Emergency Management Preparedness Standards: Overview and Options for Congress

Order Code RL32520 CRS Report for Congress Received through the CRS Web Emergency Management Preparedness Standards: Overview and Options for Congress Updated August 30, 2006 Keith Bea Specialist in American National Government Government and Finance Division Congressional Research Service ˜ The Library of Congress Emergency Management Preparedness Standards: Overview and Options for Congress Summary The deficiencies of the troubled and much-criticized governmental response to Hurricane Katrina in September 2005 has been attributed, in part, to the failure to establish adequate emergency preparedness standards or to adhere to standards that were established. This is not a new issue for congressional concern. The report issued by the National Commission on Terrorist Attacks Upon the United States (also referred to as the “9/11 Commission”) also identified emergency response gaps evident after the attacks of September 11, 2001. In short, while heroic actions after both catastrophes saved thousands of people, many lives were lost, in part because standard procedures were not in place, or were not followed, and because standardized technologies had not yet been developed or were not used by participating agencies. To correct those deficiencies, the 9/11 Commission report included recommendations that emergency response standards be adopted nationwide. Investigations and reviews conducted after Hurricane Katrina address the same concerns, and the Senate and White House reports included recommendations as well. Through enactment of the Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108-458) Congress addressed these recommendations. In addition, the Department of Homeland Security has taken administrative action to establish and implement standards to improve emergency response capabilities. Also, legislation before the 109th Congress (S. 3721, H.R. 5351, H.R. 5316) would continue to shape federal policy on emergency preparedness standards. Questions that might be raised as Congress debates the pending legislation include the following: Would federally imposed or endorsed standards diminish the authority and ability of state and local governments to establish operational procedures that best fit the needs of their communities? Would the imposition of standards through legislation raise unfunded mandate concerns? What effect might the adoption of such standards have upon the intergovernmental partnership in homeland security and emergency management response efforts? Are existing mechanisms sufficient in order to assess state and local capabilities, or should DHS establish new evaluation or accreditation procedures? By what means are the capabilities of federal agencies, notably DHS, subject to evaluation and assessment? Do federal agencies meet existing standards? This report will be updated as legislative developments and administrative actions warrant. Contents 9/11 Commission Findings and Recommendations . . . . . . . . . . . . . . . . . . . . 2 The Final Report of the Commission . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Hurricane Katrina Investigations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Evacuation Plans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Data and Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Summary of Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Adoption of the Incident Command System . . . . . . . . . . . . . . . . . 8 Mutual Aid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 ANSI Emergency Preparedness Standards . . . . . . . . . . . . . . . . . 10 Other Options Related to Emergency Response Standards . . . . . 10 Overview of Existing Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Organizations that Establish Standards . . . . . . . . . . . . . . . . . . . . . . . . 11 American National Standards Institute . . . . . . . . . . . . . . . . . . . . 11 National Fire Protection Association . . . . . . . . . . . . . . . . . . . . . . 13 Occupational Safety and Health Administration (OSHA) . . . . . . 15 Use of Standards in Accreditation Processes . . . . . . . . . . . . . . . . . . . . 15 Emergency Management Accreditation Program . . . . . . . . . . . . 16 National Capability Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Issues and Options for Congressional Action . . . . . . . . . . . . . . . . . . . . . . . 17 Nationwide Adoption of ICS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Federal Mutual Aid Legislation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 ANSI Standards for Private Sector Emergency Preparedness . . . . . . . 24 Additional Issue Areas and Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 List of Tables Table 1. Emergency Management Preparedness Recommendations and Findings on Emergency Preparedness Standards, 9/11 Commission and Public Discourse Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Table 2. Components of NFPA 1600 Standards and Selected Explanatory Material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Emergency Management Preparedness Standards: Overview and Options for Congress Within a five year period, two catastrophes — the terrorist attacks of September 11, 2001, and Hurricane Katrina on August 29, 2005 — raised congressional awareness of the need to reexamine emergency preparedness capabilities. Questions have been raised about past practices and ongoing efforts of the Department of Homeland Security (DHS) to improve capabilities to respond to other catastrophic events in the future. In response to these questions a range of bills remains pending before the 109th Congress to revise emergency management preparedness authorities.1 Technological and human systems must operate in a complex and dynamic environment when disasters occur. Facilities, systems, and infrastructure may be destroyed, damaged, or overwhelmed by demands for assistance. Individuals key to response and crisis management may be injured, killed, or unable to reach their stations. Catastrophic incidents, whether natural or manmade, create an unfortunate paradox — at a time when equipment, plans, systems, organizations, and individuals are most needed to speed relief and save lives, the necessary elements and actors may be unable to operate during or after a catastrophe. After-action reports and investigations of disaster response procedures provide information on successes and failures. Through such examinations policymakers, analysts, and administrators adopt policy and guidance that incorporate standards for future actions to minimize failures in future events. In addition to the lessons learned from actual events, officials build knowledge by examining data on capabilities, systems, and processes before disasters occur. Taken together, pre- and post-disaster assessments are used to develop and modify emergency preparedness standards that set out realistic expectations and benchmarks that help answer questions such as the following. ! 