.NET Magazine

May 2002

 

 

by Pete Singer VP Product Development, DataPipe USA Inc. & Mark Odian Director Marketing and Sales, DataPipe USA Inc.  January 2005

ABSTRACT

Introduction

It is difficult to imagine a business world without software of some sort to simplify processes. Although software in general is sometimes touted as an empowering tool that has become ubiquitous, the software available for the EH&S industry is far from that. Many software companies have exploded on the scene, making use of an industry trend that was “hot” at the time, only to vanish in obscurity. The EH&S packages that remain have their strengths and weaknesses and it is important for an organization to weigh these before making any strategic investment in technology.

When making such a large strategic investment it is important to consider the big picture. An enterprise-wide solution that spans multiple divisions, departments and other groups within the organization will provide an overall view of information. This is true for EH&S as well as financial and other types of information.

OVERVIEW OF “COMMERCIAL OFF-THE SHELF” (COTS) EH&S SYSTEMS

Background and Current State of Technology

The computing and networking infrastructure in most organizations has come a long way since the inception of modern computing several decades ago. Most organizations have a decent network infrastructure in place and users have Personal Computers capable of running modern business software. Even if an organization doesn't have such an environment, third party companies can be used to supply such infrastructure.

The Piecemeal Approach

The piecemeal approach is the implementation of several small systems to accomplish a wide array of EH&S goals as opposed to one integrated system across all areas of EH&S. There are a number of piecemeal EH&S software applications designed to solve specific problems or perform a particular task. There are very few packages that cover all areas of EH&S. Many organizations take a costly piecemeal approach in looking for software solutions for the EH&S fields. They may purchase a system to manage their injuries and illnesses. They may use spreadsheets to meet their EPA reporting requirements, and they may have homegrown systems that help solve other specific problems. There are inherent flaws in the piecemeal approach:

Flaw #1: Lack of Communication

The islands of information used and maintained cannot easily communicate with one another. Each software package has its own method of storing data and communicating. Sometimes the data is not in a form that another program understands. Furthermore, there is no consistency for how users enter data, causing communication between programs to break down. For instance, one user might enter a body part code, while another user on a different system enters the term, “right arm”. In this example the communicating databases may not understand that these could be the same thing.

Flaw #2: Redundant Information

In using the piecemeal approach there is redundant information (e.g. each island needs to maintain Human Resource data) that is probably out of sync the instant after it’s brought into one of these systems. For instance, HR information may reside in an Enterprise Resource Planning (ERP) system such as PeopleSoft. To help automate retrieval of that HR data into the different islands, custom processes are often set up to import data from the ERP system. These would need to be run periodically in an effort to keep the HR data even marginally current. This is not an issue with an all-encompassing EH&S system.

Flaw #3: Lack of a Standard Interface

Another problem is that each of these systems is different and requires different training. Just as in the days before the Windows GUI, there are no “standards” regarding the interface of applications. In fact, many EH&S professionals are responsible for several closely related areas. It is much more of a burden on an organization to have to train someone on multiple systems than on one common application that is integrated and can cover several areas.

Flaw #4: Cost of Maintaining Multiple Systems

A piecemeal approach puts a burden on the IT Departments that need to install, tune and maintain several systems, as opposed to one common system. This can sometimes amount to significant costs above the final cost of implementing one common system.

Flaw #5: Inevitable Loss of the Caretaker

Individual programs are developed by users who champion the idea. The long-term viability of the program may be in question. When that “champion” leaves the organization the program often becomes unusable because its “parent” is no longer there to care for and feed it.

Flaw #6: Multiple Copies of Non-Comparable Data

In an integrated system, there is only one copy of the common data. Further, the information from one area of specialty can easily be used for comparisons, analysis, reporting, data mining, etc. in another area. Such analysis and reporting is difficult if not impossible to do when using the piecemeal approach.

Solution: Difficult But Not Impossible

Implementing an ERP-class system is not without its problems. There are many decisions that need to be made initially. People from diverse areas within an organization may need to work together to address some common issues. While it may not be effortless to implement an integrated system, the benefits clearly out weigh the difficulties of such an approach. In the long run it will provide a clear return on investment in many ways.

