There are a lot of systems at risk. Leon Kappelman suggests several and offers government brief solutions. But the governments aren't compliant. Who monitors the noncompliant monitors? This is the problem of the blind leading the blind into the ditch.
Kappelman teaches in the business computer department of the University of North Texas. He is co-chair, Y2K Project, Society of Information Management.
* * * * * * * * *
While the pardon and parole systems have to deal with dates into the year 2000, other less obvious systems dealing with scheduling court action or documenting evidence could also be at risk.
Recommendation: The State Administrator for the Courts should take responsibility to see that the appropriate jurisdictions are aware of and are correcting any problems in the state, appellate, district, municipal, and juvenile court systems.
Criminal Justice Systems
Sentencing and environmental (i.e., buildings and facilities) control systems could be affected by the year-2000 problem.
Recommendation: The Department of Corrections needs to ensure that the sentencing and environment control systems (especially security) are year-2000 ready in the correctional institutions.
Electric Power Generation and Distribution Systems
Power plants, both nuclear and conventional, use computer systems and smart valves that could result in system failures. The grid that distributes electrical power also is at risk.
Recommendation: The State Public Utility Commission (PUC) should initiate a proceeding to assess the year 2000 readiness of all power plants and the potential impact on the power grid itself. The proceeding should determine if each utility has conducted a year 2000 risk assessment, developed a corrective action plan, and established a date to become year-2000 ready.
Emergency Response Systems
While not a specific year-2000 problem, ground receivers that use the Global Positioning System (GPS) satellite system may fail in August 1999 due to a date-related processing problem. Many of the emergency response systems are using GPS to track emergency vehicles for 911 systems.
Recommendation: The Emergency Communications Commission should alert all 911 system operators in the state of the potential problem and assist in identifying vendors offering equipment and systems that have corrected this problem. Moreover, emergency response and emergency management agencies should work with other agencies and the Federal Emergency Management Agency (FEMA) to help identify high risk areas and make contingency plans.
The year 2000 problem poses serious environmental risks from many of the year-2000-related areas described in the sections concerning electric power generation and distribution, petrochemical refineries and oil/gas line distribution, and water and waste treatment.
Recommendation: The State Natural Resource Conservation Commission (NRCC) should work closely with other agencies and the federal Environmental Protection Agency (EPA) to help identify high risk areas and take regulatory action to protect the publicís safety and the environment, as well as make contingency plans.
Banks and credit unions also are at risk. On June 17, 1996, the Comptroller of the Currency, Administrator of National Banks, issued an advisory letter (AL 96-4) to the chief executive officers of all national banks, department and division heads, and all examining personnel. The advisory letter contained a statement by the Federal Financial Institutions Examination Council (FFIEC) that alerted financial institutions to risks that may be present in existing computer systems as the industry enters the new century.
The FFIEC consists of the Federal Reserve Board of Governors, the Federal Deposit Insurance Corporation, the National Credit Union Administration, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision. On May 5, 1997 the FFIEC issued a more extensive statement including "Year 2000 Examination Procedures" and additional advisories have subsequently been issued.
Recommendation: The Finance Commission and the Credit Union Department should issue letters advising all state-chartered banks, savings and loans, consumer credit enterprises, and credit unions that they have a responsibility for analyzing the year-2000-related risk of their internal computer systems, and should consult with affected vendors (e.g., automated teller machines) and customers to ensure they are addressing the year 2000 issue.
Based on the risk analysis, management should develop and implement an action plan to deal with any identified systems changes required to achieve year-2000 compliance.
Hospitals and Medical Facilities
Year-2000-related problems have been found in medical lab equipment and other medical devices. Patient record systems could also have problems.
Recommendation: The State Department of Health should initiate proceedings to determine if hospitals and medical facilities have conducted year-2000 risk assessments, developed a corrective action plan, and established a date to become year-2000 ready.
The insurance industry has many of the same year-2000 problems as financial institutions.
Recommendation: The State Department of Insurance should initiate proceedings to determine if insurance companies have conducted a year-2000 risk assessment, developed a corrective action plan, and established a date to become year-2000 ready.
Petrochemical Refineries and Oil/Gas Line Distribution Systems
Refineries and oil/gas line distribution systems are controlled by computer systems and use smart valves that could be at risk.
Recommendation: The State Railroad Commission and NRCC should initiate proceedings to determine if refineries and managers for oil/gas line distribution systems have conducted a year-2000 risk assessment, developed a corrective action plan, and established a date to become year-2000 ready.
The voice telephone system has known problems that could result in service failures, incorrect billings, and other problems. The Federal Communications Commission (FCC) is aware of the problem but as yet has not initiated any action to ensure that local exchanges or the long distance networks are ready for the year 2000.
Recommendation: The State Public Utility Commission (PUC) should initiate a proceeding to assess the year 2000 readiness of all local carriers and long distance providers. The proceeding should determine if each utility has conducted a year 2000 risk assessment, developed a corrective action plan, and established a date to become year-2000 ready.
State and Regulated-Industry Investments
Several state agencies (e.g., treasurer, employee and teacher retirement systems) and universities invest funds in stocks and bonds. Moreover, several regulated industries including banking and insurance invest in such financial instruments. Furthermore, banks make loans to other enterprises.
Economists and bankers like Federal Reserve Chairman Greenspan, Federal Reserve Governor Kelley, and Dr. Edward Yardeni have all indicated that there is a high probability that some degree of year-2000-related economic problems will occur. Given the seeming large percentage of stock-and-bond-issuing public and private enterprises that have done very little to date to address their year-2000-related issues, it would appear that there is an uncomfortably high risk of insolvency, default, and diminished market valuations.
Recommendation: State agencies and universities as well as agencies that regulate industries that make such investments, should require companies or entities issuing bonds or stock or otherwise borrowing to document their efforts to address the year-2000 problem for such state agencies and/or regulated institutions.
State Police Issues
The State Police needs to ensure that all safety and protection systems function properly. This could include the statewide law enforcement microwave communications systems, the computer systems that contain criminal history and offender information (including fingerprint identification systems), the sophisticated equipment in patrol vehicles, and the jails.
Recommendations: The State Police should initiate proceedings to determine if these safety and protection systems are year-2000 ready.
Transportation Control Systems
Motor vehicle, highway, and railroad traffic control systems use computers and devices with embedded microprocessors that could fail or produce incorrect timing sequences.
Recommendations: (1) The State Department of Transportation (DOT) should be made aware of the potential problem and should assist local communities with the identification of vendor equipment and systems that have year-2000 problems and the possible solutions. DOT should work with the State Railroad Commission to assess the safety of highway/rail crossing sites. (2) The Railroad Commission should initiate proceedings to determine if each rail system manager has conducted a year-2000 risk assessment, developed a corrective action plan, and established a date to become year-2000 ready.
Water and Waste Treatment Systems
Most modern systems that control the treatment and distribution of drinking water and waste water use computers and "smart valves" with embedded microprocessors. Problems with the control systems, hardware or software, or the smart valves could result in total system failures, contamination of ground water, and/or contamination of drinking water.
Recommendation: The NRCC should initiate a proceeding to assess the year 2000 readiness of all water districts, municipal water supplies, and waste water treatment facilities. The proceeding should determine if each utility has conducted a year 2000 risk assessment, developed a corrective action plan, and established a date to become year-2000 ready. NRCC also should make information available about known problems and potential solutions for specific vendor-supplied systems and equipment.