Big Brother is watching–HRO users and providers beware.
As it turns out, Big Brother is watchingHRO users and providers beware.
< ?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
Federal privacy law is expanding with the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the privacy and civil liberties procedures established under the Intelligence Reform and Terrorism Prevention Act of 2004 (IRATPA) one for electronic health information, the other for virtually all personal information that could be discovered in homeland security and anti-terrorism investigations. For HRO customers, employees, and service providers, each law will impose new obligations and safeguards.
HIPAA SECURITY RULE
The HIPAA Security Rule reinforces the Transactions Rule and the Privacy Rule, which focus on the privacy of protected health information. The HIPAA Security Rule takes effect on April 21, 2005, for all covered entities except small health plans. In the private sector, all private health plans, healthcare providers, and healthcare clearinghouses must assure their customers that the integrity, confidentiality, and availability of electronic health information that they collect, maintain, use, or transmit will be protected. The goal is to ensure the integrity and confidentiality of the information and to protect against any reasonably anticipated threat or hazards to security or integrity of the information and unauthorized use or disclosure of the information. The HIPAA Security Rule will be an additional compliance requirement for HRO deals. There is no specific federal security standard, but only one that adopts reasonable and appropriate precautions. The enterprise customer cannot simply dump the HIPAA compliance obligation upon the service provider. As a best practice, HRO customers and their providers should review the design and implementation of the processes involved in compliance, and establish periodic reviews to deal with changes that might be needed. The costs of such periodic changes should be discussed as well.
PRIVACY AND CIVIL LIBERTIES
Under IRATPA, executive departments and agencies must appoint a bevy of new privacy and civil liberties officers to protect against abuses of constitutional and statutory rights. Within the National Intelligence Department, a Civil Liberties Protection Officer, reporting directly to the Director of National Intelligence, will be appointed to meet constitutional, technological, and statutory mandates. To protect constitutional freedoms, this officer will be responsible for compliance, review, and assessment of complaints and other information indicating possible abuses of civil liberties and privacy in the administration of national intelligence programs. As a counterbalance to the increasing centralization of powers in the war on terrorism, a Privacy and Civil Liberties Oversight Board will be established within the Executive Office of the President as part of an enhanced system of checks and balances to protect the precious liberties that are vital to our way of life. In addition, Congress recommended each executive department or federal agency with law enforcement or anti-terrorism functions designate a privacy and civil liberties officer.
PRIVATE SECURITY OFFICERS
In the private sector, enterprises that either hire their own private security officers or rely upon service providers to do so will now be subject to new regulation. A private security officer is an individual other than an employee of a Federal, State, or local government, whose primary duty is to perform security services, full or part time, for consideration, whether armed or unarmed and in uniform or plain clothes. IRATPA authorizes prospective employers, after getting written consent from the prospective employee, to submit fingerprints for an authorized criminal history record information check for prospective private security officers. The employer must disclose the results to the prospective employee.
CRIMINAL HISTORY CHECKS
The new law opens the door to new regulation of access to criminal records in support of lawful employment beyond private security officers. The IRATPA law calls on the Attorney General to recommend to Congress any legislative improvements for the conduct of criminal history record checks for non-criminal justice purposes. As part of this process, commercially available databases will be reviewed as possible supplements to government records. Privacy rights will need further consideration, based on principles of employee consent, access to the records used if employment was denied, the disposition of fingerprint submissions after records are searched, an appeal mechanism, and penalties for misuse of the information. Employerswhether or not they outsource any HR administrative functionshould review and update their employee handbooks and the rules applicable to third parties having access to HR information.
What every HR executive needs to know before outsourcing HRM.
Part one of a series on what every HR executive needs to know before taking the plunge into HRM outsourcing.
< ?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
Whether or not your organization outsources one or more human resource management (HRM) tasks, functions, or processes today, or if youre considering or are already in a fairly comprehensive HRM BPO relationship, the responsibility for all such decisions lies very much with HR leadership. The CIO, CFO, and/or CEO may be the instigators, protagonists, or final approverswhich is increasingly the case in more comprehensive HRM BPO relationships but HR leadership must make any such HRM outsourcing decisions work and work well. Where there is responsibility, there is the opportunity for celebrating successes. This is always a good thing, albeit occurring less frequently than we would like. Unfortunately, there is also the all-toofrequent opportunity for paying the pricelitigation, lack of compliance, lost productivity, lost talent, lost opportunities, lost money, and/or disrupted career for failure. Since you are going to bear that responsibility, you will need to have the relevant information at your fingertips to assess the current state of outsourcing in your organization, to plan for any desirable additional outsourcing, and to head off at the pass any undesirable outsourcing adventures thrown out as suggestions at the next executive team meeting. Beginning with this column and continuing until Ive run out of questions, we are going to tackle first those issues that address the current state of your HRM outsourcing for which every HR leader needs ready answers. Then, just when youve thought that every question had been asked (for which youve prepared answers), were going to cover the questions that you should be prepared to answer when one of your colleaguesfresh back from a seminar or outsourcing provider sales pitchcasually suggests that more/less/total HRM outsourcing is just the ticket. By the time were finished, youll have questions and answers for every occasion. Simply load these into the PDA that you got for Chanukah/ Christmas/Kwanza, and you will be ready for HRM outsourcing action.
