Transcript for UCStrategies Experts Discuss E911 Enterprise Compliance
Samantha Kane: Thank you everyone for joining UCStrategies today. The topic is E911 enterprise compliance and the UC team has really discovered that E911 compliance really requires a UC roadmap and UC disciplines for both people and process as well as technology. My name is Samantha Kane and I’m going to start off today’s podcast by talking a little bit about how E911 enterprise compliance has come along in 2011, and then I’m going to turn it over to all the great experts and we’re going to talk about mobility, teleworkers, call center, the actual process and the requirement of changed management.
In 2011, E911 individual states in the U.S., has now approved in their legislation almost 30 states. And that has grown since 2009 when there were only 14 states that took exception to people being able to have the right to have good E911 compliance and service. And the important part to understand about E911 enterprise compliance, is that a business now is required to provide not only their employees, but their visitors and contractors that come and visit their campus, good and proper service. So that if they pick up a phone and call 911, that the information that shows up at the public safety dispatch is the proper information. So it shows the ANI, which is the Automatic Number Identification, or the telephone number that they called from, as well as the ALI, which is the Automatic Location Identification, which is the actual service ID address that they are calling from and not their billing address that happens 99% of the time, and that’s what shows up at the PSAP.
A couple of other things that have happened for E911 compliance is that that PSAP Officer must be able to call you back if you’re the person that made the 911 call. So they have to have the right direct in dial number, or the right zone and the right floor that you were calling from. So that not only can they call back and get extra information if they need be, but when they come to the site, that they are not losing any time and they know where to go. So if you add into that mix, voiceover IP, cellular, network enterprises environments across two or more states, you start to get the beginnings of a very complex landscape. There is no recipe book out there yet, but UCStrategies folks think that we’ll be able to provide with good details and good practices to be able to take care of E911 in your enterprise.
So we thought that we’d point out some of these things that may strike a chord with some of you or in fact, all of you. And first, I’d like to talk about E911 and what UC have in common. They both are about integrating communications into business applications for the purpose of better customer service, as both require attention to how you do, or interact with your customers or your citizens, in an efficient and effective manner with the correct information. And that is key in the PSAP Center, that they require the right kind of interaction, with the citizen and the enterprise because there is no room for mistakes.
Second, both require consideration of a customer or an employee safety. So Enhanced 911, is a critical component of a corporation’s liability and risk management plan. Whether that be a safety and governance handbook that perhaps larger enterprises have, or just the person that handles HR should be very aware of these requirements. Knowing the accurate location of your employees when they call 911, is critical to your emergency response plan. And enterprises are increasingly required to provide E911 to meet state and local regulations. The problem is, that if you do business in two or more states, and those state legislations are different, which ones do you pick? Do you act on them differently and then provide those employees with different standards? Or do you take the most stringent legislation and that’s what you implement right across the board?
Third, both require attention to the people, the process and the technology issues as well as coaching management, and change management. And those are key when you start to implement E911 enterprise compliance. They both require, or they all require that the organization fundamentally define the business goals to be achieved, to determine if the business problem exists to even check to see existing call flow. And if you make a 911 call, where does it go, does it even go to the right PSAP? And if those are challenges, then what do you do about it?
With any E911 implementation, there’s a need to address both the compliance and the risks and have formal interaction with the state E911. So if you get a floor plan out of your environment and the state legislation says 22,000 square feet, but you can’t see 7,000 feet across the room, then you have to be practical and put something on like your fireman’s hat and consider line of sight. So those are practical things that you need to prepare for and think about. What I would like to do is, I’d like to turn it over to Marty Parker to talk to some of the complexities and issues, and then we’ll hear from Art.
Marty Parker: Hi Samantha, it’s Marty Parker and thanks for your great introduction. Clearly folks, Samantha and her team are really leaders and thought leaders in this category. You can see a number of things they published on this topic as evidence of that. I think the key point that I’ll bring out, Samantha, is that most of our enterprise clients are looking at the question of what must I do to be compliant? They’re looking at the minimum level of investment in order to assure reasonable safety for their people because they care about their people, and the amount that they have to do in order to meet the state regulations. I would say that neither category, do our clients feel particularly comfortable with those two questions. There’s very little help that they receive from the vendors in terms of any suggestions of policies or practices governance and so forth, relative to safety of their employees. So I think that there is opportunity and you’ve been serving this opportunity, Samantha. There is opportunity for consultancy and intelligent best practices work to help the customer make the right determinations. It’s always tricky of course when you’re talking about personal safety. You know, you can hear people in the room saying, how can you ever spend too little on that, spend as much as we can, do everything that we possibly can. But of course, that’s not how businesses or society operate. You cannot afford to do everything you can think of in almost any case that I can imagine. So you do the right thing, you do the optimal thing, you do the best thing.
