Why a National Unique Patient Identifier Is Good for Small Practices

The debate about healthcare coverage in the U.S. continues to rage and shows no signs of settling down anytime soon. Within healthcare, another equally contentious debate is quietly stirring once again—whether or not to adopt a unique patient identifier, also known as an NPID.

If you don’t fully understand what an NPID is—don’t worry! You’re not alone. The term often gets wrapped up in debates about patient privacy and interoperability without really being explored or defined.

In this article, we’ll explain what an NPID is and how it can benefit individual medical providers and small practices.

What Is a Unique Patient Identifier?

The 1996 Health Insurance Portability and Accountability Act (HIPAA) called for a the creation of “a standard unique health identifier for each individual.” Since its proposal, the term national patient identifier (NPID) has also been used to describe a unique patient or health identifier.

NPID: Essentially a social security number (SSN) for medical records, a unique NPID would be assigned to every person in the U.S. and tied to their entire medical history, from birth to death.

Unique medical IDs are not a new idea. Over 30 countries, including Singapore and Australia, use similar health ID programs.

In Britain, for instance, every citizen gets a National Health Service Number they use when checking into medical facilities anywhere in the country. Instead of registering at each new practice, patients just use their number to ensure their medical history and information gets transferred to the new provider.

In 1998, Congress removed the provision of the unique patient identifier from HIPPA and even prohibited using federal funds to establish an NPID. Although Congress has maintained its position over the last two decades, initiatives in the private sector are putting pressure on legislators and may make the creation of an NPID a reality soon.

Resistance and Concerns

The main resistance to adopting a unique patient identifier in the U.S. concerns privacy and security. Here are some of the issues opponents have raised against using an NPID:

  • Identity theft: Hackers could potentially access an individual’s entire medical history with an NPID the same way they could access an individual’s identity using an SSN.
  • Lack of privacy: An NPID could give individuals less control of their medical information since their records could be freely moved from practice to practice.
  • Limited access to healthcare: Healthcare could be restricted only to individuals who have an NPID, making it even harder for people to get the medical care they need.

Benefits of a Unique Patient Identifier

While some of these concerns are valid, many of the risks outlined above can be easily overcome and are far outweighed by the potential benefits of an NPID. Here are some ways individual providers and small practices would benefit from a unique patient identifier:

  • Privacy protection: Many medical practices currently use an SSN as a patient identifier, creating an even greater risk to patient privacy than an NPID would. Hackers could only access someone’s health records with an NPID instead of their entire identity.
  • Individual control of information: Newer cyber security technology would give patients more control of their medical history. A two-key system proposed by the Department of Health and Human Services (HHS) would encode patient data with one key and decode it with a second key, one of which would remain in the control of the patient at all times.
  • Voluntary opt-in: A unique patient identifier could be created as a voluntary rather than mandatory system, allowing individuals to opt out while still being able to seek care at any medical facility.
  • Fewer HIPPA errors and fines: A small radiation oncology practice in Indiana was recently forced to pay a $750,000 HIPAA settlement after a laptop was stolen from an employee’s car. An NPID would eliminate the need to keep a patient’s SSN on file, making smaller practices less vulnerable to HIPPA violations.
  • Improved patient safety: A unique patient identifier would eliminate patient mismatches. Smaller practices would improve patient safety by making sure no patients are assigned the wrong procedures or medications. Accurate patient matching would also eliminate privacy errors, such as accidentally sending results to the wrong patient.
  • Cost savings: A 2016 AHIMA survey revealed that 50 percent of health information managers routinely work on managing duplicate patient records. Smaller practices would reduce time, money and even staff dedicated to managing and maintaining patient records.
  • New patients: An NPID would give patients an easy way to transfer their medical records to a new provider, reducing their resistance to seeking new providers and bringing them to smaller practices.
  • Improved patient care: Smaller practices would have all of a patient’s information at their fingertips, allowing them to focus on immediate care rather than catching up on medical histories.
  • Better patient experiences: Because an NPID would eliminate patient mismatches and allow patients to get better care with improved access to their medical records, small practices could focus more on the quality of care they deliver and improve their reputation, referrals and revenue.

Getting Ready for an NPID

While there are no immediate plans to implement a unique patient identifier system nationwide, the momentum seems to be building.

According to research firm Gartner’s report, Prepare for the National Patient Identifier Debate (available to Gartner clients), lack of action at the federal level is inspiring innovators in the private sector to create a national patient identifier as soon as 2020.

Recently, CHIME announced the finalists who will be competing for a $1 million prize in the National Patient ID Challenge. Announced in March 2015, the competition invites “new, early-stage, and experienced innovators to accelerate the creation and adoption of a solution for ensuring 100 percent accuracy in identifying patients in the U.S.”

Here are three easy steps you can take to make sure your practice is ready if and when a unique patient identifier system is implemented nationwide.

1. Evaluate Your EHR

Talk to your EHR vendor and ask about their plans for supporting connections between different EHRs and preparing for unique patient identifiers. You can also browse our guide to buying and implementing EHR software and see how yours measures up to other systems on the market.

2. Use a Patient Portal

Patients who want control of and access to their medical information will appreciate having a patient portal where they can access their records and results whenever they want. A patient portal connected to an EHR will make it easier to implement NPIDs in your patient records.

3. Reach Out to Your Patients

Patients have new expectations of how they want practices to communicate with them. Make sure you have systems that allow you to contact your patients through email or secure messaging and not just by phone. Your patients will appreciate that you’re staying current with new technologies, policies and procedures.


Initiatives in the private sector are bringing a unique patient identifier system closer to becoming a reality. While an NPID will certainly help the healthcare industry at large, it will also benefit smaller practices who are prepared for the change.

In summary, an NPID system—combined with a solid EHR integrated with a patient portal and good channels of communication with your patients—will reduce errors in your practice, improve patient safety and care and increase the number of patients your practice can serve. It’s a clear win-win for patients and practices alike.

Decision Tree Software vs. Decision Tree Analysis in BI Tools

Money might not grow on real trees, but decision trees can definitely grow your revenue.

Decision trees may sound like a complex topic, but they’re not unlike a “Choose Your Own Adventure” story.

They branch out according to the choices you make. It’s a pretty common and simple form of business analytics.

choose your own adventure


Not all decision trees are created equal, however. Some are merely fancy diagrams, whereas others use advanced algorithms to help you predict the impact of decisions.

Essentially, there are two types of decision trees:

  1. DIY decision trees that are created by a human being.
    1. Automatically generated decision trees that are created by algorithms in order to classify data in a data set.

    Here, we’ll explain the difference between these two types of decision trees and make some recommendations about how to use each type.

    You Don’t Need Dedicated Software to Make Decision Trees

    In the most basic terms, a decision tree is just a flowchart showing the potential impact of decisions.

    The purpose of a decision tree is to break one big decision down into a number of smaller ones. A business can then choose the best path through the tree.

    If you’re making a decision about one or two variables, you probably don’t need to create a flow chart to analyze it.

    But say you have more than five variables. At this point, the potential impact of the decision becomes too complex to solve with mental math, and a flowchart can help in analysis.

    Take the following example. It’s a decision tree I built in Excel for a digital marketing department trying to plan how many landing pages to create. It factors in the revenue gains as well as the costs of creating different numbers of landing pages over two financial quarters:

    Used with permission from Microsoft


    Of course, you don’t even need to use Excel to create decision trees. Excel is just an easy tool for this type of analysis, since you can use formulae to calculate the impact of each decision.

    The point of decision trees, as stated in a classic HBR article, is “laying out what management knows in a way that enables more systematic analysis and leads to better decisions.”

    In fact, you don’t need software at all—a whiteboard or a chalkboard will serve you just as well as one of the many tools out there that are marketed as “decision tree software.” At the end of the day, these tools are basically nothing more than visual design aids.

    The major use case for the free decision tree software floating around online is creating decision trees for presentations.

    However, decision trees can be used for much more than slideshows if you take them beyond simple diagrams.

    You Do Need Software to Classify Data With Decision Trees

    Decision trees are used both in decision analysis and in data analysis.

    The difference is: When you use a decision tree for classifying data, you grow the tree automatically using machine-learning algorithms, as opposed to simply drawing it yourself and doing all the calculations manually in Excel.

    In data analysis, decision trees are used for classification tasks, including classifying the possible outcomes of a decision.

    However, decision trees aren’t simply limited to classifying outcomes—they can also classify customers (high value vs. low value, likely to churn vs. unlikely to churn, etc.), website visitors, and a host of other data sets used in digital business.

    Tapan Patel, principal product marketing manager for business intelligence and analytics at SAS (a leading developer of solutions for statistical analysis), explains that in decision tree analysis, “you break a decision down using a target value.

    For instance, you can say ‘I want to figure out who buys this product.'” In this case, whether a customer made a purchase or not is the target variable.

    You can also target variables that are less obvious. For digital marketers, for instance, Patel notes that it’s important to know whether website visitors download materials such as white papers, as this behavior indicates that site visitors are more likely to purchase the product.

    Thus you can create a decision tree showing which visitors are most likely to download a white paper by feeding data about your website visitors into an algorithm.

    Decision tree in SAS Visual Analytics


    The groups into which a decision tree splits your data are called “nodes.” Patel explains that in SAS Visual Analytics, you can simply click on a node to inspect the criteria that the decision tree algorithms are using to classify your data (age, inferred income level etc.):

    Inspecting classification criteria in SAS Visual Analytics

    This functionality is the major benefit of decision-tree classification.

    With other algorithmic approaches to customer segmentation, such as clustering, it can be tough to understand the groups into which the algorithms divide your data. With decision trees, you get a neat list of criteria, as in the above screenshot.

    Once you’ve performed segmentation analysis, you can move on to developing better strategies for targeting and retaining high-value customer groups. One advanced way of doing this is through real-time personalization of the customer experience.

    Patel notes that SAS has the ability to generate “score code” from the decision tree—i.e., code that allows you to “score” new site visitors according to the analysis you performed. In our example, you can score how likely visitors are to download a white paper.

    These scores can then be applied to website visitors in real time, using technologies such as event stream processing and business rules engines.

    Patel clarifies that in event stream processing, “as the website collects the data, we can actually filter data in seconds to create decisions for us,” whereas a business rules engine is used “to execute these decisions in real-time.”

    These technologies are complex to understand, but essentially they take the scores from your decision tree and analyze streams of real-time data from your website to apply scores to each customer. They then tailor the website experience in real time to each visitor using the score.

    For instance, you can serve a pop-up advertising a white paper download to customers scored as the group most likely to download the white paper based on age range, education level etc.

    For customers that are scored as unlikely to download the white paper, you can choose a different option such as an email newsletter subscription.

    BI vendors that support decision tree analysis include:

    • SAS (in Visual Analytics and STAT)
    • IBM (in SPSS Modeler)
    • Tibco (in Spotfire)


    For beginner marketers, drawing your own decision trees and performing calculations in a tool such as Excel is a good way to analyze complex decisions and spice up presentations.

    For advanced marketers and business analysts, decision trees are one of the most effective ways to classify complex data sets, such as customer and website data, in order to answer questions like “which customers are likelier to buy our products than others?”

    More than just serving as analytical tools, decision trees can now be used together with event stream processing, rules engines and other technologies to personalize the customer experience in real-time.

    While you might not be ready to take this step yet, it’s worth thinking about how you might use this technology before your competitors force you to use it or perish.

    Use the CRM Functionality Starfish When You Update Your CRM

    Customer relationship management (CRM) is a difficult topic to define—that’s why we’ve tried to do it over and over and over again.