ALWAYS START AT THE BEGINNING
Before considering outsourcing, or any deployment tactic for your HRM policies, practices, and processes, we must ask and answer these most important questions:
What are the HRM business outcomes to which all of our HRM processes and the HRM delivery system (HRMDS) must contribute? How are these intended contributions going to be made and by when? At what levels of investment for what target values of the HRM outcome metrics? And who is accountable for what outcomes?
What would our HRM processes and HRMDS need to look like to achieve these business outcomes? How does this future state of our HRM business model compare to our current state HRM business model? How does this future state HRMDS compare to our current state HRMDS?
How are we planning to close these gaps? What are the benefits of closing these gaps? Are they sufficient to warrant the planned effort? Can we afford that plan?
The key point of these questions is that if you have no vision of your HRM business, no idea by what metrics youll measure progress toward that vision, and no idea what business outcomes are needed from the HRM aspects of the business, then youd better get these points nailed down before you dive into outsourcing or any other deployment tactic. Without a clear strategy for the HRM aspects of the business and without a well-defined HRM domain model, to include the relevant metrics, on what possible basis would you select outsourcing or any other deployment tactic? In the simplest of terms, if you dont know where youre going, it really doesnt matter your form of transportationyoull still end up running in a circle.
Are the customers the final winners in the Oracle-PeopleSoft battle?
Oracle and PeopleSoft have laid down their swords, but will customers be ready to take the next step to outsource?
< ?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
A colleague of mine made a trenchant comment about the recently resolved Oracle/PeopleSoft standoff: Sticking with one provider today is like ruling a European nation in 1914 with a collection of Victorian-era alliances sitting on your desk.
Now that the war is over and Oracle has strengthened its position in the HR application software market, perhaps a new analogy is apt. Assuming full responsibility for managing your companys transition from one HR application package to another could be just as daunting a task as rebuilding a war-torn country without allies.
CUSTOMER RETENTION 101: THE CUSTOMER IS ALWAYS RIGHT
For the HR outsourcing industry, the end of the Oracle/PeopleSoft battle provides an even larger opportunity to win and impress customers. For many companies, the question is no longer whether to stick with the status quo or pursue outsourcing. Change is now a given. From here, companies must decide the best way to manage and harness that change.
The Oracle/PeopleSoft war has made great copy in the business press with ever-changing proposals on the table, controversy over PeopleSoft profitability, a dethroned CEO, numerous legal battles and, in the end, yet another enormous victory for Oracle CEO Larry Ellison. While the business story has been fascinating, the anxiety of HR software customers has been real and growing.
Think for a moment of a PeopleSoft customer managing a massive installation. Oracle promises to fully update PeopleSoft for 10 yearsthe bat of an eyelash for global corporations. Furthermore, this company, which may have just recently installed or updated PeopleSoft, must decide when and if to migrate to the new Oracle/PeopleSoft product expected to reach the market in 30 to 36 months.
Customers grew increasingly uneasy about Oracles promises during the 19-month battle. According to a November survey by Boston-based AMR Research Inc., 63 percent of 150 PeopleSoft customers said they would cancel their software-support contacts if Oracle bought PeopleSoft and stopped enhancing the programs.
HOW CAN HRO BENEFIT FROM THE MERGER?
Without question, the combined Oracle/PeopleSoft offers customers great potential. But again, why should any enterprise make the risky decision of when and how to change trains? By making the move to an HR outsourcing provider, enterprises get a once-in-a-lifetime opportunity to outsource risk.
Theres even better news for HR outsourcing providers, because enterprises that have long used SAP installations may now want to take a second look at Oracle and HR outsourcers are an ideal opportunity to make this transition possible.
Since the battle for PeopleSoft began, the HR industry has changed dramatically. New HR outsourcing providers have emerged, major companies have merged, the customer base has grown dramatically, and the center of gravity has shifted from the software providers to the companies that can make these installations manageable and affordable.
