by Pete Singer VP Product Development,
DataPipe USA Inc. & Mark Odian
Director Marketing and Sales, DataPipe USA Inc.
January 2005
ABSTRACT
Introduction
It is difficult to imagine a business
world without software of some sort to simplify processes.
Although software in general is sometimes touted as an
empowering tool that has become ubiquitous, the software
available for the EH&S industry is far from that. Many
software companies have exploded on the scene, making use
of an industry trend that was “hot” at the time, only to
vanish in obscurity. The EH&S packages that remain have
their strengths and weaknesses and it is important for an
organization to weigh these before making any strategic
investment in technology.
When making such a large strategic
investment it is important to consider the big picture. An
enterprise-wide solution that spans multiple divisions,
departments and other groups within the organization will
provide an overall view of information. This is true for
EH&S as well as financial and other types of information.
OVERVIEW OF
“COMMERCIAL OFF-THE SHELF” (COTS) EH&S SYSTEMS
Background and
Current State of Technology
The computing and networking
infrastructure in most organizations has come a long way
since the inception of modern computing several decades
ago. Most organizations have a decent network
infrastructure in place and users have Personal Computers
capable of running modern business software. Even if an
organization doesn't have such an environment, third party
companies can be used to supply such infrastructure.
The
Piecemeal Approach
The piecemeal approach is the
implementation of several small systems to accomplish a
wide array of EH&S goals as opposed to one integrated
system across all areas of EH&S. There are a number of
piecemeal EH&S software applications designed to solve
specific problems or perform a particular task. There are
very few packages that cover all areas of EH&S. Many
organizations take a costly piecemeal approach in looking
for software solutions for the EH&S fields. They may
purchase a system to manage their injuries and illnesses.
They may use spreadsheets to meet their EPA reporting
requirements, and they may have homegrown systems that
help solve other specific problems. There are inherent
flaws in the piecemeal approach:
Flaw #1: Lack of Communication
The islands of information used and
maintained cannot easily communicate with one another.
Each software package has its own method of storing data
and communicating. Sometimes the data is not in a form
that another program understands. Furthermore, there is no
consistency for how users enter data, causing
communication between programs to break down. For
instance, one user might enter a body part code, while
another user on a different system enters the term, “right
arm”. In this example the communicating databases may not
understand that these could be the same thing.
Flaw #2: Redundant Information
In using the piecemeal approach there is
redundant information (e.g. each island needs to maintain
Human Resource data) that is probably out of sync the
instant after it’s brought into one of these systems. For
instance, HR information may reside in an Enterprise
Resource Planning (ERP) system such as PeopleSoft. To help
automate retrieval of that HR data into the different
islands, custom processes are often set up to import data
from the ERP system. These would need to be run
periodically in an effort to keep the HR data even
marginally current. This is not an issue with an
all-encompassing EH&S system.
Flaw #3: Lack of a Standard Interface
Another problem is that each of these
systems is different and requires different training. Just
as in the days before the Windows GUI, there are no
“standards” regarding the interface of applications. In
fact, many EH&S professionals are responsible for several
closely related areas. It is much more of a burden on an
organization to have to train someone on multiple systems
than on one common application that is integrated and can
cover several areas.
Flaw #4: Cost of Maintaining Multiple
Systems
A piecemeal approach puts a burden on
the IT Departments that need to install, tune and maintain
several systems, as opposed to one common system. This can
sometimes amount to significant costs above the final cost
of implementing one common system.
Flaw #5: Inevitable Loss of the
Caretaker
Individual programs are developed by
users who champion the idea. The long-term viability of
the program may be in question. When that “champion”
leaves the organization the program often becomes unusable
because its “parent” is no longer there to care for and
feed it.
Flaw #6: Multiple Copies of
Non-Comparable Data
In an integrated system, there is only
one copy of the common data. Further, the information from
one area of specialty can easily be used for comparisons,
analysis, reporting, data mining, etc. in another area.
Such analysis and reporting is difficult if not impossible
to do when using the piecemeal approach.
Solution: Difficult But Not Impossible
Implementing an ERP-class system is not
without its problems. There are many decisions that need
to be made initially. People from diverse areas within an
organization may need to work together to address some
common issues. While it may not be effortless to implement
an integrated system, the benefits clearly out weigh the
difficulties of such an approach. In the long run it will
provide a clear return on investment in many ways.
Build vs. Buy
Different organizations and even
individual departments within the same organization have
varying philosophies when it comes to purchasing ERP-class
software solutions. Deciding whether to purchase existing
software or develop a custom application is an important
decision that has its own strategic advantages and
disadvantages. A decision ultimately needs to be made by
looking at the overall long-term return on investment.
