Friday, May 29, 2009

Wasting Money With The Wrong Staff

In an earlier post, I posed the question, "Do charitable organizations have a duty to spend their grants and donations the way a reasonably prudent business person would spend his or her own money?" My goal was to prompt discussion on whether not-for-profit managers have a duty to use their resources to the best of their capabilities. I believe that duty is higher for those who manage taxpayer funds than even the duty on those who manage shareholder and investor funds. Based on some questions and stories I received since then, this topic deserves more discussion.

The issue tends to come up only when there is some type of problem: employee performance is substandard, financial resources are squeezed, or the overall economic outlook is exceptionally challenging. That makes sense. In good times, most people are willing to overlook things and put off unpleasant tasks. When times are tough, however, every “minor” matter becomes an aggravating thorn in the organization’s collective neck. But that does not mean managers snap into proper form and deliver.

Take a recent example that is behind the headlines: a public school district in a large U.S. city is cutting teachers because of severe budget problems. All across this large district, experienced, good teachers are getting pink slips. Yet in that very district, other teachers who abusively yell at kids or sneak out during the work day to meet friends for coffee will not lose their jobs.

Another example comes from the nonprofit sector. Even though one particular organization is not facing budget cuts, it never has enough money to hire enough staff to meet the needs placed on it by the communities it serves. Yet within that large organization are staff who have been moved from department to department because they are either incompetent, unmotivated or incapable of performing their jobs adequately.

Both of these situations were created by the same thing: supervisors’ refusal to take the steps necessary to appropriately set expectations and terminate employment for substandard performance (or even outright policy violations).

If you have managed people and been responsible for hiring and firing, you may sympathize. It is not fun. No one likes to do it. Unless the employee is a total jerk or commits a crime, there is no satisfaction in tossing anyone out onto the unemployment rolls even in good times. But making good firing decisions is just as important as making good hiring decisions and when budgets are stretched thinly, it may be even more important.

Here is why: somewhere there is someone more capable who wants that job. In today’s economy, they may even be unemployed and also need it. By leaving an unacceptable employee in his or her position, you not only cheat that very worthy, motivated, qualified prospective employee of the opportunity to do a great job for your organization and its constituents, you also cheat your funders—who do not get all they should for their money, your other employees—who pick up the slack or at least share the strain caused by a weak link in your staff lineup, and the communities you serve—who get BOTH substandard services from these inadequate employees and less total services than they would get if everyone was working at capacity. And when the funders are taxpayers, directly or indirectly, they have every right to want to see heads roll: their money is being misappropriated from its intended purpose and diverted to someone who cannot or will not do the job while too many willing prospects sit idle. It is offensive. It is immoral.

What should an organization do? It is not complicated or difficult and you have probably heard this countless times if you have been in management very long: set expectations and build a file when your staff fails to meet them. You take risks if you are sloppy, and perhaps some managers avoid this process because they think it takes too much effort. However, this is not difficult to do correctly. The reward is great, however, and the effort is generally short.

First, make sure you have clear performance expectations for all employees, from the top to the bottom. Exempt no one. Second, make sure those performance expectations have been communicated to each person. It sounds odd, but it happens more than you would think that job descriptions are buried in HR files and never handed out.

Third, document your training and offers of help for anyone who lacks the skills and knowledge to perform their job duties. Fourth, document every incident where the employee has failed to meet expectations AND your plan of action for helping them avoid future incidents. Finally, take prompt, progressive, appropriate action when failures continue.

Progressive action could follow this type of pattern: oral warning -> written warning -> probation -> suspension -> termination.

Before you hire a replacement, review those performance expectations. You want to hand them to the new hire on day one. Hopefully, you will not have to follow this plan very often. Unfortunately, if you are an employee, you probably have worked or will work for a manager who never does.

Tuesday, May 26, 2009

“Gotcha!” at Closing: Beware the HOA Inspection Report When Buying a Home

As more and more subdivisions adopt common deed restrictions and covenants, the chances that you will buy a home in one of those neighborhoods increases. While covenants and restrictions are nothing new, there is a trend that can catch the unwary by surprise and add thousands of dollars of unexpected costs above the purchase price. Some due diligence can save you a lot of grief.

Contract terms that apply to the land before the first purchaser buy a lot, are recorded in the public land records and referenced in each subsequent conveyance are said to “run with the land.” Those documents are public records and available for anyone to review before agreeing to purchase property in the subdivision.