1 Did systems perform as designed? If not, at what points did failures occur? Would human or technological “fixes” be required to reduce the likelihood of those failures in future catastrophes? For information on bills that have been acted upon see CRS Report RL33522, FEMA Reorganization Legislation in the 109th Congress, by Keith Bea and Henry Hogue. For summaries of pending legislation see CRS Report RL33369, Federal Emergency Management and Homeland Security Organization: Historical Developments and Legislative Options, by Henry B. Hogue and Keith Bea. CRS-2 ! ! Are program goals or objectives appropriate? Are they focused on minor indicators that provide limited information? Are they so general that analysts are unable to use the information? What benchmarks or metrics are associated with the standards? Can achievements be measured or quantified? The strengths, limitations, and application of existing standards is at issue. The investigations and studies conducted after the 2001 terrorist attacks as well as Hurricane Katrina examine how governmental and nongovernmental entities responded to catastrophes. This report provides information on existing emergency management preparedness standards in the context of lessons learned from these two recent catastrophes, and discusses issues that might be considered by Congress in establishing policy related to such standards. 9/11 Commission Findings and Recommendations The majority of the recommendations issued by the National Commission on Terrorist Attacks Upon the United States (“the 9/11 Commission” or “the commission”) focused on the need to reform the intelligence community of the United States.2 The commission also investigated other issues pertinent to the terrorist attacks. Based upon two days of public hearings and subsequent evaluations conducted by commission staff on the responses at the sites of the attacks in New York City and Virginia, the report recommended improvements in emergency response procedures and capabilities through the adoption and use of organization and planning standards.3 The 9/11 Commission concluded that the responses of civilians, public safety officers, and administrators were heroic and sustained throughout those horrific events. The commission also concluded that lapses and procedural deficiencies added to the tragic events of September 11th. As summarized by the commission, confusion and tragedy resulted not only from the immense scale of the attacks (particularly in New York City), but also from inadequate planning, lack of coordination, and inadequate technology. Of concern to the commission, these systemic deficiencies were presumed to exist elsewhere in the nation, and, accordingly, require federal action. Summary findings reported by the commission that bear on these findings include the following: It is a fair inference, given the differing situations in New York City and Northern Virginia, that the problems in command, control, and communications that occurred at both sites will likely recur in any emergency of similar scale. 2 U.S. National Commission on Terrorist Attacks Upon the United States, The 9/11 Commission Report (Washington: GPO, 2004). The report is available online at [http://www.9-11commission.gov/], visited Jan. 24, 2006. 3 On May 18 and 19, 2004, commission members received testimony from witnesses familiar with the details of, or were active in the responses to, the sites of the attacks. See [http://www.9-11commission.gov/hearings/hearing11.htm], visited Jan. 25, 2006. CRS-3 The task looking forward is to enable first responders to respond in a coordinated manner with the greatest possible awareness of the situation.4 If New York and other major cities are to be prepared for future terrorist attacks, different first responder agencies within each city must be fully coordinated, just as different branches of the U.S. military are. Coordination entails a unified command that comprehensively deploys all dispatched police, fire, and other first responder resources.5 The attacks on 9/11 demonstrated that even the most robust emergency response capabilities can be overwhelmed if an attack is large enough. Teamwork, collaboration, and cooperation at an incident site are critical to a successful response .... Preparedness in the private sector and public sector for rescue, restart, and recovery of operations should include (1) a plan for evacuation, (2) adequate communications capabilities, and (3) a plan for continuity of operations .... [T]he lack of a widely embraced private-sector preparedness standard was a principal contributing factor to this lack of preparedness.6 On the basis of these and other findings, the commission issued recommendations to improve the emergency response capabilities of the federal and state and local governments, as well as individuals and the private sector. The Final Report of the Commission. On December 5, 2005 (after Hurricane Katrina), the chair and vice chair of the 9/11 commission (former Governor Thomas Kean and former Representative Lee Hamilton) released findings of their assessment of progress made, or not made, on the recommendations.7 The brief final report issued by the “9/11 Public Discourse Project,” (the successor to the full commission) was described as a “report card” on actions taken by Congress, the Administration, and other entities on the recommendations. In general, the chair and vice chair noted dissatisfaction with the lack of progress. With specific attention to those recommendations concerning emergency preparedness standards, the Public Discourse Project assigned grades of “C,” signifying that some progress, but not enough, had occurred. The text of the recommendations on emergency preparedness standards, as originally presented in the 9/11 commission report, and the information in the Public Discourse Project “report card,” are presented in Table 1, below. 4 Ibid, p. 315. 5 Ibid, p. 321-322. 6 Ibid, p. 397-398. 