    It’s hard enough to understand in theory, and it only gets more difficult when you’re looking to add CRM software to your company, or update the CRM system you already have.

    But what if I told you there was a starfish that provided you with all the information you need to know about how CRM functionality breaks down?

    Unfortunately, this isn’t a Finding Nemo-esque talking starfish, but rather the “CRM Starfish,” as introduced by Gartner analyst Ed Thompson in the report CRM Application Functionality Starfish (available to Gartner clients).

    The CRM Starfish is a graphic representation of the five main arms that make up CRM for enterprise-level businesses.

    By breaking down each arm into specific components, the CRM Starfish provides you with detailed information on what aspects of CRM functionality are being used by companies across the globe, giving you valuable insight into what you need to think about in order to update CRM at your own company.

    Five Top-Level CRM Application Functionality Categories

    Source: Gartner (August 2016), “CRM Application Functionality Starfish,” by Ed Thompson


    As Thompson explains, “It’s designed purely because when someone says, ‘Hey, I want to do some CRM,’ we want to be able to say, ‘What do you mean by CRM?'”

    Here are the four categories of the starfish we’ll cover in depth:

    Customer Service
    Digital Commerce & Field Service (For Enterprise Only)


    Gartner’s coverage of the CRM Starfish is focused on large, enterprise-level businesses, so a lot of the functions they list may not be applicable to small and midsize businesses (SMBs) like yours.

    However, sales functionalities are integral to the success of any business, and SMBs are no exception.

    The CRM Starfish subdivides sales as follows:

    Detailed Low-Level CRM Application Functionality Categories (Sales)

    Source: Gartner (August 2016), “CRM Application Functionality Starfish,” by Ed Thompson


    Many of these functions are best suited for large enterprises. Let’s break down the two most important of these functions for SMBs:

    Sales Execution: Sales force automation (SFA) is the bread-and-butter of CRM for most small businesses. SFA software will help you manage your sales team’s activities, while also helping the team close more deals, by tracking interactions with customers, clients and sales prospects and keeping detailed records on those interactions. < strong>This will be the home for your contact management database—which is one of the defining aspects of CRM software.

    Sales Analytics: Using the data stored in the SFA database, small businesses can also get a lot of mileage out of sales analytics tools, which will enable them to create reports based on past sales. These reports provide helpful predictions for the future that can aid in planning ahead.


    Marketing is another subsection of CRM that most SMBs will find useful. No matter how successful your company’s sales team is, they’re not going to be of much use if nobody knows about your products or services. That’s why marketing is as important to SMBs as it is to enterprise-level businesses.

    As with sales, however, the marketing subsection of the CRM Starfish is divided into a robust amount of categories:

    Detailed Low-Level CRM Application Functionality Categories (Marketing)

    Source: Gartner (August 2016), “CRM Application Functionality Starfish,” by Ed Thompson


    Here are the most important of these functions for SMBs:

    Digital Marketing Hub: Marketing automation, like SFA, depends upon access to a database of contacts who you can reach out to with your marketing message.

    This database lives within the digital marketing hub, providing you with the same kind of streamlining, records and basic analytics that you get out of a sales force database.

    Multichannel Campaign Management: Despite the daunting title this is actually a fairly straightforward (if complex) set of tools that will allow you to track your marketing campaigns across a variety of platforms and media, from email to social media to phone calls.

    Marketing today takes multiple forms, and multichannel tools are crucial if you want to launch and maintain a campaign that reaches the most set of eyes.

    Social Marketing: Social marketing tools will help you become better at content marketing through social media and other interactive websites. You can track the level of social engagement with your content (clicks, shares, “likes” and so forth) in order to provide you with a better idea of what types of inbound content work best for your business model.

    Customer Service

    No matter how big or small your business is, customer service is going to be extremely important. What differs based on size, however, is just how much you will need a software system to help you provide good service to your customers.

    Most small businesses can likely survive with a general contact management database which allows them to track customer complaints and interactions. When you only have a few calls or emails for customer service a day, it’s easy enough to track and take care of these issues as they arise.

    As businesses grow, they require customer service software to help them make sure that customer concerns are addressed quickly and efficiently.

    This leads to a robust list of functions for the customer service subsection of the CRM Starfish:

    Detailed Low-Level CRM Application Functionality Categories (Customer Service)

    Source: Gartner (August 2016), “CRM Application Functionality Starfish,” by Ed Thompson


    For a growing SMB looking to manage increasing amounts of customer problems, one set of functions stands out:

    Customer Engagement Center: These tools provide the basic suite of functionality you’ll require to set up automated systems that respond to customer needs, whether that is through a call center, email response, web chat or other forms of outreach and contact.

    All of these will feed into and out of a case management/problem resolution center that tracks each point of contact and ensures that customer needs are met and complaints are resolved in a timely, satisfactory manner.

    Digital Commerce & Field Service (For Enterprise Only)

    For the enterprise-level businesses that Gartner caters the starfish towards, digital commerce and field service functionalities are an important part of any CRM suite.

    Most SMBs, however, won’t find much value in these functions.

    Detailed Low-Level CRM Application Functionality Categories (Digital Commerce & Field Service)

    Source: Gartner (August 2016), “CRM Application Functionality Starfish,” by Ed Thompson


    For smaller businesses, looking for smaller-scale software solutions, digital commerce probably falls a bit outside of the margins of CRM software. It likely wouldn’t make for a smart investment.

    You might be better off seeking out a separate, small-scale Ecommerce platform that can integrate with your CRM.

    Similarly, for SMBs, a CRM system that integrates field service tools may be overly pricey. As with digital commerce, you might be better off looking for a separate, smaller field service system that you can integrate with your CRM software.

    Alternatively, a robust customer service module for your CRM system might provide you with all of your CRM needs within the service realm.

    Conclusion & Next Steps

    According to Ed Thompson, the Gartner analyst who created the CRM Starfish, “When people say the term CRM, they have a preconception of what they think they mean.” The CRM Starfish exists to help companies understand the world of CRM functionality so that they can surpass those preconceptions and have a clearer idea of what they’re looking for when buying or updating their CRM.

    Remember, your SMB will have its own unique needs—you must discover which investments in CRM functionality will be of the highest value to you.

    A realtor, for example, will want to focus on the sales and marketing arms of the starfish in order to reach out to and keep track of the highest possible number of leads and prospects. A mail order retailer, on the other hand, might want to invest in the customer service arm in order to keep those customers happy and attended to.

    Using this article as a guide to the functions that will be most useful for your business, here’s some next steps as you figure out how to make the CRM Starfish work for you:

    • Email me at andrewfriedenthal@softwareadvice.com for more information. I’m happy to help you figure out what your own CRM needs might be and connect you to one of our expert software advisors for a free, no-obligation consultation!

    How to Use Guest Data to Personalize Your Hotel Email Marketing

    Messaging through smartphones is often considered the most direct way to engage with hotel guests before, during and after their stay.

    So it may be surprising to hear that email, a much older marketing staple, is just as ubiquitous:

    smartphone email
    Leading marketing executives continue to see the value of email—45 percent of marketing leaders in a new Gartner survey plan to increase their email marketing budgets in 2017. (The full report, “Assess the Impact of Four Key Trends in Email Marketing,” is available to Gartner clients.)

    Independent, boutique hotels should take note: You have an opportunity to use guest data to personalize engaging emails to great effect.

    We spoke with Kath Pay, founder and senior consultant at Holistic Email Marketing, to answer a few common questions about exactly how to leverage any data you have to boost direct bookings, additional sales and customer loyalty.

    Why is Email Marketing Still Valuable for Hotels?

    Email marketing, alongside direct messaging and social media management, should be a major part of your customer engagement toolbox. Here are two compelling reasons:

    People are much more likely to provide their email addresses. Think about anytime you’ve been at a store checkout and refused to give up your phone number. Why is that?

    Probably because you’re worried Walgreens will jam up your already packed text message inbox, ironically, with deals on Smucker’s.

    Emails are less invasive and can be collected with less resistance than phone numbers. By using email, you may have more success kickstarting the customer relationship with potential guests.

    Email serves as a strong engagement channel, especially for return customers. Once a customer books a stay, you should begin to reach out with messaging that matches their expectations for the trip. This helps build loyalty, and can lead to increased sales in the process.

    “[Immediately after they book] you’ve got an engaged guest. Everything you do here should be customer service oriented—a transaction has taken place and now you’ll want to build upon the experience you promised them.”

    Kath Pay, Founder and Senior Consultant at Holistic Email Marketing

    Pay says it’s important to send a strategic number of emails post-booking—if they book a week from their arrival, you may only have time to send one well-crafted email. If they booked a month or more out, Pay suggests a minimum of three automated emails leading up to the trip.

    But what should go into those messages? And how can you leverage guest data to personalize them?

    How Can I Use Guest Data to Personalize Hotel Email Marketing?

    Great question, and one that depends on the data you have. Even for smaller hotels, Pay says there are various sources to find data that allows you to effectively segment your audience.

    1. Informed Data Helps Segment Travelers into Large Buckets

    Unless your property opened yesterday, you likely have loads of data from past guests you can use to identify important segments:

    • Demographics: Sex and age
    • Contact information: Email and physical address, phone number

    Alone, this data can be used to spot trends about ratio of male-to-female guests as well as which regions guests tend to come from:

    Example of a Demographic-Informed Data Chart

    Let’s say this chart represents your informed data:

    1. You see that your biggest group of guests, by the numbers, are females from Louisiana.
      1. You decide to personalize your marketing emails sent to that group of past guests—while men and women generally want the same things, you can include discounts on spa services or other wellness offers, like healthy, convenient snacks available in the guest room.

      2. Transactional Data Reveals the How and Why of Travel

      In addition to informed data, you may have some transactional data showing what guests have purchased and how they booked. This helps reveal important pieces of the hotel customer journey.

      Pay offers some examples of the data you can find:

      • “Did they pay with a discount or did they pay full price?”
      • “Did they book during a school holiday?”
      • “Did they book a group of rooms through a corporate account?”

      In combination with your informed demographic data, you can start creating more specific segments using this data, leading to stronger personalization:

      Example of Traveler Segmentation Using Transactional Data

      Examples of insights you can pull from transactional data:

      1. It looks like business travelers are much more likely to pay full price for a booking, whereas singles are always seeking discounts.
        1. You realize single travelers may choose another hotel without some kind of discount and continue to offer them. However, you significantly reduce the discounted offers to business travelers because they’re likely to book anyway using company funds.

        It’s a common marketing oversight to treat these very different guests the same, Pay says.

        “Understand that there are some big buckets you can put people into, and at the very least, you should be offering them different things according to their frequency and spending,” she says. “Business versus pleasure travelers is a good place to start.”

        And while the businessman may not receive many discounted deals, you should be rewarding him for his consistent bookings: Leave a bottle of champagne or a copy of the Wall Street Journal in his room, or offer a room upgrade after a few stays.

        Then, entice him with these perks in your email marketing.

        3. Behavioral Data Helps You Help Your Customers

        This type of data can give clear indications of the guests’ preferences and travel booking behavior:

        • “Have they opened your past emails?”
        • “Did they begin a booking on your website but abandon it halfway through?”
        • “Did they land on your website from a specific social media channel?”

        If you find a significant group of potential guests have partially booked on your website, you should have their emails and can contact them with personalized messaging to encourage them to follow through.

        In any kind of email marketing to guests, Pay says, focus on how you can help them meet their personal objectives, which helps you meet your business objectives.

        “Instead of asking ‘what can we upsell?’, think about the customer: what’s going to enhance their visit?” she says.