However, the covenants typically vest a number of powers in a body of representatives of the entire group of owners. Those powers include the ability to adopt and enforce rules consistent with the spirit of the original covenants. Unlike the deed restrictions, these rules are generally not public record and can only be obtained from a member or officer of the home owners’ association (“HOA”).

HOAs have the unpleasant task of enforcing rules drafted to help keep all property values up by ensuring consistent levels of exterior maintenance, upkeep and accessibility. It is a thankless job but one that benefits all owners in the subdivision. On the flip side, if the HOA turned a blind eye to violations, the entire set of covenants could be declared nullified by failure to enforce them over a period of time.

HOAs have a new trick they use to meet these obligations: the so-called “resale inspection rule.” Here is one example from Maryland. Here is another example from Arizona. These rules can apply to condominiums as well as traditional lots.

Although the rule varies from HOA to HOA, it typically includes a requirement that anyone selling their property obtain an inspection by the HOA architectural representative. If the property passes, everything is great. If the property does not pass HOA inspection completely, then that can become the “gotcha!”

Here is how a good plan can cause trouble even for people who had no intention of violating the HOA rules:
1. HOA inspection is mandatory, but not requested before closing
2. HOA inspection occurs, but report not received prior to closing
3. HOA inspection occurs and report is received prior to closing, but after the purchase contract becomes binding
4. HOA inspection occurs and Seller fails to disclose the non-compliance issues pointed out in the HOA report
In most states, the first and last scenarios likely can lead to legal action by the buyer to either reform or avoid the contract because the Seller has done something intentional and deceptive or negligent. It is the other two that are more likely to occur, and because there is no intentional deception, the remedies available to the buyer can be limited.

For example, let’s say Owner wants to sell House. Owner spruces up the place, gets a Realtor, lists the house for sale and starts preparing for tours. Because Owner knows the rules, she contacts HOA to inform them of the new listing and request the mandatory HOA inspection. HOA takes its normal, customary 8-10 business days to get around to the inspection. HOA finds a few “minor” items of non-compliance, and within a couple of days, mails its report to Seller.

The only problem here is that the market is pretty hot and Buyer makes an offer on the third day the property is on the market and has a closing date scheduled in less than three weeks. Why is that a problem? Seller may honestly have no actual knowledge of any non-compliance items to list on the disclosure statement. Buyer relies on the Seller’s disclosure statement and the train is rolling towards closing. Depending on how quickly the HOA completes and delivers the report, that document may not even show up until after closing. If the cost to remediate is substantial, the sale may be off.

Protect yourself by doing some research before you make an offer. Read the seller’s disclosure statement very carefully (in states where they are required), then ask questions in writing and get the answers in writing. Here are some questions to put in your list when there is a mandatory HOA and there are active covenants and deed restrictions in place:
a. Does the HOA have any requirement for an HOA inspection prior to, after or in connection with the sale of property covered by the deed restrictions?
b. If so, have you complied in all respects with that requirement?
c. Are you as home owner in compliance in all respects with all HOA rules?
d. Is the property in compliance in all respects with the HOA rules and covenants?
e. Has there been an HOA inspection or report related to your property in the past 24 months?
f. Do you expect to receive any report from the HOA prior to, after or in connection with closing?
g. Please provide the names and contact numbers for all current HOA officers.

Most HOA officers see themselves as ambassadors for their neighborhood. They want to paint the environment in the best light and will be helpful. Ask if they have any violation history on the property you want to buy. Ask them what the requirements are on an owner when she wants to sell as well as on a buyer when he completes the purchase. They will typically provide copies of rules, meeting minutes and even HOA financials if you ask, though they may ask you to cover the costs.Buying is stressful enough. Do not let the unexpected get in the way of your new home. Ask questions. Probe. Be prepared. Hopefully, there will be no “gotchas!”

Thursday, May 21, 2009

Why Written Policies and Procedures Matter

Over my career, I have worked with a number of organizations. The ones that were the most effective, had highest employee morale and fewest compliance failures had one thing in common: they valued written policies and procedures highly. The organizations and departments that were the most troubled did not. They saw written procedures as inconvenient, unimportant, unnecessary and an annoyance.

If your organization or business receives federal money through grants or contracts, you most likely have a duty regarding effective policies and procedures that carries serious penalties for noncompliance. Even if you do not have the express or implied obligation, there are plenty of examples of situations where the lack of such procedures cost a business, agency or organization.

