Disaster Recovery Journal- Volume 19, Issue 1 - Winter 2006 Issue

Return to the
Winter 2006 Issue

DISASTER RECOVERY
JOURNAL

P. O. Box 510110
St. Louis, MO 63151
(314) 894-0276
Fax: (314) 894-7474
Internet www.drj.com
E-mail drj@drj.com

PUBLISHER &
EDITOR-IN-CHIEF
Richard L. Arnold, CBCP
richard@drj.com

SENIOR EDITOR
Janette Ballman
janette@drj.com

MANAGING EDITOR
Jon Seals
jon@drj.com

COPY EDITORS
Richard Sandhofer
richards@drj.com
Pamela Clifton
pamelaclifton@hotmail.com

ADVERTISING
Robert Arnold
bob@drj.com

_____________

Corporate

President/CEO
Richard L. Arnold, CBCP
richard@drj.com

Vice President
Robert Arnold
bob@drj.com

CONFERENCE COORDINATOR
Patti Fitzgerald, CBCP
patti@drj.com

CONFERENCE REGISTRAR
Merce Knese
mercedes@drj.com

CIRCULATION
Laura Baugh
laurab@drj.com

EXECUTIVE COUNCIL
Jeff Dato, MBCP, KPMG
John Jackson, J Albright Advisors
Edward Devlin, E.S. Devlin & Associates
James Hammill, CBCP, JMH Consulting
Pat McAnally, SunGard Availability
Brian Turley, Strohl Systems
Belinda Wilson, Hewlett-Packard

INTERNATIONAL
CONTACTS
England: Thom Hetherington
Business Continuity
Phone: 0161-237-1007
thomh@tempus.demon.co.uk

Australia: Anthony J. Harvey
Journal of Business Continuity
Phone: 0011-613-953-0055-8
fax: 0011-613-953-0528
sector@notability.com.au

Japan: Shinji Hosotsubo
Quake Japan Co., Ltd.
Phone: 03-3215-2880
fax: 03-3215-2881

Brazil: Jose Carlos Ferreira
Disaster Recovery Mercosul
Phone: 55 11 3666-9506
conc2000@uol.com.br
www.drms.com.br

Click Here for a Printable Version

Bioterrorism

What Is It? What Can Be Done to Prepare?

By JAMES HAMMILL, CBCP

The threat of a biological attack on the United States is real and serious. Federal, state, and local governments are grappling with how to best detect an attack, identify the biological agent(s), warn the public, and provide specific instructions regarding actions to be taken for protection. Many of the same best practices that apply to response to bio-terrorism attacks should be applied to other wide-scale disasters when the private sector must work with the government agencies that take charge.

What is Bioterrorism?
Bioterrorism is the intentional use of harmful biological agents to cause widespread illness, fear, panic, or death. The agents of most concern are anthrax, plague, smallpox, tularemia, ebola, and botulism – all hard to detect and potentially life-threatening.

Background
Although weapons of mass destruction and bioterrorism were presented at conferences and talked about in the hallways prior to the anthrax events of 2001, business continuity planners rarely included them in the planning process. It was hard enough to maintain funding levels to protect the company’s business practices and information. And as we saw in the aftermath of hurricanes Katrina and Rita, local, state, and federal government agencies suffered from that same lack of funding.

The Issue Is Real
A bioterrorism attack on the United States will require a means of dispersal – air, food, water, or some other medium – causing injury or death through inhalation, ingestion, or bodily contact. Because the methods of delivery are so varied, the difficulty of detection is increased exponentially.
Public health and/or emergency management personnel at all levels have no routine way to identify a biological attack other than by suddenly having affected people arriving at medical facilities for treatment. The worse news is an outbreak would be well under way before the cause became evident. Consequently, people in the effected area would be at risk. And, with few exceptions, detection in the United States is recognized only after the fact.
In the case of a deliberate biological attack, it could take several days or longer before someone recognized that an event was in progress. For this reason, the federal government and the Center for Disease Control (CDC) created the Strategic National Stockpile (SNS). An act of bioterrorism targeting the U.S. civilian population will require rapid access to large quantities of pharmaceuticals and medical supplies. Because we can’t anticipate where a terrorist will strike and few state or local governments have the resources to create sufficient stockpiles on their own, the SNS is available as a resource for all.
There are a number of programs that provide training for first responders (EMS, fire, police); they are usually first at the scene and working directly with the public. The main thrust of training and education, however, is focused on medical emergency room personnel and clinicians. Why? They will undoubtedly be the first to recognize an unusually high number of people being treated for the same unusual symptoms.
Unfortunately, many of the symptoms of a biological attack look like the flu or a stomach virus. To aid the medical professionals, “syndromic surveillance tools” are being refined, created, and implemented in public health departments, hospitals, and clinics to help detect syndrome aberrations. The key for syndromic surveillance will be a robust network of medical facilities, clinics, and even pharmacies in order to recognize an abnormal increase in over-the-counter remedies, indicating a potential threat.