        Examples of ways you can better serve your guests: Offer menus for great nearby restaurants, some photos and a beer list from the brewery down the street or provide a personal message from the general manager using a tone that matches the customer—a lighthearted welcome for families, or a promise of luxury for high-spending business travelers.

        “You’re helping them, and while you won’t make money from them in that moment, they will be thankful,” Pay says. “Then they’ll be more likely to book a spa package later on.”

        So What Tools are Available for Hotel Email Marketing?

        Email marketing takes a significant amount of scheduling to most effectively drive direct bookings and boost customer loyalty.

        Hotel management systems typically include customer relationship management functionality, which can help track and segment key traveler types that make your property successful, and helps manage the frequency and timing of email marketing campaigns.

        Software is a powerful tool, and some hotel technology is all but necessary today, but a personal touch is critical to great hospitality. Technology paired with a data-driven, personalized email marketing strategy is a must have combination for any hotel.

        How to Get a Job as an Ethical Hacker

        If there was ever a time to get into the IT security field, it’s now: The Bureau of Labor Statistics expects the sector to grow 18 percent by 2024, and according to a survey by the Ponemon Institute, demand for talent so outweighs supply that 40 percent of IT security positions are expected to go unfulfilled in 2014. The pay isn’t bad, either: the average information security analyst in the U.S. makes over $96,040 per year.

        One of the most in-demand positions in this field is that of an ethical hacker—an IT professional who purposefully penetrates networks and systems to find and fix potential vulnerabilities. If you’re looking to put on your “white hat” and infiltrate systems for good, this position can be a great career opportunity. Depending on your experience and skills, you can earn over $100,000 per year.

        To help job seekers learn what’s involved in becoming an ethical hacker and the responsibilities of the position, we spoke with IT security professionals, instructors and certified hackers themselves. Here, we highlight the skills and certifications needed to rise to the top of the talent pool.

        What Is an Ethical Hacker?

        Ethical hackers are responsible for examining internal servers and systems to discover any possible vulnerabilities to external cyber attacks. Common job functions include conducting “pentests” (purposeful penetration tests to discover security weaknesses in a system) by using software applications such as Metasploit and BackBox Linux.

        According to Damon Petraglia, director of forensic and information security services at Chartstone Consulting, other ethical hacker responsibilities include:

        • Providing recommendations on how to mitigate vulnerabilities;
        • Working with developers to advise on security needs and requirements;
        • Updating security policies and procedures; and,
        • Providing training as part of a company’s security awareness and training program.

        What Are the Job Requirements?

        A typical entry-level ethical hacker job posting reveals that a bachelor’s degree in computer science or a related work field is a must. Beyond that, security certifications can be extremely beneficial in proving you have the requisite knowledge for the job. One survey found that 81 percent of security professionals believe getting certified was a key factor in the decision to hire them.

        While many IT security certifications exist, the three main ones for ethical hackers are:

        • Certified Ethical Hacker (CEH)
        • GIAC (Global Information Assurance Certification) Penetration Tester (GPEN)
        • Offensive Security Certified Professional (OSCP)

        CEH: The Most Basic and Widely Recognized Certification

        If you’re looking to get started as an ethical hacker, the CEH certification, the broadest of the three, may be right for you. Offered by the EC-Council, the CEH certification is designed to give IT security professionals a baseline knowledge of security threats, risks and countermeasures through lectures and hands-on labs.

        According to Paul Coggin, a certified EC-Council instructor, it’s recommended that students who enroll in the course have a background in “Windows and Linux systems administration skills, and are familiar with TCP/IP [the core Internet protocol] and virtualization [creating a virtual version of a hardware or software platform].”

        If you plan on skipping the classes and taking the exam without training, you’ll need to submit proof that you have at least two years of experience in IT security.

        A big benefit with the CEH certification is flexibility: there are options for self-study, video lectures you can watch at your own pace and instructor-led lessons you can take online. The EC-Council even provides the option of bringing training to your business or organization. Upgrades for physical courseware, additional practice exams and tablet usage are also available.

        Instructor-led lessons take place from 9 a.m. to 5 p.m. over the course of five days, and students can access online labs for up to six months. The latest version of the test consists of 125 multiple-choice questions. Students have four hours to complete the exam and must receive a score of at least 70 percent to receive the certification.

        The cost of the CEH depends on the level of instruction needed: it ranges from $825 for the basic self-study coursework all the way up to $2,895 for instructor-led courses, online lab access, a test voucher and a test prep program. If you don’t buy the voucher, the test itself costs $500, and all students must pay a $100 application fee.

        What You’ll Learn
        The CEH certification provides the most general knowledge of the three highlighted here. “It’s not focused on a specific software product, technology or skill domain,” Coggin explains. “It provides a broad survey of various domains in computer security.”

        To this end, the course covers everything from how to scan networks and identify basic viruses to hijacking web servers and penetration testing.

        According to James Conrad, a 20-year IT security professional who teaches a video series for CBT Nuggets on the CEH certification, students will also learn how to “crack passwords, use steganography [hiding information to get it through security measures], create remote access trojans, perform denial of service (DoS) attacks and hack wireless networks, among many other skills.”

        Another big focus of the course is understanding social engineering, or the process of manipulating individuals to gain personal information or infiltrate computer systems. In today’s world, where social media has led to growing interactions between humans and technology, Conrad says social engineering is a vital skill to learn in order to stay ahead of potential threats.

        According to Brian Brock, chief information officer at Nivsys who became CEH certified last year, the course also includes a heavy focus on the RAPID7 suite of tools (one of which is the aforementioned Metasploit), which enable ethical hackers to complete comprehensive pentests, from initial scanning to final analysis and planning.

        The Benefits
        The greatest value the CEH certification holds is being able to put it on your resume. When it comes to getting a job as an ethical hacker, “CEH is the original standard,” says Albert Whale, president and chief security officer at IT Security, Inc. Petraglia agrees, and says it’s “probably the best recognized” of the three certifications.

        According to PayScale, median pay for CEH-certified professionals is as follows:

        CEH Median Pay

        However, as some bloggers have noted, the certification has its caveats. The course is heavy on text and video instruction, without a lot of hands-on practice. Another complaint is that material is outdated and too simple to be useful for day-to-day use.

        “The certification is great to have, and it looks amazing on a resume,” says Christian Crank, a security researcher at TrainACE who took the course five months ago. “But the book that’s used is poorly assembled: it’s essentially a collection of PowerPoint slides and doesn’t elaborate on what needs to be taught.”

        Homer Minnick, director of the Cybersecurity Academy at UMBC Training Centers agrees, saying that most CEH courses “don’t provide an adequate amount of hands-on application.”

        Summary: If you’re looking to break into the field of ethical hacking, the CEH certification offers a great opportunity to get ahead of other applicants, but don’t expect to learn everything you need to know from the course materials alone.

        GPEN: A More Comprehensive, yet Costly Certification

        For those looking to learn the complete ins and outs of being an ethical hacker, there’s the SEC560 course on Network Penetration Testing and Ethical Hacking from the SANS Institute, which many people enroll in prior to taking the GPEN certification test. As author and lead instructor of the course Ed Skoudis explains, SEC560 is “a comprehensive course on penetration testing—end to end.”

        While the SEC560 course is recommended, it’s not required to take the test for GPEN certification. There are no steadfast prerequisites, but it’s recommended that students have a basic understanding of different types of cryptography (transforming information to keep it secure), Windows, Linux and TCP/IP. Should you need it, there are also optional “refresher” tutorials available on the first day of class.

        You can take the SEC560 course in-person or online through live training or on-demand lessons. Whatever path you choose, it’s not cheap: online training is $5,095, but includes access to the online labs. In-person training, on the other hand, is $4,695, but you’ll need to pay an extra $599 to get access to the online labs.

        Regardless of which route you take, you’ll also have to spend $599 to take the GPEN certification test. Should you choose to skip the course and go straight for certification, the cost of the test rises to $1,049.

        The open book exam consists of 115 multiple choice questions. You must complete it within three hours and score at least a 74 percent to receive certification.

        What You’ll Learn
        Through over 30 labs (and a final, team-based “capture the flag” event), students will get hands-on experience in every facet of pentesting, from detailed reconnaissance and scanning to writing a perfect penetration testing report from a management and technical perspective.

        “The focus of the class is to learn how to do penetration tests that have high business value,” Skoudis explains. “We teach technical excellence so it has real business impact. The goal is to get you ready to do a comprehensive pentest.”

        Coursework is completed through a Linux distribution that every student receives, which contains Metasploit tools along with free open-source software, such as the password-breaker John the Ripper. According to Skoudis, the course only uses “the most widely-used and best tools available.”

        The SEC560 course also teaches IT professionals how to look at business platforms from the mindset of a hacker. “The class tries to change your mindset so you don’t think of functionality as it was intended,” says Vice President of Information Security for Bessemer Trust Vikas Bangia, who became GPEN-certified last year. “Instead, you focus on possible programming and functionality flaws that allow you to do things the software was not meant to do.”

        The Benefits
        The high cost is a formidable barrier, but the SEC560 course provides a nice balance between theory and hands-on practical application, and does a good job developing the “soft skills” necessary to thrive as an ethical hacker in the business world.

        “SANS training is awesome,” Bangia says. “The instructors are the top people in the field and know technology better than anyone in the world.”

        The GPEN certification can also provide a significant career boost. Bangia says he received a raise after getting certified, and according to Foote Partners’ IT Skills & Certifications Pay Index for Q1 2014, the GPEN certification was one of four GIAC certifications to gain 10 percent or more in market value over the previous quarter.

        If you do decide to take the SEC560 course, be prepared to work hard. Bangia warns that there’s a huge amount of information that you have to absorb over the six days of the course, but notes that there is “ample opportunity” to ask questions.

        Summary: The GPEN certification offers a lot of material and hands-on practice to give you the know-how to become an ethical hacker, but it may be impractical for those who can’t afford the $5000+ price tag.

        OSCP: The Lesser-Known, More Technical Certification

        Claiming to be the world’s first completely hands-on offensive information security certification, the OSCP certification is not for those looking for a classroom setting. According to Offensive Security, which administers the certification, the goal of the OSCP is “for students to prove they have a clear, practical understanding of the penetration testing process and lifecycle.”

        Before you become OSCP-certified, you must complete the Penetration Testing with Kali Linux (PWK) course, which is based around the Kali Linux Distribution, an open source project maintained by Offensive Security. According to the course website, “a solid understanding of TCP/IP, networking and reasonable Linux skills are required.”

        You’ll most likely be taking this course online, as live training is only available in Las Vegas. The price you pay depends on how long you want access to the online labs: it ranges from $800 for 30 days up to $1150 for 90 days. This price includes online video lessons, access to the labs and the certification test. You can also purchase additional lab access time if you need it.

        An important thing to note is that the OSCP certification bucks the trend of a normal multiple-choice test. Instead, you’re given a virtual network with varying configurations and are tasked with researching the network and identifying vulnerabilities and hacking in order to gain administrative access. You must also detail your findings in a comprehensive penetration test report, just like you would do while on the job.

        You’re given 24 hours to do the test, and your report is reviewed by a certification committee to determine whether or not you’ve passed.

        What You’ll Learn
        In addition to learning about pentesting tools and techniques, the OSCP also emphasizes efficiency and taking a creative approach to solving problems.

        “Most importantly, you learn methodologies and how to think laterally,” says Ken Westin, security analyst at Tripwire, who became OSCP-certified last year.

        “It’s one thing to successfully exploit a vulnerability, but then you learn how to escalate privileges [exploit bugs to gain unauthorized access] and use that as a stepping stone to the next objective. You learn how to automate a great deal of tasks, sift through large amounts of data and identify targets using scripts you write yourself.”