7 Final Report on 9/11 Commission Recommendations, Dec. 5, 2005, available at [http://www.9-11pdp.org/press/2005-12-05_report.pdf], visited Jan. 25, 2006. CRS-4 Table 1. Emergency Management Preparedness Recommendations and Findings on Emergency Preparedness Standards, 9/11 Commission and Public Discourse Project Text of recommendation Summary statements of congressional options “Emergency response agencies nationwide should adopt the Incident Command System (ICS). When multiple agencies or multiple jurisdictions are involved, they should adopt a unified command. Both are proven frameworks for emergency response. We strongly support the decision that federal homeland security funding will be contingent, as of October 1, 2004, upon the adoption and regular use of ICS and unified command procedures. In the future, the Department of Homeland Security should consider making funding contingent on aggressive and realistic training in accordance with ICS and unified command procedures.” (A) Condition federal homeland security funding upon accreditation of units of governments; (B) urge or require DHS to evaluate the capability of units of government in terms of ICS attainment; (C) require that funds be conditioned based on criteria or indicators of need; (D) monitor use of ICS through new planning mechanisms in process in DHS; (E) mandate that DHS assess conditions under which ICS is best used; or, (F) take no action and allow administrators to decide. Discourse Project “Report card grade” and comments C - “Although there is awareness of and some training in the ICS, Hurricane Katrina demonstrated the absence of full compliance during a multi-jurisdictional/ statewide catastrophe — and its resulting costs.” CRS-5 Text of recommendation Summary statements of congressional options Discourse Project “Report card grade” and comments “Congress should pass legislation to remedy the long-standing indemnification and liability impediments to the provision of public safety mutual aid in the National Capital Region and where applicable throughout the nation.”A (A) Enact the recommended legislation; (B) assess the necessary scope of such legislation; (C) evaluate the impact of federal legislation on the Emergency Management Assistance Compact (EMAC); or (D) evaluate the deficiencies of EMAC or other mutual aid agreements. Not addressed “We endorse the American National Standards Institute’s recommended standard for private preparedness. We were encouraged by Secretary Tom Ridge’s praise of the standard, and urge the Department of Homeland Security to promote its adoption. We also encourage the insurance and credit-rating industries to look closely at a company’s compliance with the ANSI standard in assessing its insurability and creditworthiness. We believe that compliance with the standard should define the standard of care owed by a company to its employees and the public for legal purposes.” (A) Enact legislation requiring that companies receiving federal contracts adopt the standards through the Federal Acquisition Regulation (FAR); (B) authorize funds to extend the existing accreditation processes to private companies; (C) approve incentives for companies to adopt the ANSI preparedness standards; or, (D) take no action unless a mandate imposing the standard on the private sector is funded. C - “National preparedness standards are only beginning to find their way into private sector business practices. Private sector preparedness needs to be a higher priority for DHS and for American businesses.” Source: The 9/11 Commission Report, pp. 397-398. A The second recommendation (concerning mutual aid agreements) is not highlighted as a recommendation, but is included in the discussion of findings on page 397 of the report. It is included here as a recommendation for Congress as the phrase “Congress should pass legislation ...” conveys the intent of a recommendation. CRS-6 Hurricane Katrina Investigations The scope and severity of the situation along the Gulf Coast after Hurricane Katrina made landfall on August 29, 2005, resulted from failures of human and technological systems as well as historically powerful natural forces. For example, organizational systems that guide the work of state and local emergency responders and operations commanders failed because key personnel died, were injured, or were unable to perform their missions. Communication and information transmission systems failed because the wind and flood destroyed much of the infrastructure, complicating efforts to save lives. Response systems failed because they had not been sufficiently practiced or developed, notably to address the challenges posed by tons of debris that halted traditional means of delivering needed supplies. In short, the failures associated with the response to Hurricane Katrina resulted from overwhelmed, compromised, or destroyed capabilities affected not only by wind, water and other forces of destruction, but by systematic breakdowns as well. Investigative studies by Congress and the White House noted that some of the failures could be attributed, in part, to the inability of administrators to ensure that their systems met existing standards.8 The post-Katrina investigations found that the capabilities to meet those standards must be improved. Some of the findings, conclusions, and recommendations from the post-Katrina investigations concerned with emergency management preparedness standards are reviewed in this section. Evacuation Plans. While evacuation plans existed for some facilities and units of government in the Gulf Coast, the absence of requirements to prepare sufficient plans for evacuation, or the failure to enforce existing requirements, resulted in loss of life and severe disruptions, particularly for low-income and special needs persons and families. As summarized in the Senate report, “While they were required to have plans on file with local government, there was no process to ensure that there were sufficient resources to evacuate all the nursing homes at once, and dozens of patients who were not evacuated died.”9 The White House report recommends that state and local government use an existing tool that identifies specific goals, the Target Capabilities List, “as a standard for the development” of evacuation plans.10 8 U.S. Congress, Senate, Committee on Homeland Security and Governmental Affairs, Hurricane Katrina: A Nation Still Unprepared, 109th Cong., 2nd sess. (Washington: 2006). The White House, The Federal Response to Hurricane Katrina: Lessons Learned (Washington: 2006). U.S. Congress, House, Select Bipartisan Committee to Investigate the Preparation for and Response to Hurricane Katrina, A Failure of Initiative, 109th Cong., 2nd sess. (Washington: 2006). 9 Hurricane Katrina: A Nation Still Unprepared, p. 13. 