A Few Examples

The lack of written procedures is frequently named as a primary or contributing cause in product recalls, medical testing failures, allegations of unfair federal regulations, inadequate training programs and government program audits. It is also often determinative in court decisions in favor of employees who file grievances and lawsuits.

These examples show how expensive and embarrassing it can be for the organizations. The cost in lost productivity and distractions from each organization’s primary mission are at least as high as the costs of outside counsel, internal investigations and preparation of an appropriate defense against the accusations. In some cases, the failures held the potential to cost lives. In others, they mean wasted efforts and untold hours by people who most likely wanted to deliver good results.

Reasons or Excuses?

In some businesses, sheer arrogance and a false sense of impunity are behind the lack of written policies and procedures or refusal to follow those in place. (See my earlier post “Too Small to Worry About Compliance?” inspired by a true situation.) In my experience, most of the reasons for inadequate, incomplete or nonexistent procedures are really excuses and have simple answers.

1. “We need flexibility. Written procedures are too constraining.” While some processes in your office may need detailed, step-by-step procedural guides, at least as many only need general guidance. Design your policies so that they provide as much guidance and restrictiveness as is necessary, but no more. Employees do not like to be treated like children. If you can develop criteria for what the output should be, while leaving your talented staff to arrive there using their own solutions, then all you need for the process is a set of guidelines—boundaries of a sort—to communicate the amount of latitude they have.

2. “We trust our staff to do the right thing.” Is it trust, or laziness on the part of management? Jim Collins, in Chapter 3 of his book, Good to Great: Why Some Companies Make the Leap…and Others Don’t, describes how the best leaders of the best companies first got the right people in place, then charted their paths to excellent results. But as judgment after judgment in employment, antitrust and product liability lawsuits prove, most organizations focus on their mission first, then select their staff and really cannot trust everyone to always do the “right” thing. Better to use the “trust but verify” approach, with a solid set of guidelines and quality assurance checklists. Employees generally want to do their jobs correctly. They will reward your efforts if you give them clear, smart, written guidelines so they understand what you expect them to deliver.

3. “There are already too many rules and regulations.” If you have “too many rules,” but still have compliance issues, then you may simply have the wrong rules. An attitude that there are too many rules means that many if not most are ignored. Talk to your staff and middle managers, then develop a way to update your policies and procedures so they are realistic, relevant and referential. The solution is not more policies, but good, sufficient policies. As Elaine Herman wrote in her article, “Less is Really More,”

The impressive length of many nonprofit policy manuals is generally the result of good intentions; leaders believe that adding new policies to an existing manual will add emphasis to key issues. But this encyclopedic practice can be a recipe for disaster.

4. “By the time we finish writing procedures, our processes have changed.” In my series on business process improvement, I outlined a generic strategy for assessing internal processes then designing and testing better ones. Write and amend your procedural guides as you change your procedures. This hand-in-hand approach keeps the written guidelines fresh and relevant. Written procedures are not static. They have to be constantly reviewed and updated, because so many things change in our offices every day. If your procedural guidelines were based on paper-only processes, then update them for your electronic information systems. If your policies only addressed the use of company equipment and email, update them to cover the blending of work and home life that so many employees now have.

Ounces of Prevention In Our Hands

If you have compliance gaps, look first to ensure that you have current, clearly written and adequate written policies and procedures that address the situation. Look next to how those policies and procedures were published and communicated to the staff. Unwritten policies are as ineffective as written policies that are unpublished. When you find gaps in the written materials, fill them. One good resource for personnel policies is the Personnel Policy Service website, where you can read, for example, The Case for Written HR Policies. Other materials guide development of written policies and procedures of a general nature, such as 7 Steps to Better Written Policies and Procedures.

If you have no idea where to even start in terms of drafting procedures, look at this discussion of the most important topics for policies and procedures published by the National CASA Association and the list of “Integrity-Related Written Policies” by the National Institute of Ethics for its Certificate of Integrity Program.

