An MD&DI May 1998 Column
Filled with promise and threat, forms of electronic commerce are growing increasingly prevalent in the device industry.
Electronic commerce is the new buzz term for businesses across the countryits adoption promises to personalize interaction between suppliers, OEMs, and customers. But electronic commerce also threatens to reorganize companies and raises new security issues for manufacturers and the government. Even the term electronic commerce is bewildering, embracing such tools as Touch-Tone phones, fax machines, personal computers, E-mail, teleconferencing, magnetic tape exchange, and Web sites.
"Electronic commerce is an all-encompassing term for doing business electronically," explains Dan Browning, director of electronic commerce and electronic data interchange (EDI) at Allegiance Health Care (McGaw Park, IL). The roots of electronic commerce lie in the earliest use of computers for the exchange of electronic data, with files sent by modem from one computer to another. Such files could be as simple as a single order or as complex as a database of names and financial information.
Allegiance Health Care has a history of leveraging new technologies. The company, which makes and distributes medical and surgical products for acute-care hospitals and ancillary sites such as surgery centers, began using electronics to improve its productivity back in the 1960s.
"We were using electronic commerce before it was called electronic commerce," says Browning. "We had customers transmitting their orders to us over phone lines using paper tapes and punch cards."
Electronic commerce can take a number of forms. One of the most common is some form of EDI.
"EDI is designed for the exchange of structured data between what I call intelligent interoperating business systems, which operate without human intervention," says Rachel Foerster, chair of the EDI technical committee for the Health Industry Business Communications Council (Phoenix). The lack of human intervention is one of the characteristics that distinguish forms of EDI from electronic commerce in general.
One of the earliest types of EDI was the bar code. The automatic identification of products through unique identifiers increased recordkeeping speed and reduced errors from human input. Standards for universal product numbers were developed to help ensure accuracy, because errors in reading the codes could throw a business into disarray. The risk involved was heightened by the expanded use of bar codes by hospitals seeking to track patients, lab samples, lab reports, devices, and even x-rays.
"It doesn't do any good to put a bar code on a product if it can't be read correctly," Browning says. "When you are relying on bar codes for risk management, stock replenishment, and charge-backs, you have got to be sure they are correct."
To check the accuracy of bar codes, engineers have developed quality assurance software systems that help users check and maintain high-quality, accurate bar codes.
"Bad bar codes are like a virus; by the time any symptoms appear, inaccurate data have affected the entire system," says Michael Nolan, president of Automatic Identification Systems (Westerville, OH). "Just as you can't detect and stop a virus without lab tests, you can't find and fix bar code problems without bar code verification."
Later forms of EDI have involved, at their most basic level, two computersone on each side of a phone lineblasting data at each other. Such interchange facilitates ordering, invoicing, and payment between two companies.
ELECTRONIC COMMERCE PRESENTS PROBLEMS AS WELL AS PROMISES
Manufacturers must overcome more than a few barriers when adopting any form of electronic commerce. Ironically, the most challenging barrier may have more to do with psychology than technology.
Adopting electronic data interchange (EDI) can be a wrenching experience for a staff that has grown accustomed to certain procedures and protocols. "When you get into EDI, you take people out of the information exchange process," notes Rachel Foerster, a health-care industry consultant specializing in electronic commerce and EDI and principal of Rachel Foerster & Associates (Beach Park, IL). "That means you are going to have a dramatic effect on the organization and on people's jobswhat they do and how they do it."
Even when less-intrusive forms of electronic commerce, such as those involving the Internet, are implemented, the work process changes in ways unfamiliar to the staff. A natural response to change is resistance, Foerster explains. As a result, bringing electronic commerce into a company must be carefully managed to reduce the threat to workers and ease the transition to a new way of working.
"Your people need to participate in making sure the new automated processes are successful," she says. "If they feel threatened, they won't participate for fear of putting themselves out of a jobor at least what they perceive as putting themselves out of a job."
Although the human component can make or break electronic commerce in general, and EDI in particular, it is not the only pitfall companies must overcome. The one that causes the greatest concern to most companies is data security.
Business data must be kept private to ensure the security of proprietary information that is routinely exchanged among suppliers, OEMs, and customers. Similarly, businesses must be certain that orders sent and received are going to and coming from the proper parties.
"You want to be sure when you are ordering something from a particular company that you are really talking to that company and not someone posing as them over the Internet," explains Miles Smid, manager of the security technology group at the National Institute of Standards and Technology (Gaithersburg, MD).
Concerns are heightened when patient data are involved. Medical institutions are increasingly turning to the Internet to transmit diagnostic data such as medical images.
Typically, Internet security is handled by establishing firewalls designed to keep intruders out of the system. Relatively straightforward solutions such as vendor validation codes and digital signatures often meet security needs, too. System developers may also use cryptography, coding data to be comprehensible only to parties using authorized decoders.
