A representative of the Social Security Administration testified to the House Ways & Means Committee on May 7.
The official bragged that Social Security found out about y2k in 1989. Apparently, the agency kept this secret to itself. Most of the other agencies found out about it in 1995.
SSA has been working on fixing it since 1991. It has about 33 million lines of code.
In June, 1996, it was
Lo and behold, it's now 90% complete.
Except for the
extra 33 million lines of code they found in late 1996. That code is controlled at the state level: State Disability Determination Services (DDSs). It establishes eligibility.
Social Security has handled this in a way that inspires awe, if not confidence. It redefined these 33 million lines as not being mission-critical.
Then there is the question of shared data, i.e., noncompliant data from other computers. "SSA has just over 2,000 data exchanges with Federal agencies, States, or third parties." They're working on it. They have inventoried them. That is, they have counted them. Any one of them could destroy the SSA's entire repair. The SSA is staring into 2,000 loaded machine guns. But don't worry. They've counted them. All of them. Unless they missed some.
The Committee was assured: "Thus far, 65 percent of our data exchanges have been made Year 2000 compliant and implemented." Does this mean that 65% of the partners have compliant systems? Well, not exactly. Well, then, how many? The prepared testimony does not say. But we know. None. And we all know the big one: the U.S. Treasury, which has
received a D from Congressman Stephen Horn.
SSA also has a contingency plan -- a full contingency plan! "The plan identifies potential risks to business processes, ways to mitigate each risk, and strategies for ensuring continuity of operations if planned corrections are not completed or if systems fail to operate as intended." To which I say: "Let's see it. Publish it. If it's good, it can serve as a model. If it's fake, we should know in advance."
The agency promises to have its code repaired, ready for testing by . . . the drums are rolling . . . December 31, 1998. Yes, this is the familiar form letter response of every known agency in the United States.
Now, if Social Security found out in 1989, got to work in 1991, and has been working ever since, and expects to be ready for testing on December 31, 1998, how much credence should we give to all the other form letter promises from the outfits that found out about the problem in 1996? How much money -- in your bank, retirement fund, mutual fund -- will you bet on these promises?
* * * * * * *
Statement of John Dyer Principal Deputy Commissioner, Social Security Administration
Testimony Before the Subcommittee on Oversight of the House Committee on Ways and Means
Hearing on the Year 2000 Computer Problem
May 7, 1998
Chairman Johnson and Members of the Subcommittee:
I am pleased to be here to testify today concerning the Social Security Administration's (SSA) efforts to prepare for the Year 2000. SSA became aware of the Year 2000 problem and began planning for it in 1989 to make sure that the payments we make to more than 48 million beneficiaries will not be in jeopardy. . . .
SSA has completed the first two phases as well as more than 90 percent of the renovation phase of its Year 2000 program. We are in the process of testing all of our renovated systems in our Year 2000 Test Facility. We are on schedule to complete testing of all systems by December 31, 1998, and to have all systems implemented into production in January 1999, providing a full year for post-implementation review.
How is SSA Progressing in Resolving its Year 2000 Problems?
As of April 30, 1998, SSA has renovated more than 90 percent of the Agency's mission-critical systems. These mission-critical systems support our core business processes--enumeration, earnings, claims, postentitlement, and informing the public--through which we maintain the accuracy of beneficiary records and process and adjudicate claims. SSA has also renovated 67 percent of its non-mission-critical systems. All of SSA's systems are scheduled to be Year 2000 compliant by December of this year.
In addition, we have taken an active role in addressing the issue of Year 2000 compliance in case processing systems used by the State Disability Determination Services (DDSs) and data exchanges between SSA and other entities. . . .
SSA has focused increased attention on ensuring that State DDS systems, which are used in determining the medical eligibility of disability applicants, are made Year 2000 compliant by December 1998. There are 55 DDSs: one in each of the States and the District of Columbia, Puerto Rico, Guam, and the Virgin Islands, as well as the Federal DDS at SSA Central Office in Baltimore. Since DDSs are fully funded by SSA, Year 2000 compliance activity costs in the DDSs were not borne by the States.
We requested and received Year 2000 plans from each of the DDSs that identify specific milestones, resources, and schedules for completing Year 2000 conversion activities. All DDS systems are scheduled to be Year 2000 compliant by SSA's target of December 1998. As of today, twenty-one DDS systems have been renovated, tested and implemented. These DDSs are: Alabama, Arizona, Arkansas, Connecticut, Florida, Idaho, Indiana, Kentucky, Maine, Massachusetts, Michigan, Minnesota, New Mexico, Ohio, Oklahoma, Oregon, Pennsylvania, Vermont, Washington DC, Wisconsin, and the Federal DDS. . . .
We believe these actions and oversight activities, together with a close working relationship with the DDSs, will enable us to meet our schedule of making the DDS systems Year 2000 compliant by December 1998.
SSA has been actively addressing the issue of data exchanges which occur between SSA and other Federal agencies, States, and third parties. We have inventoried all of our external exchanges. In order to formally track the progress of each external data exchange, SSA developed the Data Exchange Tracking System (DETS). SSA has just over 2,000 data exchanges with Federal agencies, States, or third parties. For example, SSA exchanges data with the Treasury Department to make benefit payments and with the States to verify death records.
We have been in contact with all of our trading partners regarding the format and schedule for making these data exchanges compliant. Thus far, 65 percent of our data exchanges have been made Year 2000 compliant and implemented. We are in the process of negotiating, scheduling, and implementing remaining changes. Our target is to have all data exchanges implemented by December 1998.
We are focusing particular attention on our exchanges which affect benefit payments. We are working very closely with the Treasury Department to ensure Social Security and Supplemental Security Income (SSI) checks and direct deposit payments for January 2000 will be on time. The testing plans for Social Security and SSI payments have been approved by SSA and Treasury. Joint testing of files began on March 4, 1998, and testing is going as planned. In addition to testing with Treasury, we have agreements to test from SSA, through Treasury and the Federal Reserve's Automated Clearing House, for direct deposit payments.
On March 31, 1998, we issued the SSA Business Continuity and Contingency Plan. The plan addresses the core business functions, including disability claims processing functions supported by the DDSs, which must be supported if Year 2000 conversion activities experience unforeseen disruptions. The plan identifies potential risks to business processes, ways to mitigate each risk, and strategies for ensuring continuity of operations if planned corrections are not completed or if systems fail to operate as intended. The plan, which also identifies milestones, target dates, and responsible components for developing local contingency plans and procedures throughout all of SSA's operating components, will be updated quarterly and used to track development and testing of local contingencies planned throughout the agency.
We certainly hope that there will be no need to activate the SSA Business Continuity and Contingency Plan. However, if there are unforeseen, Year 2000-induced disruptions, this contingency plan will be implemented to ensure continuation of SSA's vital services to the public.
Will SSA's Data Systems Be Ready for the Transition to the New Millennium?
There is no question that the Year 2000 problem is the biggest challenge ever facing the information technology industry. Since SSA is so dependent on computers to do its business and serve the public, we have taken this problem very seriously and dedicated the resources to address it in a timely manner.
Because of our early attention to this challenge, we are confident that our systems will function on and after the Year 2000 to ensure that our core business processes proceed smoothly and without disruption as we move into the 21st century. When we open our offices for business on January 3, 2000, we expect to be prepared to provide our full complement of services to the American public with the accuracy and reliability they have come to expect from SSA. And, if there are unforeseen problems, we will have contingency plans in place to assure continuity of SSA's business operations.