Following are some things to consider.
Control
Developing a solution in-house offers
the ultimate in control over what the software does. There
is a price to pay for such control though. In-house
development of any true, enterprise-class system involves
a major expenditure of resources, including time, human
and capital. Such a system typically requires many
person-years worth of effort as well as subject matter
experts (SMEs) across several industry areas
(environmental, safety, health, information technology,
business professionals and more). There is no instant
gratification if a system is developed in-house and very
often none at all.
Cost
One of the biggest long-term cost
problems that companies run into is that they don’t think
in terms of the big picture. When a particular business
problem needs to be solved, they go out and buy a specific
package or build their own. Some time later, another
business requirement causes the company to purchase or
build another application. This process continues until
there are multiple packages covering many areas of EH&S.
The costs of all these packages, including maintenance and
support fees, exceed the cost of one good all-encompassing
EH&S package.
Customization
While purchasing a “commercial
off-the-shelf” (COTS) solution may offer more immediate
gratification, what really matters is whether the software
is going to be able to help solve a business problem.
There are several issues that need to be addressed when
deciding on a COTS system. They include a lot of the
topics discussed in this paper, but probably the most
important – and the one that forces most companies to
develop an in-house solution – is customization. If a COTS
system can’t be customized at an acceptable level to meet
the practical needs of an organization, it’s probably not
going to help them solve their original problem.
Time
Is time a factor? Given enough of it,
competent IT professionals, working with knowledgeable
EH&S professionals can build an in-house system. Is there
time available for 1) all these professionals to devote
their resources to defining, in detail, what needs to be
done, and 2) the many years it will take to develop the
program, considering the ever evolving requirements that
inevitably come up during the development process?
Organizations and their management are today stressing
“core competencies.” Is a chemical company, hospital,
municipality, telecommunications company, utility, etc. a
specialist in their industry or are they in the business
of software development? Where are their finite resources
best spent?
WHAT TO
LOOK FOR IN A COTS EH&S PACKAGE
Customization
While there may be regulatory
requirements that drive the need to manage certain
information, organizations typically still want to be able
to do things differently; “their way.” Some are driven by
a desire to go beyond what is required of them by
regulations alone. Others may need to include information
that may be unique to their organization, state or
province, or national regulation requirements.
Change the
Layout
It is usually desirable to be able to
customize the layout and content of forms within an
application. Offering such capability is not generally
easy to do. There’s actually a lot that goes on
technically behind the scenes in any ERP-class
application. Look for systems that allow such
customization without the need for extensive code changes
in the software programming. The best systems will allow
layout alterations through the use of a form designer
interface that implements changes through mouse clicks and
property settings rather than code changes. The general
user knows little about programming and will benefit from
an easy-to-use GUI interface.
Add Triggers
to Fields
In addition to being able to change the
appearance of forms, organizations may also want to define
“triggers” that occur if certain criteria are met. For
example, it may be desirable to automatically e-mail an
EH&S Manager if an injury or illness resulted in a death
or a waste container is about to overstay its allowed time
in a storage area. It is not feasible for a software
application vendor to plan ahead of time all the possible
triggers that an entity may want to set up. An application
should allow organizations to define their own triggers
dynamically based on their continuously evolving business
rules.
Adding
Additional Fields to a Form
When you purchase a COTS system, you
typically receive a series of forms with many fields that
can accept data. Inevitably, a decision will be made to
track a certain piece of data that does not exist on a
supplied form. It is important that you consider a system
that allows you to add fields such as date, time, and text
or even drop down or combo boxes to the form when needed.
If the software is built correctly, you will be able to
simply activate new fields with little to no complicated
coding and place them anywhere on a form.
Modularity
When
purchasing a car, it is desirable to pick and choose what
options it should have. This way, consumers only pay for
what they want and not the extras. Automobile
manufacturers have learned that one size does not fit all.
The same theory applies to EH&S software. There are many
driving forces that dictate what areas of EH&S a
particular company is interested in managing. Just as with
automobiles, one size does not fit all.
To extend the automobile analogy, it is
often desirable to easily add options to a car – or
functionality to a software application. After an initial
purchase, regulations, business requirements and user
needs are constantly evolving and changing. EH&S software
needs to easily adapt to such changes. A modular approach
to application design allows an application to offer many
different capabilities with the ability to expand as
requirements change and user needs dictate.