Now once they’ve decided to do that, I would say that, as a consultant, I’m thinking that I will further modify the RFPs that we help our customers issue, and help further with the requirements when we’re doing ongoing planning, in order to capture some of the subtleties that you’re bringing up. More and more, people are not working in offices. As an enterprise, am I going to take responsibility for someone who is working at home or working on the road, or will a only have the responsibility for them when they are in my building? If it is, and I’m going to do it when I’m in the building, then I’ll have to have a written policy and maybe even ask the employees to sign a letter of understanding that says, “Yes, I know that when I am out driving around in my territory or working from my home office, that’s my responsibility and I don’t use the enterprise system, I use my cell phone, personal cell phone, or I use my office desktop phone to call 911, and then I’m going to get the right response.” So they need to understand what can be done in what situations and of course there is training to be provided and compliance to be monitored in that case. If they do take responsibility, then of course, we’ll have to up the scope of work for deployment of 911 services inside an enterprise because then I’ll have to map each home office as a separate location, make sure I know which PSAP to route to for that employee, and so on and so forth.
So I do see that there is really a need to be careful about this, for reasons of safety, and there’s a requirement to be careful about it for reasons of regulatory compliance. And of course, if there is a law about something, and an enterprise doesn’t comply, then they are subject to lawsuits from people that are damaged. So (there are) all sorts of risks going on here as you said in your earlier conversation. And perhaps some enterprises will find ways to be creative beyond the minimums but my estimate is most of them will be trying first to reach the minimums in an appropriate best practices way. So that’s where I am going to focus most of my attention. Thanks for the guidance on that, Samantha. I am going to pass it on to Art Rosenberg.
Art Rosenberg: Thanks Marty, it is a fuzzy area, and it touches on something that I felt was always very important to UC in the beginning which has to do with contact with people, which may or may not be location based. And as the world becomes more virtual, that contact is also becoming a variable and virtual in the sense that whoever needs, has a problem, has to be able to be notified or has to be aware of being able to ask for help or assistance, whatever the problem is. And then whoever is going to be responding to that need, also has to be identified and located, which also could be virtual. So it’s not location-to-location. The person needing the help is in a particular place necessarily and the person responding is not in a particular place necessarily. But we still have to make contact and that is where UC comes into play—that you can make contact with whoever may be appropriate to respond or to take charge, or to initiate requests for help. That they can do this any way that is convenient and efficient and still we get to the right place with the right resources and so on. And until we have the framework, the structure that UC is trying to provide these days, especially with mobility, you never know, somebody’s in the car or in the office, or on their way somewhere, who knows? But until you have that capability of knowing who needs what and who’s available to support that, you can’t manage it. And you can’t assume that people are going to answer a particular phone number at a particular location. It could be a voice contact, it could be a text contact. The point is, it is not going to be location based anymore, but you still have to end up with a location for who’s going to be responding to the origination of the safety problem and also, who how you get to that person that needs the help if it is location based.
So we can’t really have our cake and eat it too. You have got to kind of provide for the flexibility of taking care of all those questions, no matter how the problem arises. It is being handled by the person who sees the problem first and with the mechanism set up to identify sources for relieving a problem, which could be directory information, who’s in charge, who’s authorized, and who’s available. And this where presence comes into play... So all of that has to be put into place as a framework. So that when there is a need for help, even if it is something that is done automatically, if the person doesn’t find it, there is an automatic sensor that tells you that your building is falling down, or on fire, or whatever. So this is kind of a new way to look at things that is not going to be dependent necessarily just on people. But we have to find the right people to be able to respond to the right people, no matter where they are and how they made contact. And that’s my view on how UC can come into play to take care of some of the issues and questions.
