.
because they’re in a wait-and-see mode. It’s just another As for the Gmail decision, Levin is certain. “There was
example of the scrutiny and spotlight Levin admits is now no question in our mind that this was the right thing to
omnipresent. “But I think more of the pressure actually do,” she said. ¨
[ CTO STRATEGIES ]
Ready for Your BY DAN LOHRMANN
Budget Emergency? flexibility and “outside the box”
thinking were encouraged regarding
Emergency management’s scenario-based planning is for delivery of various services, this pro-
budgets too. cess helped us clarify core missions for
each infrastructure area.
• Our conversation quickly turned
T HE GOVERNOR will soon be
announcing an early retirement
plan. Exact details are still in
negotiation. However, only one in four
employees will be replaced, one-third
But can responding to budget cut sce-
narios help technology teams improve?
What if the budget cuts never happen?
Might this be a waste of precious time?
Our experience with scenario-based
to customer expectations. Several
asked, “Can we really stop offer-
ing that service?” We discussed our
service catalogs, rate structures and
related service-level agreements.
of our managers will likely leave, planning in Michigan demonstrates an Using early out ground rules, direc-
employees cannot come back on con- excellent return on investment for all tors were tasked with clarifying staff
tract, contractors cannot be hired to involved. Here’s what we did — and allocation plans after the exercise.
fill voids and budgets will be cut what you can do: Several weeks later, plans were dis-
equal to staffing cuts. We expect about • First, we asked our infrastructure cussed with selected customers. Some
20 percent of your overall staff to directors to come to the meeting improvements are being implemented,
leave. One more thing — no additional prepared. They brought org charts, while other changes will be saved in
overtime will be authorized.” office budgets, prioritized project case of an early retirement or budget
Devastating news; fortunately it was plans, contract information, retire- emergency.
just an exercise. ment eligibility lists and more. After What did we learn from the exercise?
Oct. 1, 2009, Michigan’s infrastruc- setting the stage with the early out • When the future budget scenario
ture directors were gathered offsite at a announcements, we discussed vari- changed, so did the level of discussion.
management planning meeting, and we ous aspects of the situation. What • When “people issues” were addressed
were all relieved that our state govern- would you do first, second and third? (under this scenario, many staff
ment had just avoided a shutdown. We How would you communicate to retired happily), different budget
were immediately challenged with the staff? What reaction do you antici- approaches emerged to open up new
above message from our public infor- pate? The discussion was lively, and opportunities.
mation officer. Some people seemed stories revealed issues from previous • While some noncritical functions
a bit stunned by the announcement; early retirements in Michigan. must continue under mandated bud-
others were smiling, since they would • Next, directors were asked to list three get cuts, these activities might be
be eligible to leave. core mission functions that couldn’t offered to customers at an hourly rate
For decades, emergency manage- fail in their areas. For essential govern- rather than eliminated. Each director
ment offices have used scenario- ment services to be maintained, these went away with the task of identify-
based planning exercises to test critical activities must go on no mat- ing potential optional services.
our ability to respond to natural ter what else happens. Infrastructure I encourage you to challenge your
disasters and other emergencies. examples included answering help- team by offering a tabletop exercise
And more recently, to mitigate desk calls, ensuring e-mail delivery, with scenarios that include budget
cyber-threats. We learned during providing desktop support and sup- emergencies, such as an early retire-
the weeks and months after 9/11, plying network availability. ment. You’ll be surprised by what
organizations that prepare for the • Each leader also was asked to identity you learn. ¨
unexpected perform much better three activities that could potentially
following emergency incidents. stop in this new environment. This
Tabletop exercises can enhance information was reported to the wider
communication, foster team building, group, with constructive criticism
improve coordination, clarify roles offered by everyone during follow-up
and help with issue identification. question and answer sessions. While
You’ve Got Questions.
We’ve Got Answers.
This free resource offers a starting point and important
factors for consideration to help you plan for stringent
e-discovery requirements and FOIA requests!
The volumes and types of digital content governments must
manage, store and discover on demand is overwhelming to say the
least. Failure to prepare effectively for e-discovery and Freedom of
Information Act requests can be costly and reduce public trust.
This 28-page resource takes a common sense approach to information
management basics — with a sharp focus on e-discovery and
FOIA — and gives strategies for planning and implementing sound
information management policy and the best technology processes
for support in these critical areas.
