Industry news

Outsourcing the headlines? That seemed to be on the cards with speculation that US television network CBS is in talks with CNN about outsourcing its reporting operations to the all-news network.

A report on NYTimes.com had said that CBS News/Sports president Sean McManus and CNN International president Jim Walton were talking about ways the two networks could combine forces. This could include CBS paying CNN to use its newsgathering resources.

According to US media scuttlebutt, the plan is about "reducing CBS’s news-gathering capacity while keeping its frontline personalities, like Katie Couric, the CBS Evening News anchor, and paying a fee to CNN to buy the cable network’s news feeds."

But CBS News denied any such talks. "We are extremely satisfied with and proud of our newsgathering operation," a CBS News spokeswoman said Monday. "No outside arrangement is being negotiated."

The spokeswoman conceded that there had been discussions around the prospect of a pool arrangement between CBS and CNN in Baghdad, but these had come to nothing.

Electrolux, one of the leading companies in global home appliances, has partnered with Fujitsu Services in a five year contract. The deal will see Fujitsu service various elements of Electrolux’s European IT infrastructure.

Fujitsu will take responsibility for PC, LAN, on-site-support, service desk as well as server management comprising around 10,000 work stations in 32 countries. Fujitsu will deliver these services in 14 languages from it centres in Portugal and Sweden.

“The idea was to find more centralised but flexible solutions for our IT infrastructure. The procurement process has been extensive and the choice of Fujitsu was, amongst other things, based on the fact that it offers easy to manage IT service,.” said Bertil Norberg, group CIO, Electrolux.

AMF Bowling, one of the biggest names in UK tenpin bowling, has signed up IMServ in a quest to boost its energy efficiency across all 33 of its bowling complexes and its head office. The deal is also expected to increase profitability whilst helping to demonstrate a heightened environmental commitment.

The energy intensive leisure industry has been hit hard by rising utility costs with AMF’s predicted gas and electricity overheads doubling from 2005 to in excess of £1.5 million for the 2006 – 2007 period. The IMServ deal has been implemented to address these figures by reducing energy usage and increase efficiency of usage.

AMF is now using an advanced energy data management system, Energy DataVision (EDV), to examine the total energy being used across the business. The tool delivers energy data rapidly, meaning that energy decisions can be made on a more frequent and relevant basis.

Lucy Fitzgerald from IMServ comments: “With accurate energy information, estimated bills can become a thing of the past. With a complete view of the energy consumed across all its complexes, AMF Bowling is now in a strong position to take action on its energy efficiency.”

Taxpayers' money is being squandered on public sector outsourcing deals where costs are ballooning up to 75 per cent more than the going market rate, reports Silicon.com.

Compass Management Consulting claims that lacklustre controls on spending over the full lifetime of government outsourcing contracts are leading to "poor value for money" because public sector organisations are lured by low upfront costs, rather than longer term savings.

The consulting group made its claims in a submission to the government's Public Services Industry Review (PSIR) that is looking at how to improve efficiency in the £40bn-a-year public outsourcing market.

Compass said that managers and systems need to be put in place to work with supplier to monitor performance and control spending once the contract gets underway, similar to the setting up of a vendor management office.

Democratic candidate Hillary Clinton has unveiled an insourcing policy aimed at ending tax incentives to US firms that outsource jobs overseas. She said a Clinton administration would instead create incentives of $7 billion a year for companies to create jobs inside the country.

''I believe our government should get out of the business of rewarding companies for shipping jobs overseas, and get back into the business of rewarding companies that create good, high-wage jobs – with good benefits – right here in America,'' Clinton told a cheering audience in Pittsburgh, during what has become an increasingly uphill campaign to win the Democratic Presidential nomination from Barack Obama.

''We reward companies like Exxon-Mobil who park $56 billion in profits overseas because they don't have to pay a dime in US taxes on those profits,' she said.'

The senator said her plan would inspire a new, local, greener manufacturing environment within the US, investing some $500 million to encourage the sector's use of clean energy.

The US is one of the top three outsourcing destinations of choice for UK CIOs.

Telecoms and services giant BT has become embroiled in a 'spyware' scandal. In 2006 the company secretly profiled the web browsing habits of 18,000 of its broadband customers using technology provided by 121Media, now known as Phorm.

BT ran the pilot without the knowledge or consent of its customers, up to 10,000 of whom might have been profiled concurrently. The aim was to deploy targeted advertising at groups visiting popular portals within areas such as finance and recruitment.

As reported in The Register, which broke the story, the Regulation of Investigatory Powers Act 2000 (RIPA) makes intercepting internet traffic without a warrant or consent an offence. It remains unclear whether the legal definition of an intercept covers the case.