Samantha Kane: Thanks so much, Art. I’d like to build on that, if I may. What I’ve heard from you is that planning and preparation and understanding the people skills and the business process, and that call flow today, and making sure that it is in fact picking up the phone and calling 911, that it goes to the right PSAP and that UC can help in that planning. I’d like to share a story with you. We have a customer and they are in Vermont, Massachusetts, and New Hampshire. And if you go to the front gate of one of their main sites in Vermont, if you go to the back gate it’s across the Connecticut River in New Hampshire. But the operation folks who are tied to the Vermont switch by OPX are in New Hampshire. So if they dialed 911, the PSAP would show up at the Vermont front gate. Oops. That was discovered by doing some preplanning and doing a compliance study and to be able to determine what the weak links were in the process that they have and the call flows that they had today. So you bring out a very valid point.
I’d like to go back to Marty’s comment about taking the least cost road, and Marty, you are absolutely right. Until 2011, there were very few enterprises that said we’re going to take on what’s best for our employees and our customers, and we’re going to minimize our risk. So what we suggest those kinds of enterprises do is, we’ll provide you with all the legislation, because it’s not just state legislation, there is federal legislation, there’s vertical legislation, such us the Higher Education Opportunity Act for campuses now, there’s the American Disability Act that requires if you build a new building, that you have to provide an area of refuge for disabled folks. And it is getting more complicated so I think the best thing to do, that’s why we hire lawyers, is to give folks the information and that they determine based on definition what their risk is. And then perhaps hire a consultant to be able to do a compliance study and measure the gaps and the risks against their current environment to see what it would cost to do and become compliant. So with that said, I would like to turn it over to Blair Pleasant if I may to talk about a little bit of expansions as Blair’s quite an expert on teleworkers and where she sees E911 being complex and the challenges. Blair?
Blair Pleasant: Thanks Samantha. The real problem with teleworkers is that they’re obviously located at home, located in shopping malls, in strip malls, in other peoples offices. And often times they’re working from mobile devices or they’re using soft phones on their PC’s or the computers that are provided to them. And there is really no way of knowing exactly where they are or what device they are using at the time.
Samantha Kane: Thanks, Blair, I’d like to give an example of that. And this is where even it gets more complex. If you have voice over IP, IP phones, you require a third party appliance, an LIS server to be able to register and track and trace those IP phones. Because if somebody unplugs their phone and moves to another building, then you lose track of it. And this appliance helps do that. But some of those appliances do not have the capability to understand a soft phone, and so two things are happening now out in the industry. Appliance manufacturers have to be sensitive to a teleworker and a road warrior. And if they come in on their soft phone, onto their network, they have to re-authenticate where they are and put that in, or as Marty has suggested, put a firm corporate policy in place as to, you use your own instrument, especially in a hotel room that is set up to handle 911 calls. So you’ve brought out a great point, it’s not just where they are, and the tool or the instrument that they use, it is also the complexity of being able to track and trace that tool in that environment. So do you have any comments to add, Don Van Doren?
Don Van Doren: Sure Samantha, maybe just an example. I think you mentioned contact center at the start, and of course, this is one of the areas where frequently you do have teleworkers, plus you have them working on the enterprise system, on a VoIP call or something like this. So this is in an area where compliance can become a real important issue, and frankly can be a headache. And I think that Marty’s suggestion about having the employee understand that if an emergency were to arise, they don’t use the call center phone that they’re on, but rather go to their house phone or their own personal cell phone. But that is an area that I think a lot of companies are having to look at and think through how they want to handle it in their contact center environment.
Samantha Kane: Good advice Don. I think I’ll wrap up by saying the best thing that any enterprise can do for themselves, is to plan, and approach their vendor partners to see if they have an E911 strategy that they can help with. Certainly for consultants and enterprise folks out there, pick up on Marty’s advice and be very explicit in your RFP requirements as to the things that you need in your E911 compliance for your state or where you do business. And do other things just outside of technology. Talk to your safety and governance folks or your risk executives as to what those policies are and what they are prepared to do. Do some homework as to what happens when you make a 911 call today. Is there the right information posted as to the actual service ID address that a visitor is at, do they really know what address they are able to give to a PSAP Officer if they had to make a 911 call? And even at a campus where you check in with security, what are the orientations that you give to a visitor or someone when they sign in? Are they escorted? Is there a little piece of information that you can put on the back of their visitor badge that tells them some of the components or advice about dialing E911 from their enterprise campus?
Those are just some suggestions. There are some great things going on with next generation E911 and certainly some of the PSAPs. There are 6,128 PSAPs in the United States today, and more are growing, and they are all trying to come to terms with all of the technology, and all of the complexity that we’ve talked about today. So thank you so much, everyone, for listening today and if you have any follow-up, I’m sure that we’ll be able to get back to you.