Produced by: In Cooperation with: Request Your Free Copies at
[ STRAIGHT TALK ]
BY LIZA LOWERY MASSEY
hard dollar return on investment and,
better yet, increasing revenue. Your
contribution to the organization’s fiscal
Relevant bottom line is today’s measuring stick
in the public sector, not just private
Even public CIOs are not immune to downsizing and layoffs. Another suggestion is to position one-
self to gain more responsibility when
layoffs or job consolidations occur. CIO
certification is great; experience and
O NLY A FEW YEARS AGO,
were rushing to create CIO
positions and technology executives
were pushing to obtain the CIO title.
objectively considering what role your
organization needs most. For instance,
does your organization value timely
access to information and information
systems above all else? If so, then CIO
education outside of technology lead-
ership is even better. Volunteering for
assignments outside your comfort zone
allows you to be seen as an execu-
tive, not just the chief techie. Over the
The argument behind this movement
went something like this: Technology Your contribution to the organization’s fiscal
is strategic to the organization, and the
position should be too. bottom line is today’s measuring stick in the
The question quickly surfaced about public sector, not just private industry.
whether the person carrying the CIO
title was really the chief technology may be most appropriate. Other options years, I served on emergency opera-
strategist or simply the chief technolo- to evaluate include: tions boards, participated on a city’s
gist, i.e., the highest ranking techie. • a CTO position, when the organiza- economic development team and led
Given today’s challenges, this issue tion values and needs a strong tech- a building construction project. These
seems almost quaint. nology leader; “other duties as assigned” coupled with
Now the focus is on how CIOs remain • a chief technology strategist, when the a master’s degree in public administra-
relevant (and employed) in this eco- focus must be on the organization’s IT tion served me well.
nomic crisis that’s led to widespread strategy; and Finally the CIO position should be
downsizing in government organiza- • a chief technology leader, when the seen as a viable path to CEO. Private
tions. The first time I read about an IT organization requires strong leader- industry is recognizing this career pro-
leader being laid off, his position being ship of the technology function. gression and leading edge public-sector
eliminated or his duties being combined While you might be thinking your organizations are beginning to follow
into those of a chief administrative organization needs all of these roles, its example. Few other leadership posi-
officer type, I thought it was the wrong ranking your organization’s needs is a tions require understanding the entire
move — but I wasn’t overly concerned. good way to focus your efforts. organization’s operations and ways to
Now that I’ve seen it happen several Next, regardless of the CIO’s primary improve them.
more times and have heard of public- role, driving down cost — not just in The lesson learned? CIOs who look up
sector leaders who question a CIO’s IT but organizationwide — is vital. and out can find their roles expanded
value, I’m becoming alarmed — and so As someone wisely stated, a 5 percent instead of eliminated. ¨
should you! So what can a CIO do to reduction in IT costs is great; a 5 percent
remain relevant, and hopefully, prevent reduction in operating costs for the
job loss? organization is phenomenal. While we
First, it’s important to understand may have hesitated in the past to focus
how you bring the most value to your on job elimination as a result of tech-
organization. This perspective means nology implementation, it’s key in these
putting your preferences aside and economic times. Equally important is
[ CIO CENTRAL ] CONTRIBUTED BY EDITORIAL STAFF
News, Reviews & Careers
CIO TRANSITIONS department’s deputy commissioner STATE CIOs’ PRIORITIES FOR 2010
On Jan. 8, John P. Gillispie resigned for the past four years, and replaced Strategies, Management,
as Iowa’s CIO to become executive state CIO Tom Murray, who resigned
Processes and Solutions
director of the Missouri Research and to become the executive director of
Education Network, a unit within the Vermont Telecommunications 1. Budget and Cost Control
the University of Missouri that Authority. 2. Consolidation
provides Internet connectivity In January, Virginia Gov.-elect
and technical support to the Bob McDonnell appointed Jim 3. Shared Services
state’s schools, higher educa- Duffey as secretary of technology. 4. Broadband and Connectivity
tion, state government and oth- Duffey, a longtime private-sec-
er public-sector organizations. tor IT executive and former vice 5. American Recovery
Gillispie had been Iowa’s chairman of the Northern Virginia and Reinvestment Act
CAROLE technology chief since 2003. Technology Council, will report to
WALLACE 6. Security
POST He was also the executive McDonnell while CIO George Coulter
director of the Iowa reports to the Virginia 7. Transparency
Communications Network, IT Investment Board, an 8. Infrastructure
the state’s fiber-optic independent panel. Duffey
network. was president and CEO of 9. Health Information
In New York City, Duff Consulting, which he 10. Governance
Carole Wallace Post began founded after 24 years at
on Jan. 19 as commis- Electronic Data Systems
sioner of the Department GEORGE Corp., where he held Technologies, Applications and Tools
of Information Technology COULTER various executive-level
and Telecommunications. positions. 1. Virtualization (storage, computing,
Post, who had served as director of data center, servers, applications).