        The Benefits
        Be forewarned: the OSCP isn’t for the faint of heart. The hands-on approach takes a lot of time and trial and error—but this can extremely beneficial in the long run.

        “I think the best part of the course is that it’s completely hands-on,” Westin says. “Offensive security needs to be learned in an actual, legal environment, where you’re hands-on with the tools in real scenarios.”

        However, not having a live instructor to ask questions can be frustrating. “It would have been nice to have an instructor assist in the labs to help save me some time,” Westin says.

        The certification also isn’t as well-known as the CEH Certification, so don’t expect an initial boost over other applicants in the field. “I see a benefit from the education I received, but not necessarily from the certification itself, as most people don’t know what it is,” Westin says.

        According to PayScale, median pay for professionals with OSCP Certification is as follows:

        OSCP Median Pay

        The hands-on modules and training coupled with the OSCP’s unique simulation exam provides real world experience that other certifications may lack.

        “To get a concealed carry permit, you don’t need to prove you know how to use a gun,” Westin says. “You just pay your fee, get fingerprinted and some learn some basic safety principles. But hands-on certifications like the OSCP are more involved, where you need to not only know how the gun works, you also need to be able to put it together, pass accuracy tests and demonstrate your ability to use it in real life scenarios.”

        Summary: While it won’t get as much name recognition, the hands-on skills the OSCP certification teaches are invaluable to an ethical hacker position. Be prepared for challenging coursework you may not receive much assistance with.

        Which Certification Should I Get?

        Cost $1500 – 2695 $5,910 $800 – 1150
        Time (on-site) 5 days 6 days Optional 30, 60, and 90 days based on price
        How to take it On-site, self-study, online video lessons, online instructed lessons On-site, online video lessons, online instructed lessons On-site, online video lessons
        Software taught RAPID7 Metasploit, free open-source tools Kali Linux Distribution
        Pros Flexible course options, widely recognized Teaches soft skills, excellent instructors Low cost, hands-on exercises and exam
        Cons Outdated information, lack of hands-on exercises High cost, shorter access to materials Lack of live instruction, not as recognized

        At the end of the day, these certifications are merely a supplement to real-world experience—not an alternative. Even then, having a wealth of security knowledge and a passion for the industry can only get you so far.

        “Inside an enterprise, it’s not all about breaking systems and applications,” explains Adam Ely, former COO and co-founder of Bluebox Security (acquired by Lookout in 2016) and former CISO at Salesforce.com. “It’s also about thinking how to best protect the company and customers when a problem is found, and thinking about how to do it with real world constraints.”

        “I look for someone who looks at hacking from a human perspective,” Petraglia adds. “Many times, social engineering is combined with technical hacking activities to execute an attack. It’s important that the ethical hacker understands the complex interrelations between humans, machines, threats and vulnerabilities.”

        Felt Hat” by Ealdgyth used under CC 3.0 cropped/resized.

        CCHIT Certification May Be History, but There Are Other Options for Evaluating EHRs

        For 10 years, the Certification Commission for Health Information Technology (CCHIT) was one of the leading sources for testing and certifying electronic health records (EHR) software.

        But since it ceased operations in 2014, medical practices have had to seek out new resources to evaluate EHR systems.

        Fortunately, a number of independent bodies have formed to continue the job of assessing medical software.

        These organizations are designed to help practices figure out which EHRs meet their individual needs while also meeting the standards required by the U.S. Department of Health.

        Before discussing the new sources that have taken the CCHIT’s place, however, it’s important to note what made that particular group such a valuable reference for exploring EHR options.

        In this article, we’ll answer the following questions:

        What Was the CCHIT?

        The CCHIT Certification was established in 2004 by three major health care information organizations: the American Health Information Management Association, the Healthcare Information and Management Systems Society and The National Alliance for Health Information Technology.

        The organization was founded after the head of the Office of the National Coordinator for Health Information Technology (ONC), Dr. David Brailer, called upon the private sector to produce an independent, nonprofit group to test and certify EHR systems.

        So, volunteers teamed up to create a detailed set of criteria for EHR programs.

        This criteria was designed to help medical professionals simplify and standardize the process of evaluating EHR software. A year after it was formed, the CCHIT became one of six Authorized Testing and Certification Bodies officially recognized by the ONC.

        How Did the CCHIT Certify EHRs?

        The CCHIT ran a number of different certification programs designed to test software on various sets of standards, but every EHR system had to pass three major checkpoints in order to earn CCHIT Certification: functionality, interoperability and security.

        Functionality covered a program’s ability to generate records for every patient and manage those records to control workflow. There were over 300 criteria for functionality, but basically, this category tested how efficiently an EHR system could do its job.

        Interoperability, simply stated, is a program’s ability to communicate information with other software. Different medical practices must be able to send and receive date to and from other offices in order to see the whole picture of a patient’s medical standing.

        The CCHIT tested EHR interoperability on a little over twenty standards, including a program’s potential capacity to support new methods of information exchange.

        Security may seem like the most straight-forward of these three categories, but with the Health Insurance Portability and Accountability Act (HIPPA) laws and cyber threats to individuals’ identities, it is certainly no less important.

        The CCHIT looked at about fifty different standards to determine a system’s level of security, and an EHR program had to pass every single one in order to earn its certification.

        After earning CCHIT Certification, program developers could advertise that their EHR software was approved by the CCHIT as well as the ONC. Medical professionals could also check the Certified Health IT Product List to see which EHR programs had passed the requirements.

        When asked which of these areas he considers most important, registered nurse S. Abel of Las Vegas, NV says, “For me, having access to my patients’ detailed medical histories is imperative, and electronic record keeping makes searching through that information and finding what I need to know so much more efficient than paper charts.”

        Why Was CCHIT Certification Helpful?

        One of the reasons the CCHIT Certification program became such a valuable resource for both the Department of Health and medical practices alike had to do with the way it established its standards.

        The CCHIT polled real medical professionals to determine which features would be most valuable to EHR users. In this way, the CCHIT managed to shape the landscape so that health IT developers would focus on practical solutions to help make life easier for the people using their software.

        In addition, the CCHIT was known for its experts’ attention to detail. Once an EHR program earned its CCHIT Certification, medical practices could count on that software to offer integrated functionality, interoperability and advanced security.

        After that, it was up to individual medical professionals to prioritize the remaining factors and select an EHR system based on the features that were important to their practices.

        One ophthalmologist we spoke with, Dr. Kent Kebert of Kebert Eye Clinic in Mississippi, said he considered “cost, user reviews, and the choice between a private server or a cloud-based system” when shopping for his practice’s EHR system in 2014.

        Dr. Kebert also advised other practices to focus on the elements that would be most important to their chosen specialty.

        For example, as an optometry practice, image sharing is an integral part of Dr. Kebert’s day to day operations. As a result, he chose his current system in large part because of its ability to store, share, receive and read high-quality images.

        What Happened to the CCHIT?

        In 2009, the American Recovery and Reinvestment Act was passed in an effort to help reinvigorate the U.S. economy.

        According to the new law, financial incentives would now be offered to health IT manufacturers, vendors, and practices if their EHR software met a certain standard, dubbed “meaningful use” in the bill.

        According to the ONC website, the meaningful use program is meant to accomplish four overarching goals:

        • Improve quality, safety, efficiency, and reduce health disparities
        • Engage patients and family
        • Improve care coordination, and population and public health
        • Maintain privacy and security of patient health information

        Since its introduction in the 2009 legislation, there have been three stages of meaningful use objectives:

        Stages of Meaningful Use Objectives
        meaningful use stages

        Source: HealthIt.gov


        By 2009, CCHIT-certified programs comprised over 75 percent of those available on the market.

        However, with the institution of meaningful-use criteria and the strain this new set of standards placed on workflow and testing timelines, the CCHIT was no longer able to keep pace with the number of incoming applications for certification.

        Additionally, changing deadlines for the adoption of Stages 2 and 3 of meaningful use criteria made it increasingly difficult for the CCHIT to function as a business.

        Former CCHIT Executive Director Alisa Ray explained that, while pushing back deadlines worked in favor of policy-makers and software developers, it created a six-month delay in revenue for the CCHIT.

        The fluid timeline also interfered with the organization’s ability to hire new employees and train them in operating and testing according to the new meaningful-use criteria.

        In January of 2014, the CCHIT announced it would no longer certify EHR software. Ten months later, the organization closed its doors.

        What Are Some Alternative Sources to the CCHIT?

        Although the CCHIT certification program has gone the way of the dodo, medical professionals still have a number of resources available for comparing EHR software. Among these sources are both ONC certified organizations and independent groups.

        An organization may be categorized by the ONC as an Authorized Testing Laboratory (ONC-ATL), an Authorized Certification Laboratory (ONC-ACL), or both. As of February 3, 2017, there are three groups with both ONC-ATL and ONC-ACL authorizations:

        Another group, SLI Compliance, has been certified as an ONC-ATL, but does not have the power to officially certify EHR software systems.

        Where government-certified entities cover all the bases for stimulus-related qualifications, e.g., meaningful use criteria, medical practices may look to more accessible organizations for user-based feedback on EHR programs.

        Software Advice’s FrontRunners Quadrant for EHRs is a great place to start, as it takes a number of practical factors into consideration to determine which EHR systems stand out in the market.

        Among these factors are end-user ratings and performance-based scores, both calculated in relation to other EHR programs. These reviews and scores are then charted to determine a product’s capability as well as its value.

        Where Do I Start Researching EHR Software Now?

        With hundreds of EHR systems on the market right now, you may have realized that finding the right software to fit your practice’s needs is no small task. That’s why there are step-by-step guides, like this one offered by the ONC, to help you get organized.

        You can also reach out to our professionals by calling (855) 998-8505 for a free phone consultation or by filling out this survey.

        In fifteen minutes, our advisors can pull a tailored list of products from our databases customized to fit your budget and requirements so that you can make upgrading or implementing your new EHR system as seamless as possible.

        Busting 3 Myths About Employee Wellness Programs

        Fitness fads like the Atkins Diet, INSANITY and whatever is going on here will always come and go, but employee wellness programs are here to stay. According to a study by SHRM, nearly 60 percent of all U.S. employers offered some form of wellness program to workers last year.

        Given that these programs have been proven to improve recruiting efforts and increase worker productivity, it’s no wonder they’ve become so popular.

        Unfortunately, that hasn’t stopped the spread of misinformation regarding what employee wellness programs are and aren’t, and what they can and can’t accomplish. This is causing small and midsize businesses (SMBs) to mismanage their wellness efforts or avoid adopting them entirely.

        Well, readers: put on those yoga pants, choke down that kelp smoothie and hold your plank for just a little big longer, because it’s time to separate fact from fiction.

        With help from the Gartner report, “Employee Wellness: What You Need to Know Before Planning” (content available to Gartner clients), here are three common myths, and the actual underlying truths, regarding employee wellness programs.

        Myth #1: Wellness Programs Are Just Employees Exercising at Work

        The truth: Physical activity is just one of six (!) components of employee wellness.

        There’s no doubt that regular exercise is an important part of employee wellness programs. If you’re an HR manager at a small business coordinating weekly yoga classes at the office or encouraging walks during lunch breaks, you’re doing the right thing (especially if your workers do a lot of sitting).

        If you think that means you’re offering a true employee wellness program though, you’re wrong.

        The reality is that a comprehensive employee wellness program strategy involves six components, according to Gartner:

        The Six Components of Employee Wellness Programs


        As the graphic shows, planning physical activities for your workers is just the first building block of an employee wellness program. If your small business is looking to promote total well-being in the workplace, the other five components are just as, if not more, important.

