Statement by John Dyer,
Principal Deputy Commissioner, Social Security Administration
before the House Committee on Appropriations
Subcommittee on Labor, Health and Human Services, Education, and Related Agencies
April 21, 1998
Chairman Porter and Members of the Subcommittee:
I am pleased to be here to testify today concerning the Social Security Administration's (SSA) efforts to prepare for the Year 2000.
SSA became aware of the Year 2000 problem and began planning for it in 1989 to make sure that the payments we make to more than 48 million beneficiaries will nor be in jeopardy. Because we were on the forefront of Year 2000 preparation, our Assistant Deputy Commissioner for Systems, Kathleen Adams, who joins me here today. was asked to Chair the Chief Information Officers (CIO) Council Committee on Year 2000. The purpose of this committee is to share lessons learned and best practices in addressing the Year 2000 challenge, address cross-cutting issues affecting all government agencies and identify ways to manage resources in solving the Year 2000 problem.
For SSA, Year 2000 preparation has meant reviewing systems supported by more than 33 million lines of in-house application software, as well as hundreds of vendor products, and coordinating efforts with State and Federal agencies and third parties. By the end of fiscal year 2000, we will have spent $42 million on the Year 2000 effort for both in-house and contracted activities. We believe that our early start in addressing the issue has allowed us to manage the Year 2000 effort without requesting additional resources.
We have used a systematic approach to making sure systems are Year 2000 compliant. This approach consists of five phases:
- The Awareness phase, in which we defined the Year 2000 problem and ensured that everyone in 55A was aware of it;
- The Assessment phase, in which we identified our core business processes, analyzed the systems supporting these processes, identified resources, and developed a detailed schedule for making corrections;
- The Renovation Phase, in which we converted databases and are renovating software and modifying interfaces;
- The Validation phase, in which we are testing converted or replaced software; and
- The Implementation phase, in which we will implement convened or
SSA has completed the first two phases as well as more than 90 percent of the renovation phase of its Year 2000 program. We are in the process of testing all of our renovated systems in our Year 2000 Test Facility. We are on schedule to complete testing of all systems by December 31, 1998, and to have all systems implemented into production in January 1999, providing a full year for post-implementation review.
How is SSA Progressing in Resolving Its Year 2000 Problem
As of March 31, 1998, SSA had renovated more than 90 percent of the Agency's mission-critical systems. These mission-critical systems support our core business processes-enumeration, earnings, claims, post entitlement, and informing the public through which we maintain the accuracy of beneficiary records and process and adjudicate claims. SSA has also renovated 53 percent of its non-mission-critical systems. All of SSA' s systems are scheduled to be Year 2000 compliant by December of this year"
In addition, we have taken an active role in addressing the issue of Year 2000 compliance in case processing systems used by the State Disability Determination Services (DDSs) and data exchanges between SSA and other entities.
Furthermore, SSA has developed plans to address the Year 2000 problem in the areas of our telecommunications and hardware infrastructure and facilities infrastructure. We have inventoried all components of these infrastructures and have plans in place to upgrade or replace all non-compliant equipment. We are working with the vendor community, the General Services Administration, and the CIO Council Committee on Year 2000 to test vendor fixes.
What Obstacles Stand In The Way Of The Completion Of Preparations For Year 2000
In October, 1997, the General Accounting Office issued a report entitled, "Social Security Administration: Significant Progress Made in Year 2000 Effort. But Key Risks Remain." The report was generally very complimentary of SSA' s Year 2000 program; however, it identified three concerns--DDS systems compliance, data exchanges, and contingency planning. At the time the report was issued we were addressing all three areas and we continue to do so.
DDS Software Compliance
SSA has focused increased attention on ensuring that State DDS systems, which are used in determining the medical eligibility of disability applicants, are made Year 2000 compliant by December 1998. There are 55 DDSs: one in each of the States and the District of Columbia, Puerto Rico. Guam, and the Virgin Islands, as well as the Federal DDS at SSA Central Office in Baltimore. Since DDSs are fully funded by SSA. Year 2000 compliance activity costs in the DDSs were not borne by the States.
We requested and received Year 2000 plans from each of the DDSs that identify specific milestones, resources, and schedules for completing Year 2000 conversion activities. All DDS systems are scheduled to be Year 2000 compliant by SSA 's target of December 1998. As of today, twenty-one DDS systems have been renovated, tested and implemented. These DDSs are: Alabama, Arizona, Arkansas, Connecticut, Florida, Idaho, Indiana, Kentucky, Maine, Massachusetts, Michigan, Minnesota, New Mexico, Ohio, Oklahoma, Oregon, Pennsylvania, Vermont, Washington DC, Wisconsin, and the Federal DDS.
