Corporate America needs to be prepared for all hazards, all the time. The private sector owns 85 percent of the nation’s critical infrastructure and the government simply cannot protect it all –nor should it be expected to.
The hazard landscape is vast and formidable. Within the last month alone, we have watched several hazards unfold on a real-time basis — the piracy attacks off the coast of Somalia, the heightened threat of cyber-spies exploiting computer and network security weaknesses in the U.S. electrical grid and the April Fool’s Day Conficker worm. The latest hazard we all face is the outbreak of Swine influenza, which has the potential to become a pandemic.
Swine flu is a respiratory disease of pigs caused by type A influenza virus. Symptoms of swine flu in humans are similar to regular human flu, including fever, lethargy, decreased appetite, coughing, sore throat, nausea, vomiting and diarrhea. Significantly, human-to-human spread of swine flu occurs in the same way as regular seasonal flu, through the coughing or sneezing of infected people. Tamiflu and Relenza are commonly used to treat influenza, and the federal government holds millions of doses in the Strategic National Stockpile.
The looming threat of H5N1 (Avian influenza) catalyzed the Bush Administration to develop the National Strategy for Pandemic Influenza (“National Strategy”). The National Strategy is not limited to H5N1 and it provides guidance and procedures for the preparation for and response to any pandemic.
Since the initial release of the National Strategy in May 2006, the Homeland Security Council has issued a one-year summary that demonstrates “…much has been accomplished to realize the U.S. Government’s pandemic preparedness and responses goals of:
(1) stopping, slowing, or otherwise limiting the spread of a pandemic to the United States
(2) limiting the domestic spread of a pandemic or mitigating disease, suffering, and death
(3) sustaining the infrastructure and mitigating impact to the economy and the functioning of society.”
It is clear under the national strategy that once an influenza pandemic reaches the United States, the primary focus is safeguarding the health of Americans. There are protocols and trained personnel to support an international effort to contain a pandemic in its earliest stages, including the release of Tamiflu and Relenza from the Strategic National Stockpile. Note that the federal government is releasing 25% of the stockpile in light of the Swine flu.
Local, state and federal authorities cannot effectively prepare for and respond to a pandemic without significant help from the private sector. If your company has not already conducted a pandemic drill now is the time to do so.
Remember that certain fundamental aspects of a business continuity program do not apply during a pandemic. A pandemic requires social distancing — the separation of individuals to ensure proper prevention, detection and treatment of the disease. The use of an alternate site for a company’s key employees is not, therefore, appropriate during a pandemic. A person exposed to Swine flu may not exhibit symptoms for 24 – 48 hours. Though a key employee may appear to be healthy, that employee could be infected with the Swine flu, in turn infect other key employees and risk the company’s ability to continue its mission critical operations and avoid disruption.
Another issue that companies must prepare for is quarantine. The federal government has the ability to stop people from entering the country. However, interior decisions to quarantine are the responsibility of state and local government entities. If your company has operations in multiple places, one may be quarantined. Can you continue to operate if your corporate headquarters is located in a quarantined area? Do you have a clearly defined and robust teleworking policy?
A well-designed business continuity program will enhance internal credibility (with employees) and external credibility and goodwill (with regulators, stockholders, customers, suppliers and the community at large). The National Fire Protection Association is a non-profit organization that develops consensus codes and standards that address hazard preparation and mitigation. The association developed Standard 1600, which was endorsed by the American National Standards Institute and the U.S. Department of Homeland Security. Standard 1600 defines business continuity as “an ongoing process supported by senior management and funded to ensure that the necessary steps are taken to identify the impact of potential losses, maintain viable recovery strategies and recovery plans, and ensure continuity of services through personnel training, plan testing, and maintenance.”
It provides an “all hazards” approach (identifying over 45 hazards and categories of hazards like pandemic disease, cyber-attack, flood, and biological agent attack) and establishes a common set of criteria for disaster management, emergency management and business continuity program. The standards provide the criteria to assess current programs and to develop, implement and maintain a program to prepare for, respond to and recover from disasters.
In today’s legal landscape, it is clear that senior managers, officers and directors have an affirmative obligation to take a substantive role in a company’s formal response planning and actively participate in the frequent and regular testing and exercising of a company’s program.
It is not optional; rather, the responsibilities of a company — and the duties of a company’s senior managers, officers and directors — are often heightened and tested during times of crisis, like a pandemic. As stated by the Homeland Security Council, “No prior generation has ever anticipated and prepared for a pandemic. We have the opportunity to be the first generation to use our collective knowledge, determination, and resources to take on this task.”
Don’t become a test case for failure.
For detailed information on how to protect your company using an all-hazards approach, see the Centers for Disease Control and Prevention website, the U.S. Department of Homeland Security website or www.ready.gov and the U.S. Department of Health and Human Services website.
Scott Louis Weber is a partner at the law firm Patton Boggs LLP and is the former Senior Counselor to the Secretary of the U.S. Department of Homeland Security.