Finally, if you still think that written policies and procedures are for schmucks, wimps and “the other guys,” consider this point well-stated by John Outlaw in his article, “The Case for Compliance: Why You Need an Effective Compliance Program,

There is another benefit to implementing and maintaining a compliance program, although nobody wants to think about needing it. The Federal Sentencing Guidelines provide relief for any entity convicted of a crime that has an effective compliance program in place. In determining the amount of any fine, the Guidelines require a court to determine a “culpability score” by calculating aggravating and mitigating factors. Having a compliance program doesn’t excuse the crime, but demonstrates that the organization took reasonable efforts to prevent, detect and correct any improper conduct. It may lower the organization’s starting “culpability score” by 60%, and not having a compliance program is actually considered an aggravating factor which increases the culpability score! (Emphasis mine.)

Monday, May 18, 2009

Congress Can Do Better Than the Employee Free Choice Act

Can We Have it Both Ways?

In a recent town hall meeting, President Obama confirmed his general support for labor unions, but called on teachers unions to agree on both merit-based compensation and prompt termination of teachers who do not meet performance standards. In my past experiences as a union negotiator on behalf of employers and as a former union member, national unions fight against those two issues with religious zeal. The unions I have both been in and negotiated against preferred compensation systems based on seniority and longevity that took away all connections between performance and compensation. Is that about to change?

First, A History Lesson

The National Labor Relations Act was passed in 1935 as part of the massive legislative response to the Great Depression. Sometimes called the Wagner Act or Wagner-Connery Act, after its primary sponsors in the Senate and House, the NLRA took away employer’s power to legally fire workers who unionized or withheld labor under certain situations. By the mid-1940s, labor union membership soared to as high as 35% of the total U.S. workforce.[1] Then the Taft-Hartley Act of 1947, a/k/a the Labor-Management Relations Act, sought to add limits to union power and prohibit some types of organized economic activities that employers felt amounted to economic terrorism. It was the first major revision of any New Deal legislation.

Later, with the Landrum-Griffin Act of 1959, Congress had completed the picture: Wagner-Connery protected the union, Taft-Hartley protected the employer and Landrum-Griffin protected the rights of union members.[2]

Now, the Employee Free Choice Act has been introduced once again, though its future looks murky in this Congress. One of its stated goals is to help employees form unions more easily and mandate employer recognition and bargaining immediately. A mandatory, binding arbitration would establish a two-year initial contract if there is no agreement within 90 days. Opponents cite the bill’s “fast track” membership mechanism (where signed intent cards can be used optionally in lieu of secret employee ballots) and the prohibition against employer counter-campaigns as major flaws. Supporters say it is needed because collective labor negotiations are more important now than anytime since the Great Depression.

Everyone is Partly Wrong--and Partly Right

While some employers have over-reached in their efforts to prevent unionization efforts from taking root, some union organizers have also gone too far in their efforts to build support. Both sides have good arguments as well as specious defenses. It is safe to say neither side is entirely in the right or entirely blameless. I think they are both fighting an old fight that ignores the real opportunity to actually improve the entire labor law system in the United States.

Here is a look at some of the issues that labor and management are either afraid to discuss or unable to do so dispassionately with an open mind for long-term reform:

1. Fair and balanced communication.
The NLRA protects the employee’s right to engage in union activities as well as to not engage in them. It also protects employees’ rights to engage in certain activities without even forming a union, such as collectively addressing working condition issues and pay with the employer or discussing their pay or working conditions among themselves. Employers may not interfere with, restrain or coerce employees engaged in unionizing activities and unions may not restrain or coerce employees into doing them. The NLRB decisions over the decades have been generally very strongly worded in finding even subtle comments as violations of the NLRA.

Today, labor groups and employers each accuse the other of intimidating employees. Unions scream about “union free” efforts while employers point to sometimes brutal actions by union members against employees who disagree with them. One thing is common to both camps: each is restrained by what the laws say they can and cannot communicate directly to employees.

So fix it. Clarify the statutes so that both sides are entitled to free, honest communication, subject to scrutiny and oversight by the NLRB. Whether you take a page from the Federal Election Commission’s regulations or the Federal Communication Commission’s, find a way to un-muzzle advocates on both sides. Today’s employees are much more mature and informed than those of the 1930s. They also are quite capable of blogging, Tweeting and YouTubing evidence of deceptive and false communications by one side or the other. Free speech is a fundamental American value and the guidance from Whitney v. California, 274 U.S. 357 (1927) is still sound:

"Fear of serious injury cannot alone justify suppression of free speech and assembly." Id. at 376.