10 The Federal Response to Hurricane Katrina: Lessons Learned, p. 100. For background on the TCL see CRS Report RL32803, The National Preparedness System: Issues in the 109th Congress, by Keith Bea. An examination of compliance of nursing homes in the United States, and the Gulf Coast states in particular, with federal emergency planning (including evacuation) standards is presented in: U.S. Department of Health and Human Services, Office of Inspector General, Nursing Home Emergency Preparedness and (continued...) CRS-7 Training. Training standards were nonexistent or not adhered to. State, local, and federal officials received scant training on basic federal plans and procedures. As noted in the Senate report, “Louisiana Emergency Management Officials and National Guardsmen were receiving basic NRP [National Response Plan] and Incident Command System (ICS) training two days after the storm hit. Certain FEMA officials, also, were inadequately trained on the NRP and ICS.... The lack of familiarity with emergency-management principles and plans hampered the Katrina response.”11 Data and Information. Deficient information sharing and data quality standards and practices led to service delivery problems and exacerbated fraud and waste conditions. These deficiencies resulted in public safety, health care delivery, and general operations failures. For example, the Senate report notes that the “lack of an interoperable data system often prevented medical personnel from obtaining information about patients, even if their facility had suffered no hurricane damage.”12 The report includes a recommendation that the administration “should develop data sharing arrangement with other federal agencies, prior to the next disaster, to more effectively respond to disasters, while protecting privacy, and to protect against waste, fraud and abuse.”13 In addition to the dearth of standards concerning the means of sharing data and information, communications and information systems failures in the Gulf Coast demonstrated that lessons supposedly learned after 9/11 remained unresolved. Reminiscent of the 9/11 Commission report, the Senate Committee report on Hurricane Katrina recommended that “DHS should develop a national strategy, including time frames, for implementing a survivable, resilient, national interoperable communications network.”14 The Committee also recommended that “DHS should adopt a common computer software standard for use by all federal and state entities involved in incident management that will serve as the information architecture for shared situational and operational awareness.”15 Credentials. The influx of volunteers and professionals from federal agencies other than DHS, and from various states and foreign nations into the Gulf Coast states introduced an issue for emergency managers: “Is this person skilled to provide the service?” The Senate report noted that development of standards for the 10 (...continued) Response During Recent Hurricanes, OEI-06-06-00020 (Washington: 2006), available at [http://oig.hhs.gov/oei/reports/oei-06-06-00020.pdf], visited Aug. 23, 2006. 11 The Federal Response to Hurricane Katrina: Lessons Learned, p. 15. 12 Hurricane Katrina: A Nation Still Unprepared, p. 18-2. 13 Ibid., p. Recommendations-16. 14 Ibid., p. Recommendations-17. 15 Ibid., p. Recommendations-18. CRS-8 recognition of professional or skills credentials is a priority issue to be resolved.16 The report issued by the White House included similar recommendations: that incident management teams (IMTs) “maintain certification in all levels” of incident command;17 and, that “DHS should create a national search and rescue volunteer certification program.”18 Summary of Issues The recommendations of the 9/11 Commission and the conclusions reached by the Public Discourse Project share a common attribute — the assumption that the adoption of standard procedures and guidelines will improve the capabilities of individuals, businesses, and public agencies to respond to catastrophes and enhance the safety of individuals and communities after a disaster occurs. It might be argued that the recommendations only begin to indicate the need for congressional action on a wide range of emergency preparedness matters. As can be seen in the congressional and White House reports on Hurricane Katrina, other emergency response issues became apparent after the devastation in August 2005. The issues include the need to ensure that emergency operations plans can be implemented, the deficiencies of emergency operations centers, questionable evacuation policies and procedures, and the challenges of coordinating federal and non-federal efforts after “super catastrophes.” Accordingly, Congress may choose to examine the federal emergency management policy field and issues associated with the establishment of standards. This report discusses emergency preparedness standards and issues that might be examined in the remainder of the second session of the 109th Congress. Adoption of the Incident Command System. ! 16 “Emergency response agencies throughout the nation should adopt the Incident Command System (ICS).”19 The ICS has been applied for decades to minimize operational difficulties as multiple agencies respond to disaster sites. The Department of Homeland Security (DHS) incorporated the ICS in the National Incident Management System (NIMS). State and local governments must adopt NIMS and ICS protocol in order to receive federal preparedness financial assistance in FY2007.20 Terrorist attacks pose a particular danger to See Ibid., p. Recommendations-23. 17 The White House, The Federal Response to Hurricane Katrina: Lessons Learned (Washington: 2006), p. 90. 18 Ibid., p. 102. 19 Final Report on 9/11 Commission Recommendations, p. 397. 20 See the NIMS text at U.S. Department of Homeland Security, “National Incident Management System,” [http://www.fema.gov/pdf/nims/nims_doc_cvr.pdf], visited Jan. 24, 2006. The FY2006 grant application guide includes the following statement: “State, local, and tribal entities are required to become fully compliant with NIMS by the end of FY2006 (continued...) CRS-9 responders, as secondary explosions, small arms fire, or chemical weapons may be used specifically to kill officials or impair rescue efforts. One issue is whether past principles that have guided ICS operations might endanger the lives or welfare of first responders and recovery specialists, and whether ICS has limitations for certain types of public agencies limited by size, finances, or geographic characteristics. An attendant concern is the degree to which unified command structures would accommodate, or might fail to accommodate, the range of needs and capabilities of responding agencies. For example, if a terrorist attack suddenly shifts the need for resources, local agencies and concerned citizens might be concerned that they would lack sufficient authority to set priorities and respond as needed under a unified command structure. Also, as revealed in the investigations into Hurricane