Sourcing Speak

Doing Business in Europe? Social Media Prosecution in Germany Flags Data Consent Problem

Posted November 22, 2011

Do you transfer personal data from Europe to the US? Do you use cookies on a website aimed at European customers? Do you send marketing emails to Europe? Do you otherwise “process” data in Europe? Do you really have consent to process personal data? If any of these questions strike a chord with you, then you should certainly note recent trends in the EU regarding the concept of “consent,” not least the news from Germany that Facebook is to be prosecuted (and potentially fined up to $400,000) over its facial recognition software feature and for failure to properly obtain consents.

This issue of what constitutes proper consent has been coming to the boil in 2011.

A recent Opinion published by the Article 29 Working Party (the grouping of data protection authorities from each EU state – the “Working Party”), looked again at the concept of “consent,” which, subject to certain exceptions, is required from individuals before such activities are carried out. Adopted 13 July 2011, it was aimed to provide a thorough analysis on the concept of consent as currently used in the European Data Protection Directive 95/46/EC and the e-Privacy Directive 2002/58/EC.

Accounting for Cybersecurity – (Part 2 of 4)

Posted November 17, 2011

By Pillsbury's Global Sourcing Team

Pillsbury's Global Sourcing Team

In Part One of this article, we looked at the Securities and Exchange Commission (SEC) Division of Corporation Finance’s recent release – CF Disclosure Guidance: Topic No. 2 – Cybersecurity (the “Guidance”), which is intended to provide guidance to companies on whether and how to disclose the impact of the risk and cost of cybersecurity incidents (both malicious and accidental) on a company.

In Part Two we’ll look at the specific advice provided by the Guidance regarding specific reporting regulations and how it might apply to some recent cyber-incidents.

Management’s Discussion and Analysis of Financial Condition and Results of Operations

Accounting for Cybersecurity – Part One

Posted November 15, 2011

By Pillsbury's Global Sourcing Team

Pillsbury's Global Sourcing Team

On October 13 the Securities and Exchange Commission (SEC) Division of Corporation Finance released CF Disclosure Guidance: Topic No. 2 – Cybersecurity (the “Guidance”), which is intended to provide guidance to companies on whether and how to disclose the impact of the risk and cost of cybersecurity incidents (both malicious and accidental) on a company.

This represents a reminder that companies should think about cybersecurity and data breach incidents when deciding how to fulfill their obligations under the SEC’s existing disclosure requirements. Up to this point, the market’s focus has been on how US law requires disclosure of data breaches affecting personal information of specific types. Other security incidents only became public knowledge because of unofficial disclosures or because of their effect (e.g., a denial of service attack). Now, the SEC has made it clear that the risks associated with cyber incidents, the costs of mitigating those risks, and the consequences of a cyber incident may rise to the level of materiality that would require disclosure to investors and regulatory authorities.

Although the Guidance is not, in itself, a rule or regulation, companies who ignore such guidance may do so at their peril.

Beyond Cheap Labor Outsourcing: IT Operations Automation

Posted November 9, 2011

By Joseph E. Nash and Roger C. Roy Jr.

Joseph E. Nash

Roger C. Roy Jr.

For the past decade or so, IT organizations looking to lower delivery costs have outsourced day-to-day IT operations activities to IT suppliers who in turn send the work to low cost locations (primarily India). Typically, this is done by executing a knowledge transfer process whereby the IT suppliers capture the information needed to operate the client’s environment and then train offshore resources to do the same work. Ideally, the IT supplier also contributes processes and technology best practices and actually improves the execution of the services formerly performed by the client.

While these solutions worked to cause one-time reductions in IT costs, the savings from offshoring is declining while productivity and cost challenges require CIOs to continue to demand more. Do we simply encourage suppliers to keep chasing cheaper labor around the globe? Do suppliers use knowledge tools to keep pushing the work down to lower (cheaper) levels of staff? Neither of those options are particularly appealing. Perhaps suppliers can continue to improve their processes and execution to reduce the time and effort to deliver services. How much incremental value is that really going to deliver? Maybe a few percentage points in productivity improvement annually and maybe none after inflation.

What’s needed is a sea change. CIOs need a disruptive technology-driven solution to challenge the traditional role of human labor in running day-to-day IT operations – specifically the execution of repetitive tasks performed every day by IT resources around the globe. They need automation in IT operations.

Macs in the Enterprise?

Posted November 8, 2011

By Douglas S. Parker

Douglas S. Parker

There’s a small, but growing, group of people that are willing to purchase their own computing devices and software required to be compatible with their Windows-based colleagues, forego most of the help provided by their employers’ IT service desks, figure out how to gain access to exposed enterprise services and pass the secrets along to others willing to march to a different drummer.

And yet, while such individuals oftentimes represent those that are most likely to develop the breakthroughs on which their businesses depend, enterprise IT’s overwhelming response has been to make it difficult for such employees to co-exist in the neighborhood.

Up until now, that’s been the collective opinion of big business and research organizations focused on such matters. But with a report just issued by David K. Johnson at Forrester (it’s US$499 for those who don’t subscribe), they have now decided that “It’s time to repeal prohibition and take decisive action.”

The Future is {Almost} Here

Posted October 28, 2011

By Douglas S. Parker

Douglas S. Parker

When I was a kid, the future to me revolved around flying cars. More than a few years later, we still don’t have flying cars (albeit DARPA is trying to develop one in its Transformer program), but given how most people drive, I’m not sure I really want to see them fly.