Build vs. Buy

Different organizations and even individual departments within the same organization have varying philosophies when it comes to purchasing ERP-class software solutions. Deciding whether to purchase existing software or develop a custom application is an important decision that has its own strategic advantages and disadvantages. A decision ultimately needs to be made by looking at the overall long-term return on investment. Following are some things to consider.

Control

Developing a solution in-house offers the ultimate in control over what the software does. There is a price to pay for such control though. In-house development of any true, enterprise-class system involves a major expenditure of resources, including time, human and capital. Such a system typically requires many person-years worth of effort as well as subject matter experts (SMEs) across several industry areas (environmental, safety, health, information technology, business professionals and more). There is no instant gratification if a system is developed in-house and very often none at all.

Cost

One of the biggest long-term cost problems that companies run into is that they don’t think in terms of the big picture. When a particular business problem needs to be solved, they go out and buy a specific package or build their own. Some time later, another business requirement causes the company to purchase or build another application. This process continues until there are multiple packages covering many areas of EH&S. The costs of all these packages, including maintenance and support fees, exceed the cost of one good all-encompassing EH&S package.

Customization

While purchasing a “commercial off-the-shelf” (COTS) solution may offer more immediate gratification, what really matters is whether the software is going to be able to help solve a business problem. There are several issues that need to be addressed when deciding on a COTS system. They include a lot of the topics discussed in this paper, but probably the most important – and the one that forces most companies to develop an in-house solution – is customization. If a COTS system can’t be customized at an acceptable level to meet the practical needs of an organization, it’s probably not going to help them solve their original problem.

Time

Is time a factor? Given enough of it, competent IT professionals, working with knowledgeable EH&S professionals can build an in-house system. Is there time available for 1) all these professionals to devote their resources to defining, in detail, what needs to be done, and 2) the many years it will take to develop the program, considering the ever evolving requirements that inevitably come up during the development process? Organizations and their management are today stressing “core competencies.” Is a chemical company, hospital, municipality, telecommunications company, utility, etc. a specialist in their industry or are they in the business of software development? Where are their finite resources best spent?

WHAT TO LOOK FOR IN A COTS EH&S PACKAGE

Customization

While there may be regulatory requirements that drive the need to manage certain information, organizations typically still want to be able to do things differently; “their way.” Some are driven by a desire to go beyond what is required of them by regulations alone. Others may need to include information that may be unique to their organization, state or province, or national regulation requirements.

Change the Layout

It is usually desirable to be able to customize the layout and content of forms within an application. Offering such capability is not generally easy to do. There’s actually a lot that goes on technically behind the scenes in any ERP-class application. Look for systems that allow such customization without the need for extensive code changes in the software programming. The best systems will allow layout alterations through the use of a form designer interface that implements changes through mouse clicks and property settings rather than code changes. The general user knows little about programming and will benefit from an easy-to-use GUI interface.

Add Triggers to Fields

In addition to being able to change the appearance of forms, organizations may also want to define “triggers” that occur if certain criteria are met. For example, it may be desirable to automatically e-mail an EH&S Manager if an injury or illness resulted in a death or a waste container is about to overstay its allowed time in a storage area. It is not feasible for a software application vendor to plan ahead of time all the possible triggers that an entity may want to set up. An application should allow organizations to define their own triggers dynamically based on their continuously evolving business rules.

Adding Additional Fields to a Form

When you purchase a COTS system, you typically receive a series of forms with many fields that can accept data. Inevitably, a decision will be made to track a certain piece of data that does not exist on a supplied form. It is important that you consider a system that allows you to add fields such as date, time, and text or even drop down or combo boxes to the form when needed. If the software is built correctly, you will be able to simply activate new fields with little to no complicated coding and place them anywhere on a form.

Modularity

When purchasing a car, it is desirable to pick and choose what options it should have. This way, consumers only pay for what they want and not the extras. Automobile manufacturers have learned that one size does not fit all. The same theory applies to EH&S software. There are many driving forces that dictate what areas of EH&S a particular company is interested in managing. Just as with automobiles, one size does not fit all.

To extend the automobile analogy, it is often desirable to easily add options to a car – or functionality to a software application. After an initial purchase, regulations, business requirements and user needs are constantly evolving and changing. EH&S software needs to easily adapt to such changes. A modular approach to application design allows an application to offer many different capabilities with the ability to expand as requirements change and user needs dictate.