Katrina, while leaders in Mississippi held “a very high level of knowledge and understanding of NIMS ICS,” others in Louisiana did not. “Where and when personnel with experience and training on NIMS ICS were in control with an adequate number of trained support personnel, coupled with the discipline to adhere to the doctrine of NIMS ICS, it made a positive difference in the quality and success of implementing an incident command structure, establishing a unified command, and the response.”21 Mutual Aid. ! “Congress should pass legislation to remedy indemnification and liability impediments to mutual aid in the National Capital Region and other areas.”22 The 108th Congress enacted legislation pertinent to this recommendation in the Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108-458).23 In addition, almost all of the states (including Virginia, Maryland, and the District of Columbia) have incorporated provisions of the Emergency Management Assistance Compact (EMAC) into their statutory codes. EMAC establishes a framework under which standard procedures and operational policies are agreed upon by the states to facilitate the provision of mutual aid when emergencies occur, including a provision which ensures that when officers or employees of one state render aid in another in emergency situations, they are 20 (...continued) (September 30, 2006). Entities are required to meet the FY2006 NIMS implementation requirements as a condition of receiving federal preparedness funding assistance in FY2007.” See U.S. Department of Homeland Security, FY2006 Homeland Security Grant Program: Program Guidance and Application Kit (Washington: 2005), p. 6, available at [http://www.ojp.usdoj.gov/odp/docs/fy2006hsgp.pdf], visited Jan. 25, 2006. 21 Hurricane Katrina: A Nation Still Unprepared, p. Findings-21. 22 Final Report on 9/11 Commission Recommendations, p. 397. 23 For more information see page 23 of this report. CRS-10 treated as agents of the requesting state for tort and immunity purposes. [EMAC does not address indemnification.] In addition, many states have adopted mutual aid compacts that address liability concerns.24 Given the liability protection that EMAC provides to signatory states, including those in the National Capital Region, if Congress considers such legislation, it might examine its impact on EMAC-based agreements among the states, and whether increased federal action in this area is warranted. According to the reports issued after Hurricane Katrina, the implementation of EMAC is one success story associated with that catastrophe. ANSI Emergency Preparedness Standards. ! “The Department of Homeland Security (DHS) should promote adoption of ANSI standards for emergency preparedness by the private sector.”25 Like other ANSI standards, the emergency preparedness standards recommended for adoption are voluntary; that is, they are not mandated to be adopted. The commission report urges DHS to take action to promote the adoption of these standards by the private sector. The appropriate federal role for Congress or DHS in encouraging the private sector to adopt such standards is an issue. Other Options Related to Emergency Response Standards. In addition to the recommendations of the 9/11 commission, Congress might consider taking action on the following issues: ! Review of existing federal authorities for emergency response. Federal statutes provide authority for executive branch actions in the event of emergencies. Congress might evaluate whether the authorities should be revised, particularly in light of the questions being raised about the implementation of the National Response Plan after Hurricane Katrina struck the Gulf Coast states. Current law provides federal financial assistance for state and local personnel and administrative expenses needed to maintain emergency preparedness plans. Current law also requires that plans submitted by states meet requirements, including “standards approved by” the Director of the Federal Emergency Management Agency. Members 24 State emergency management mutual aid agreements that have been enacted into law by the states, as well as liability protection provisions for those rendering emergency aid, have been identified for the states. For a summary see the “Mutual Aid” and “Other” categories of information in: CRS Report RL32287, Emergency Management and Homeland Security Statutory Authorities in the States, District of Columbia, and Insular Areas: A Summary, by Keith Bea, L. Cheryl Runyon, and Kae M. Warnock. For summaries of and citations to the mutual aid agreements and liability provisions enacted by each state see the individual profile reports cited in Table 1 of RL32287. 25 Final Report on 9/11 Commission Recommendations, p. 398. CRS-11 of Congress might elect to specify components of the standards to be used in the approval process.26 ! Emergency responder and civilian health. Civilians and first responders in New York City reportedly have experienced severe health problems since September 11, 2001.27 Congress might consider options related to monitoring the health of such responders. ! Enforcement mechanisms. The White House report on the response to Hurricane Katrina notes that means should be established to ensure that established standards result in action and improvements. By tying the receipt of federal funds to the establishment of “uniform standards and conditions of awards,” state and local governments would be expected to provide for more effect law enforcement in disaster situations.28 Congress might elect to link the receipt of federal assistance to continued compliance with emergency preparedness standards. Overview of Existing Standards Public safety organizations, analysts, and professional associations have collaborated for years to develop emergency response standards to improve the efficiency of response agencies, eliminate obstacles that might impede or prevent the delivery of assistance after a disaster, and satisfy public and fiduciary agent concerns. This section of the report introduces, and provides references to, standards and related processes directly relevant to the commission recommendations presented in Table 1, above. Organizations that Establish Standards. Two non-federal organizations have developed or endorsed emergency preparedness standards. In addition, at least one federal authority, the Occupational Safety and Health Administration (OSHA), has established standards for emergency response actions. A summary of these organizations’ activities follows. American National Standards Institute. The American National Standards Institute (ANSI) is a private, non-profit organization “that administers and coordinates the U.S. voluntary standardization and conformity assessment system.”29 A “Homeland Security Standards Panel” (ANSI-HSSP) has been established to 26 42 U.S.C. 5196b(b)(3). 