"Those who won our independence by revolution were not cowards. They did not fear political change. They did not exalt order at the cost of liberty. To courageous, selfreliant men, with confidence in the power of free and fearless reasoning applied through the processes of popular government, no danger flowing from speech can be deemed clear and present, unless the incidence of the evil apprehended is so imminent that it may befall before there is opportunity for full discussion. If there be time to expose through discussion the falsehood and fallacies, to avert the evil by the processes of education, the remedy to be applied is more speech, not enforced silence. Only an emergency can justify repression. " Id. at 377.

"Sunlight," Justice Brandeis later wrote in Other People's Money, "is said to be the best of disinfectants; electric light the most efficient policeman."[3]

2. Merit Pay and individual performance incentives.

Just because there is subjectivity in an action does not mean it cannot be fair. Performance-based compensation has tremendous value for the employee and the employer. At least it does for employees who want to get more for doing more. No one should still cling to the old notion that people will simply work harder than they have to for personal reward or satisfaction. Positive reinforcement is valuable, whether in non-profit, for-profit or government jobs.
National union leadership would say they do not attempt to protect incompetent workers. Managers and executives would also say they do not attempt to arbitrarily and capriciously terminate staff. It all happens anyway from time to time.

Tying or maintaining a connection between compensation and performance also means that the rating system is more likely to be fair and consistent AND that employer and employee will use it appropriately. Union and management can work out acceptable systems that meet the goal of (a) identifying areas of exceptional performance, (b) identifying areas of substandard performance, (c) calculating the pay adjustments based on the review and (d) setting performance expectations for the next review (as well as any curative measures the employee needs to take). They can even agree—dare I suggest it?—on guidelines for individualized compensation plans that incentivize excellent results with accountability and realistic criteria. It works in non-unionized businesses and with non-bargaining unit staff every day.

One size does not have to fit all. Most workers today are not employed in mass-production industrial shops. The vast majority are in information and or service sector jobs. It is time to dump the industrial-society labor concepts and craft something fresh and relevant. Workers today are better trained and more knowledgeable than their grandparents. Change the statutes that constrain innovation in the labor-management relationship so labor and management can actually have a modern relationship.

3. Employee participation in TQM-style efforts.

Likewise, unshackle innovation among the ranks of employees. Take off the blinders, folks. We are in a very different world than in the 1930s. American business has to be able to encourage innovation, excellence and ingenuity among the ranks to maintain or regain its competitive edge in the global marketplace without fear of charges alleging an “employer-sponsored union.” Employees want to participate. They like having input and influence over the solutions. Past generations may have preferred to be taken care of by paternalistic bosses, but younger workers want to be involved in finding solutions.

Collective Bargaining Agreements (CBAs) are unique to every situation, but affiliates of national labor organizations tend to get a lot of suggestions and encouragement from the national representatives. Kill off the “hot button” issues and make every CBA a “local” CBA. Union leadership is certainly capable of customization that has the local employees’ best interests first. Employers are likewise capable of localized CBA provisions that take into account the unique needs and goals of work groups in each location.

Just because an employer retains the right to implement, modify or decline an employee's recommendations or suggestions for improving the way work is done or enhancing working conditions, does not mean that such a "quality assurance committee" is a labor group dominated by the employer, and thus violative of the NLRA. Let the CBAs permit joint employer-employee work groups that fit the needs of the local work site as well as address overall business process improvement.

Either Lead, Follow, or Get Out of the Way

It is easy to be against something. You let the other side define the discussion then sit back and tear it apart. It is much more difficult to propose viable alternatives and compromise. A lot of water has gone by under the NLRA bridge since 1935. Many honorable people on both sides have come and gone. There are plenty of scars to go around.

Get over them. We are humans working for humans. Some people are greedy, others lazy. Some are power-hungry and hyper-competitive, others opportunistic profiteers—on both sides. None of those is reason enough to impose communism or socialism and very few really want that for themselves.

What is really broken is the whole “zero-sum” labor-management relationship concept. It is time for a better plan entirely. One with flexibility, collaboration, transparency and fair advocacy on both sides. To get buy-in from both camps, Congress should truly draft a “Free Choice” act that seeks to address the short-comings of the outdated system we now have, not just shift power to labor union leaders who lack vision of a future work force that is so valuable, effective and efficient it cannot be replaced with off-shore competition.

No more "it cannot be done" excuses. This is the "Yes, we can!" generation.