Look for applications that offer a modular solution to implementing your EH&S needs. The modules should integrate easily, talk to each other and share data seamlessly. There should be no cost penalty for adding on additional components in the future.

Organizational Structure

Different companies have different ways of organizing people, places and things. EH&S software should be able to accommodate how companies organize such information. Just as with modularity, one size does not fit all when it comes to defining an organization’s structure. If a piece of software has limits to how a company can organize its human, capital and other resources, the company may need to change the way it does business to accommodate the software and may lose the ability to accurately report on interdependencies. Unless there is good reason, a company shouldn’t have to change the way it does business because of any software package.

Having the ability to customize your organizational structure is a tremendous asset. For instance, let’s say that within a company there exists divisions that contain facilities and then under that are buildings, each with rooms. If you predefine your organizational structure within the software package then when you record an incident that occurs in a particular room, there will already be interdependency between that room and the building, facility and division that it is under. This allows you to track data and perform risk analyses, loss-dollar analyses and detailed reporting that will save your organization time and money and ultimately provide a return on investment.

The problem is that every organizations structure is different and most software packages do not give you the option to customize this easily, removing vitally important interdependencies between data. Find out if a software package allows you to customize the organizational structure so that it accommodates your business structure.

Reporting Tools

There are several possible ways to offer reporting capabilities from within an application. They generally fall into two categories: high-end tools that offer powerful capabilities for combining information from any part of the system and easy to use ad-hoc tools that provide simple, quick access to information.

High-end commercial reporting tools include offerings by Crystal Decisions and Business Objects. These products were designed to offer people a way to develop and use custom reports.

In addition to commercial reporting tools, a software package should have the ability to generate complex reports based on any set of business rules or layout requirements defined by the user. These types of reports often require programming. The application should allow access to this part of the system so that a qualified individual can make the necessary code changes to implement this type of advanced report.

In addition to offering such an industry standard reporting tool or access to advanced reports for some of the more complex reporting needs, it is vital for an application to offer an ad-hoc reporting capability - a tool that any user can employ with little or no training. Often, a business user wants to make ad-hoc queries of the data to quickly find certain information. These queries may be one-time queries or recurring queries. In either case, a business user who simply wants to find out some basic information should have a simple-to-use, easy-to-learn, point-and-click ad-hoc reporting tool.

Scalability

One reason for the demise of client/server technology was its limited ability to scale. Scaling refers to the need or capability for accommodating additional users and/or more information in a manner that still yields acceptable performance.

To more easily facilitate scalability of applications, several years ago there was an evolution from the two tiers of the client/server world to a three-tier model. More recently “n-tier” architectures have come in to favor which can share the processing across many tiers, theoretically offering unlimited scalability.

 

The N-Tier System

 

This diagram illustrates an “N-tier” system. The client-tier computers communicate with the “middle-tier” computer (web servers), where business logic and intermediate processing are performed. The intermediate tiers send requests for data to the database tier, which sends the requested information back to the middle tier for processing, formatting and forwarding to the clients. All tiers could reside on one physical computer or many, depending on how the organization needs to “scale” the system for the number of users and intensity of use.

In order to take advantage of scaling, an application needs to be architected properly from its inception. Many applications start out as low-use applications. As more and more users are added to them, they become slower and slower. Unless an application was specifically designed with scalability in mind there is a practical limit on the number of users that can effectively employ such an application. It is important to look for this when considering software.

Vendor Longevity

An obvious question when you purchase something (software in particular) from the “outside” is whether the supplier is going to be around to support it. The EH&S software business in general has a dismal record of longevity. Experience shows that a company pops up with the “latest and greatest” program, lasts for about three to four years, and then vanishes. Numerous customers have the proof of this in the form of programs no longer supported by the company from which the software was purchased. Often there is not even a successor company to support such software. If you go to trade shows, consider how many of the exhibitors selling software now were there three years ago, and where the exhibitors you saw three years ago are today.

Size and longevity are not linked. Size is absolutely no guarantee of success. There are multiple examples of where large, well-known software companies have released EH&S programs with much accompanying fanfare. After one, two or three years of trying to make it work, they’ve dropped the business – and unfortunately, the users who bought it.