27 The Centers for Disease Control and the National Institute for Occupational Safety and Health of the Department of Health and Human Services are conducting a baseline screening study to establish a database of health problems encountered by individuals who worked at the site of the World Trade Center collapse in the aftermath of the attack. See [http://grants.nih.gov/grants/guide/rfa-files/RFA-OH-04-004.html], visited Jan. 25, 2006. 28 29 Ibid., p. 104. For information see [http://www.ansi.org/about_ansi/overview/overview.aspx?menuid=1], visited Jan. 25, 2006. CRS-12 facilitate the development of standards related to homeland security needs. The task before the panel has been summarized as follows. Established by ANSI in February 2003, the ANSI-HSSP has as its scope to catalog, promote, accelerate and coordinate the timely development of consensus standards within the national and international voluntary standards systems intended to meet identified homeland security needs, and communicate the existence of such standards appropriately to governmental units and the private sector. The Panel will initially focus its activities on responding to the most immediate standards needs of DHS.30 According to information distributed by ANSI in a letter dated January 23, 2004, the 9/11 Commission asked ANSI to “develop a consensus on a ‘National Standard for Preparedness’ for the private sector.31 In workshops held in the early months of 2004, ANSI-HSSP served as the forum for discussions among private and public sector representatives on the improvement of private sector emergency preparedness and business continuity plans. Participants “concluded that a high-level, voluntary standard applicable to all businesses regardless of industry, size, or location, [was] needed to establish a common framework for emergency preparedness.”32 Discussions in the workshop focused on the 2004 edition of the Disaster/Emergency Management and Business Continuity Programs standard acted upon by the National Fire Protection Association (NFPA) in late 2003 and made effective February 5, 2004.33 ANSI subsequently proposed to the 9/11 Commission that NFPA 1600 “be accepted as the common framework for private-sector national preparedness;” the 9/11 Commission endorsed the proposal. ANSI-HSSP also developed recommendations for enhancements to NFPA 1600 that have been submitted to its technical committee for consideration and has recommended that a “national implementation strategy” be developed that involves the Department of Homeland Security (DHS) and other agencies to support use of the standard. 30 For information on the panel, including meeting schedules and areas of interest, see [http://www.ansi.org/standards_activities/standards_boards_panels/hssp/overview.aspx? menuid=3#overview], visited Jan. 25, 2006. 31 This information based on a telephone conversation with Matthew Deane, Secretary for ANSI-HSSP, and the text of the document titled “Recommendation to the National Commission on Terrorist Attacks Upon the United States,” transmitted to CRS. For information on the standard and the process used in establishing the standard, see [http://www.ansi.org/news_publications/news_story.aspx?menuid=7&articleid=729], visited Jan. 25, 2006. 32 33 Ibid. For background on the development of NFPA 1600, see National Fire Protection Association, NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity Programs 2004 Edition, available at [http://www.nfpa.org/PDF/nfpa1600. pdf?src=nfpa], p.1600-1, visited Jan. 25, 2006. CRS-13 In addition to the effort conducted thus far by ANSI-HSSP for the 9/11 Commission, ANSI has received a contract from DHS to conduct a large scale effort to build a database of standards for “products, processes, systems, services and training programs that relate to homeland security.”34 National Fire Protection Association. The National Fire Protection Association (NFPA) is a voluntary professional association that, for over 100 years, has developed standards related to fire prevention and firefighting.35 The NFPA 1600 standard recommended by ANSI that is the subject of the 9/11 Commission’s endorsement is based upon work that has been conducted for over a decade. The NFPA Technical Committee on Disaster Management developed NFPA 1600, Standard on Disaster/Emergency Management and Business Continuity Programs on the basis of work completed on the antecedent document, Recommended Practice for Disaster Management, initially produced in 1995. The 2000 edition of NFPA 1600 expanded the “recommended practice” to a standard by incorporating provisions related to emergency management and business continuity programs to ease the consequences of a disaster. The 2004 edition retains the basic features of the 2000 standard.36 NFPA 1600 sets out criteria that enable administrators to evaluate existing programs to improve disaster and emergency management and business continuity programs. The standard includes five sub-categories — administration, a reserved section, definitions, program management, and program elements. Table 2 of this report presents summary information on the components of standards within these sub-categories. The complete text of the standard should be referred to for further information. Table 2. Components of NFPA 1600 Standards and Selected Explanatory Material Component or element 1. Administration 1.1 — Scope of the standard establishes common criteria for disaster/emergency programs. 2. Reserved for Referenced Publications Explanatory descriptions 1.1 — Private and public entities have unique needs and capabilities; programs designed accordingly. not applicable 34 For more information on the standards database project, see [http://www.ansi.org/ news_publications/news_story.aspx?menuid=7&articleid=718], visited Jan. 25, 2006. 35 For background and information on NFPA, see the organization’s website available online at [http://www.nfpa.org/index.asp?cookie%5Ftest=1], visited Jan. 252006 36 Information taken from “Origin and Development of NFPA 1600” in NFPA 1600 Standard on Disaster/Emergency management and Business Continuity Programs 2004 Edition, p. 1600-1. CRS-14 Component or element Explanatory descriptions 3. Definitions See NFPA for details. See NFPA for details. 4. Program management: 4.1 — Documentation of goals, objectives, plans, procedures. 4.2 — Identification of program coordinator with authority. 4.3 — Establishment of advisory committee. 4.4 — Establishment of performance objectives for program evaluation. 