It's a matter of public record that former BT Retail CTO Stratis Scleparis became group CTO at Phorm the following year.

The story comes amid increasing consumer concern about some companies' use of such technologies to track private surfing habits – and increasing government pressure for ISPs to retain surfing data. Social networking behemoth Facebook has also been in the spotlight for the data it gathers about users' wider surfing habits.

IBM has received a temporary suspension from US government work in the wake of a dispute over the award of a contract.

IBM has announced that it has been prevented from seeking new federal contracts pending the result of an investigation into a 10-year, $84 million deal awarded in 2007 to CGI Federal, a subsidiary of Canada-based CGI Group Inc, which IBM protested. The company and some of its employees have been subpoenaed to appear in front of a grand jury.

In spite of this, both Big Blue and Wall Street have shrugged off the suspension, pointing to the fact that federal contracts contribute only 1-2% of its total revenues.

IBM is cooperating with the investigation.

Healthcare organisations are increasingly looking at IT outsourcing (ITO) and business process outsourcing (BPO) to improve the efficiency and effectiveness of their back-office and support operations, according to an EquaTerra 'Perspective' paper, Emerging Outsourcing Trends in the Healthcare Industry . The report examines the various market challenges that the healthcare industry is facing, especially in the US. Essentially, then, the document concerns private care on the other side of the Atlantic.

EquaTerra estimates that, globally, 75 IT outsourcing (ITO) and BPO deals with total contract value of greater than $50 million were signed from 2004 through 2007. This represents a small percentage of the total number of outsource deals, "highlighting the relative immaturity of the healthcare outsourcing market compared to other industries, such as banking, financial services and manufacturing", says the company.

That said, the healthcare outsourcing market is expected to grow at close to 10 percent over the next five to seven years, faster than overall market growth of seven to eight percent.

The report's co-author Mark Voytek, EquaTerra’s healthcare industry lead, said: “Healthcare organisations that have not recently done so should update and reassess their strategy and action plan for use of alternative service delivery models for both back-office and core operating functions and processes.

"If successfully executed, outsourcing can play a positive and growing role in helping them address the serious challenges they are facing today. And while they should use caution when exploring and assessing emerging BPO areas, the market is expanding and rapidly maturing, and what was premature in the past could be ready for prime time today.”

The report identifies the following challenges faced by the (US) healthcare payer segment:

• Merger, acquisition and divestiture activity has placed increased demands on technical and support infrastructures, further driving the need for change.

• Many of the larger payers have remained with legacy hardware and proprietary or internally developed applications which no longer meet their needs.

• The growing complexity of offerings, as well as government and regulatory changes, have increased delivery and support requirements.

• Confidentiality and privacy issues around personal health data has caused an increase in expenses associated with the delivery of services.

Of course, the report is less relevant (at present) to the UK healthcare sector, which is driven less by the needs of insurance and private care.

The NHS has been the focus for a massive investment in outsourcing, centred on the National programme for IT (NpfIT), which has been criticised for being misconceived, insecure and massively over-budget – despite the success of some individual elements, such as the digitisation of patients' medical scans.

It may take decades for the NpfIT to deliver savings that cover its escalating costs. The introduction of a central database of patient records has also created the kind of security and privacy fears that EquaTerra's report suggests are being addressed by technology elsewhere.

The extent of private involvement in the NHS remains a focus of much controversy in the UK, given that the state-run service is regarded with envy in many parts of the world, including the US.

Nevertheless, US trends are becoming increasingly relevant to a UK government that seems keen to emulate transatlantic ideas. Based on a poll EquaTerra conducted with outsourcing service providers in the US healthcare 'payer' space, the process areas exhibiting the greatest levels of outsourcing demand included knowledge services, such as reporting, planning and analytics.

This chimes with recent Gartner analysis into global customer/citizen relationship management (CRM) trends, which suggest that analytics are one of the hot areas of that market.

It's known (and has been discussed elsewhere in the Editor's Blog) that local authorities throughout the UK are joining together through cross-border CRM schemes, mainly with the intention of sharing data about citizens – either to provide targeted and more efficient services, or to withdraw services from late-paying or antisocial people (depending on your viewpoint).

It is not a huge leap of the imagination to suppose the NHS might follow the same route, in the name of preventative rather than medicinal care.

In the US, EquaTerra sees that buyer demand is outpacing supplier maturity, which is characteristic of an outsourcing market in more of a demand pull than a supplier push mode. This, says the company, is due to the recent increase in buyer demand levels, coupled with a supplier lag in developing and expanding service offerings as a result of historically weak demand for outsourcing services in this market sector.