Look for applications that offer a
modular solution to implementing your EH&S needs. The
modules should integrate easily, talk to each other and
share data seamlessly. There should be no cost penalty for
adding on additional components in the future.
Organizational
Structure
Different companies have different ways
of organizing people, places and things. EH&S software
should be able to accommodate how companies organize such
information. Just as with modularity, one size does not
fit all when it comes to defining an organization’s
structure. If a piece of software has limits to how a
company can organize its human, capital and other
resources, the company may need to change the way it does
business to accommodate the software and may lose the
ability to accurately report on interdependencies. Unless
there is good reason, a company shouldn’t have to change
the way it does business because of any software package.
Having the ability to customize your
organizational structure is a tremendous asset. For
instance, let’s say that within a company there exists
divisions that contain facilities and then under that are
buildings, each with rooms. If you predefine your
organizational structure within the software package then
when you record an incident that occurs in a particular
room, there will already be interdependency between that
room and the building, facility and division that it is
under. This allows you to track data and perform risk
analyses, loss-dollar analyses and detailed reporting that
will save your organization time and money and ultimately
provide a return on investment.
The problem is that every organizations
structure is different and most software packages do not
give you the option to customize this easily, removing
vitally important interdependencies between data. Find out
if a software package allows you to customize the
organizational structure so that it accommodates your
business structure.
Reporting
Tools
There are several possible ways to offer
reporting capabilities from within an application. They
generally fall into two categories: high-end tools that
offer powerful capabilities for combining information from
any part of the system and easy to use ad-hoc tools that
provide simple, quick access to information.
High-end commercial reporting tools
include offerings by Crystal Decisions and Business
Objects. These products were designed to offer people a
way to develop and use custom reports.
In addition to commercial reporting
tools, a software package should have the ability to
generate complex reports based on any set of business
rules or layout requirements defined by the user. These
types of reports often require programming. The
application should allow access to this part of the system
so that a qualified individual can make the necessary code
changes to implement this type of advanced report.
In addition to offering such an industry
standard reporting tool or access to advanced reports for
some of the more complex reporting needs, it is vital for
an application to offer an ad-hoc reporting capability - a
tool that any user can employ with little or no training.
Often, a business user wants to make ad-hoc queries of the
data to quickly find certain information. These queries
may be one-time queries or recurring queries. In either
case, a business user who simply wants to find out some
basic information should have a simple-to-use,
easy-to-learn, point-and-click ad-hoc reporting tool.
Scalability
One reason for the demise of
client/server technology was its limited ability to scale.
Scaling refers to the need or capability for accommodating
additional users and/or more information in a manner that
still yields acceptable performance.
To more easily facilitate scalability of
applications, several years ago there was an evolution
from the two tiers of the client/server world to a
three-tier model. More recently “n-tier” architectures
have come in to favor which can share the processing
across many tiers, theoretically offering unlimited
scalability.

The N-Tier System
This diagram illustrates an “N-tier”
system. The client-tier computers communicate with the
“middle-tier” computer (web servers), where business logic
and intermediate processing are performed. The
intermediate tiers send requests for data to the database
tier, which sends the requested information back to the
middle tier for processing, formatting and forwarding to
the clients. All tiers could reside on one physical
computer or many, depending on how the organization needs
to “scale” the system for the number of users and
intensity of use.
In order to take advantage of scaling,
an application needs to be architected properly from its
inception. Many applications start out as low-use
applications. As more and more users are added to them,
they become slower and slower. Unless an application was
specifically designed with scalability in mind there is a
practical limit on the number of users that can
effectively employ such an application. It is important to
look for this when considering software.
Vendor
Longevity
An obvious question when you purchase
something (software in particular) from the “outside” is
whether the supplier is going to be around to support it.
The EH&S software business in general has a dismal record
of longevity. Experience shows that a company pops up with
the “latest and greatest” program, lasts for about three
to four years, and then vanishes. Numerous customers have
the proof of this in the form of programs no longer
supported by the company from which the software was
purchased. Often there is not even a successor company to
support such software. If you go to trade shows, consider
how many of the exhibitors selling software now were there
three years ago, and where the exhibitors you saw three
years ago are today.
Size and longevity are not linked. Size
is absolutely no guarantee of success. There are multiple
examples of where large, well-known software companies
have released EH&S programs with much accompanying
fanfare. After one, two or three years of trying to make
it work, they’ve dropped the business – and unfortunately,
the users who bought it.
Examine not only how long a vendor has
been in business but also how long they’ve been supplying
EH&S software. While there is no guarantee of the future,
a long and stable track record in the EH&S software
business speaks loudly of a vendor’s potential longevity.