4.1 — Policy should include mission statement, enabling authority. 4.2 — Position description for coordinator should be written. 4.3 — Characteristics and authority of advisory committee members are identified. 4.4 — Evaluation based on program management components and program elements and periodic review of objectives. 5. Program elements: 5.1 — Program should address all phases of disaster management. 5.2 — Compliance with legal authorities. 5.3 — Identification of hazards and vulnerabilities. 5.4 — Development of hazard mitigation strategy. 5.5 — Identification of means to allocate resources. 5.6 — Composition of mutual aid agreements. 5.7 — Development of plans and identification of elements. 5.8 — Development of means to control response and recovery operations. 5.9 — Establishment of warning procedures. 5.10 — Development and implementation of operational procedures. 5.11 — Identification of logistical resources and facilities to support response efforts. 5.12 — Assessment of training needs and development of curriculum. 5.1 — Management phases include mitigation, preparedness, response, and recovery. 5.2 — Include periodic review of authorities and suggested revisions. 5.3 — Use suggested means for identifying hazards and conducting risk assessments. 5.4 — Components of such strategies are identified. 5.5 — The categories of resources are identified, along with organizations. 5.6 — Identifies the types of such agreements and some characteristics and components. 5.7 — Attributes of plans and the processes to be followed are identified. 5.8 — Incident management system that includes procedures to facilitate control of disaster area should be developed. 5.9 — Protocols should be tested and include interoperability testing. 5.10 — Procedures are to be established to minimize property damage, assess damages, and provide for continuity of operations. 5.11 — The capabilities of facilities and associated resources should meet expected needs. 5.12 — Training and curriculum should comply with applicable regulations and records maintained. 5.13 — Evaluation of procedures and exercises. 5.14 — Development of procedures to provide information. 5.15 — Development of finance and administration procedures. 5.13 — Corrective actions should be taken to address deficiencies. 5.14 — Public information capabilities should identify communication modes. 5.15 — Framework should allow for flexibility and means of expediting requests. The entire NFPA 1600 document comprises 40 pages. However, a relatively small portion of NFPA 1600 identifies standards; most of the document contains CRS-15 references to organizations and related information sources, including other NFPA standards for specific activities.37 Occupational Safety and Health Administration (OSHA). The Hazardous Waste Operations and Emergency Response standard (HAZWOPER) is a federal regulation issued by the Occupational Safety and Health Administration (OSHA) that specifies standards for employees responding to a hazardous materials incident, including public safety personnel.38 Congress directed OSHA to develop the regulation in 1986, after finding OSHA’s actions deficient with regard to a 1980 authorization.39 The HAZWOPER regulation took effect in March 1990 and addresses several elements of hazardous materials response. It identifies the types of organizations and operational activities that must comply with the standards, precautionary actions to be taken when hazardous materials are removed from a site, training requirements, elements of an emergency response plan (lines of authority, site security, and evacuation), and medical evaluations of responders, among other matters. Appendices to the regulation provide specifications on test methods for personal equipment, types and levels of protective gear, compliance and training curriculum guidelines, and reference sources. The regulation specifies the levels of knowledge, skills, and abilities that emergency responders must possess at specified competency levels. A number of HAZWOPER provisions were based on NFPA standards for hazardous materials response. The HAZWOPER standard has served as the basis of some federal agencies’ response practices, including those of the Environmental Protection Agency and the U.S. Coast Guard. Use of Standards in Accreditation Processes. Two systems are used to assess the capabilities of agencies and the quality of emergency preparedness programs. The Emergency Management Accreditation Program (EMAP) consists of a tool that may be used to evaluate emergency management programs. The National Emergency Management Baseline Capability Assurance Program (NEMB-CAP), administered by the Federal Emergency Management Agency (FEMA) within the 37 For brief statements of required program components see Ibid, pp. 1600-4 through 1600-7. Explanatory information on some, but not all components is presented in Annex A, pp. 1600-7 through 1600-12. The remainder of the document comprises lists of organizations (pp. 1600-12 through 1600-25 and pp. 1600-26 through 1600-36) and references to supporting documents (pp. 1600-25, 26 and pp. 1600-36 through 1600-38). 38 29 CFR 1910.120. Implementation guides have been developed pursuant to the HAZWOPER regulations. See, for example: David M. Einolf, HAZWOPER Incident Command; A Manual for Emergency Responders (Rockville, MD: Government Institutes, 1998) and Incident Command (Alsip, IL: North Central Environmental and Industrial Safety Training Center, 1995). 39 The 1986 directive is found in Title I of the Superfund Amendments and Reauthorization Act of 1986 (SARA, P.L. 99-499), 42 U.S.C. 9601-9675. The 1980 authorization is found in Title I of the Comprehensive Environmental Response Compensation Liability and Recovery Act of 1980 (P.L. 96-510). CRS-16 Department of Homeland Security, is used to assess the emergency response capabilities of state and local governments and tribal organizations. Emergency Management Accreditation Program. The Emergency Management Accreditation Program (EMAP) is an incorporated, nonprofit organization administered through the Council of State Governments and jointly sponsored by national organizations concerned with the improvement of state and local emergency management capabilities.40 The EMAP process enables state and local emergency management agencies to conduct evaluations of their emergency response capabilities. As summarized by EMAP administrators: By offering consistent standards and a process through which emergency management programs can demonstrate compliance, EMAP will strengthen communities’ capabilities in responding to all types of hazards, from tornadoes and earthquakes to school violence and bioterrorism. Accreditation is voluntary and