The federal government is not very happy with this latter solution, however. The CIA and FBI want to be able to read messages sent over telephone lines if necessary. The Clinton administration has called for an encryption policy based on Cold Warera export restrictions and domestic key recovery systems. At present, encryption programs cannot be sent to some countries overseasmeaning that encrypted messages cannot easily be interpreted by people in those countries. The White House would also like to install "back-door keys" that would unlock domestic encryptions. Those keys would be held by a third party who could be called on by the government to turn them over under certain circumstances. However, system developers are understandably skittish about turning over data that would access their systems.
"It's a weird situation because, on the one hand, everybody knows that networks are inherently insecure and that encryption is an essential tool," says Alan Davidson, staff counsel at the Center for Democracy and Technology (Washington, DC). "But at the same time, what makes encrypted information difficult for a criminal or a hacker to read makes it difficult for the FBI to read if they choose to do a wiretap."
These legitimate concerns about privacy and data security exacerbate the aversion many people have to technology. The computer revolution fomented enormous turmoil, much of which was focused on the desktop computer. PCs have now been generally accepted, however, and are ubiquitous in American commerce. Similarly, fears about the use and implementation of electronic commerce will subside, say experts. After all, electronic commerce is little more than the conduit through which the lifeblood of modern commercedata and dollarsflows. As workers become more familiar with electronic tools and cautious in their use, aversion to electronic commerce will undoubtedly fade.
ELECTRONIC DATA INTERCHANGE
"EDI is a very specific electronic commerce tool," says Browning. "It involves sending business transactions back and forth in a structured format." This format was once dictated by proprietary data interchange systems but later came to be strictly defined by standards set by the Health Industry Business Communications Council, which adapted the standards for data transfer originally developed by the American National Standards Institute (ANSI). These rigorously implemented formats ensure the compatibility of data sent among companies and customers, regardless of the information type. Dozens, hundreds, even thousands of records can be transferred in a single session.
"EDI has become a standard way of doing business," Browning says. "It's not a matter of whether to do EDIyou have to do it within health care."
For example, Medical Action Industries (Hauppauge, NY) uses EDI to interface with distributors. "We receive orders from them, and we invoice them," says Philip Meringolo, company vice president. "If they request an advance shipping notice, we supply it."
In addition, EDI is an important part of the company's business transactions with its customers, predominantly group purchasing organizations such as Premier, VHA, and Tenet.
"We're pretty much in the ramp-up stage with most of them now with EDI transactions," Meringolo says. "They're thrilled by the possibility of handling lots of data without so many people."
Cost containment is one of the promises that draw companies to EDI. The technology is said to reduce the number of employees needed to process transactions. However, although it may contain costs, EDI does not usually reduce them. "It helps contain future head count," Meringolo says. "And it makes us a timelier provider of services to our trading partners."
The problem is that EDI can't work if only one side has the electronics to carry out the data interchange, and setting up an EDI system can be expensive. Fortunately, there is an alternative. Medical Action Industries uses a value-aided network (VAN), which employs an intermediary such as AT&T or GE in the data exchange process. "It's like an electronic mailbox," Meringolo explains. "Our trading partner sends data addressed to us, and they reside in a mailbox until our machine picks them up. Then we send data back the same way." This mediated data interchange method works around the need for both companies to have costly EDI systems.
The newest form of electronic commerce uses the Internet. Only a few years ago, this global network of computers was characterized as the information superhighway that went nowhere. Today, the Internet is not only a virtually limitless source of information, it is a major thoroughfare for electronic commerce. The form that electronic commerce takes on the Internet, however, is markedly different from that of EDI. Electronic commerce on the Internet offers an interactivity that promises to improve the relationship between suppliers, OEMs, and end-users.
The Internet puts people back into the electronic loop, giving them an array of tools for sending and receiving data. The simplest and most common tools are E-mail and voice communications that sidestep long-distance charges, such as software packages that allow point-to-point calling through PCs linked over the Internet. Another tool is the Web site, on which information about products and their availability can be placed, and electronic forms for ordering products can be accessed. Interactive service information can be offered on Web sites for users trying to whip products into shape, and sites can take the pressure off customer help lines by setting up chat rooms where users can exchange information and troubleshoot problems with the help of more-experienced operators. By making it easier for customers to do business, companies like Allegiance Health Care have experienced increased sales.
The fluid nature of electronic commercea developing technological process riddled with both threats and opportunitiesis unsettling for many executives. Many companies still refuse to embrace any form of electronic commerce, EDI or otherwise. This resistance stems from a wide range of technological and psychological barriers (see sidebar). However, despite the human and material obstacles to the process, electronic commerce appears to be inevitableonly its form and proximity are subject to debate.