We are working closely with each DDS on monitoring and oversight of DDS Year 2000 activities. SSA has a DDS Year 2000 Project Team working full time on DDS Year 2000 activities. Each DDS has named a Year 2000 Project Coordinator. In addition, each SSA regional office has named a DDS Year 2000 Coordinator for the DDSs in that region. The SSA DDS Year 2000 Project Team and SSA's Year 2000 Program Manager are in constant communication with the DDS Year 2000 Project Coordinators, Regional Office Coordinators, and State systems contractor representatives. The progress in each State continues to be monitored and tracked against project milestones in the State 's Year 2000 plan.
Since the majority of the DDSs (43) contract with one of two vendors for their systems, S5A decided to enter into a contract with each vendor to cover all of the Year 2000 conversion work for these 43 systems. This was done to enable Year 2000 conversion work to begin more rapidly and to allow SSA to exercise a greater degree of comrol to ensure the Year 2000 conversions are done timely. The DDSs which do not use these vendors' systems use either in-house systems, other vendor systems, or are not automated. The States using other systems have all entered into contracts with their vendors, or planned for in-house changes to their systems, respectively. There arc five DDSs that do not have automated claims processing systems.
We believe these actions and oversight activities, together with a close working relationship with the DDSs, will enable us to meet our schedule of making the DDS systems Year 2000 compliant by December 1998.
SSA has been actively addressing the issue of data exchanges which occur between SSA and other Federal agencies, States, and third parties. We have inventoried all of our external exchanges. In order to formally track the progress of each external data exchange, SSA developed the Data Exchange Tracking System (DETS). SSA has just over 2,000 data exchanges with Federal agencies, States, or third parties. For example, SSA exchanges data with the Treasury Department to make benefit payments and with the States to verify death records.
We have been in contact with all of our trading partners regard ing the format and schedule for making these data exchanges compliant. Thus far, 65 percent of our data exchanges have been made Year 2000 compliant and implemented. We are in the process of negotiating, scheduling, and implementing remaining changes. Our target is to have all data exchanges implemented by December 1998.
We are focusing particular attention on our exchanges which affect benefit
payments. We are working very closely with the Treasury Department to ensure
Social Security and Supplemental Security Income (SSI) checks and direct deposit
payments for January 2000 will be on time. The testing plans for Social Security and
SSI payments have been approved by SSA and Treasury. Joint testing of files began
on March 4, 1998. and testing is going as planned. In addition to testing with Treasury, we have agreements to test from SSA, through Treasury and the Federal Reserve's Automated Clearing House, for direct deposit payments.
On March 31, 1998, we issued the SSA Business Continuity and Contingency Plan. The plan addresses the core business functions, including disability claims processing functions supported by the DDSs, which must be supported if Year 2000 conversion activities experience unforeseen disruptions. The plan identifies potential risks to business processes, ways to mitigate each risk, and strategies for ensuring continuity of operations if planned correct ions are not completed or if systems fail to operate as intended. The plan, which also identifies milestones, target dates, and responsible components for developing local contingency plans and procedures throughout all of SSA's operating components, will be updated quarterly and used to track development and testing of local contingencies planned throughout the agency.
We certainly hope that there will be no need to activate the SSA Business Continuity and Contingency Plan. However, if there are unforeseen, Year 2000-induced disruptions, this contingency plan will be implemented to ensure continuation of SSA's vital services to the public.
Will SSA' s Data Systems Be Ready for the Transition to the New Millennium?
There is no question that the Year 2000 problem is the biggest challenge ever facing the information technology industry. Since SSA is so dependent on computers to do its business and serve the public, we have taken this problem very seriously and dedicated the resources to address it in a timely manner.
Because of our early attention to this challenge, we are confident that our systems will function on and after the Year 2000 to ensure that our core business processes proceed smoothly and without disruption as we move into the 21st century. When we open our offices for business on January 3, 2000, we expect to be prepared to provide our full complement of services to the American Public with the accuracy and reliability they have come to expect from SSA. And, if there are unforeseen problems, we will have contingency plans in place to assure continuity of SSA's business operations.
I would be happy to answer any questions you may have.