Examine not only how long a vendor has been in business but also how long they’ve been supplying EH&S software. While there is no guarantee of the future, a long and stable track record in the EH&S software business speaks loudly of a vendor’s potential longevity.

Hosting

Part of deciding on an EH&S solution is determining where the application will be installed and run. Sometimes this is referred to as “hosting.” One option is to install, run and maintain the software within an organization. Another is to use a hosting company that specializes in providing such services.

Hosting the application internally offers the most control over the many pieces of an EH&S solution. An IT group may have the needed hardware in place and the necessary human and time resources to install and maintain the application. The IT group manages the database, web server, clients and everything in between.

Hosting companies, which are often referred to as Application Service Providers (ASP’s) or Managed Service Providers (MSP’s), take on the role of maintaining the hardware, database and application servers. There is merit to this approach in certain circumstances. If the necessary resources of an IT group are stretched too thin for what’s needed to effectively host an application, it may make sense to outsource that part of it. There is a certain level of control that is lost in using this approach. Someone outside of the company is providing the hardware, supporting the database and, perhaps, the application or web servers. As such, the IT group doesn’t necessarily have direct or easy access to company data.

While an ASP or MSP can be used to host your application, it is still important to have a proficient database and network administrator available to properly configure and maintain the system. It is often not wise or practical to outsource this type of administration entirely.

There are many issues that need to be worked out in such an arrangement. Be sure to understand what level of service an ASP is supposed to supply and what the logistics will be if such level of service is not being provided. It should be very clear who has what responsibilities.

Database Independence

A database is used to store and retrieve the information for many applications. These days Oracle, IBM DB2 and Microsoft SQL Server are the most prominent SQL-based, relational database management systems (RDBMS). Organizations typically standardize on one of these for good reason. Purchasing, installing, maintaining, tuning and simply running any of these major RDBMSs is by no means a no-brainer. By picking one and standardizing on it, information technology professionals can focus on one product’s skill set, while eliminating the need to learn and maintain the expertise needed for numerous databases. Look for a software application that will work with your organizations database of choice.

User Interface/Front End

The user interface or front end is the part of the application with which a user sees and interacts. It encompasses the buttons they press, the layout of the fields and the choices they can make. An easy-to-use, efficiently designed user interface is the goal of every software application. The latest trend is in Web-based applications. However, simple HTML pages will be a real disappointment compared to what users have been accustomed to over the past few years in a Windows environment. The ideal technology will maintain the graphical user interface (GUI) of Windows while offering the ease of deployment introduced by web technologies. In most instances the PC is still the “client” device, and it has considerable computing power available locally for doing things to enhance the user’s interaction. A program can be designed to take advantage of both what the Web has to offer as well as what a PC running Windows offers; the best of both worlds.

In the past few years there has been an explosion of non-PC hardware devices. These include personal digital assistants (PDA’s), wireless devices and, yes, even cell phones. When you shop for software to help solve a business problem, be sure that it will be extensible to such devices, as well as to devices that haven’t yet been invented. Without such expansion capabilities the software may be a technologically dead-end solution.

If this seems far-fetched, consider the desirability of being able to receive information on your cell phone or PDA on an incident in your organizations facility that just occurred. What about a field supervisor that needs to check whether a crew member is currently certified to wear a respirator as part of a confined-space entry team, or a nurse looking up a medical record while following up on a case while making a site visit? These examples are just the tip of the iceberg and you will want your software application to be able to reach into this future.

Security/Data Access

It seems as though there are news headlines every other day about some hacker gaining access to an organization’s sensitive data. While the Internet has opened up the world to everyone, it has also exposed vulnerabilities. While no system is iron clad, there are many things that can be done to make it difficult for someone to access a company’s valuable information, including: securing the Web servers, setting up the appropriate security in a database and/or running certain parts of an application over an encrypted connection. It is important to understand which parts of a system are potentially exposed and what options are available to protect those parts. Within the EH&S application itself, there are potential needs to restrict who may see certain kinds of data. Security should extend to the individual user level.

Data Mining

More often than not, the driving force for collecting EH&S information is for compliance purposes. While an organization may have the data needed for compliance, it may not realize that a lot more can be done with the information that was collected as part of the process. Companies are continually being pressured to make more use of fewer and fewer resources. Making use of the information already available can often help reduce costs and have an impact on the bottom line. Searching and discovering previously unknown relationships in a set of data is often referred to as Data Mining.