What’s the Business Risk?
From the local candy store on the corner to the mid-sized lumberyard in your town to the corporate conglomerates, we are all inexorably tied together by a global economy. Just as our computer systems rely on solid system architecture, networks, and supporting infrastructure, business relies on people to keep the economy growing. Planners have done an admirable job in preparing their companies against natural (hurricanes, floods, earthquakes, etc.) and manmade (accidents, hackers, malicious damage, etc.) disasters. It’s time to go a step further.
A biological outbreak in one of our cities, even a small outbreak, could have a dramatic effect on the business environment. The public health departments will have to act quickly, which could lead to quarantines of geographic areas in an effort to prevent further spread. Using fear as a weapon, the terrorists could disseminate misleading reports; rumors could go unchecked for days. Besides the physical harm, a biological event has the potential to cause catastrophic economic damage caused by the psychological affect.
Recovery planning in this new era of terrorism must acknowledge that the threat is real with potentially serious adverse affects on companies, stockholders, and local communities. Because companies have different levels of tolerances for various reasons, it’s the business contingency planner’s responsibility to understand where the breaking points are. Today’s recovery plans need to address the need for readiness in the face of a biological event.

Building Realistic Response to Bioterrorism
City, state, and federal emergency management planners have plans in place to protect the public infrastructure, the citizens and communities under their care. They have done their jobs with little fanfare or recognition. When we pick up the telephone to call for help we expect the ambulance, fire truck, or patrol car to appear. Many of us are familiar with our local police, fireman, and EMS volunteers, but who knows the emergency management planners. They are taken for granted because they have been behind the scenes. They have worked tirelessly to try to ensure both public safety and an emergency response capability. But even the best plans, if not well-funded and well-coordinated between the various levels of government, may not be successful. If the Gulf Coast had been under a bioterrorism attack it would have been lives lost rather than buildings. Rebuilding is an option that doesn’t exist when we are talking about loss of life – potentially thousands of lives.
At the same time, but often without interaction with the public emergency management planners, the corporate emergency management and business continuity planners have also been working behind the scenes, building a response capability to protect the company infrastructure, employees, stockholders, and property.
The public sector emergency management planners have a new charge – “protect against and respond to terrorist activity.” They are training, exercising, and putting procedures in place for responding to a terrorist event.They even have plans in place to receive and distribute mass quantities of antibiotic drugs to multiple cities at one time if necessary. Specifically for a bioterrorism attack, their instructions to the public will be to, “get your information from your local TV, radio, newspapers, or trusted community leaders.”
A radiological or chemical attack may be destructive, but is far easier to locate, predict the duration, and treat the injuries. Biological attacks are far less predictable and have the potential to infect thousands before being detected. If the outbreak is contagious, smallpox or ebola for example, exposed victims will present a continued threat of infection, prolonging and spreading the attack. There is a good chance that if they can do so safely, people will flee the area, or they will wait for that “trusted advice.”
What does that mean for the corporate emergency management planner? It means your employees will more than likely be following the directions from the local government officials and not be where you want or need them to be.
Corporate emergency management planners need to plan accordingly, meet with local public emergency management teams and integrate their plans. A public private partnership may be the best chance for corporate survival.

James Hammill, an independent consultant, has been active in business continuity for more than 20 years. A trusted advisor to CIOs, FEMA, and a member of the Natural Hazards Caucus Committee, advising 18 U.S. Senators, strengthening the understanding in Congress on risk and cost reduction for natural and manmade disasters. He has provided research for syndromic surveillance and incident command systems for a consortium of universities including Monmouth, Rutgers, New Jersey Institute of Technology, University of Medicine and Dentistry, New Jersey, and Princeton Plasma Physics Labs, under a Department of Defense contract. Hammill was a founding member of the DRJ Editorial Advisory Board and is now a member of the DRJ Executive Council. He can be reached at DMaster1@fast.net.