DRJ's Spring 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 32, Issue 1

Full Contents Now Available!

DRJ Blogs

DRJ | The premiere resource for business continuity and disaster recovery

False Alarm in Hawaii: An Emergency Expert’s Thoughts

Following the news of Hawaii’s false ballistic missile alert on January 13, 2018, we sat down with crisis & emergency management expert and General Manager of Business Resilience at Resolver, Kevin Hall, to get his thoughts on what went wrong and why.

To start us off, tell us what happened over the weekend in Hawaii? 

On the morning of Saturday, January 13th, 2018, people in the state of Hawaii received an alert message on their phones that read, “BALLISTIC MISSILE THREAT INBOUND TO HAWAII. SEEK IMMEDIATE SHELTER. THIS IS NOT A DRILL.”

The alert went out at approximately 8:07am and was issued by the Hawaii Emergency Management Agency (HI-EMA). According to the official report from the state, the activations included the Emergency Alert System and the Wireless Emergency Alert System, but from what I can gather, it seems that the alert was only sent through the wireless medium. It is interesting to note that no sirens were activated as part of this alert. 

How did that happen? What processes are involved in sending an emergency notification of that scale?

According to reports, the false alarm was due to human error, an incorrect click of a button. It was part of a standard test and shift change and a portion of the program allowed the user to select one of two options – 1) Test Missile Alert and 2) Missile Alert. Clearly, they clicked the wrong button.

It took almost 40 minutes for authorities to announce that it was in fact, a false alarm. Why did it take so long?

Well, looking at the official timeline, it didn’t take long for state officials to realize the mistake. In fact, Honolulu State Police were notified of the false alert 3 minutes after the messages were received, which initiated a process to stop further messages from going out. The first public notification of the false alarm was 13 minutes after the message by the HI-EMA on Facebook and Twitter.

In terms of why it took so long to communicate the false alarm on a mass scale, here is the H-IEMA direct response: “After getting authorization from FEMA Integral Public Alert and Warning System (IPAWS), HI-EMA issued a “Civil Emergency Message” remotely.”

This is part of the US Federal IPAWS program. There is no explanation so far as to why it took so long to do this. My guess is that by the time they gathered their wits about them, went through their options, contacted FEMA, waited on FEMA’s reply and then used the IPAWS activation, it consumed the entire 40 minutes. The time to activate this message indicates that there were no real plans on what to do in this case. Activating a retraction was not as simple as the initial activation process.

In a real emergency, what kind of information is taken into consideration before activating an emergency response plan?

Emergency activation is a very fine line to tread.  You want to react quickly as lives are on the line.  You also don’t want to activate on a whim. You have to remember that in the midst of an emergency, stress is extreme and people are panicking. Everything feels like it’s happening at light speed. This is why standard operating procedures are so important. By following the same procedures for each drill, each activation and each scenario, people are trained to do the same thing in any situation, no matter the stress.  Pilot checklists, military order… this is why they have SOPs.  

Ideally you want as much information as possible.  But minimally, you need at least the information to warrant an activation or not. Even with best intentions, a false activation can occur due to misinformation, which by the way is not what happened in Hawaii.  A false activation due to misinformation is acceptable. If we think there is imminent danger, we act, particularly when lives are on the line.

A false alarm went off, it happened. What has been the impact of this false alarm on Hawaii?

First and foremost, the greatest impact has been on the people. Can you imagine the panic and fear that the citizens of Hawaii experienced after receiving that alert? I haven’t seen any injuries reported in the news, but it could have easily happened. Stories of people rushing to get their kids, huddled in corners of basements and many others are being shared online. This event disrupted lives in a major way.

Another significant impact is on the confidence that people will have if they receive an alert in the future. The next time an emergency notification goes out, there will be a moment of doubt. People will hesitate. Confidence in these messages is the backbone of their success.  

It is interesting to note that many people took to social media after receiving the alert to seek validation. They went to social media to confirm what HI-EMA sent them. The problem is that social media isn’t always accurate. One person claiming that it’s a false alarm could cause a major ripple effect. Hawaii needs an aggressive effort to reinstate their people’s trust and confidence.  People have to be able to rely on the communications from the HI EMA.