        Here’s what these different components are in more detail:

        • Physical activities: Organizing and promoting any form of physical exercise, from walking and yoga to weight training and group sports.
        • Healthy dietary options: Offering healthy food options at work and educating employees on the benefits of healthy eating.
        • Social activities: Planning group activities outside of work that promote collaboration and social well-being (Yes, this includes happy hours).
        • Disease management: Implementing processes like flexible work arrangements (FWAs), biomedical screenings and medication reminders to help employees manage chronic illnesses.
        • Volunteering activities: Providing opportunities for workers to help out local charities and nonprofit organizations.
        • Gamification and collaboration: Engaging employees in wellness initiatives through points systems, leaderboards and real-life rewards.

         TAKEAWAYS FOR SMBS:  When figuring out your employee wellness strategy, focus on the breadth of your program (touching on all six components) rather than the depth (adding more physical activities). You can tinker with this mix as you gather data and learn which components provide the best benefits.

        Myth #2: Lifestyle Changes From Wellness Efforts Will Save You Money

        The truth: If cost-savings is your goal, focus on sickness over fitness.

        It would be great if employers were embracing wellness programs solely out of the goodness of their heart, but the truth is much more financially motivated. Studies like this one from The RAND Corporation found that for every $1 that employers invest in wellness programs, they receive $1.50 in return.

        But where does this return come from, exactly? The prevailing thought is that lifestyle changes from wellness efforts (e.g., smokers quitting smoking, sedentary workers getting active, fast food junkies eating salads) save employers money on insurance costs by creating a healthier workforce that doesn’t get as sick and doesn’t require as many hospital visits.

        Well, that’s not true. According to that same RAND study, lifestyle changes account for only 13 percent of employer health care savings from wellness programs. The more important 87 percent comes from disease management efforts.

        Employer Health Care Cost Savings From Wellness Programs


        While it’s true that you will cut costs in the long run from lifestyle management initiatives related to exercise and diet, the bulk of your savings will come in the short-term, by simply reminding diabetic workers to take their insulin.

         TAKEAWAYS FOR SMBS:  If your goal with employee wellness is to save money, don’t shirk on disease management—even if that means focusing on a few workers with chronic illnesses over the many healthy ones. Consider tracking employee medications in your HRIS (with their consent, of course) and adopting flexible work arrangements to cater to worker needs.

        On the other hand, if reducing mental fatigue and absences is your goal, lifestyle management should take priority.

        Myth #3: Employee Wellness Programs Improve All Aspects of Performance

        The truth: It’s still unclear if wellness efforts impact stress levels and engagement.

        You know how every fitness trend on TV promises six-pack abs and sculpted muscles with little or no effort at all? Employee wellness programs can fall into a similar trap. Small businesses expect wellness programs to act as a cure-all for every worker woe, then when that doesn’t happen, they’re disappointed.

        Take stress reduction, for example. It’s not a strange leap in logic to assume that if employees get some time away from their desk to get some exercise in, that they’ll be able to mentally unpack.

        Yet one meta analysis study found that while the introduction of physical wellness activities were associated with a “significant reduction” in depressive symptoms and anxiety among workers, the impact on stress levels was inconclusive.

        The effects of wellness initiatives on employee engagement and enthusiasm for their job are similarly dubious.

        While a mental health study did find that the introduction of a “walking intervention” (mandated walking periods for inactive employees during the day ) decreased fatigue and increased performance, it also reported “no significant improvements in the self-reported enthusiasm of employees.”

         TAKEAWAYS FOR SMBS:  As Gartner points out, “there is a lack of definitive evidence confirming and quantifying the benefits of employee wellness and physical activity initiatives.”

        More research is needed, but in the meantime don’t assume wellness programs are either completely bogus or the ultimate solution. Define your goals with care and only gather data in areas where you can expect wellness initiatives to have a meaningful impact (e.g., participation rates, health care costs, productivity, etc.).

        Next Steps

        There’s one last myth we want to bust, and that’s employee wellness is merely a “benefit” in the same vein as PTO and stock options. Small businesses that think of it in this way are doomed to not give their program the care and focus it needs to thrive. As Gartner puts it:

        “Employee wellness should not purely be provided in the form of self-elected employee benefit, but should take the form of a multicomponent strategy that works alongside other workforce management and talent management tools and initiatives to holistically support the employee.”

        Wellness is not a side initiative, but rather the third piece of the worker support puzzle along with workforce management and talent management. Here are some next steps to start treating it as such:

        • Prepare for a lot of dropouts. It’s completely common for workers to initially show enthusiasm for a newly implemented wellness program only to drop out en masse not long after. Don’t give up! Keep promoting activities, add variety, recognize achievement, appoint wellness champions and coaches and add gamification elements via wearable devices like the popular Fitbit to win them back.
        • Balance inclusivity with targeted personalization. Every activity or initiative in your wellness program should be as inclusive as possible, but if you see adoption waning in different demographics (age, gender, physical ability, personality type etc.), don’t be afraid to cater more to these groups.

        Three Emerging Retail POS Technologies That Will Benefit Retailers

        Emerging technology trends and mobile devices are changing customer expectations. To remain competitive, small and midsize retail businesses (SMBs) need to adopt point of sale (POS) tools that address these changing needs.

        According to Gartner’s Market Guide for Digital-Business-Ready POS Applications for Tier 2 Midsize Multichannel Retailers, 2016 (content is available to Gartner clients), it’s also important to consider how digital business-ready POS technologies will affect customers’ lifestyles.

        For example, customers will start seeing checkout lines as a waste of time when other stores allow employees to check them out from anywhere in the store.

        This article will help SMBs understand key retail trends and explain how new POS technologies can help businesses embrace mobile devices, social media and the internet of things (IoT).

        Technology #1: Mobile POS

        Mobile POS systems integrate with common mobile devices like tablets and smartphones to scan products and process payments. According to Gartner’s Hype Cycle for Retail Technologies, 2016 (content is available to Gartner clients), these technologies will become mainstream in less than two years.

        These systems can speed up the checkout process and help employees better interact with customers. They’re also useful for small retailers with limited floor space, as they reduce the need for a dedicated cash register.

        Mobile POS (Source)


        Mobile POS systems are more suitable for low-margin items, such as groceries, than high-margin categories, such as apparel and electronic items. These products require proper bagging and de-tagging by store associates.

        If a retailer has fixed checkout areas, they should make sure that the mobile POS system integrates with their main POS app.

        Benefits of Mobile POS for Small Retailers

        Mobile POS systems can help small businesses and retailers in a number of ways:

        • Manage multiple stores and engage with customers in a better way: Mobile POS lets retailers track their sales, profits and inventory levels at different store locations using a unified dashboard on their mobile device. Some options integrate with loyalty management programs so customers can access them from their mobile device.
        • Improved sales and data security: These systems allow sales associates to conduct transactions easily from any location inside the store, thus providing better customer service and making more sales. In addition, transactions carried out through a mobile POS are fully encrypted and do not store card data.

        Is Mobile POS the Right Solution for You?

        According to a recent survey by Boston Retail Partners, 84 percent of the surveyed retailers plan to deploy mobile POS solutions within the next three years.

        Many SMB retailers who called Software Advice were also interested in buying a mobile POS in the near future. Here are some sample conversations:

        • A small retailer with a single-store operation wanted a POS system that could automate their sales and track inventory efficiently. They were also interested in a mobile POS option since they visit about 40 events and shows annually.
        • Another retailer with operations across four stores was unhappy with their existing POS system due to ongoing data loss. They also required better credit card processing and were interested in a mobile POS for sales during trade shows.

        A mobile POS helped these retailers:

        • Make sales at various trade shows and events. Retailers can meet customers directly at trade shows and conduct sales on the spot. Also, they won’t need to convince customers to visit their stores at a later time, increasing the chance of a sale.
        • Check inventory levels. When a customer asks for a specific product, the associate can use their mobile device to check its availability. If it’s not in stock, they can even place an order for it.

        To view the various options, check out our guide to mobile POS systems.

        Technology #2: Loyalty Management Systems

        These systems enable retailers to reward and interact with regular customers through a centralized system that tracks loyalty points, discounts and gift vouchers. According to Gartner’s Hype Cycle for Retail Technologies, 2016, loyalty management systems will become widespread within two to five years.

        These systems can help small retailers encourage and reward customer loyalty. They can help businesses track customer interactions on social media and mobile, and provide appropriate rewards, such as cashback offers or special recognition.

        Benefits of Loyalty Management Systems for Retailers

        Loyalty management systems can benefit retailers in numerous ways. Here’s how:

        • Simplify loyalty program adoption: These systems can enable customers to participate in loyalty programs using mobile devices, increasing their adoption.
        • Appeal to millennials: A recent study found that millennials are twice as likely to pay a premium if they are earning loyalty rewards.
        • Understand customers’ buying patterns: Retailers can track and understand their customers’ buying patterns. They can offer personalized deals to customers based on their purchase histories and buying trends.

        How are Loyalty Management Systems Useful to You?

        Thousands of small and midsize retailers already use loyalty management systems or seek to deploy one. Based on a recent survey by Local Commerce Monitor, nearly 24 percent of the SMBs surveyed offer some kind of loyalty program. About one-third of the respondents plan to start offering a customer loyalty program in less than a year.

        Chris Luo, VP of Marketing, FiveStars, a loyalty technology company, revealed to Forbes contributor Nicole Leinbach-Reyhle that he believes most retailers that retain customers through repeated sales have better chances to enhance their overall profitability.

        Luo is also of the opinion that loyalty programs enhance the overall lifetime value of customers by nearly 30 percent through retention and increase in number of visits and spend.

        Retailers can use loyalty management systems in numerous ways.

        For example, an SMB crafts retailer in the US that deployed a customer loyalty program had nearly 20,000 customers sign up for the program. The retailer can now identify the most valuable buyers and reach out to them to promote sales events, trade shows and new merchandise.

        Technology #3: Digital Wallets

        A digital wallet solution securely stores a person’s credentials, such as bank account details, identification cards, loyalty programs and payment cards. Customers can use it in a retail store using their mobile devices.

        According to Gartner’s Hype Cycle for Retail Technologies, 2016, digital wallets will see mainstream adoption in two to five years.

        These wallets can also store multiple payment options, and customers can keep track of their loyalty program progress and benefits.

        Apple Pay in action


        Before making large technology investments, SMBs should determine whether there is customer demand. As the technology becomes more popular and SMBs adopt digital wallet technologies, they should explain the advantages of these systems to more reluctant users. Incentives should be considered in order to drive customer use.

        The use of digital wallets can significantly increase sales for small retailers. Customers will appreciate the ease of transactions and the opportunity for customized offers.

        Benefits of Digital Wallets for Retailers

        Digital wallets can make the transaction process faster and more efficient. They also offer additional benefits:

        • Simplified buying process: Digital wallet technology can ease the shopping experience for customers by securely storing customer’s’ payment card information on the server.
        • Increased sales: Customers usually prefer a streamlined buying process and would return to a retailer if their overall transaction process is quick and easy. This gives opportunities to increase sales as existing customers would repeat their buying.

        How are Digital Wallets Being Used?

        An apparel retailer that operates in two stores contacted Software Advice regarding a retail system to automate their core checkout processes, manage inventory in the stores and track customers. They need the system to support payments made through Apple Wallet or Android Pay, as well as have e-commerce functionality and back office analytics.

        Takeaways and Next Steps

        These technologies are already in the wild, and customers will increasingly rely on their ease and convenience. To remain competitive, it’s essential for SMBs to be aware of these trends and develop a plan to adopt them within the next two to five years.