[1] Kusnet, David, “UNION ADVANTAGE: The Case for Organized Labor and Democracy in the Workplace,” United Professions AFT Vermont Website,

[2] My research was much easier because so many labor union web sites contain the full text of these statutes. While there may be many employer sites that also display them, I did not find one.

[3] Excerpt from online text at Louis D. Brandeis School of Law,; Chapter V: What Publicity Can Do.

Friday, May 15, 2009

Business Process Improvement for Nonprofits - Part 8: Diagnosis & Assessment (Again)

The story so far:

Step 8: Diagnosis/Assessment Round Two: “If no improvement, why?” “If that worked, what else can we improve?”

This is a natural phase, especially for critical thinkers. One where you question the results, both expected and unexpected. Why did you get the ones you did? Why did you not get some you hoped for? Have you accounted for these things?

1. Inertia: some people want to keep doing things the way they have for some time. They would still use Windows 3.11 and WordPerfect 5.1 for DOS.

2. Hidden resistance: not the people kind, the process kind. Were your workflow diagrams realistic, honest depictions of what is really going on, or idealistic hopes about what should be happening?

3. Environment: did something happen during the testing phase you did not plan for? When people are faced with a stressful situation, they will naturally revert to what they know works. Perhaps something unusual occurred that took the testers off mission.

4. Flaws: are there parts of the solution that are worse than the problem you seek to address? If so, are there other aspects of the whole solution that will counter-balance them?

Be sure to make good note of what did work as well or better than expected. Those hold hints of what will work in other areas with other staff. Dig in. It's good for you!

Remember to share the results with your testers and be honest. They deserve to see how their actions, intentional and not, impacted the results. They also may be a good source of insight on both the causes of undesirable outcomes and the keys to better ones.

(The next post will be the last in this series.)

Wednesday, May 13, 2009

Managing Your Online Reputation - Part One

Whether or not you conduct business online, your business name is online.[1] You have no doubt heard about “Cybersquatters,” the people who buy up web addresses with the hopes of selling them later for a hefty profit. Cybersquatters are not the only ones you need to watch.

As technology expands and more people go online, there are more and more outlets for people to share their views and experiences. These days, there are too many to name—places in the virtual world where anonymous comments are not only possible, but also potentially very damaging—from message boards to Instant Messaging tools to blogs. Then consider that almost every electronic communication tool has a way for others to post comments and replies—some public, others private—and you start to see the picture.

Defamatory comments about your business or employees, even if untrue, can get out of hand quickly. Disgruntled customers may be likely to plaster negative remarks all over the web. They are more vocal and resourceful than ever, according to this recent article from MSNBC. You do not want to see your company’s name on this site, for example, or your products mentioned here.

Insiders can also do their own damage by posting comments from an employee’s perspective on the company culture, management, or trade practices. Take a look at these examples of gossip boards, for example: Public Message boards like this one at Yahoo and this one that began as the dot com bubble burst but now has a new lease on life.

And there is the ever-present risk of disclosure of company secrets from staff, business partners or even customers. Once your secrets appear on FaceBook, Bebo or Yammer, they have been let out of the proverbial bag. You can sue all you want and even win all your lawsuits, but a secret is not a secret once it becomes public. Besides, lawsuits cost money and distract you from your core business.

Finally, every business executive should worry about YouTube and similar video sites. Here is a compilation of bad customer service comments given to a video reporter in NYC. (Caution: this one has very rough language.)

You need a strategy and it is not complicated. The hardest part is diligent monitoring without becoming obsessive. The three-part strategy I recommend is:

1. Protect what you can
2. Monitor routinely
3. Take immediate action if you find a problem

In subsequent posts, I will explore each of these with more detail.

[1] In fact, your own name is already probably online. There are a number of business data web sites now (Jigsaw, MarketVisual, ZoomInfo, Spoke, etc.) that cull public data and attempt to build a data map that they then charge you to update. Think about it: they get the data wrong, then want YOU to pay them to correct it.

Monday, May 11, 2009

Does Unlicensed Software Put Your Organization at Risk?

Before we begin…

Here is a quick test:

Question: Name the only type of software that you can use legally without a license.

Answer: Software you write for your own use. All others require some type of license from the author and using any of them without a valid license is illegal as well as taking a risk that you may be sued for damages.

Does this really matter?