Sure, there’s been some excitement along the way - home microwaves, a moon landing or two, touchtone phones, PCs (and Macs), cell phones and smartphones, but nothing yet that has pulled it all together and screamed out loud that the future had arrived. That is until I watched a video produced by Microsoft’s Office group. Seriously.

https://www.youtube.com/watch?v=a6cNdhOKwi0

HP to Keep PC Division

Posted October 28, 2011

By Douglas S. Parker

Douglas S. Parker

So the pendulum swings the other way and HP has decided to keep its PC division.

HP Press Release.

Good for HP, there is no shame in reversing a prior decision – especially one that could have significant repercussions.

Outsourcing Productivity: Are you getting your share?

Posted October 24, 2011

By Mike Beasley

Mike Beasley

There have been numerous articles written over the past couple of years linking productivity gains with the anemic jobs recovery. This spring USA Today ran a story that focused on the US being out of step with the rest of the industrialized nations by having a faster growing economy, but creating fewer jobs. A Forbes article similarly asks: “Are Technology and Productivity Gains Squashing the Jobs Recovery?” There is little argument that workers, in all corners of industry, are getting better. Always have, always will. There has been a particular bump in productivity since the recession late in the decade because businesses were forced to get by with less. Now that the economy has started to recover, many businesses have found this “leaner” way of doing things can be sustainable and leads to improved profits.

Focusing on the technology sector, and outsourcing specifically, these productivity gains can be magnified. In the sector defined by automation, advances in higher degrees of automation should come as no surprise. Last summer HP announced they would reduce their work force by 9,000 over the next three years, “due to productivity gains and automation.” And, this is after they wrung out the efficiencies realized from their merger with EDS.

When you couple automation advances with Moore’s law in the hardware arena, outsourcing suppliers have the opportunity to bring significant productivity gains to their operations, and ultimately their bottom line. And, well they should. If your supplier partner is not doing everything they can to improve their operations and service offerings, they will probably not be the supplier to support your organization in the future. So, you want your supplier to realize these improvements in capability and profitability, but you should also be sharing in those gains. Not just as the recipient of the new or better service next year or the year after, but you should also share in the monetary benefits of these productivity improvements.

Is Your EHR Contract Healthy For Business?

Posted October 19, 2011

By Jonathan D. Butler

Jonathan D. Butler

A group of health clinics representing dozens of health care providers recently decided to migrate to an electronic health record (EHR) solution. The clinics selected a system that others in the area had recently adopted and negotiated a software license and hosting agreement with the vendor. When the negotiations were completed they asked us to take a look at the contract. The result was a little startling.

The benefits of EHR technology are manifest: less chart pulling, improved billing, reduced costs, remote access to records for point-of-care decision support, improved communication between health care providers (such as the primary care physician and the pharmacist), easier compliance with regulations, improved disaster recovery capabilities (it’s easier to backup a database than copy voluminous paper charts), etc. It also doesn’t hurt that the US government has committed – in the Health Information Technology for Economic and Clinical Health Act (HITECH Act), enacted as part of the American Recovery and Reinvestment Act of 2009 – to spend more than $19 billion through 2014 to encourage adoption of EHR solutions. Needless to say, the rush is on to secure this technology.

It is a common scenario for health IT professionals to involve their legal counsel at the eleventh hour or not at all in EHR procurement, in most cases because they become so focused on the technical and operational aspects of the procurement that they do not appreciate the risks inherent in contract provisions that look like typical “boilerplate.” The rush to finalize an EHR procurement effort can overshadow the need to assess the potential future hidden costs of onerous contract provisions that, for example, limit the vendor’s liability and impose undue obligations on the customer. The EHR vendors have the benefit of years of experience in negotiating procurements, which gives them real bargaining leverage in contract negotiations. Many IT professionals have learned to their chagrin that addressing these provisions at the end of negotiations leaves them with little leverage and a “take it or leave it” response from the vendor, because the vendor recognizes that it’s too late for the customer to start over with another vendor.

It’s Not You, It’s Me: Figuring Out if You Should Re-Negotiate Your Outsourcing Contract

Posted October 14, 2011

By Brooke L. Daniels

Brooke L. Daniels

Current economic conditions require companies to realize cost savings quickly, and existing outsourcing relationships are a popular target. In most cases it should be faster and cheaper to re-negotiate an existing deal than it is to engage in a traditional competitive procurement. This approach allows a company to leverage the existing contract instead of spending resources to identify and transition to a new supplier.

A typical outsourcing engagement lasts anywhere between three and seven years, and, naturally, issues are bound to arise in that time. Re-negotiation provides an opportunity to address these issues, be they pricing, solution, governance or something different entirely. However, if the answer to whether to renegotiate were this simple, everyone would do it. Several key issues drive whether re-negotiating your existing contract is the way to go, or if the possibility of quick savings is more hope than reality.

Some contracts are better candidates for re-negotiation than others. It can be difficult for a company to determine if a particular contract is suitable for a re-negotiation. Naturally, re-negotiation may become more attractive as the expiration date draws nearer, and service providers are more willing to cut a deal late in the contract life cycle. In practice, most customers consider re-negotiation before that time. If you are wondering if your contract is a good candidate for early renegotiation, here are some points to consider:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: