Executive Summary

Introduction

In January 2000, Johnson County contracted with the Ken Orr Institute to develop a five-year Strategic Information Technology Plan. And although funded by the County ITS (Information Technology Services) organization, the plan addresses not just the strategic direction of ITS, but the information technology direction for the entire County.

During the course of the planning process, two rounds of interviews were conducted. The first round was with senior County executives and elected officials from each of the County’s departments and agencies; we asked—from a management perspective—where each department/agency was currently positioned with respect to information technology, their current issues and/or challenges, their current systems, and their future strategic direction. A second round of interviews was then held with subject matter experts and administrative personnel from each of the departments/agencies; we also asked the technical and administrative people to rate their current level of information technology, their issues, and their future needs. In addition to the interviews, we also conducted research on market trends; experiences of other governmental organizations at the state and local level, both within Johnson County and nationally; and interviewed vendors of key technologies. A first draft of the plan was submitted to the County in early March, and comments and suggestions were solicited from management and subject matter experts. A revised draft of the plan was submitted in early April, and the final draft presented in early May.

Where is the County today?

Like many county governments similar in size Johnson County has transitioned in the last few years from being a centralized, mainframe-based organization to a more client/server oriented, departmental systems based organization. In part due to the County’s project to ensure Year 2000 compliance, all but a handful of major systems have been transitioned off of the County mainframe system and onto smaller departmental servers. This has left the County with an underutilized mainframe system that it will soon own, and a proliferation of departmental and sub-departmental servers: at last count there were somewhere in the ballpark of 125 departmental servers spread out across the 35 or so County departments and agencies.

The transition from a centralized computing environment to a departmental computing environment has not been smooth. The migration paths for many of the County’s backbone systems were not necessarily well planned nor tightly integrated with other departmental systems. Changes in administration in the ITS organization and changes in its computing development and support philosophy have vacillated during the transition, leaving some County departments suspicious and distrusting of ITS motives and direction.

Major Recommendations

Based on our study, the following is a brief summary of our recommendations for Johnson County strategic information technology directions. Additional departmental recommendations, as well as background and supplemental information on each of these recommendations are detailed in the full report following this Executive Summary.

Make eCommerce Via the Internet a County Priority. Consumers and commercial organizations have embraced the Internet as a vehicle for electronic commerce. The public—especially in relatively affluent regions of the country like Johnson County—depends on the Internet for access to key information and to conduct normal business at its convenience. Government at all levels will be expected to conform to the same standards and practices as commercial eCommerce concerns. While Johnson County currently has a limited presence on the Internet, eCommerce should be a stated priority and a critical success factor for all future information systems development efforts.
Make Data Sharing a Countywide Priority. Excluding sensitive information that has unique security and privacy issues (such as law enforcement, judicial, and public health data), Johnson County departments and agencies should integrate their data collection and storage efforts wherever possible. Today, public information is often collected and stored multiple times and in multiple formats by multiple departments; this is not only inefficient and wastes resources but can lead to inconsistent and incorrect information in key County systems. Effective organizations have come to the realization that the quality of the data kept in information systems is vital to their success; taxpayers expect no less of their government institutions.
Standardize Information Technology Acquisition. Johnson County purchases numerous information technology devices and components: not just desktop and laptop computer systems, but also pagers, cell phones, LAN components, software, etc. While some of these items are indeed available for departments and agencies to purchase through blanket contracts, we found numerous examples where Johnson County could more effectively utilize its size to negotiate better lease and purchase rates from vendors. The intention is not to limit the purchasing flexibility of individual departments, but rather to take advantage of economies of scale to reduce costs for components already being acquired. Several blanket contracts for different vendors of competing equipment (such as cell phones or pagers) would achieve cost savings for the County and yet still allow departments the flexibility to chose the vendor that most meets their needs.
Move to Centralize ITS Development and Support for Administrative Data and Systems Where Possible. Excluding departments and agencies with sensitive information and unique security and/or privacy issues (such as law enforcement, judicial, and public health and mental health data), Johnson County should move to pool its systems development and support resources into a more centralized organization. We are not recommending that all IT and IT-like positions in the county be transferred to the ITS organization; we are recommending that the County better coordinate development and support standards across all departments and agencies that develop, maintain, and support information systems. These organizations should be responsible for ensuring that all systems development and support conforms to County IT standards, unless there are sufficient cost or security considerations to justify deviation from those standards.
Establish Disaster Recovery Plans. Only a handful of County agencies and departments had disaster recovery plans in place that would allow them to speedily recover their information technology systems in the event of a physical disaster or accident. Of particular concern is the widespread use of water sprinkler systems in the County Data Center (housing the mainframe and scores of departmental servers) as well as most other departmental server locations we toured.
Acquire Bandwidth. Computers continue to become faster and cheaper. Since the advent of the Personal Computer in the early 1980’s, processor speed for computers and computing-like devices has doubled every 18 months (the often quoted “Moore’s Law”). Recently, however, the speed of the processor as a limiting factor in computing ability has taken a backseat to the ready availability of bandwidth. Bandwidth—the speed at which computers can communicate with one another—is a critical factor for the future development of advanced applications. Information systems that require ready access to document images, photos, video and voice are clearly the direction of the industry, and all require increasing amounts of bandwidth. We recommend that the County act in a more proactive way to ensure that sufficient amounts of bandwidth are available for its future use. This may include leasing of bandwidth from one or more competing commercial providers; partnering with local City governments to install regional fiber-optic networks for government use; and transitioning to fiber-optic LAN equipment in county facilities.
Migrate to Storage Area Network (SAN) Technology for County File Servers. Storage Area Networks (SANs) is an emerging technology that allow an organization to more effectively manage its storage needs across departments and agencies. Like a Local Area Network (LAN), a SAN connects multiple departmental servers on a dedicated network, but one exclusively reserved for file transfer and data storage. This has multiple benefits: it not only reduces traffic on the LAN and makes that bandwidth available for other applications, it allows an organization to “pool” data storage resources from multiple machines and manage that pool as if it were a centralized resource. This means that if one departmental server needs additional storage space, the space can simply be allocated from available space on a different server. This would allow the County to balance resources between lightly and heavily utilized departmental servers; data storage is managed as a single resource and is not limited to the resources physically present on one departmental server. Further, the SAN could be used to set up “server farms” at two or more redundant locations; the two sites could then be “mirrored,” which would automatically provide a backup site in the event of a disaster or accident at one site.
Replace the LGFS and Genesys Financial/HR Systems. One theme was repeated many times during our interviews with agencies and departments: The current County financial and HR systems are inadequate for current needs. These systems are considered so inadequate that most agencies and departments keep their financial and HR information in separate systems. ITS is currently working with the Office of Financial Management (OFM) and Human Resources to identify the current needs of the County in these areas and recommend a course of action. Since any replacement, upgrade, or outsourcing of these systems is at best two-to-three years away from implementation, we recommend that ITS work with departments and agencies to determine if additional training and/or temporary “bridge” systems or enhancements can be made to ease the current situation.
Move Towards Document Imaging and Workflow Solutions. While implemented at a handful of County departments and agencies, we believe there is a substantial opportunity for increased utilization of document imaging and workflow management systems at the County. Many departments and agencies still deal with a massive amount of paperwork that is often copied numerous times and passed along to multiple departments during its processing. We believe the County would achieve a substantial cost savings if document imaging and workflow management system were implemented. And while there may be outstanding security or privacy issues that prevent some imaging and workflow systems from freely sharing data, we believe that the County would benefit from having common imaging equipment and workflow software across organizations, even if the images themselves were not shared.
Plan for Centralized Upgrade to Windows 2000 and Office 2000. Windows 2000, the Microsoft operating system successor to Windows NT, was released in February 2000 and is widely anticipated to rapidly become the industry standard. While we recommend that Johnson County wait an appropriate period of time before adopting and converting to the new operating system, we believe that the County should upgrade all client and eventually all server platforms to Windows 2000 and Office 2000, rather than performing a piecemeal upgrade as new PCs and servers are acquired.
Make a 3-Year Replacement Cycle for Client Workstations the County Standard. Rapidly advancing computer technology has reduced the effective lifespan of PC workstations and laptops to no more than 3 years. Beyond that, the performance needs of the operating systems and popular applications overwhelm older equipment. While many departments and agencies within Johnson County follow a 3-year replacement cycle, some do not, resulting in budgetary “spikes” whenever machines are replaced. The county should go to 3-year replacement cycle countywide, both to flatten the budget spikes and to ensure that client PCs can handle the demands of industry-standard software applications.
Plan for Move to Broadband Solutions for Satellite Offices and Telecommuting. Digital Subscriber Lines (DSL) and cable modems are becoming widely available at affordable prices as vendors compete in an expanding marketplace. As alternatives to dial-up connection, they offer tremendous increases in speed when accessing County network applications from remote sites. Further, their speed allows them to be used for Virtual Private Networks (VPN), which allows for secure connections to County applications behind the County firewall and eliminates the need for Remote Access Server (RAS) dial-up capability. As these broadband services become more commonplace, the County should negotiate blanket contracts with one or more providers to allow for high-speed remote access from remote County offices and for employees and County officials who telecommute.
Establish Guidelines for Future Usage of Video Conferencing. Videoconferencing can be effectively used for training, reducing travel and coordinating meetings. Although not in wide use in the county, many departments expressed a need for videoconferencing for various applications. We recommend that the County establish priorities and standards for videoconferencing, as well as reserve bandwidth on its LAN/WAN for future use.

To summarize some of the more important of these recommendations, we have indicated where we believe the County to be on some key recommendations.

This bell curve, popularized by E.M. Rogers in 'Diffusion of Innovations' (The Free Press, New York, originally published in 1962, 3rd Edition 1983) speaks to the relative number of adopters of new technology. To achieve the maximum effectiveness with the minimum risk, an organization would generally strive to be in the shaded area: in this area technological trends have generally matured enough to be cost beneficial and are on their way to becoming industry standards. Outside the shaded area represents risk: on the left the risk is implementing a new technology that, while perhaps beneficial, may not capture the marketplace or become obsolete and have to be replaced; on the right the risk is in falling behind the technology curve, and risk losing market share, trained personnel, vendor support, etc. We believe that the County has excellent opportunities to improve its position with respect to Storage Area Networks, eCommerce, and Imaging/Workflow technologies, while the County is either behind or lagging with respect to Data Sharing, Disaster Recovery, and Financial/HR systems.

Implementation Issues

This strategic plan is a statement of where we believe the County should be in the five-year timeframe of the plan; it is not a step-by-step blueprint for how to achieve the goals of the plan. We recognize that priorities change, budgets are shuffled, people come and go, and that the marketplace is highly dynamic. Therefore we have built into the plan as much flexibility as possible, and as much independence as possible: independence in that the plan is not an “all or nothing” proposition, but is a series of recommendations that can be adopted in their entirety or piecemeal and still achieve some benefit.

Based on our interviews, we would have to say that the largest barrier to implementation for most of our recommendations is not financial, but political. Due to changes in administration, changes in support levels, and changes to the organization, many departments and agencies will likely have some reservations or misgivings (or outright opposition) to many of the recommendations made in this strategic plan. As we attempted to explain in our interview sessions and in our overviews, we view this plan as a suggested direction and a strategy for the County based on current industry standards and apparent trends. We believe that any department or agency that has a better idea for implementing and/or supporting departmental systems should be encouraged to convince senior management and ITS of its advantages and merits. As with all strategic plans, specific implementations may require some deviation in order to achieve maximum benefit to the County.

We would ask that the Board of County Commissioners formally approve these recommendations as an information technology strategy for the five-year life of the plan. Further, we would ask that all budget recommendations and capital improvement requests pertaining to information technology be evaluated against the plan for consistency and effectiveness.

Steering Committee

This plan cannot succeed as a plan for only the ITS organization: it must be a plan that is embraced for the entire County. Therefore we encourage the County’s formation of an ITS Steering Committee composed of senior County executives to both prioritize information technology projects for the ITS group and to monitor the status of this plan. Further, we would encourage the group to meet regularly and to update this plan as the marketplace and the County mature.

Eisenhower once said “Plans are nothing; planning is everything.” As such, we would encourage the County to continue the planning process begun by this plan, and to continue the planning effort—and the subsequent modification of this plan—into the future.

County IT Vision and Critical Success Factors

Vision Statement (Proposed):

To provide Johnson County citizens with information-based services in a friendly, cost-efficient, and accessible manner. The public should have access to these services in such a way that cost, time or location does not limit their interactions with government agencies and officials. Information technology should be used to improve the quality of service, increase productivity, achieve efficiencies in the delivery of services, and help achieve the County’s growth management goals.

To achieve this vision and to support the continued improvement in services provided to the citizens of Johnson County, public servants must seek opportunities to promote collaborations and partnerships to overcome barriers of cost, jurisdiction, time or geography. The practices to be followed, which will help achieve this vision, are to:

Increase public access to government information by making frequently requested government information available online 24 hours a day, 7 days a week, 365 days a year;
Acquire technology that is adaptable and interoperable;
Foster partnerships;
Select open architecture solutions that are designed for long-term growth and utility;
Make information accessible through shared network infrastructure;
Design system flexibility that allows users to develop unique solutions that suit individual needs;
Reduce transaction times for those using government services;
Leverage County information technology investments to benefit multiple agencies, governments and its citizens;
Get the maximum benefit of current information and technology; and
Improve opportunities for enterprise growth and development throughout the County.

Critical Success Factors:

As with any plan, we believe there are a handful of critical success factors in implementing this vision. Critical success factors for this plan include:

Executive Support – The endorsement and ongoing support of the plan by the Board of County Commissioners and the senior executives from all of the agencies and departments is crucial to the plan’s success.
Steering Committee – The establishment of an executive Steering Committee for ITS to help establish County systems priorities and to continue to monitor and update the plan is crucial to the plan’s success.
Cooperation – The cooperation of the agencies and departments with ITS and with each other is also a critical success factor.
Strong Leadership – Information Technology solutions have become an integral part of our organizations. We believe that strong leadership in the ITS department, as well as a clear vision for the future, are essential components in making this plan come to fruition.

We believe the recommendations that follow are cost-effective and will increase the effectiveness of County government. However, it is often difficult to budget an expenditure whose benefits may be intangible or long-term. We recognize that Johnson County has limited funds and has a commitment to spend taxpayer dollars wisely. We believe the recommendations we have made follow those important guidelines.

County IT Strategic Planning Process

Over the course of approximately four weeks—from mid-January to mid-February 2000—we conducted interviews with each of the county agencies, departments and offices. Our goal was two-fold: to discover what were their current uses of information technology and to learn if they had any current problems or issues with it, and to discover their plans, strategies and objectives for the next five years.

This information, coupled with research into the current IT marketplace, resulted in the development of this strategic plan. As such, this plan represents less a “goal” than a “direction” for IT strategy for the County. Further, this plan recognizes that implementation issues will always occur which supercede or postpone portions of the plan.

For this strategic plan to succeed in the long term, it must become a dynamic tool on which to base information technology decisions. Towards that end, in September 1999 the director of ITS, Jack Clegg, solicited the Johnson County Executive Team for volunteers to take part in a proposed Technology Steering & Planning Committee. This group was proposed in order to:

Foster active senior management input and participation in the long-term activities and plans of the IT function;
Assure that overall resource allocations and direction are consistent with County priorities, so as to link County strategic plans to IT strategic plans;
Provide an opportunity for the County to focus key IT resources on:

1. The cost effective, continuous support and improvement and current County processes, and

2. The application of advanced technology to supplant existing County processes with superior ones.

Serve as an advisory group to the County Administrator.

The initial group of volunteers met in March 2000 to discuss their role in the ongoing support and maintenance of this plan. We envision their role to be two-fold: 1) to establish project priorities for ITS and 2) to weigh planned projects against the strategic direction established in this plan and update the plan as market conditions change.

As a shared resource, ITS will encounter situations where it has insufficient resources to completely satisfy all agency/department requests for development and/or support. The Steering Committee should establish priorities for projects competing for ITS resources, rather than have ITS “guess” which projects are more important from a countywide perspective.

Further, projects (and implementation strategies) will continue to be proposed by agencies and departments that will differ from the direction established in this plan. This is a normal and anticipated eventuality. When plans are proposed that differ in direction from the plan, the Steering Committee should ask two questions: 1) is the proposed project strategy better than the direction specified in the strategic plan, and if so 2) should the plan be updated to more accurately reflect the marketplace at the time of the proposal. Exceptions to strategic direction may often be more economically or politically expedient than blindly following a plan. However, exceptions don’t necessarily mean that the plan should be revised; only when the exceptions are clearly becoming the general trend should the plan be altered to reflect the new direction.

We would propose that the Steering Committee meet periodically (more often in the near-term, then less often as it grows comfortable with its role) to review ITS projects and review/update the strategic plan. With the ongoing review by ITS and the Steering Committee, this plan can continue to provide technology direction for Johnson County for the foreseeable future.

Recommendations and Priorities

In establishing the following recommendations for future technology investment we have tried to balance the County’s existing investment in information technology against current marketplace trends. Information technology hardware and software platforms can change rapidly, and to minimize costs the County should generally strive to use technology that falls within the current mainstream marketplace whenever possible. This is not to say that certain “niche” or “orphan” technology that may currently be in use by County agencies/departments should be replaced at the first sign of obsolescence; only that the cost of ongoing support and maintenance (and the risks associated with using non-mainstream hardware/software) should be continuously evaluated against the cost of conversion to new or hybrid (part old, part new) systems.

Organizational Strategies and Policies

Recommendation: Make eCommerce via the Internet a county priority

The world is rapidly moving on-line, and government at all levels must follow. Especially in an affluent and technologically adept county like Johnson County, the public, businesses, cities and other governmental entities will expect a high-level of electronic exchange with the county. Johnson County should establish the following as a strategic goal: Any activity the public can do with the county by walking into a county office during business hours should be able to be done via the Internet at any time. This, of course, relates only to transactions that don’t require the physical presence of the person (i.e., for incarceration, a blood test, etc.) Some examples of opportunities for eCommerce in the County include:

Paying taxes
Purchasing Permits
Purchasing Licenses
Registering to Vote
Renewing a Vehicle License
Voting

While much of eCommerce is fee-based, a large portion of it may simply be for public access to records considered “open records” under the Kansas Open Records Act.

Priority: ééééé (Very High) A public commitment to eCommerce via the Internet is a strategic priority for the county. It is the foundation on which a majority of the strategic information technology direction is based.

Costs/Resources: $ (Low – under $100,000) Although there are certainly some costs involved in implementing eCommerce, we feel these costs will be largely offset (if not completely offset) by increased productivity with respect to manually processing fees and other payments. This is particularly true if eCommerce applications within the County are implemented in order of their potential revenue, with the highest revenue applications implemented first and the lowest revenue items implemented last.

Risk Assessment: ÜÜÜÜÜ (Very high if not implemented.) Industry and government is rapidly moving to a web-based economy. Johnson County must compete for IT staffing resources with other local governments and commercial IT shops (who are all busily implementing eCommerce applications). The County cannot afford to fall too far behind the marketplace without risking both the ability to retain qualified IT knowledge workers and an increased perception as being unresponsive to citizen needs.

Implementation Issues: Credit Card fees have historically been a barrier to eCommerce. Currently, the Treasurer can accept only the Discover card (and processing fees are passed along to the taxpayer) due to current restrictions present in state law with respect to payment of taxes. For fees other than taxes (and Motor Vehicle licensing) there are apparently no restrictions. Parks and Recreation, for instance, currently accepts most major credit cards. The county should establish guidelines for which credit cards are acceptable, and should balance the cost of credit card processing fees with the cost of processing traditional cash and check payments.

Recommendation: The County should make arrangements to accept any of the major credit cards (MasterCard, Visa, and possibly Discover, American Express, etc.) for any future eCommerce applications. Regardless of which credit cards are chosen, all County departments and agencies should accept the same set of cards.

Dependencies: None.

Recommendation: Establish Disaster Recovery Plans

During the course of conducting our interviews and looking around county facilities, we found one disturbing and potentially disastrous trend: in every case that we investigated except one (Public Works), computer equipment rooms are equipped with water sprinklers as fire suppression systems. This includes the Data Center in the County Administration building as well as most of the departmental server locations we toured. We believe this presence of water-based fire suppression systems puts the County at a serious exposure for substantial loss.

Needless to say, overhead water poses a real threat to electronic systems. And fires are often the least of our worries: sprinkler systems (and even air condition systems) sweat, drip, spring leaks, and can fail in other more spectacular ways. The County has already lost one PBX unit to a small leak; a similar leak in the Data Center, the Med-Act server area or JIMS computer room would have enormous and expensive consequences.

ITS should work with all agencies and departments with departmental server equipment to establish a disaster avoidance and disaster recovery plan.

How much should the county expect to spend on disaster avoidance and disaster recovery? Security experts generally agree that the cost spent on disaster avoidance and disaster recovery should not exceed the amount of the potential loss. According to a 1998 study done for Johnson County by McLadrey & Pullen, over $9.5 million per day could be lost or delayed in receipt if the County experienced a disaster (particularly if the failure occurred with the worst possible timing with respect to tax season).

Priority: ééééé (Very High)

Costs/Resources: $$$ (Medium – between $100,000 and $1 million) While the $9.5 million per day loss figure citied by McLadrey & Pullen seems very high as a yardstick for disaster recovery, a more realistic figure can be derived by taking the total county revenue for the year, dividing by the number of business days in the year to obtain a daily revenue amount, then multiplying that amount by the number of days it would take to recover from the loss. A premium amount should then be applied for any Information Technology resources that are considered critical to public health and safety (such as Med-Act).

Risk Assessment: ÜÜÜ (Medium if not implemented) While it is not the purpose of this plan to assess the risk of a disaster, it is our opinion that the lack of a disaster recovery plan for critical County IT resources is a risk in and of itself. We would strongly recommend that the County perform additional risk assessment as part of the disaster planning process in order to prioritize individual systems risk and to measure true cost/benefit.

Implementation Issues: Cost. As an “insurance policy” it is often difficult to determine what an appropriate cost is for protection of vital county resources against an unexpected disaster. There is also a political component to disaster planning: It is often difficult to convince decision makers that funds from this budget year should be spent planning for a disaster which might never occur.

Dependencies: None. However, acquisition of additional network bandwidth (see: Recommendation: Acquire Bandwidth in the Technological Strategies, Policies, and Architectures section below) would enable the County to more easily set up redundant “mirror” sites for data and processing for critical systems, thus providing one key component of disaster mitigation. “Mirroring” is a strategy whereby data and applications are kept in two or more locations, thus allowing a systems operation to switch over from a primary to a backup site in the event one site becomes damaged. Note that from a disaster recovery aspect, the two mirrored sites should be sufficiently diverse so that a single disaster (such as a tornado) would not likely damage both sites.

Recommendation: Make Data Sharing a county-wide priority

In Johnson County we will define three broad categories of data: “law enforcement data,” (encompassing both law enforcement, the courts and their affiliated departments and agencies), “public health data” (encompassing all public medical and mental health data) and “administrative data” (basically everyone else). These classes of data are largely separate, and in general have very different goals and security/privacy issues. In Johnson County, as well as in many other governmental units, law enforcement data is administered by separate organizations (JIMS and SHR) than the administrative data (ITS and others) and public/mental health data. As far as we were able to determine in this study, this separation of data and responsibilities does not present any undue problems within the county, and there appears to be good cooperation between JIMS, SHR and ITS as well as between ITS and the public/mental health agencies. This recommendation therefore does not apply between those categories of data, but rather applies within those categories of data.

Too often in government, public trustees of data develop a parochial view that the data collected by their office belongs to them. Government everywhere is coming to the realization that data collected by government belongs to the public and not to the government; and while the government has an obligation to keep certain data private, all other data should be openly shared with other departments/agencies and with other external organizations that are deemed to have a legitimate use for it.

The public has grown tired of government inefficiency and ineptitude. People expect their government to collect data once and to share that information with the other areas of government that require the same information.

In the area of Administrative data, several systems have been built that contain redundant data: redundant in the sense that it is collected by more than one department or agency and stored by more than one department or agency without regard to whether the same information is stored elsewhere. This is particularly true with county taxpayer name and address data. This duplication of effort results in inaccuracies, inconsistencies and problems normally associated with poor quality data. Duplicate collection and storage of data is not cost effective: the human effort to collect the data, the automated collection mechanisms, the physical storage, the security, the updating, and the processing of the data is usually duplicated for each instance of the duplicated data. There is also the additional time and cost (and often much frustration) involved when discrepancies are discovered within the duplicated data that must then be resolved. Further, there is a case to be made that such discrepancies may expose the County to a certain level of risk: if, for instance, a Med-Act vehicle is sent to the wrong location due to an discrepancy in name or address between two County databases, the County could face legal exposure.

Johnson County should establish the following as data sharing goals:

Common data should be collected at a single point and openly shared with all agencies and departments that need the information. In other words, if a citizen has to do business with two or more agencies or departments, they should not have to repeatedly supply the same information. This goal applies within both categories of “administrative” data and “law enforcement” data and may apply to some areas of public/mental health data. Ideally, data should be collected once, and stored and updated in only one location; any implementation that deviates from this ideal should be justified based on cost, security, or other compelling criteria. Regardless of the implementation, County systems should behave to the public and other external users as if the data were integrated into a single functional system.
The County should work with its Legal department to establish a generous and liberal interpretation of the Kansas Open Records Act, particularly in the area of “administrative” data; in gray areas, the county should err on the side of more openness not less, except in data areas with citizens’ security and/or privacy concerns.
The County should aggressively address protection of citizens’ security and privacy. Any personal data collected by the county should only be used for legitimate county purposes. The county should be open, clear, and forthright with the public in disclosing the nature of the usage of any personal data collected, and the public should always be offered the right to “opt out” of the use of their data by entities other than the county.

The County should encourage agencies and departments to improve the communication of their plans as they relate to data and information processing. Too often in the past, projects which impacted more than one department/agency and more than one area of data were not well coordinated, resulting in inconsistent or duplicated efforts.

As a corollary to this recommendation, we would also recommend that the County should continue to pursue standards and practices to improve the quality of data collected. For example, standards for assigning new addresses are often not followed by local entities within the County; any standards and practices that improve or enforce compliance would benefit the County.

Priority: éééé (High)

Costs/Resources: $$ (Low to Medium – $100,000 to $1 million) While there may be a short-term cost in the medium range to bring existing systems into compliance with this recommendation, the long term cost may be negligible. We believe that sharing data between agencies and departments whenever possible clearly saves cost, time and resources when successfully implemented.

Risk Assessment: ÜÜÜÜ (High if not implemented) Cost, time and effort will continue to be ineffectively allocated if agencies/departments do not better coordinate their data collection and storage efforts. As mentioned earlier, there may also be the risk of legal exposure if any property damage or personal injury is caused by or exacerbated by inconsistent sharing of data between County agencies/departments.

Implementation Issues: Largely political. Agencies and departments may have little experience in coordinating plans and efforts with others, and may actively distrust ITS or other agencies that may be involved with a data sharing project.

Dependencies: None.

Recommendation: Move to Centralize ITS Development and Support for Administrative (Non-Law Enforcement) Data and Systems Where Possible

In Johnson County, as well as in many other governmental units, law enforcement data is administered by separate organizations (JIMS and SHR) than the administrative data (ITS and others) and the public/mental health data. As far as we were able to determine in this study, this separation of data and responsibilities does not present any undue problems within the county, and there appears to be good cooperation between JIMS, SHR and ITS as well as between ITS and the public/mental health organizations. This recommendation therefore does not pertain to centralizing development between JIMS, SHR and ITS, nor ITS and the public/mental health organizations, but rather between ITS and other administrative agencies and departments.

Several agencies and departments in the County operate their own internal ITS-like development and support organizations. We recommend that the County integrate all the ITS functions into one organization for the benefit of the entire County. This is not to say that we are necessarily recommending that all IT-type positions should belong to ITS: only that those positions coordinate with ITS for training, standards, support strategies, software solutions, development environments, etc.

To achieve maximum effectiveness, ITS should support enterprise-wide solutions and shared systems; ITS should not necessarily support all single-department systems or solutions. For example: all agencies and departments have the Microsoft Office suite of tools available (although some still use other tools as well) and the Microsoft Exchange email servers, therefore it makes perfect sense from a shared resource standpoint to consolidate the support of these products to a central department (ITS). On the other hand, the Nursing Center (NUR), as an example, uses a specialized, proprietary software package called “AccuMed” to track patient admissions and patient location; they are the only department or agency within the County using that software or with a need for that software, therefore it makes little sense for a central organization (ITS) to staff up to support that specialized software package—there is no shared economy of scale to benefit the County. Further, as more and more specialized electronic devices become network enabled (medical testing equipment, for example, or SCADA wastewater monitoring equipment), there is no compelling requirement for ITS to staff up to install, troubleshoot, operate, or support specialized devices. Departments and agencies utilizing specialized systems and/or devices should continue to have their own in-house expertise. Even so, agencies and departments which do have specialized equipment and/or software needs should be aware of and comply with standards regarding the use of such systems on shared resources (such as networks, email, PBXs, etc.).

As part of this centralization effort, ITS must establish standards for information technology hardware, software and infrastructure. The ITS steering committee, composed of members from County executive management, should oversee and approve this effort. Agencies and departments that retain their own ITS-like resources should adhere to published standards regarding shared resources (such as networks, email, PBXs, etc.).

Priority: ééé (Medium)

Costs/Resources: $ (Low – under $100,000) This recommendation has virtually no technical cost: in fact it clearly saves cost, time and resource if successfully implemented.

Risk Assessment: ÜÜÜ (Medium if not implemented) Cost, time and resources will continue to be ineffectively allocated if agencies/departments other than ITS continue to staff up for development and support of shared systems. Further, there will be increasing political battles between departments for ITS-like resources as well as battles over who will define and enforce shared resource standards.

Implementation Issues: Largely political. Headcount is typically a sore subject with many departments and agencies, and distrust or a poor perception of ITS will exacerbate the situation in some cases. Agencies and departments should have in-house expertise for their systems; when that expertise is principally involved with support, administration or development of shared resources, the County as a whole may be better served if that resource were available on a wider basis.