Oracle emerges the winner in a very different world than when the battle began. Now they must work to make HR outsourcing a central part of their strategy. No doubt the customers will be there for Oraclethe question is whether customers looking for solutions, not software, will even know or care which application manages their HR service one or two generations from now.
In Part Two of an examination of self-service menus: How improving employee productivity goes beyond basic HRM self service.
Last months column discussed the many self-service threads that must be woven together to deliver efficient business processes. For example, onboarding not only involves many HRM-specific self-service interactionsbenefits enrollment, work scheduling, and the provision of emergency contact informationbut it also involves many non-HRM self-service interactionsproviding office space and supplies; assigning computers, cell phones, facility keys, other equipment, and my personal favorite, the company AMEX card; granting specific system access permissions; and establishing personalized portal preferences, to name a few. Another common business process that involves both HRM and non-HRM selfservice interactions is business travelresearching benefit coverages and determining how they are affected if injuries or sickness occur while traveling; making travel reservations, including frequent flyer preferences; paying attention to travel allowances determined by position, salary level, etc.; making travel changes before and during the trip; and preparing the always popular travel expense and accomplishment report in conjunction with ones time and attendance report.
In each of these cases, its hard enough to achieve the productive level of self-service dialogue integration and data semantics when youre running a generic administrative application backbone for your entire organization. Imagine the challenge you face when you (1) outsource HRM processes in piecemeal to several providers or outsource your HRM processes to a single provider that uses separate applications to create their HRM delivery system (HRMDS) and outsources travel and expense to yet another provider, (2) have your own IT organization handle the granting of specific system access permissions, (3) use AMEX to manage card-related self-service transactions, (4) use your own facilities people to manage the assignment of offices, and then (5) outsource small supplies procurement to yet another provider. If you want to see a selfservice dialogue and semantic integration challenge that approaches getting all members of the United Nations to agree on anything, just try this back at the office.
Can it be done? Absolutely! But theres going to be quite a lot of work that is often overlooked in HRM outsourcing agreements.
During your transition to a comprehensive HRO providers HRMDS or your incorporation of a singleprocess outsourcing agreement into your own HRMDS, not only will there be some level of initial systems integration and process redesign work to be done by your organization, but youre going to be performing some degree of systems integration every time one of the participants changes their approach, systems, or, in the case of outsourced processes, pricing. Most important is to make sure that, via scenario testing, you understand all of the initial and ongoing systems integration work for which youll be responsible and, therefore, all of the costs and risks associated with your planned outsourcing arrangements. All too often this area of self-service integration, which is critical to achieving real productivity improvements, is overlooked.
One outcome of this analysis may be to encourage you to consider even more comprehensive HRM outsourcing, to include those ancillary processes that create self-service touch points that affect the majority of your workforce. Another outcome may be to include a much broader range of workforce-affecting business event scenarios in your assessment of the HRMDS of proposed comprehensive HRO providers, to determine just how integrated their self-service experience is in regards to dialogue protocol and data semantics. And you shouldnt be surprised to discover that those providers who are stitching together their delivery systems platform from an assortment of independently- developed commercially-available software components will have either had to do considerable systems integration work themselves or will be passing along to your workforce the demands of a nonintegrated and non-standard self-service experience.
There are many ways to achieve the level of selfservice dialogue and data consistency that increases user productivity. Ignoring these issues isnt likely to lead to any one of them.
CASE STUDY: The March of Dimes follows the path to a paperless HR department.
Cost savings are important to every business, and non-profits are no different. Many of these organizations rely solely on donations to provide services to those in need. The mission of the March of Dimes, a non-profit organization founded in 1938, is to ensure that every baby is born healthy. The bulk of our financial resources are directed to our missionrelated initiatives. Our goal is to continue to find the most efficient and effective ways to run our organization. Improving our use of technology is an important part of that. < ?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
Recognizing that the HR Department of the March of Dimes was doing most of its HR and payroll processes manually for more than 1,400 employees in more than 150 locations nationwide, my team and I researched ways to automate these processes. The March of Dimes did not have the resources to remedy this problem in-house. Most of our technology investments were going toward improving IT infrastructure and the March of Dimes presence on the Internet.
Having multiple locations was a significant challenge to overcome. HR paperwork was being received from multiple locations. We then had to distribute paper forms and information throughout the March of Dimes chapters across the < ?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" />
Seeking a solution, we were directed by Ceridian a leader in information services for human resources, transportation, and retailingto a company based in
Based on our experience with the HR module, were now looking at ways of streamlining other processes. For example, currently our timesheets are processed manually, and we have no efficient way of running reports or analyzing data. The March of Dimes is looking into adding the timesheets module to our HRIS in the near future. Internet-based employee and workforce productivity applications, such as the HRIS that we are using, represent essential and evolutionary technology that will dramatically improve the way our and other organizations manage their processes and their workforce. These new technologies will transform the business and help us become more efficient and competive in an Internet economy.
