pandemic

Pandemic Planning: a quick update.

I wanted to post a quick update regarding the looming threat of a true pandemic event courtesy of the swine flu.

In the past forty-eight hours I’ve had conversations with three separate clients in which the subject of their pandemic response plans were discussed. Mind you the initial reasons for these conversations were completely unrelated to this hot news item but its on my mind and I would be remiss to pass on the opportunity to dig a little.

All three clients, all three, had no idea if their pandemic plan would work (one wasn’t even sure they had one). Two of them discussed how they had a mobile work force to begin with and it wouldn’t be a big problem to have everyone dialing in. To which I asked if they had ever tested their networks capabilities to handle everyone dialing in literally at the same time; the answer was no. Then I asked about some of their critical business functions that couldn’t be managed remotely, how would that be addressed if a general quarantine is declared; they weren’t sure. The third client had a very small remote work force where more than eighty-percent of their users relied on desktops during the business day. If their employees couldn’t make it to the office due to a pandemic event they pretty much were shut down for the duration. And in their industry that’s just simply not allowed. Their strategy has always been that only senior management and technology team members required a laptop and could manage issues remotely should they occur. But they never anticipated having an issue like this.

One of the clients was dismissive of my concerns that a general quarantine could be declared; “never happen” was the comment. So when I awoke this morning to news that President Obama is alerting schools to prepare for the possibility that classes will be suspended during this event I cringed. Typically I indulge in a bit of smugness when I’m right but not so much this time. This time I’m feeling a knot in my stomach.

I have concerns that in general our infrastructure is ill-prepared to handle a sudden and dramatic rush to using our telecom capabilities to run America remotely. I have further concerns that too many companies are going to be figuring out what to do by the seat of their pants. Some are small enough where that’s possible but many are way too big and would require advanced planning which now appears to be near impossible to get done.

I’m still not convinced that this threat is any greater than any other flu outbreak we’ve seen but I am concerned how we’re going to be able to respond (or rather not respond).

And as if though this isn’t a juicy enough story for me, the first confirmed fatality in the US from the swine flu was announced today. A toddler from Mexico was found to have had the swine flu; he passed away in a hospital in Houston. Guess where I am this week?

How’s your Pandemic Response Plan looking today?

I started my day yesterday by finding my 12-year-old sitting with his eyes riveted on the laptop screen reading what I figured was something either on Facebook or a sports related website.  I only wish.  Turns out he was fixated on the breaking news covering the swine flu.

Much like his father, my son suffers from a very fertile imagination and can quickly move from Point A to Point Z without so much  as a blink of an eye.  He was already busy trying to figure out how bad this was going to be and because he had no context for something like this had no boundaries to keep him in check.  Suffice to say he was at least a little concerned.

I explained to him that the hysteria he was exposed to was more the result of near real-time media capabilities that span the globe rather than something worth losing sleep over.  While there was something to be concerned about it was no likely greater than anything we’ve already dealt with and that he should relax, wash his hands frequently and go on with his life.  And of course I immediately hid my copy of Stephen King’s “The Stand.”

I’m not really sure how large of a threat the swine flu represents, I only know that it serves as yet another reminder as to why it’s important that all financial institutions (as well as many other industries) have in place a functioning and well-designed pandemic response plan.

I recall how the guidance first emerged a few years back, largely in response to the avian flu that seemed so threatening at the time.  The FFIEC issued a number of documents to raise awareness within the banking industry so that the covered institutions had ample warning that they needed to develop and implement a viable plan.  Most did but largely to appease the examiners.  Of the dozens I’ve reviewed through the years, I encountered only a handful that presented anything close to something that would work.  Most of them consisted of background documentation explaining what a pandemic was and provided some specifications about personal hygiene.  But very few of them provided clear, concise steps as to how they were going to manage through such an event.

I’m concerned that this blind-spot in business continuity planning is about to be brought to light in a very bad, ugly way.

What’s going on in the media now is a bit alarming (and I realize the irony of me, a blogger, stating as such); the swine flu is being tracked much like a hurricane barreling towards the mainland.  President Obama commented on this earlier today, which validates that this is a major news item.  And when considering the aggressive steps Mexico is taking to slow the spread of the virus I can see where for the first time in my lifetime some form of government intervention may occur.

So here’s a question for all the banks and credit unions out there: Can you manage through a quarantine with a dispersed and restricted work force?  Do your employees even have a copy of the plan available to them and if so do they know how to use it and what their role is within it?  Because this is a lousy time to be asking yourselves these very same questions.