        In addition, here are some next steps to keep in mind as you look for the specific system that best fits your company’s needs:

        What Is Cohort Analysis?

        A “cohort” is simply a group of people who are similar in some way.

        Etymologically, the word “cohort” was originally applied to a Roman military unit:

        roman cohort

        These gentlemen have something in common… (Roman soldiers by Matthias Kabel is licensed under CC BY 3.0)


        While there are probably some unfortunate marketing departments churning out content about military history, this sense of the word “cohort” is pretty much obsolete.

        Business analysts, data scientists and market researchers have repurposed the word “cohort” by applying it to any group (such as product groupings)—not just groups of people.

        As we’ll see, this is because the statistical methods used to analyze groups of people can also be applied to other kinds of classification problems.

        We’ll explore the kinds of cohorts that business analysts and marketing departments need to focus on, as well as the methods and business intelligence (BI) tools used in cohort analysis.

        The Two Types of Cohorts

        Cohort analysis basically involves grouping people (typically customers and/or users) using data.

        Gartner digital commerce analyst Jennifer Polk offers a comprehensive definition in Grow Custer Lifetime Value With Digital Commerce (full content available to Gartner clients):

        “Cohort analysis groups customers by a common characteristic observed in a given time frame, studies their behavior as a group over time and compares behavior across multiple groups.”

        All this talk of customers, groups and segments may leave you wondering what kinds of groups you’re actually supposed to create during cohort analysis.

        The answer is that it depends on your data, but typically, marketers and business analysts use two kinds of data in cohort analysis:

        two types cohorts
        Let’s now take a closer look at each type of cohort analysis. Keep in mind that frequently, marketers and business analysts combine both kinds of data (for example, website users with North American IP addresses).

        Demographic Cohorts

        Demographic data includes dimensions like age, gender, household income, martial status, ethnicity etc. Marketers have long used demographic data to better target campaigns, typically by grouping various demographic dimensions into segments—e.g., single mothers living in Connecticut and making in excess of $75,000 annually.

        See our guide to customer segmentation analysis for more on this subject.

        Behavioral Cohorts

        The major complexities of cohort analysis involve factoring in customer behavior. A classic example is first-time vs. repeat customers. Another well-known behavioral metric is churn rate, i.e. the rate at which customers quit purchasing or using a product/service.

        Typically, marketers and business analysts focus on behavior across digital channels, primarily:

        • E-commerce platforms
        • Mobile apps
        • Company websites
        • Social media
        • Software applications aimed at end users—games, business applications etc.
        • Internet of Things (IoT) devices

        Device type is a particularly important dimension in analyzing digital behavior. Visitors to a web site can still have substantially different experiences based on whether they’re viewing the site on a laptop or a smartphone.

        Examples of behavioral cohorts:

        • Customers who put an item worth more than $50 in a shopping cart, continue browsing for another 30 minutes and then remove the item from the cart.
        • A group of customers who download a company’s app and use it for a week before uninstalling it.

        In the context of web analytics, bounce rate is a well-known behavioral metric.

        The Uses of Cohort Analysis

        Cohort analysis isn’t an intellectual exercise but a part of daily operations at many digital businesses. Indeed, we’ll see that cohort analysis isn’t just carried out by analysts, but automatically by machine-learning algorithms.

        Before getting into advanced considerations, however, it’s important to establish the basic use cases for cohort analysis:

        E-commerce analytics

        For a physical store or restaurant, it’s only marginally useful to know whether customers took the freeway or surface streets to get to the location.

        For an e-commerce retailer, however, knowing where your traffic is coming from is a matter of life or death.

        This is why Polk recommends in How to Build a Digital Commerce Marketing Strategy that e-commerce retailers “analyze sales and customer data to determine how much revenue is coming from which digital channels.”

        After such an analysis, you can decide to focus on certain channels with promotional offers, targeted advertising etc.

        Additionally, Polk observes that “fixing issues on your e-commerce site or application can improve digital commerce conversion and transaction frequency.”

        UX optimization/web analytics

        This brings us to UX optimization for websites and mobile apps, one of the most important use cases for cohort analysis.

        One of the key ways to group your customers into cohorts is to focus on the “device” dimension.

        For instance, say that an analyst notices a higher-than-average cart abandonment rate on an e-commerce site. When the analyst segments customers by device type, she realizes that the higher-than-average cart abandonment rate is limited to mobile users. This insight leads to the detection of navigation issues with the checkout process caused by how the site displays on mobile devices.

        If you have demographic data in your CRM system, you can also investigate how different demographic cohorts navigate your site.

        For instance, detection of a higher-than-average bounce rate among millennials could be an indication that your site’s design is off-putting to younger visitors.

        Targeted advertising

        Another central use case for cohort analysis is improving user experience (UX) on websites and in applications.

        We’ve already seen how this works in the context of site navigation. You can also tailor UX to your customers by slotting them into cohorts.

        For instance, say that PPC visitors from LinkedIn have a higher average income and contribute more revenue than visitors from Facebook. According to the CRM, they also have more senior job titles than Facebook visitors, and have a median age of 51, whereas visitors from Facebook have a median age of 27.

        Using this data, you may decide to build a PPC advertising campaign using stock photos of older executives to target this high-value group, and only display these ads on LinkedIn.

        Cohort Analysis Tools

        Depending on the kind of BI tool you’re using, cohort analysis is either a manual process performed by an analyst or an automatic classification process performed by algorithms. We’ll look at tools for cohort analysis in order of increasing sophistication.

        Pivot tables

        A cohort, as we’ve seen, is a group of dimensions in your customer data. The most basic kinds of cohort analysis are executed by human beings using basic tools for multidimensional analysis, such as pivot tables in Microsoft Excel.

        Pivot tables allow you to quickly group dimensions in customer data. You can build cohorts in less than a minute:

        pivot table builder

        Selecting Demographic Dimensions in CRM Data with Excel’s PivotTable Builder(Used with permission from Microsoft)


        Visual analytics tools

        A category of BI software known as visual analytics tools allow for more advanced cohort analysis, since you can visualize certain dimensions of your customer data while building cohorts.

        For instance, say you have geographic dimensions (like city, state and time zone in the above example). These can be plotted on a map with a BI tool and combined with other dimensions to create geographic cohorts, as in this visualization of radio listeners by state:

        gooddata geographic data

        Visualization of Geographic Cohorts in GoodData


        With a visual analytics tool, such visualizations can be created simply by dragging and dropping dimensions from a menu, just like the PivotTable Builder in Excel.

        SUGGESTED SOFTWARE: Tableau, Qlik, Sisense, Microsoft Power BI, TIBCO Spotfire

        Data mining tools

        BI tools with data mining capabilities are the most sophisticated options for cohort analysis out there. These tools enable a partially automated approach to developing cohorts known as clustering.

        Clustering refers to the use of statistical algorithms to automatically generate classifications.

        Thus, instead of the analyst selecting the dimensions she wants from a menu, in clustering, the analyst simply selects how many cohorts she wants. The algorithms then sift through the data to find the best dimensions for grouping the data into this number of cohorts.

        In other words, with clustering, the algorithm tells you which dimensions in your data are important.


        Cluster analysis in Ideata


        Cluster analysis sounds complex because it is complex. We’ve written a detailed guide on the subject for readers who need to know more.

        It’s important to note that not all BI tools support clustering. If you’re interested in this approach to cohort analysis, look for products that offer strong support for statistical modeling.


        Need help narrowing down your BI software options? Give us a call at (844) 689-4876 for a free phone consultation.

        Top 10 Technology Disruptors for SMBs

        by Brian Westfall, Craig Borowski & Justin Guinn

        Small and mid-sized businesses (SMBs) have faced a slew of unparalleled digital disruptions over the past 15 to 20 years, from high-speed internet to smartphones and social media. But what are the next technology disruptions on the horizon—and more importantly, how can and should SMBs prepare for them?

        To answer this question, we analyzed advances in technology set to change how SMBs handle daily operations, and came up with a list of the top 10 technology disruptors you should know about.

        For each disruptor, we’ll answer the following three questions:

        • What is the disruptor and why should SMBs care?
        • When and where will the disruptor have the greatest impact?
        • How can SMBs prepare now for the disruption?

        First, let’s explain how we’re defining a “disruptor”:

        Technology disruptor: Any industry trend or new technology that is already changing or will fundamentally change how business success is achieved.

        10 2017 technology disruptor infographic

        Here are the top 10 SMB disruptions for 2017:

        1. Platform as a Service (PaaS)
        2. Machine Learning
        3. Chatbots
        4. Geospatial and Location Intelligence
        5. Predictive Analytics
        6. User Experience Personification
        7. Wearables
        8. Augmented and Virtual Reality
        9. Computer Vision
        10. Autonomous Vehicles

        Platform as a Service (PaaS)

        What is the disruptor and why should SMBs care?

        Platform as a Service (PaaS) is a cloud-deployed delivery model for application infrastructure services. Unlike the Software as a Service (SaaS) model, which delivers a fully functional application (or set of applications), PaaS delivers “middleware” services that clients can use to build their own applications.

        Today, when an SMB needs a software solution, they usually choose the SaaS product that best meets their requirements. But with the increasing availability of PaaS, SMBs can develop their own application according to their specific needs—an attractive alternative to SaaS.

        SMBs should expect PaaS deployments to increase as competitors use them to create apps that make their own internal workflows more efficient.

        When and where will the disruptor have the greatest impact?

        PaaS is already impacting software developers in the SMB space. We expect the impact to spread to SMBs in other industries over the next three to five years.

        PaaS deployments are already quite common in the enterprise space. The PaaS use cases with the most traction are those that use a PaaS service to create apps that speed up internal workflows or other business processes. In fact, Gartner’s 2016 Hype Cycle for PaaS (content available to Gartner clients) shows that business process management is the leading use case for PaaS implementations.

        Some of the big name PaaS vendors already offer SMB-friendly services, like Salesforce’s Force.com, Microsoft’s Azure and Google’s App Engine. As for when the disruption will hit, that depends entirely on when you (or your competitors) develop your first game-changing app!

        Since PaaS is all about efficient software development, this disruption will be most impactful among software developers and IT solutions providers. But PaaS is also about making software development easier and accessible to companies that don’t specialize in IT—and for this reason its impact could become widespread.

        How can SMBs prepare for the disruption?

        Any business that uses software should, at the very least, be generally aware of PaaS solutions and how they work. For many SMBs, however, shopping for new software ends up being a process of elimination, and there’s little time to consider PaaS solutions when there are so many SaaS solutions that will work off the shelf.

        So how do you know if PaaS is a better choice than SaaS for your SMB? Ask yourself the following questions. Answering yes to any of them means that PaaS might be your best option—or at the very least, is at least worth a closer look.

        • Does my SMB have unique application requirements?
        • Does my SMB have an atypical or disruptive business model, or one that requires the implementation of bleeding-edge technologies?
        • Will the best SaaS solution on the market still require extensive customization in order for it work best for us?

        Finally, it’s important to remember that the PaaS market is still evolving and vendors that exist today may not be here tomorrow (as was the case with SaaS vendors when SaaS was still an up-and-coming technology.) Buyers should be wary of long-term commitments with any one PaaS vendor and contracts should be examined carefully to avoid potential vendor lock-in.

        Machine Learning

        What is the disruptor and why should SMBs care?

        Machine learning (ML) is a subfield within artificial intelligence (AI). ML will be disruptive for several reasons. First, it will greatly expand the ability of computerized systems to analyze and extract meaning from large and unstructured datasets.