By not creating new paper processes and by converting incoming paper to electronic files, the March of Dimes is realizing significant economic savings. When one truly looks at both the hard and the soft costs, the gains quickly become obvious. Business owners and outsourcing experts say that outsourcing allows companies to concentrate on what they do best, their core competencies. It enables them to have other functions performed more efficiently at a lower cost and higher level of accuracy.
The more cost effective and efficient our internal processes become, the more our financial resources can be dedicated to our core competencethe mission to work toward a day when every baby is born healthy.
Rick Martino is Senior VP of HR & Administration and Chief Administrative Officer for the March of Dimes.
Case Study: Creating a national health portal for employees.
An outsourcing partnership delivers e-health portal to Northrop Grumman employees in all 50 states.
Following 16 major acquisitions since 1994, Northrop Grumman, the second-largest defense contractor in the United States, had grown from roughly 40,000 employees to 120,000. Along the way, we also inherited nearly 350 different health and welfare plans and 16 different pension plans. And, although we have been outsourcing a significant portion of our administration for the past 10 years, we did not bring all of our acquisitions together onto one common administrative and design platform until recently.
The catalyst for this consolidation was our 2001 acquisition of Litton Industries. We used this acquisition as an opportunity to redesign all of our benefit programs for several reasons. First, we hadnt redesigned most of our programs for several years and were facing pension issues. And, as we realigned newly acquired employees into different areas within Northrop Grumman, the benefit programs needed to make more sense across the entire company.
Integrating our acquisitions gave us the opportunity to redefine health care at Northrop Grumman. This was a huge undertaking that required a threepronged approach: plan redesign, health care resources, and engaging our leadership and employees from the beginning. Because of the magnitude of the task, we couldnt do it alone. We needed the help of our main outsourcing vendor, Towers Perrin, an HR consulting and administration services firm, to actually make it all happen.
Integral to the changes we were making, and a key piece that we outsourced to Towers Perrin, was the creation of a Web portal to promote health care consumerism (which has the potential to help stem rising health care costs.) We looked at consumerdirected health plans but realized they would only touch those employees who selected them. We wanted to provide health care tools and resources for all of our employees. One of our key messages was that health care was changing dramatically. For employees, the message was that, whether or not we took all of these 350 different health and welfare programs and merged them into one, we were still going to have to address health care cost increases.
In making the decision to outsource the e-health portal, we recognized both the complexity of the task as well as the fact that we were still in the process of implementing our redesigned flexible benefit, recordkeeping, and defined benefit programs. We chose Towers Perrin, in partnership with WebMD, a leading provider of Web-based consumer-focused health care information, because we believed that they would be able to provide us with a solution that would meet our needs.
With our input, Towers Perrin developed an entire health online strategy for Northrop Grumman. They delivered an e-health portal that contains all of the critical health care information needed to help our employees become better health care consumers. Those resources include Health Online, a medical plan comparison tool, online open enrollment, and care management.
In early 2003, we introduced our new Web site NG Benefits Online to our employees, following an intensive communication effort. Through NG Benefits Online, employees can now access a wealth of information and enroll in their benefits with just one click of a mouse. A customized consumerism guide highlights all of the new resources now available.
At Health Online, employees can take a health risk assessment, visit a condition center, maintain their family health records, and use tools to compare drug costs or determine the quality of different hospitals. Care management provides a nurse advice line, a disease and case management option, and a list of centers of excellence. We also use the information employees provide in their health risk assessment to match them with appropriate disease management programs.
We have had very good results to date and view our new e-health portal as an ongoing endeavor to get employees to pay attention to health care costs and their part in managing them. Towers Perrin has provided user statistics that underscore the success of our portal, including the fact that 90 percent of our employees enrolled in their 2004 health care benefits online, 40 percent used the medical plan evaluation tool, and 17 percent registered at Health Online. Based on these encouraging results, we will continue to work with Towers Perrin and WebMD to provide our employees with the best tools to help them become even better health care consumers and managers of their health program costs.
© 2009 - 2019 Copyright SharedXpertise Media, LLC.
All SharedXpertise Media logos and marks as well as all other proprietary materials depicted herein are the property of SharedXpertise Media. All rights reserved.
SharedXpertise Media, LLC, 123 South Broad Street, Philadelphia, PA 19123