agency services in the Mayor’s Office STATE CIOS CHANGE PRIORITIES DUE 2. Networking, voice and data communications,
of Operations, is the agency’s first TO BUDGET CHALLENGES unified communications.
female commissioner. Cloud computing, broadband
She replaced Paul Cosgrave, connectivity and the stimulus are 3. Document/content/records/e-mail
who announced his retirement in becoming higher priorities for state management (repository, archiving,
December. Post began her career CIOs in 2010, according to an annual digital preservation).
in the New York City govern- survey from the National Association 4. Cloud computing, software as a service.
ment in 2001, serving in the of State Chief Information Officers
Department of Buildings. She (NASCIO). 5. Security enhancement tools.
moved to the Mayor’s Office Budget and cost control took the 6. Enterprise resource planning/legacy
in 2006. Prior to joining the No. 1 priority on the top-10 list for application modernization-renovation.
public sector, Post worked strategies, management processes
as a city attorney for Palm and solutions, up from No. 3 a year 7. Geospatial analysis and GIS.
Beach Gardens, Fla., and as ago. As state governments continue to 8. Business intelligence and business
PAUL special counsel in a private battle budget deficits due to the reces- analytics applications.
law firm. sion, green IT fell off 2010’s list of top
In Vermont, David Tucker was strategies after being No. 7 last year.
9 Identity and access management.
named state CIO and commissioner Here’s a list of what CIOs say are their 10 Social media and networking (Web 2.0
of the Department of Information 2010 priorities, according to services, wikis, blogs, collaboration
and Innovation. Tucker served as the the survey. ¨ technologies and social networking).
[ SECURITY ADVISER ]
Is the Policy
BY MARK WE ATHERFORD
Window on Cyber- national leadership, and I’m hopeful
Mr. Schmidt can provide the vision.
In a 1998 article, political science pro-
Security Closing? fessor Michael Howlett said, “Interest
groups, think tanks, political parties
and other nongovernmental actors
must all operate and plan their activi-
ties in accordance with some notion
T HERE’S BEEN A LOT OF TALK
in the past year about how the
federal government will make
protecting our nation’s digital infra-
structure a national security priority
a policy window depends on what he
calls the “three streams model,” which
includes the problem stream, the pol-
icy stream and the political stream.
While all three streams are important,
of which issues are likely to emerge
on government agendas and which
are not.” Many of us thought that the
release of the Center for Strategic and
International Studies report, Securing
and appoint a national cyber-security the magic happens when the streams Cyberspace for the 44th President, in
coordinator to orchestrate and inte- come together, such as a change in December 2008 met the requirements
grate all cyber-security policies for the the problem stream (growing national of this statement and would be the
government. At the same time, there cyber-security concerns) and a change impetus for quick action.
have been numerous reports, proposed in the political stream (change in pres- In discussing the policy window
legislation and cyber-events that com- idential administration), and an issue for cyber-security action, Marcus
bine to highlight the growing vulner- goes from just being an idea and turns Sachs, Verizon’s executive director
abilities of the global IT infrastructure into real policy. When I think about a for national security and cyber-policy,
and susceptibility of our nation’s criti- policy window, it reminds me of the said, “This means lots of opportunities
cal infrastructure to cyber-crime and “perfect storm” metaphor because it’s for ‘policy entrepreneurs,’ those indi-
cyber-terrorism. all about timing. A little too early or viduals who are able to take advan-
A year ago, there was optimism a little too late and you’ve missed the tage of the brief window to advance
because it appeared the Obama window of opportunity. initiatives and efforts that are in line
administration recognized the need So here’s the question: While there with the general issue of cyber-secu-
and had new enthusiasm for tack- have been numerous major cyber- rity. It also means that those who are
ling the nation’s cyber-security policy security incidents in the past year able to act fast stand to gain the most;
deficiencies. But as the government (far too many to list here) and we’ve those who wait might find their initia-
continued to chug along, there seemed reached the first anniversary of the tives left behind as the window slams
to be a general reluctance to move new presidential administration, is shut several months from now.”