Hosting
Part of deciding on an EH&S solution is
determining where the application will be installed and
run. Sometimes this is referred to as “hosting.” One
option is to install, run and maintain the software within
an organization. Another is to use a hosting company that
specializes in providing such services.
Hosting the application internally
offers the most control over the many pieces of an EH&S
solution. An IT group may have the needed hardware in
place and the necessary human and time resources to
install and maintain the application. The IT group manages
the database, web server, clients and everything in
between.
Hosting companies, which are often
referred to as Application Service Providers (ASP’s) or
Managed Service Providers (MSP’s), take on the role of
maintaining the hardware, database and application
servers. There is merit to this approach in certain
circumstances. If the necessary resources of an IT group
are stretched too thin for what’s needed to effectively
host an application, it may make sense to outsource that
part of it. There is a certain level of control that is
lost in using this approach. Someone outside of the
company is providing the hardware, supporting the database
and, perhaps, the application or web servers. As such, the
IT group doesn’t necessarily have direct or easy access to
company data.
While an ASP or MSP can be used to host
your application, it is still important to have a
proficient database and network administrator available to
properly configure and maintain the system. It is often
not wise or practical to outsource this type of
administration entirely.
There are many issues that need to be
worked out in such an arrangement. Be sure to understand
what level of service an ASP is supposed to supply and
what the logistics will be if such level of service is not
being provided. It should be very clear who has what
responsibilities.
Database
Independence
A database is used to store and retrieve
the information for many applications. These days Oracle,
IBM DB2 and Microsoft SQL Server are the most prominent
SQL-based, relational database management systems (RDBMS).
Organizations typically standardize on one of these for
good reason. Purchasing, installing, maintaining, tuning
and simply running any of these major RDBMSs is by no
means a no-brainer. By picking one and standardizing on
it, information technology professionals can focus on one
product’s skill set, while eliminating the need to learn
and maintain the expertise needed for numerous databases.
Look for a software application that will work with your
organizations database of choice.
User
Interface/Front End
The user interface or front end is the
part of the application with which a user sees and
interacts. It encompasses the buttons they press, the
layout of the fields and the choices they can make. An
easy-to-use, efficiently designed user interface is the
goal of every software application. The latest trend is in
Web-based applications. However, simple HTML pages will be
a real disappointment compared to what users have been
accustomed to over the past few years in a Windows
environment. The ideal technology will maintain the
graphical user interface (GUI) of Windows while offering
the ease of deployment introduced by web technologies. In
most instances the PC is still the “client” device, and it
has considerable computing power available locally for
doing things to enhance the user’s interaction. A program
can be designed to take advantage of both what the Web has
to offer as well as what a PC running Windows offers; the
best of both worlds.
In the past few years there has been an
explosion of non-PC hardware devices. These include
personal digital assistants (PDA’s), wireless devices and,
yes, even cell phones. When you shop for software to help
solve a business problem, be sure that it will be
extensible to such devices, as well as to devices that
haven’t yet been invented. Without such expansion
capabilities the software may be a technologically
dead-end solution.
If this seems far-fetched, consider the
desirability of being able to receive information on your
cell phone or PDA on an incident in your organizations
facility that just occurred. What about a field supervisor
that needs to check whether a crew member is currently
certified to wear a respirator as part of a confined-space
entry team, or a nurse looking up a medical record while
following up on a case while making a site visit? These
examples are just the tip of the iceberg and you will want
your software application to be able to reach into this
future.
Security/Data
Access
It seems as though there are news
headlines every other day about some hacker gaining access
to an organization’s sensitive data. While the Internet
has opened up the world to everyone, it has also exposed
vulnerabilities. While no system is iron clad, there are
many things that can be done to make it difficult for
someone to access a company’s valuable information,
including: securing the Web servers, setting up the
appropriate security in a database and/or running certain
parts of an application over an encrypted connection. It
is important to understand which parts of a system are
potentially exposed and what options are available to
protect those parts. Within the EH&S application itself,
there are potential needs to restrict who may see certain
kinds of data. Security should extend to the individual
user level.
Data Mining
More often than not, the driving force
for collecting EH&S information is for compliance
purposes. While an organization may have the data needed
for compliance, it may not realize that a lot more can be
done with the information that was collected as part of
the process. Companies are continually being pressured to
make more use of fewer and fewer resources. Making use of
the information already available can often help reduce
costs and have an impact on the bottom line. Searching and
discovering previously unknown relationships in a set of
data is often referred to as Data Mining.