Dependencies: None.

Recommendation: Standardize Information Technology Acquisition

The County currently has a blanket contract with Dell for the acquisition of PC workstations and laptops, as well as blanket contracts for some other IT components (such as printers and desktop operating systems, network routers, switches and hubs). These contracts work well for the acquisition of these IT resources, and we would suggest that the county extend this concept to all areas of Information Technology. During our interviews, we found that county agencies and departments were largely left to their own devices when purchasing certain other information technology components, such as cell phones, pagers, departmental servers, PDAs, network-enabled copiers, and so forth. For instance, we found that every cell phone provider in the area—Southwestern Bell, Sprint PCS, NexTel, Cellular One, and Ariel—has phones in one or more County agencies or departments.

We would recommend that the County negotiate one or more blanket contracts for all information technology components, including, but not limited to:

Cell phones
Pagers
PC Workstations
Laptops
Departmental Servers
Routers, switches, hubs
Printers
PDAs
Network Operating Systems (NOS)
Desktop Operating Systems
IP-enabled copier/scanner/printers
Document Scanners
DSL/Cable Modem service

The intention of this recommendation is not to limit departmental choices: if the county can negotiate blanket contracts with all cell phone providers, for instance, departments can still choose the best one for their needs, but still receive a price break.

It should also be mentioned that in some cases, departments and agencies may be able to purchase products or services under a blanket contract available with the State of Kansas. If an item is not available under a County contract, departments and agencies should check to see if the item is available a State contract.

Priority: éé (Medium)

Costs/Resources: $ (Low – under $100,000) This recommendation is a cost-saving measure.

Risk Assessment: ÜÜ (Medium if not implemented) Equipment and service cost will continue to be higher than necessary for those Information Technology items purchased outside a blanket contract.

Implementation Issues: None.

Dependencies: None.

Technological Strategies, Policies, and Architectures

Recommendation: Acquire Bandwidth

While some technology trends are difficult to predict, others are quite clear. One very clear trend is the dramatic increase in the use of network bandwidth. As Johnson County connects more people to its networks from more locations, and as the County continues to use ever-increasing amounts of data in its applications, it will continue to consume ever-increasing amounts of bandwidth.

There are two routes to the acquisition of bandwidth: the County can purchase the bandwidth from 3^rd party providers—such as Southwestern Bell, Sprint, WorldCom or TCI—or the County can invest in bandwidth infrastructure directly by installing fiber optic connections between facilities (and potentially to the desktop instead of copper). However, although still relatively expensive, both options are becoming less costly.

Figure 1: Trends in packet switching computer cost and communications cost (From “Packet Switching or Optical Switching,” Lawrence G. Roberts, IEEE Internet Computing Online http://www.computer.org/internet/v4n1/roberts.htm#fig1)

This plan has no overall bias as to whether leasing bandwidth from 3^rd party providers or owning high-bandwidth LAN/WAN resources is in the best interest of the County. In any long-term solution, there will obviously be some mixture of the two components (some will be owned, some will be leased). However, we do recommend that the County investigate the possibility of partnering with one or more of the cities within the county to examine the cost-effectiveness of installing a shared, governmental fiber optic network linking major city and county computing centers. The city of Olathe (and possibly Lenexa) has been installing optical fiber for traffic signal control, and is planning on completing a self-healing fiber ring for future use (a “self-healing ring” is simply a closed loop of fiber cabling between two or more locations enabling network traffic to have a redundant pathway if one part of the ring is accidentally cut). Partnering with cities within Johnson County to connect major facilities would eliminate the need for either the County or the cities to absorb the complete cost of building out a fiber network. Owning all or part of a fiber optic ring for governmental use would also give the County and participating communities additional leverage when negotiating additional leased bandwidth with 3^rd party providers.

There are many potential advantages to owning all or part of a fiber optic network. First and foremost, it would provide virtually limitless bandwidth for expansion of future network applications: document imaging, records and workflow management, desktop video and voice over IP (VoIP) all require substantial amounts of bandwidth. The network could also be used to implement a Storage Area Network solution (see the related recommendation below) and could provide bandwidth necessary for “mirroring” critical data and processing resources between two or more locations (see the related recommendation for Disaster Recovery Plans in the section on Organizational Strategies) for disaster recovery.

As a corollary to this recommendation, we