        Building upon that, ML will also improve a company’s ability to make those analyses actionable and, to varying degrees, automate their implementation.

        While there are many potential and theorized uses for machine learning, most current ML use cases take a “supervised learning” approach. As Gartner’s report “Machine Learning Drives Digital Business” (available to Gartner clients) explains:

        “Supervised learning requires ‘training data,’ which is used to ‘teach’ a machine learning model by describing a desired mapping between observations and outcomes that the machine learning system should produce.”

        Based on those mappings, ML programs could help companies answer questions such as:

        • Are customers who purchased product A more or less likely to also purchase product B?
        • How does bundling products and services affect the lifetime value of certain customer subsets?
        • Will raising the cost of a certain product or service increase customer churn?

        With supervised learning, ML can help a business turn its collection of data into actionable insight, without requiring the effort or expense of traditional data analysis. Since SMBs traditionally lack the budgets and staff for extensive analysis, they should pay particular attention to to ML developments and the opportunities they create.

        When and where will the disruptor have the greatest impact?

        Machine learning is already a behind-the-scenes disruptor. We predict the degree and scope of its disruption will grow quickly over the next decade, as companies discover new applications for it.

        Machine learning has seen great success in fields that involve the processing of language, such as:

        • Foreign language translation
        • Text and speech sentiment analysis<l/i>
        • Handwriting and speech recognition

        Google, for example, uses machine learning to continually improve the results it returns for search queries.

        ML is also great at pattern recognition, and is used for online fraud detection, customer behavior analysis and recommender systems. Chatbots are another great example of ML in action, and are discussed further down in this report.

        How can SMBs prepare for the disruption?

        While ML is used primarily in the enterprise space right now, the tools and platforms are increasingly available to SMBs. The biggest obstacle for SMBs is the lack of the large datasets on which ML tools can be applied.

        But large datasets don’t just appear overnight; they need to be grown over time. By implementing the right software into your business, you can begin accumulating data—and make workflows more efficient.

        Here are some simple examples of changes a company can make to begin collecting their own data to prepare for their own ML implementation:

        • Instead of tracking applicants and new hires by hand (or on a generic spreadsheet), use an applicant tracking system in your HR department.
        • Stop using a spreadsheet to manage your customer service requests and switch to a dedicated customer service platform that will keep all your data organized.

        SMBs that do have large sets of data can already begin laying the groundwork for ML initiatives. There are many reasonably priced cloud-hosted ML platforms from vendors like Amazon, Microsoft and IBM. Take a look at our guide here to see how your SMB can begin taking the first steps towards using ML in your customer service department.


        What is the disruptor and why should SMBs care?

        Chatbots are one of ML’s more precocious offspring, with many examples of them already scampering about online. So what are they? Put simply, chatbots are digital interfaces (usually found online) that use machine learning to automatically answer inquiries and guide interactions.

        slackbot chatbot assistant

        Slackbot is Slack’s chatbot, a fully automatic chat-based assistant for answering common questions


        Chatbot interfaces seem very similar to live chat interfaces. In fact, from a customer or end-user’s point of view, it’s not always clear which is which. With live chat, however, there’s an actual person on the other end responding to questions, whereas chatbots use ML algorithms to interact and respond automatically and without needing help from an agent.

        SMBs should pay close attention to chatbot technology. It’s highly leverageable and can help SMBs unlock the power of machine learning without needing an enterprise-class budget. Chatbots can come as part of a larger software platform, purchased directly from custom chatbot developers or developed in-house slowly over time.

        When and where will the disruptor have the greatest impact?

        We predict chatbot implementations will continue to increase over the next five years, reaching widespread adoption as early as 2020.

        While chatbot technology is maturing quickly, chatbots aren’t the best conversationalists. Instead, they’re great at understanding simple questions and choosing the best answer from a finite group of pre-written ones. This particular skill has made chatbots especially helpful for customer service departments—which are obviously no stranger to answering repetitive questions.

        Chatbots will be most impactful in service departments that handle a high volume of service requests; especially those that handle a high volume of relatively simple, non-technical service requests. This impact will affect customer service departments in all industries, in both B2B and B2C contexts.

        Chatbots are already employed by companies in the SMB space, though sparingly.

        How can SMBs prepare for the disruption?

        • Most SMBs are already preparing for chatbots, even if not intentionally. As with all ML projects, chatbots are built upon a collection of data—something many SMBs already have thanks to their use of a CRM system, HR platform or other business management software.
        • Chatbots will disrupt customer service departments in ways similar to the disruption caused by self-service. They’ll lead to an overall reduction in service request volume.
        • However, as is the case with self-service implementations, the remaining service requests will often be more challenging to resolve. Companies should thus plan to reevaluate their service department metrics and KPIs to account for the effects of a chatbot implementation.

        Geospatial and Location Intelligence

        What is the disruptor and why should SMB businesses care?

        Geospatial and location-based sensor technologies designed to track the location of subjects and/or objects within an assigned space are disrupting multiple industries.

        The sensor-based technology gathers and analyzes data from any connected devices, such as smartphones or smart watches . The sensors are able to send and receive data to and from these devices using primarily Bluetooth, WiFi and RFID (radio-frequency identification) digital channels.

        Put simply, these technologies quantify the physical spaces in which any business inhabits. Not to mention, the actual sensor technology that drives geospatial intelligence has been around for some time and is relatively inexpensive.

        According to Gartner’s report “Hype Cycle for Business Intelligence and Analytics, 2016” (available to Gartner clients):

        “Analyzing business data in the context of location can uncover spatial trends, dependencies and patterns that are otherwise undetectable. Greater adoption, broader utilization, and new technologies and services will be driven by the Internet of Things (IoT).

        Recording human movements and interactions using this type of technology yields a huge amount of data that businesses can analyze and use to optimize their processes and experiences.

        For example, a construction businesses could look at how their on-site staff moves around throughout the day and position tools and building materials strategically to make them more easily accessible.

        When and where will the disruptor have the greatest impact?

        We predict geospatial and location-based technology will disrupt retail, manufacturing and warehousing, and SMBs that rely on mobile employees, by 2020.

        Geolocation sensor technology has existed for sometime, as with Apple’s 2013 release of their iBeacon. And insurance companies use geospatial data and location technology to more accurately assess risk for policies.

        The difficulty facing SMBs is how to apply the technology in a way that makes sense for their business. And if that can be achieved, an even bigger hurdle is overcoming the challenges of taking the data collected and turning it into actionable takeaways.

        These challenges will likely require additional resources, such as software that can perform the type of complex data analysis needed, as well as employees who can make sense of the data and help make decisions based off of it.

        How can SMBs prepare for the disruption?

        There are already many location-based sensor and analytics technologies in the marketplace. Along with adopting and installing the physical sensors, SMBs must be prepared to house and analyze the data gathered from these sensors into meaningful recommendations.

        Steps SMBs can take to stay in front of this disruption include:

        • Set aside the resources (money, expertise) necessary to properly install the physical sensor hardware.
        • Prepare to spend money on support and training packages to increase the speed of onboarding so actionable decisions can be made more quickly.
        • Optimize or adopt a new customer relationship management (CRM) system that will help tie personalized location data to specific customers so their experiences can be positively changed.

        Predictive Analytics

        What is the disruptor and why should SMBs care?

        Thanks to modern computing power, SMBs are able to amass and archive more historical data related to their operations than ever before.

        If you have more spreadsheets on your desktop than you can count on two hands, you know what I’m talking about. But without the resources or expertise to make sense of all this data, SMBs are often in the dark on what past trends may indicate for the future.

        Predictive analytics capabilities in software will soon help SMBs shed light on all of this. Using statistical techniques such as regression analysis, forecasting, multivariate statistics and pattern matching, predictive analytics can parse historical data to answer the all-important question: “What is likely to happen next?”

        Gartner explains the benefits of this evolution in the report “Combine Predictive and Prescriptive Analytics to Drive High-Impact Decisions” (available to Gartner clients):

        “To make sound decisions, organizations need to assess, quickly and accurately, complicated and time-sensitive matters…They must make decisions based on likelihoods, such as what is likely to be the optimal price, the right marketing mix, the best route or the most suitable time to schedule maintenance. [Predictive analytics] offers a way for organizations to shape a future that looks uncertain.”

        When and where will the disruptor have the greatest impact?

        We expect predictive analytics will disrupt SMB decision-making in all industries and work functions by 2021.

        There are currently enterprise-focused systems with predictive analytics capabilities available today. They offer a glimpse of what areas will be most disrupted for small businesses in the near future:

        • Platforms like Workday can use performance and attrition data to tell HR departments which employees are most likely to leave soon, thrive in senior positions or abuse company policies.
        • Platforms like Halo can use maintenance history to tell operations managers the likelihood that a piece of machinery will fail and recommend a course of action based on possible outcomes.
        • Platforms like Canopy Labs can use past sales trends and behaviors to tell retail store owners things like purchase likelihood, churn risk and a number of other metrics for individual customers.

        To be clear, this technology is already available and widely used by enterprise businesses. It’s just a matter of when predictive analytics will become more widespread in the systems that SMBs already own.

        But with the market for big data and business analytics offerings forecasted to reach more than $187 billion by 2019, this time will come relatively soon.

        How can SMBs prepare for the disruption?

        The accuracy of predictive analytics lies entirely in the integrity of your SMB’s historical data. That’s not a future concern, that’s a now concern.

        Here are some steps that SMBs can take to prepare for predictive analytics:

        • Adopt a system to securely house historical data and implement processes to clean that data regularly. (We offer tips on how to do this with Microsoft Excel here).
        • Eliminate noise by separating valuable data sources worthy of predictive analysis from those proven to have no bearing on business outcomes.
        • Talk to software vendors to discuss their roadmap for implementing predictive analytics capabilities in their core platforms.

        User Experience Personification

        What is the disruptor and why should SMB businesses care?

        In the age of big data, every interaction a consumer has with a business offers multiple data points than can be gathered and analyzed. Over time, with more and more personalized data and with greater analytic capabilities, SMBs can use this information in real-time to enhance user satisfaction with a product, service, or general experience.

        Similar to chatbots, user experience personification (UX personification) will result from improved machine learning capabilities. The increase in automated interactions between businesses and consumers will provide UX personification with the opportunity to disrupt how customer experiences and interactions are curated and executed.

        Make no mistake, SMBs will have to fight to keep up with larger enterprises that have larger data sets and greater resources for analyzing and designing personalized experiences. But it’s a fight that’s necessary in order to meet the evolving expectations of customers.

        When and where will the disruptor have the greatest impact?

        We predict UX personification will disrupt SMB-designed personal experiences in all industries by 2021.

        We’re already seeing the practical application of user data to create more personalized experiences. Take Google’s curated ad campaigns as a basic example. This service tracks personal browsing histories and enables other businesses to leverage this personal data by buying and filling ad space with relevant ads. While this is more of an unsolicited example, it paints the picture of where business experiences are heading.

        SMB sales associates, chatbots, support and other call centers, and many other businesses will be able to offer optimally personalized interactions. SMBs can leverage such personalized experiences internally to increase their talent acquisition rates.

        How can SMBs prepare for the disruption?

        Leveraging such data-inferred information will require SMBs to adopt advanced data analytics tools. These tools will become more readily available for SMBs in years to come, but for now, steps SMBs can take to stay in front of this disruption include:

        • Optimize current data collection, management and application practices now to gain experience and build core competencies for using data to make business decisions.
        • Work with clients/customers to determine pain points in your journey that a more personalized experience could help alleviate.


        What is the disruptor and why should SMBs care?