Armed with the necessary information, Data Mining can be used to establish associations, cluster previously unknown facts, make reasonable predictions about the future and more. It is much easier to mine data when it resides in one centralized, integrated system than if it is scattered across many disparate systems. While Data Mining has been around for quite some time in one form or another, it simply builds on and extends the reporting and Online Analytical Processing (OLAP) tools that may already be used in an organization. Through data mining an organization can perform risk analyses and loss dollar analyses and even prevent major accidents from occurring by seeing trends that they could not visualize without an EH&S software application that has all its data accessible in one central location and a reasonably powerful reporting tool.

Internationalization

Many organizations are or have become global in nature. If a company has sites in countries that speak different languages, it is important for an application that will be used company-wide to be able to accommodate such diversity. This capability is not something that a software vendor can bolt on after the fact. It needs to be incorporated into the design from the beginning.

Data Conversion

Regardless of the nature of any new application, there is usually a need to retrieve data from old systems and bring it into the new system. The structure of the data in disparate systems is almost always different. Be sure to understand the tools that are available from within the application to extract data from other systems, perform the necessary conversions on it and import it. Often such processes need to be run on a periodic basis in an effort to keep the data synchronized.

If you are interested in extracting data from the EH&S system and using it in other programs, also determine what tools exist for the exporting of data.

JUSTIFICATION

Cost Benefit Analysis and Return on Investment

When trying to determine the ultimate return on investment, you are forced to ask the classic question, “What is the cost of an accident that never happens?” This question has plagued risk managers and EH&S professional for decades. Since the advent of comprehensive EH&S software, the subject has gained considerable interest.

For example, using data stored in an EH&S software application over a number of years, reports on cost and savings data can be generated based in part on the following:

• Salaries from reduced staff
• Efficiencies
• Working smarter
• Estimates or extrapolations of worker’s comp loss reduction due to the successful implementation of EH&S software
• Case management
• Savings due to improved OSHA compliance based on previous years of payouts, fines and experience
• Estimated revenues from increased productivity due to a working EH&S information management system
• The ability to provide new services for less money

In evaluating and deciding on an EH&S solution, management may need to be sold on the concept. Sometimes a Cost-Benefit Analysis (CBA) needs to be developed. Other times, a Return on Investment (ROI) proposal must be prepared. Whatever management’s justification preference happens to be, it is often helpful to see what others have done in the past regarding selling the concept.

Now vs. the Future

Recognizing that what is needed today many be different from what might be needed tomorrow you should plan ahead. If your organization will ever require software with one or more of the capabilities listed in this paper, plan for it now.

The number of organizations that initially decide to take a piecemeal approach is staggering. It is not always the purchasers fault. Many times management does not understand that purchasing a comprehensive EH&S software package now (even though they may not use all its components) will save tremendously in the future.

A look at the evolution of the computing industry quickly shows that the only constant is change. As in fields other than computing, there is no way to easily predict where the future is going and how long a trend will remain relevant. One can simply make educated guesses given the information available at the time regarding technology’s direction and which software development tools and methodologies will evolve into pertinent technologies. Be sure to take in to account the dynamics of business change when considering the purchase of an EH&S software package.

OVERVIEW

Summary

This EH&S white paper explored key points to consider when purchasing an EH&S information management solution, from both a technical and managerial perspective.

Evaluating, selecting, implementing and maintaining an EH&S system can be a daunting task, but assistance is available. By illustrating its evolution, outlining the current state of technology, listing the main components and raising other important issues, this paper can act as a starting point in the search for the best EH&S technology appropriate for your organization’s needs.

About Knorr Associates Inc.

DataPipe USA was founded in 1979 and has nearly 35 years experience providing an easy-to-use, modular software solution for collecting and managing EH&S information. Over the years this knowledge evolved into DataPipe™, the complete information management software solution for professionals in the EH&S fields. DataPipe is accessible from the Web or Windows, offers point-and-click reporting, data exchange with external systems and software, automated email notification, triggered events, extensive customizing capabilities, risk management, compliance reporting and more.

DataPipe software encapsulates the capabilities outlined in this document and can easily meet the needs of today’s EH&S requirements. Contact KAI for more information and to request an on-line DEMO.