Some people say that it’s better to be safe than sorry, while others argue that people have lost confidence in the state’s emergency response plan. What are your thoughts?

That is a valid question, but let’s be clear on one thing: This had nothing to do with “better safe than sorry”.  If they had activated thinking there was imminent danger or even if they had activated based on false information, then yes, it’s 100% better to be safe than sorry. But that wasn’t the case. It was simply a human error made in one step of a standard procedure that had nothing to do with a real or perceived real event.

This is where the real issue lies… this mistake was purely procedural, which has the greatest impact on the public’s confidence level.  People would be more forgiving if the group activated and thought there was danger, but for it to happen simply because of poor process… that is much tougher to overcome.

This is a good opportunity for emergency and crisis mangers to learn from and improve the emergency response plans in their own organizations. What is the biggest takeaway from this event?

Great question. Emergencies and disruptions (luckily) don’t happen often, so we need to learn from them when these events happen. I would encourage everyone to consider how this could happen in your organization. You’re probably not in charge of incoming missile alerts, but if you have notification controls, you could wreak havoc.  

Here are some tips to focus on:

  • Start by reviewing your emergency alerts. How are they activated and how easily? Could a simple mistake like clicking the wrong button activate a mass notification?
  • Review security in terms of who can activate these items. Be sure you have security controls around these procedures.
  • Activation should be easy, but you also need controls. We recommend a standard operating checklist to ensure things are in line before activating such critical messages. In some cases, you need instant activation. For example, you wouldn’t want a fire alarm to wait minutes before activating due to procedures. There are certain levels of control based on the urgency. But be sure you have a checklist that ensures an activation is warranted and validated.
  • If you are combining tests and live activations, be very, very careful. This is the exact issue with HI-  Be sure that there are multiple steps involved to validate or approve a live activation.  A mistake like this shouldn’t be caused by a single mistake in the process or on screen. There should be checks and balances at each step of such a critical decision.
  • How would you respond to a false alarm? How quickly could you get the message out? Build procedures for these situations to correct any mistakes as quickly as possible.

In our years of experience, activation is one of the least reviewed processes. People focus on what to do once we activate, but rarely on the process of activating. Take time to review your activation procedures.

What advice would you give to Hawaii’s Emergency Management Agency following this event?

First, let’s start with what I wouldn’t do: It sounds like they have reassigned the person who clicked the button. Why? This person made a mistake, yes, but the system was poorly designed and lacked controls to prevent such a small mistake. The state needs to take responsibility for this, not the person who clicked the wrong button. If there is ANYONE on earth who would never make this mistake again, it’s this person. 

Second, I would encourage them to focus on the macro cause, as much as the micro cause. Certainly, they need command and control in place. Clearly, it needs some user experience fixes to ensure that this doesn’t happen again. On a micro level, the fix is obvious.

But, let’s face it, we all know that budgets are tight and attention to emergency response is not what it should be. These emergency managers are under a lot of pressure to perform and in many cases, have very limited resources. Was this the best system for the purpose? Did their choice in an emergency notification program have anything to do with budget? Was this the best tool for those who use it everyday? I don’t know the answers, but I can tell you from years of experience that emergency response teams consistently get the short end of the stick. When a crisis happens, everyone, including those who make the budget decisions, never link the bad things that occurred during a crisis back to their decisions on budget cuts. They just expect for it to work, regardless of the resources allocated.

This is also a great learning for everyone. It’s not just about having the ability to send lots of messages to lots of people. Emergency notification is great, but it must be integrated with proper command and control procedures. Emergency notification is just a piece of the overall program and should be viewed as such. This is why we’ve built solutions that are integrated and all encompassing, not just a single use case like emergency notifications.

With years of experience working in crisis and emergency management, Kevin Hall is the General Manager of Resolver’s Business Resilience Division and works with Resolver customers to deliver enterprise-wide business continuity, disaster recovery and emergency management solutions. Learn more about Resolver’s software solutions for business resilience, including emergency notifications, disaster recovery and business continuity.

Kevin Hall will be speaking at the DRJ's 2018 Spring World Conference. His session is entitled Lessons Learned in the Aftermath of Hurricanes Harvey and Irma.

Be Prepared with a Dynamic Incident Response Plan
15 Factors Every Disaster Recovery Audit Must Incl...