        When they exploded onto the scene back in 2014, some declared it the “Year of the Wearable.” Cut to today and the sheen on fitness trackers like the Fitbit and smartwatches from companies like Apple and Samsung has decidedly dulled. Outside of exercise fanatics and gearheads, wearables haven’t caught on with mainstream audiences as quickly as anticipated.

        The latest numbers from March 2016 show that just 12 percent of U.S. consumers own a wearable. More alarming news comes from a consumer survey by Gartner (available to Gartner clients) that says nearly a third of adopters last year stopped using their wearable because they “did not find them useful, they get bored of them or they broke.”

        Despite this, we’re not ready to write the obituary for wearables just yet. Should providers continue to improve their devices, the potential from recording data and deriving actionable insights using a piece of tech that customers, employees, patients and more wear on their actual person is too great to ignore.

        Wearables will usher in a new era of personalization that has the potential to streamline operations, improve quality of service and surface new revenue opportunities.

        When and where will the disruptor have the greatest impact?

        We predict wearables will disrupt SMBs in areas like human resources, healthcare, marketing and retail by 2022.

        As consumers continue to adopt fitness trackers for personal use, SMB HR departments will increasingly ask employees to bring them into the workplace to implement employee wellness programs. These inexpensive initiatives involve organizing group exercise activities that pool fitness tracker data with leaderboards and rewards to promote employee happiness and engagement (with the side benefit of potentially lowering health insurance costs).

        Consumer wearables will continue to improve beyond tracking a user’s heart rate and footsteps (and evolve from wrist accessories into actual clothing), and so will medical-grade wearables like Zephyr Anywhere’s BioPatch. As these wearables become more affordable, small practice doctors and ER nurses will increasingly rely on them to monitor important vitals and get updates sent straight to their smartphone as needed to improve diagnosis accuracy and response times.

        But perhaps the most disruptive application of wearables will be to the retail customer experience in concurrence with the internet of things (IoT). Amazon’s new brick-and-mortar prototype, Amazon Go, offers a glimpse of the possibilities: customers being served personalized deals in-store based on purchase history that are sent straight to their smartwatch, and automatically paying for their purchases as they leave the store.

        How can SMBs prepare for the disruption?

        Besides waiting for consumer interest to grow and the tech to evolve, another major challenge with wearables will be privacy concerns. How comfortable are people going to be sharing their wearable information with businesses? Here are some next actions that SMBs can take now to see how wearables will fit into their future:

        • Survey different groups (e.g., customers, employees) to see how many already have wearables and how using wearable data would affect relationships with them.
        • Test a pilot employee wellness program to gauge interest, measure effectiveness and become familiar with wearable tracking platforms like Limeade.
        • Evaluate the efficacy of wearables to improve safety for employees in dangerous work conditions (e.g., detecting falls, monitoring the drowsiness of truck drivers).

        Augmented and Virtual Reality

        What is the disruptor and why should SMBs care?

        After decades of being relegated to bulky headsets in arcades, augmented reality (technology that superimposes computer-generated imagery over a view of the physical world) and virtual reality (technology that replaces the view of the physical world entirely with a computer-generated environment) are finally having a legitimate moment.

        Sleek headsets from the likes of Oculus, Sony and HTC are now competing for shelf space from hardcore gamers craving a more immersive experience, and even regular consumers can now explore virtual worlds with their smartphone for as little as $15.

        A Gartner report (available to Gartner clients) estimates that 4 million of these AR and VR devices were in homes by mid-2016. Theme parks are also betting hard on virtual reality to provide excitement to guests at a fraction of the cost of a titanic coaster.

        But the applications of AR and VR for small businesses will go far beyond cheap thrills, should adoption continue to rise. Organizations can use AR and VR to provide all types of users (e.g., employees, customers, patients) with the means to interpret real-time information, experience virtual environments and socially collaborate beyond the confines of a smartphone or computer screen.

        Soon, you can shake your boss’ hand in a virtual meeting, run a simulation on how to perform complicated surgery and walk through a hotel room you’d like to view before booking—all without leaving the comfort of your couch. That’s a disruptor.

        When and where will the disruptor have the greatest impact?

        Barring any setbacks (which we touch on below), we predict AR and VR will disrupt SMBs in industries like construction, field service, hospitality, healthcare, manufacturing and retail by 2024.

        In the report “Top 10 Strategic Technology Trends for 2017: Virtual Reality and Augmented Reality“ (available to Gartner clients), Gartner outlines four key areas where AR and VR will play a significant role:


        Training and education Immersive situational training for doctors and police; simulated use of heavy machinery for manufacturers.
        Design, collaboration and development The ability to visualize schematics during construction for home builders; real-time space planning for facilities managers.
        Repair and maintenance “See-what-I see” cameras for remote workers seeking guidance from HQ; augmented displays for microsurgeons.
        Engagement and customer experience Virtual travel experiences for resorts; product visualization and “try-on” scenarios for customers at various retailers.


        In order for AR and VR to disrupt SMBs by 2024, they’ll need to overcome a few significant hurdles with early adopters. The hardware is still too expensive (high-quality headsets can cost up to $2,000), virtual reality sickness is still a largely unresolved issue and businesses have yet to ideate exciting uses of this tech beyond 360 degree mapping and limited simulations.

        How can SMBs prepare for the disruption?

        While the tech for AR and VR takes time to catch up to expectations, here are a few steps that SMBs can take to prepare for adoption:

        • Brainstorm ways that AR and VR can enhance experiences or work functions within your business, thinking beyond preconceived applications.
        • Tie AR and VR use cases to desired organizational objectives and goals related to revenue, proficiency or customer service.
        • Get in touch with AR and VR app developers to learn about possibilities, costs and potential pitfalls.

        Computer Vision

        What is the disruptor and why should SMBs care?

        Computer vision is the ability to interpret and analyze images and other visual events in real time so that they can help inform strategic recommendations.

        For example, facial recognition technology (computer vision) could be employed to identify a rundown pair of shoes that you’re wearing in an Instagram post and then market new shoes to you. The successful application of this type of visual analytics ecosystem will provide SMBs with unparalleled insights and a clear advantage over their competition.

        Even more, the detailed analytics that this technology will provide can fundamentally change how business success is achieved, to a degree, for almost all industries.

        A simple example (trust me, it’s simple) of the benefits of computer vision is with emotional analysis and analytics. You could come up with the inferred physical and mental well being of customers and/or employees based on emotional data collected by computer vision technology. This would enable your business to augment strategies for communicating with customers/employees based on daily emotional statuses.

        When and where will the disruptor have the greatest impact?

        We predict computer vision technologies will disrupt all SMB industries by 2024.

        The mechanisms that drive computer vision technology are mostly in their infancy today, but they’re developing quickly and are finding new ways to work together. It will be the symbiotic relationship between multiple sensor and visual analysis systems that leads to an overall computer vision ecosystem.

        This actionable visual analysis can provide SMBs with strategic advantages across all facets of business. For example:

        • Marketing teams can leverage the technology to spot all social images featuring their brand and products.
        • Completely new businesses concepts and consumer experiences can surface, such as the Amazon Go Store and it’s “just walk out” shopping experience.
        • SMB retailers can leverage facial recognition technology and behavioral analysis to determine buying intent of consumers on a product by product basis.

        How can SMB retailers prepare for the disruption?

        SMBs can start preparing for the strategic application of computer vision by:

        • Familiarizing themselves with computer vision components that are currently available on the market.
        • Determining which pain points the practical application of computer vision analytics could help overcome.
        • Investing in formal customer management and data analytics now so there’s valuable information that can be tied into the computer vision system when the time comes.

        Autonomous Vehicles

        What is the disruptor and why SMBs retailers care?

        The widespread adoption of autonomous, driverless cars, trucks, drones, and other vehicles will disrupt resource planning for SMBs and fundamentally change how business successes are achieved across many industries.

        According to Gartner’s report “Top 10 Strategic Technology Trends for 2017: Intelligent Things ” (available to Gartner clients):

        “The most developed use of autonomous vehicles is in controlled, industrial settings like warehouse management, farming, and mining. The vehicles can be used with full autonomousness in these settings. But for use in public, on roads and such, autonomous automobiles still have a ways to go before full autonomousness. In fact, some states have laws requiring a capable driver be in the driver’s seat of an autonomous vehicle in case the technology fails.”

        Once fully able to operate on their own (and once they clear any legal hurdles preventing them from operating on roads and highways), autonomous vehicles will bring unparallelled disruption businesses and perhaps the human experience as we know it.

        Automated vehicles will inevitably lead to:

        • No need for human drivers, routing and dispatchers
        • Fewer vehicles on the roads
        • Continuous, 24/7 transportation of goods (through advances in electric cars and the ability to refuel/recharge a car en route)
        • The ability to conduct business while traveling
        • Sturdier, more dependable vehicles built to undertake a literal constant strain of use
        • Leaps and bounds forward for predictive and preventative maintenance technology

        When and where will the disruptor have the greatest impact?

        We predict the fully realized disruption of autonomous vehicles won’t occur until at least 2027.

        While companies (specifically, automotive and technology companies) rush to lead the autonomous vehicle race, we’ll likely only see semi-autonomous vehicles in widespread use over at least the next five years. Once legal, some time will pass before the autonomous vehicle market is fully realized.

        Once autonomous vehicles are safely and legally added to the road, they have the potential to have a drastic effect that will inevitably affect almost all SMBs.

        These vehicles will obviously bring huge disruption to the fleet management/delivery/supply chain industry, effectively eliminating the role of the classic trucker as we know it. Insurance companies will likely suffer once the vehicles gain widespread adoption, as consumers will no longer have a need for auto insurance as we know it.

        Municipalities and landowners will have to imagine how to effectively repurpose all the unnecessary parking lot space since there will be significantly fewer vehicles on the road, and even fewer that will utilize parking spaces in the traditional manner we think of them.

        The ability to move materials and products on a near 24/7 basis will also do much to sway consumer expectations. For example, more and more business will need to turn their focus to online and app-based means of conducting business as consumers will begin to expect to order products and have them delivered that same day through autonomous fleets.

        Once the autonomous vehicle disruption is realized, there will likely also be new economies built to support it. Picture, for example, a convenience store stocked into an autonomous van so that consumers could call it to their destination and browse the goods as essentially a pop-up shop.

        How can SMBs prepare for the disruption?

        Autonomous vehicles have an enormous potential to fundamentally change the human experience. This reshaped future is difficult to fully grasp, so rather than make incredibly speculative recommendations for SMBs to take now, here are some foundational recommendations that SMBs can build off of as the disruption evolves:

        • Optimize the online experience across every selling point and channel tied to their business in order to create definitive, positive and lasting interactions with their brand.
        • Monitor the moves larger enterprises make to leverage the capabilities of autonomous vehicles to come up with potential future applications and benefits.

        Next Steps

        We’ve covered a lot of different technologies that will disrupt a wide variety of business functions for SMBs, but one underlying fact ties them all together:

        SMBs that don’t have the proper software in place now will be left behind when these disruptors arrive.

        To that note, it’s important to keep in mind that many of these disruptors require SMBs to already actively collect data on their customers and employees. LIkewise, SMBs need to have best practices and endowed experiences to articulate this data into meaningful recommendations for all areas of their operation. To do this, software with the features and functionality that are up to the task need to already be in place.

        With that in mind, here are some next steps you should take to ensure you’re ready to take full advantage of them:

        • Head to softwareadvice.com. There, you can learn more about different types of business software for various industries and needs before comparing top-rated
        • Talk to a software advisor. Call (855) 998-8505 and we’ll connect you with a helpful associate who can recommend the best products for you based on your unique needs—in just 15 minutes, and for free.