forward boldly until a national cyber- the policy window on cyber-security I’m certainly no public-policy sage,
security leader was appointed. Now already closing? Has the nation lost but I think addressing our nation-
that President Barack Obama has momentum? In a 2009 column for al cyber-security problem is an idea
appointed Howard Schmidt as the CSO Magazine, author and consul- whose time has come and it seems to
nation’s first cyber-czar, much needs tant Richard Power wrote, “Cyber- sync nicely with Kingdon’s thoughts
to be done to recapture the time that security suffers from lack of a great on the policy window and how pol-
has passed. transformative metaphor. We need to icymaking happens. It would be a
In his 1994 book, Agendas, find a 21st-century vision worthy of shame if the nation missed this policy
Alternatives, and Public Policies, this 21st-century challenge.” We con- window to address our cyber-security
John Kingdon coined the term, “pol- tinue to see cyber-events on a daily problem, and we are counting on Mr.
icy window” to describe the pro- basis, so what does it take to attract Schmidt to lead the charge. ¨
cess of how policy issues achieve enough attention to achieve some real
enough momentum to get traction on policy momentum and take advantage
The views expressed are solely mine and nothing stated in or
the government agenda. Kingdon’s of what many think is the perfect implied from the article should or may be attributed to the state
model addresses how the timing of policy window? I think the answer is of California or any of its agencies or employees.
[ FAST GOV ]
BY PAUL W. TAYLOR
Too Many Chiefs,
Ken Theis, the current state CIO, will
oversee the consolidation of the two
departments and will ultimately be
Not Enough named the new department’s director.
Theis’ elevation mirrors an expanded
span of control granted to local gov-
Agencies? ernment public CIOs to the roles of
assistant city manager or county exec-
utive. It legitimizes the management
Will 36 new governors change the face of state government? prowess and strategic vision of those
originally appointed to manage tech-
nology alone. His challenge will be to
institutionalize the multiplying and
I N 12 SHORT MONTHS, chances
are you will be deciding whether
to rent a tuxedo and buy tick-
ets for the inaugural ball. Protracted
court challenges notwithstanding, the
3. public systems (transportation, water,
energy and information technology);
4. well-being (medical care, social ser-
vices and public assistance);
5. sustainability (natural resources);
forcing effect of technology on the way
the state does business.
In a recent conversation about
the structural changes under way in
Michigan — and on the horizon else-
results of the 2010 gubernatorial elec- 6. economic opportunity and prosperity where if projections by the National
tions should be known by then. The (attracting investment, business reg- Governors Association and a growing
combination of term limits and retire- ulation and consumer affairs); and number of think tanks are accurate
ments mean that at least 20 states will 7. efficiency and effectiveness (trans- — Theis told me, “I don’t see us getting
elect new governors, but two-thirds of parency, administration and fiscal through this and looking anything near
all states will have contests for the role management). what we look like today.”
of chief executive. It’s easy to see elements of a CIO- That’s true of government structures
As transitions typically go, there led organization in a number of those in general and the role of the public
will be numerous empty seats around core functions. As a practical matter, CIO. But the question is different this
the cabinet table when inauguration
day rolls around. But there may be
fewer chairs to fill. Permanently. There will be numerous empty seats around the
Take Michigan. The state was first cabinet table when inauguration day rolls around.
in and hardest hit by the fiscal crisis,
owing in no small measure to its reli-
But there may be fewer chairs to fill. Permanently.
ance on the legacy automobile indus-
try. Just as General Motors jettisoned Granholm is placing IT back into the time. It’s not about the merits of being
Pontiac, Saturn and Saab to focus on state’s Department of Management and a political appointee or career civil
its core brands (Chevrolet, Cadillac, Budget. The change’s announcement servant. It’s about whether the role
Buick and GMC), so too the state is called the move a “merger” that brings will still be recognizable as we have
trimming its portfolio. the total agency count to 15, down from come to know it in the years since it
Gov. Jennifer Granholm asked Lt. the constitutional cap of 20 agencies, emerged from finance and administra-
Gov. John Cherry this year to propose the state’s level just a few years ago. tion departments in the first place, or
a plan to reduce the number of state One state employee enthused that whether it will exist at all. ¨
departments from 18 to eight. Cherry the consolidation brings with it “all
has reduced the number to seven core kinds of remarkable ICT [information
functions of government: and communication technology] infu-
1. public safety; sion possibilities at the enterprise and
2. education; shared service levels.”