It depends on whether you mind paying fines or not. Ask the folks at A.E. Petsche Company in Dallas, Texas. Not only did they pay a fine of over $90,000 for using unlicensed copies of Adobe and Microsoft software, they also ate their own legal fees and the expenses of an intense audit. And now they have a black-eye as well as possible ramifications to their federal government contracts (Petsche is in the military/aerospace industry).

Software is protected by copyright laws written to protect the author’s work product. It is the same as for a book author or music composer. When you purchase commercial software, you do not actually buy the underlying software code, you buy a license to use it (with a few exceptions) in accordance with the software license.

Under federal law in the United States, each violation carries a potential fine of up to $150,000 per software title copied illegally. Individuals prosecuted for criminal copyright infringement face up to $250,000 in fines and imprisonment of up to five years. So you be the judge as to whether this topic presents a real risk to your business.

So who is watching, anyway?

Software licensing is a major challenge for every software manufacturer from a one-person start-up to Microsoft. Piracy is rampant and software manufacturers are continuously looking for new ways to prevent illegal distribution of their products and catch those who use pirated versions. The Business Software Alliance is the largest IT industry group formed to address international software piracy issues. Another is FAST IiS—Federation Against Software Theft & Investors in Software.

Both organizations work to help manufacturers protect their products from piracy and both try to educate the public on the negative impact to the IT industry that piracy has. And the public is listening. BSA reports that over 2500 potential violations are submitted each year to its website,, and its toll-free phone number, 1-888-NO PIRACY. In fact, the Petsche case arose from an anonymous tip.

Now the bad news (for software pirates): BSA offers rewards of up to $1 million USD for qualified reports of software license violations. In other words, your co-workers could really cash in by reporting you.

Who is watching? Assume everyone is.

But what about shareware and Open Source software?

Freeware, shareware, open source software—you have heard the terms. Each is a type of software license. It is a common misconception that they are available for anyone to use without a license. In many cases, they are not even free.

Even freeware—software that is available for use without payment—is covered by a license and users are obligated to comply with the license. Its authors are also protected by copyright laws whether you pay anything for their work or not.

Software provided to the public as “Open Source” and “Copyleft” come with the specific stipulation that the user may freely copy, examine and modify the source code, and redistribute the software to others (free or priced) as long as the redistributed software is also passed along with the copyleft stipulation or open source license.

What you don’t know CAN hurt you!

Assuming that your policy and directives to staff specify that all software used on business computers and for business purposes wherever installed must be properly licensed, you cannot go quietly about your work and safely avoid any risk of anything happening to you or your organization.

Companies who found themselves in hot water typically did not have a solid program for auditing or enforcing their own rules or the terms of their software licenses. Meyers Industries, Taney Cunningham Equipment, Nuvelo, Inc., Graham Downes Architecture, Inc., Styles for Less, Inc. and Web US Mail, all have written checks they would rather have not written for software license violations. They spent money on lawyers, auditors and fines that could have been spent on pay raises, equipment upgrades or even paid to investors as profits.

All they needed was a simple system that they actually followed.

What’s a small business person to do?

There is help for those who want to comply. To begin with, use common sense such as following these guidelines:

» Adopt written policies that prohibit the use of unlicensed software
» Educate your employees on why the organization must insist on full compliance
» Establish an authorization process for all employees—even IT—to follow before installing and using any software, but make sure it is easy to follow
» Keep an active inventory of every software product in use and ever purchased by your organization
» Promptly delete any software found on your computers that is unlicensed or whose license cannot be verified

FAST IiS has several practical resources online if you want more ideas: Know Your Responsibilities and Risks, 10 Ways to Avoid Buying Pirated Software, Effective Software License Purchasing and 4 Steps to Effective Software License Compliance and Management.

The BSA will not accept post-violation compliance and clean-up as an excuse to avoid penalties. Your organization will waste countless hours of productivity responding to an investigation as well as huge sums of money. Prevent that type of waste and manage this risk with your compliance program. It is worth it.

The BSA site has a good list of free Software Audit Tools. Use one of them. You might be surprised at what you find.

(Here is another similar post on this topic that I found useful.)

Thursday, May 7, 2009

More Texas Injustice?