However, EquaTerra finds that outsourcing service providers that target healthcare – including Indian firms moving into business services – are starting to develop more targeted and compelling outsourcing offerings.

Given the close cultural fit, the entry of an Indian outsourcing player into the UK healthcare market seems to be a distinct possibility, if EquaTerra's findings do map onto the very different UK healthcare landscape.

Outsourcing non-critical processes constitutes normal day-to-day business and best practice in industries such as aerospace, the automotive sector and telecommunications. Losing the non-value add stuff so that more time and budget is available to spend on the critical? A no-brainer, surely? But this is not yet the case in pharmaceuticals, an industry that transforms our lives with modern science, but whose approach to business processes can sometimes seem lacklustre by comparison.

Outsourcing is not a new concept to pharma per se. Manufacturing capacity and clinical trials are frequently outsourced; and truck loads of documents and paperwork are shipped to clinical research organisations (CROs) on a regular basis. But outsourcing an actual compliance-critical process? No way.

Take for example pharmacovigilance; the terror of being sued over incorrect reporting of an adverse event, or putting the business reputation at risk has led the pharma industry to clutch these processes fearfully to their chest. The processes themselves are needed for compliance reasons and add little in terms of value, but plenty in terms of cost and added stress to the business.

So is it plain foolishness, stubbornness, the fear factor or all three that make pharma companies ignore the benefits that outsourcing can bring? Well, intense scrutiny and regulatory pressures mean that a culture of extreme caution has developed when it comes to new ways of working.

Many processes in pharmacovigilance are a burden to Pharma and ripe for outsourcing. In a business making drugs based on, for example, acetylsalicylic acid, a product that has been on the market for well over 100 years, the chances are there is often no new knowledge to be gained from PSURs and single case handling, yet the dogged reporting and analysis still has to take place in order to maintain compliance.

The drugs do not contain intellectual property, do not tell the company anything useful and could easily be managed outside of the business. Forward thinking Pharma companies are beginning to wake up to this fact.

Of course if a drug company fully owns a proprietary product that accounts for a significant proportion of its annual revenue, then chances are that they will want to keep every process concerning its safety in-house, because any margin for error puts the business at huge risk.

However, for the larger pharma and generics companies with huge portfolios of non-proprietary products, there are several non-critical processes that it makes sense to outsource, even if they are needed from a compliance perspective, so that they can focus on the critical ones free from any distraction.

So, how is Pharma going to cleanse the bad taste in its mouth about outsourcing process? They view it as high risk and highly complex: how do they ensure that they outsource only the right processes and cases? How do they ensure a compliance risk never slips in between them and the provider?

It can be done. First, pharma companies should work with an outsourcing expert who knows their business intimately, and undertake a full risk assessment of their processes to decide which they can outsource and which they cannot risk. They then need to work with the provider to ensure that their understanding of risk priority and process is shared. They need to be crystal clear on who is responsible and who is accountable for what. They should create a triage process to be followed so that, should a risk be spotted, it can be mitigated in good time.

Then there are the practicalities; do their technologies enable them to share both information and data on cases in real time? Technology around transferring data and sharing case information is now advanced and safe, with applications like Microsoft SharePoint making it secure and easy to share information with a provider straight away.

Basically, Pharma companies should be setting up a partnership where the potential for the unexpected to happen is reduced to almost nil. Pharma companies do not like surprises!

Finally, European pharmacovigilance legislation is also changing to open the door for both outsourcing and collaboration. Volume 9a states that drug companies may now collectively submit their PSURs, for example for generic products, rather than individually.

The authorities like it because they read one report instead of many. As for the pharmacos, the change in law means they can collaborate which other generics manufacturers and outsource their long-winded PSUR process and, at the same time, share the cost with other companies yet still remain fully compliant. That is one surprise that pharma companies might find that they like.

It is expected that, within the next three years, life science companies will have completed a full assessment on which compliance driven, non-value adding processes they can outsource, and will be using drug safety experts and CROs to help them focus on the value add, patient critical areas.

• Marty Boom is a principal with WCI and has been with the organisation for the past 10 years. In his role, Marty has managed and led global business improvement assignments in the life science industry. Marty is an expert manager of change in strictly regulated environments. He holds a degree in Mechanical Engineering and Manufacturing Automation from the Technical Institute of Arnhem and a degree in Business Administration.

Put the term “data security” into Google’s search bar and for the UK alone you will receive over five and quarter million hits (and rising), spanning tens of thousands of pages.

Data security has become front-page news and is set to stay there for the foreseeable future. This has been driven by wave after wave of data security scandals, arising mainly from the public service sector where laptops or discs containing millions of names have either gone missing or been stolen.