Armed with the necessary information,
Data Mining can be used to establish associations, cluster
previously unknown facts, make reasonable predictions
about the future and more. It is much easier to mine data
when it resides in one centralized, integrated system than
if it is scattered across many disparate systems. While
Data Mining has been around for quite some time in one
form or another, it simply builds on and extends the
reporting and Online Analytical Processing (OLAP) tools
that may already be used in an organization. Through data
mining an organization can perform risk analyses and loss
dollar analyses and even prevent major accidents from
occurring by seeing trends that they could not visualize
without an EH&S software application that has all its data
accessible in one central location and a reasonably
powerful reporting tool.
Internationalization
Many organizations are or have become
global in nature. If a company has sites in countries that
speak different languages, it is important for an
application that will be used company-wide to be able to
accommodate such diversity. This capability is not
something that a software vendor can bolt on after the
fact. It needs to be incorporated into the design from the
beginning.
Data
Conversion
Regardless of the nature of any new
application, there is usually a need to retrieve data from
old systems and bring it into the new system. The
structure of the data in disparate systems is almost
always different. Be sure to understand the tools that are
available from within the application to extract data from
other systems, perform the necessary conversions on it and
import it. Often such processes need to be run on a
periodic basis in an effort to keep the data synchronized.
If you are interested in extracting data
from the EH&S system and using it in other programs, also
determine what tools exist for the exporting of data.
JUSTIFICATION
Cost Benefit
Analysis and Return on Investment
When trying to determine the ultimate
return on investment, you are forced to ask the classic
question, “What is the cost of an accident that never
happens?” This question has plagued risk managers and EH&S
professional for decades. Since the advent of
comprehensive EH&S software, the subject has gained
considerable interest.
For example, using data stored in an
EH&S software application over a number of years, reports
on cost and savings data can be generated based in part on
the following:
- Salaries from reduced staff
- Efficiencies
- Working smarter
- Estimates or extrapolations of
worker’s comp loss reduction due to the successful
implementation of EH&S software
- Case management
- Savings due to improved OSHA
compliance based on previous years of payouts, fines and
experience
- Estimated revenues from increased
productivity due to a working EH&S information
management system
- The ability to provide new services
for less money
In evaluating and deciding on an EH&S
solution, management may need to be sold on the concept.
Sometimes a Cost-Benefit Analysis (CBA) needs to be
developed. Other times, a Return on Investment (ROI)
proposal must be prepared. Whatever management’s
justification preference happens to be, it is often
helpful to see what others have done in the past regarding
selling the concept.
Now vs. the
Future
Recognizing that what is needed today
many be different from what might be needed tomorrow you
should plan ahead. If your organization will ever require
software with one or more of the capabilities listed in
this paper, plan for it now.
The number of organizations that
initially decide to take a piecemeal approach is
staggering. It is not always the purchasers fault. Many
times management does not understand that purchasing a
comprehensive EH&S software package now (even though they
may not use all its components) will save tremendously in
the future.
A look at the evolution of the computing
industry quickly shows that the only constant is change.
As in fields other than computing, there is no way to
easily predict where the future is going and how long a
trend will remain relevant. One can simply make educated
guesses given the information available at the time
regarding technology’s direction and which software
development tools and methodologies will evolve into
pertinent technologies. Be sure to take in to account the
dynamics of business change when considering the purchase
of an EH&S software package.
OVERVIEW
Summary
This EH&S white paper explored key
points to consider when purchasing an EH&S information
management solution, from both a technical and managerial
perspective.
Evaluating, selecting, implementing and
maintaining an EH&S system can be a daunting task, but
assistance is available. By illustrating its evolution,
outlining the current state of technology, listing the
main components and raising other important issues, this
paper can act as a starting point in the search for the
best EH&S technology appropriate for your organization’s
needs.
About Knorr
Associates Inc.
DataPipe USA was founded in 1979 and
has nearly 35 years experience providing an easy-to-use,
modular software solution for collecting and managing EH&S
information. Over the years this knowledge evolved into
DataPipe™, the complete information management software
solution for professionals in the EH&S fields. DataPipe is
accessible from the Web or Windows, offers point-and-click
reporting, data exchange with external systems and
software, automated email notification, triggered events,
extensive customizing capabilities, risk management,
compliance reporting and more.
DataPipe software encapsulates the
capabilities outlined in this document and can easily meet
the needs of today’s EH&S requirements.
Contact KAI for more
information and to request an on-line DEMO.