Every set of Rules of Professional Responsibility that I have seen includes some version like this statement from the Preamble of American Bar Association’s Model Rules of Professional Conduct:

“A lawyer, as a member of the legal profession, is a representative of clients, an officer of the legal system and a public citizen having special responsibility for the quality of justice.”
Likewise, at least 13 states have a provision in Canons of Judicial Ethics substantially equivalent to this from the ABA’s Model Code of Judicial Conduct, Rule 1.2:

“A judge shall act at all times in a manner that promotes public confidence in the independence, integrity, and impartiality of the judiciary, and shall avoid impropriety and the appearance of impropriety.”
So what is so difficult about avoiding the appearance of impartiality? Or refraining from actions that would make the public question the quality of the judicial system? Help me understand this one.

In 1990, Charles Dean Hood was on trial in Plano, Texas, for murder. He had a lawyer who was unhappy with the assigned court because there were rumors that the assigned prosecutor, Thomas O’Connell, was having or had previously been intimately involved with the judge, Verla Sue Holland. Mr. Hood was convicted and sentenced to death.

The defense attorneys continued to pursue the matter on several occasions but either could not find evidence of the relationship or were told outright by the DA that the rumors were false. But they did not accept the denial.

Finally, 18 years after the trial, both the former DA and the former judge admitted under oath that they had been involved in an intimate relationship that ended prior to the trial. Yet neither one recused themselves from cases such as Mr. Hood’s. The Texas Court of Criminal Appeals stayed Mr. Hood’s execution and asked a new trial judge to determine whether these new facts were significant and timely.

It is another situation that screams “Here we go again!”

First of all, the efforts by the DA and judge in the original trial are plainly unethical. Nothing reeks of impropriety more than to have the person asking for the death sentence to turn out to have had a secret relationship with the person who can sign the execution order. It is offensive to the American sense of fair and impartial justice.

The result is that Mr. Hood will at least likely have to stand trial all over again—20 years later! Even if found guilty again, the taxpayers get to pay for a new trial, new investigations, new appeals, etc.

Secondly, the Court of Criminal Appeals—the highest court in criminal cases in Texas—has, in its own actions, brought into question the appearance if ITS impropriety. As it turns out, Judge Holland once served on that court, too.

I commend them for halting the execution and remanding the question. They got that part right. But the spineless way they went about it makes their action look like one calculated to produce the answer they wanted someone else to give them.

Call a spade a spade. Shine the light on judicial and prosecutorial misconduct when you find it. The harm done by this attempt to “do a little side-step” is far greater than the impact of stamping the behavior in question as inappropriate and moving on.

Here is a good story by Rick Casey of the Houston Chronicle on this affair (pun intended). For another unfortunate event related to Texas Courts, see my earlier post.

Monday, May 4, 2009

UPDATE to Social Media as a Disaster Preparedness Tool

(Photos © 2008 by Britney Jackson)

A few weeks ago, I suggested in a post, “Communicating After a Disaster,” that tools like Twitter could be useful to keep your employees up to date in the wake of a disaster that significantly disrupts normal communication. Twitter has become ubiquitous, but its temporary service outages have also grown more frequent.

Since that article, I have tested an alternative but very similar tool, “Yammer.” Yammer is like the private counterpart to the very public Twitter. Sign-up for Yammer using your work email address (the one with your organization’s private domain name, not something like gmail or msn), and you will instantly have a “private” group. Only those who validate an active email account in the same domain name (the part after the @ sign) are allowed to join your group.

A useful feature on Yammer is the ability to set up organizational charts and decide who in your organization you want to “follow” if not everyone. Another useful option is that you can determine which updates you receive by SMS (text messages) versus email. And Yammer has a nice mobile app for the Blackberry, iPhone and desktop to make monitoring and updating easy from any of the three.

Under the Disaster Preparedness theme I used earlier, here is one way you can use a tool like Yammer should your organization lose some or all of it’s communication system (i.e., email server, network, etc.):

1) Set up a Yammer system IN ADVANCE, including whether or not responses to updates are allowed or it is just a one-way message system
2) Write specific details of the system, including rules on what kinds of messages are acceptable and unacceptable (yes, you need to remind people to not divulge private details and company secrets)
3) Invite all employees to subscribe and install appropriate alternative applications on their mobile phones to the extent available BEFORE DISASTER STRIKES
4) Conduct tests of your Emergency Alternative Communications System at least once per quarter

Whether your business or office is more likely to face blizzard, fire, tornado, flood, hurricane or earthquake, or some outbreak of disease that makes effective communication with a large number of people more difficult, social media tools may play an important role in your disaster preparedness plans. For more on creating a disaster preparedness plan, check out