The biggest scandal to date occurred in late 2007 when the Inland Revenue lost a CD-Rom containing the details of 25 million individuals including their dates of birth, addresses, bank accounts and national insurance numbers, opening up the threat of mass identity fraud and theft from personal bank accounts.

In an offshore environment the implications have been huge: companies have become far more nervous about outsourcing data management offshore, simply because of the ramifications and the associated PR nightmare if they get it wrong.

This is understandable but ill-founded. Offshore data security is the best in the world. It has to be. Even before the recent data security scandals hit the headlines, companies willing to risk sending their data offshore expected the very highest standards. As a result, offshore data security has become the benchmark for all companies managing data security, be it in-house, outsourced in the UK or offshore.

So what is best practice for data security in an offshore environment?:

• Personal data should not be transferred to a country or territory offshore, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. This is common sense and is closely associated with a basic level of political and social stability.

The Philippines, for example, boasts companies like Accenture, AOL and HSBC and generated offshore revenues of $2.1 billion in 2006, placing it third behind India and China. It is estimated that 200,000 people were working in 120 BPO (mostly contact) centres in the Philippines in 2006, and this is forecast to grow to 900,000 people by 2010. Put simply, the Phillipines is geared up for outsourcing and embodies best-in-class data security as standard.

• Physical stability is not often considered when choosing an offshore provider. Physical stability refers to factors such as acts of nature (earthquakes, landslides, floods, fires, tsunamis, hurricanes, and so on) and also acts of terrorism. It is crucial therefore, that in an offshore environment, the outsourced provider has a rigorous strategy for coping with such disasters. At the very least, this will involve a disaster recovery centre situated away from the central HQ. Back-up electricity generators should be standard in case of power failure.

• Check the physical security measures in place at your chosen offshore provider. External security should comprise of 24 hour security guard(s) at the entrance and both a coded number-pad and card entrance requirement. Internal security should be similarly rigorous with the internal server room ring-fenced with a similar level of security. All windows must be shut at all times and a comprehensive fire sprinkler system should be standard.

• Contracts and agreements between data controllers are important. European data protection law prohibits the transfer of personal data outside the EU to countries that do not enjoy an adequate level of data protection.

One of the ways to provide for such an adequate level of protection for transfers to countries that have not been formally deemed to be ‘adequate’ by the EU is for the data exporter in the EU and the data importer outside the EU to conclude a data transfer agreement. The European Commission’s new clauses provide adequate protection for data transfers.

For a full downloadable Pdf, go to: http://www.iccwbo.org/uploadedFiles/ICC/policy/e-business/pages/Model%20clauses%20Toolkit.pdf • No hard media. Data professionals know that the source of nearly all data security lapses is the transfer of information to hard media such as CD-Roms. State-of-the-art offshore data management providers have no terminals with CD writers – thereby preventing any information being downloaded onto hard media either on purpose or inadvertently. Indeed, laptops are also forbidden ensuring that data stays securely within the confines of the data management centre.

• All data is transmitted online using encryption technologies. The only personnel with the encryption codes are the sender and receiver, i.e. offshore provider and client. This is a very powerful method of ensuring data security, which, when properly firewalled is almost impossible to penetrate. Data transfers of three gigabytes (30 million address records) typically take just a few hours to transmit.

• All transferred data is logged ensuring a permanent record of who has transferred ‘what data’ to ‘whom’ and ‘when’. This ensures complete transparency and accountability.

• All data transfers are acknowledged at the receiving end, i.e. by the client.

• Finally, for ultra-cautious companies, data management can be outsourced offshore yet all data remains in-house and doesn’t even leave the company’s own building. Some larger organisations employ this method, which allows access to a company’s data from a remote terminal using virtual private networks (VPNs). Work is undertaken offshore using computer programs uploaded onto the client’s network.

The technology for this works similar to how an IT professional might have access to his company’s network from his own home. It ensures that no data can be downloaded, only uploaded, with no data leaving the company’s own building.

In conclusion, it must be stressed that offshore data security is typically better than within the UK. When data is transmitted within the UK, there is a perception that it is safer – it’s not. Indeed, data security standards are often relaxed within the UK because there doesn’t appear to be any immediate ‘threat’. Yet whether data is sent five miles from Clerkenwell to Wimbledon or 6,600 miles to Manila is actually irrelevant – if it’s being transferred it needs the highest standards of security.

• Jed Mooney is the managing director of database management specialist Datahold. Based in London and offshore in the Philippines, Datahold’s clients range from small start-up businesses to FTSE 100 corporations.