is not tied to any type of funding. Its intent is to encourage examination of strengths and weaknesses, pursuit of corrective measures, and communication and planning among different sectors of government and the community.41 The standards used in the EMAP process are derived from NFPA 1600 and “are essentially the same as those listed in NFPA 1600 — training based upon an assessment of need, focus on building awareness and skills, identification of frequency and scope of training, incident management training, and record keeping.”42 As part of the process, evaluators examine the components of a jurisdiction’s emergency management program against the EMAP standard.43 Program elements covered by EMAP include legal authorities, hazard identification and risk assessment, hazard mitigation strategies, resource management, mutual aid, planning, logistics and facilities, communications, finance, and training, among others.44 By the end of calendar year 2005, 35 states had completed baseline assessments and seven jurisdictions (the states of Arizona, Florida, North Dakota, Pennsylvania, and Virginia, and the District of Columbia and the consolidated city and county 40 Organizations involved in the EMAP process include the National Emergency Management Association (NEMA, comprised of state officials), the International Association of Emergency Managers (IAEM, comprised of local officials), the Federal Emergency Management Agency (FEMA), and others. Staff support for EMAP is provided by NEMA and funded primarily from FEMA. For details on EMAP, see [http://www.emaponline.org/What/Background/Description_Full.cfm], visited Jan. 25, 2006. 41 Ibid. 42 Email of July 23, 2004, with William Waugh, Department of Public Administration and Urban Studies, Georgia State University, 2004 member of the EMAP commission. 43 Individuals selected to conduct EMAP assessments must have “a minimum of three years experience with a state or local emergency management program.” Brian V. Bovyn, “The EMAP Process: An Assessor’s Perspective, Part 1: How to Become an EMAP Assessor,” IAEM Bulletin, v. 23, Aug. 2006, p. 1, 4-5. 44 EMAP standards are summarized in the document EMAP Standard, available from the Emergency Management Accreditation Program, Sept. 2004. CRS-17 government of Jacksonville/Duval County, Florida) had attained EMAP accreditation.45 This activity is consistent with the self-assessment requirements that have been added to the FY2006 application requirements for homeland security preparedness grants administered by the Department of Homeland Security.46 National Capability Assurance. The Federal Emergency Management Agency (FEMA) of the U.S. Department of Homeland Security administers the National Emergency Management Baseline Capability Assurance Program (NEMBCAP) “to establish a baseline measurement of the nation’s emergency management capabilities and to help the emergency management community at all levels to improve its ability to prepare for and respond to emergencies and disasters of all kinds.”47 NEMB-CAP uses the EMAP process and “associated assessment processes” in evaluating the emergency management capabilities of state and local governments and tribal organizations. According to one news report, 30 states completed baseline assessments by mid-September 2004.48 Issues and Options for Congressional Action The findings and recommendations of the 9/11 Commission concerning emergency preparedness standards include several facets that might be considered appropriate for congressional action. These include the three presented in Table 1 of this report, as follows: ! adoption of the Incident Command System (ICS) nationwide and encouragement of training in ICS procedures by conditioning federal funding on such actions; ! congressional approval of legislation to remedy indemnification and liability impediments to mutual aid agreements; ! promotion of the ANSI standards for private preparedness by the Department of Homeland Security (DHS). Nationwide Adoption of ICS. The 9/11 Commission report found that a unified command structure on September 11, 2001, could have resolved some of the problems encountered in New York City.49 Failures identified by commission staff (e.g., the difficulty fire commanders experienced communicating with their units, the lack of knowledge about the availability of “self-dispatched” responders, the failure 45 “Three Programs Achieve National Emergency Management Accreditation,” Nov. 11, 2005, press release. 46 See Preparedness Directorate Information Bulletin No. 197, from Robert B. Stephan, Acting Under Secretary for Preparedness, “Nationwide Plan Review,” Nov. 23, 2005, available at [http://www.ojp.usdoj.gov/odp/docs/info197.pdf], visited Jan. 26, 2006. 47 See [http://www.fema.gov/preparedness/baseline.shtm], visited Jan. 25, 2006. 48 Alice Lipowicz, “A National Emergency Preparedness Standard is on the Way,” CQ Homeland Security CQ.Com, visited Sept. 17, 2004. 49 See The 9/11 Commission Report, p. 321 CRS-18 to integrate the work of 911 operators and fire dispatchers, and the lack of coordination with dispatched units at the site of the attack) may be addressed through ICS and associated training. The ICS framework was developed in the 1970s after a series of California wildfires led some to observe recurring problems when more than one agency responded to the fires. These problems included inconsistent terminology and plans, lack of flexibility in responding to the shifting demands posed by an evolving disaster, and a dearth of adequate facilities. ICS is generally recognized to be an appropriate framework to address these and other problems as the classification level of the disaster may fluctuate, requirements of responders adjusted, functions added or subtracted, and units assigned as needed.50 Five components comprise ICS: command, planning, operations, logistics, and finance/administration. For decades, many emergency management officials have debated, refined, and adopted ICS. The reach and complexity of the attacks of September 11, 2001, stimulated renewed interest in ICS, and related systems, even before the 9/11 Commission examined the issue. The Homeland Security Act of 2002 mandated that the Secretary of DHS build a “national incident management system” (NIMS) to respond to disasters and attacks.51 Subsequently, President Bush issued a presidential directive that required that the Secretary prepare a NIMS that must include, among other features, “a core set of concepts, principles, terminology, and technologies covering the incident command system.”52 During the course of its investigation the commission concluded that the confusion and losses of September 11, 2001, indicated the need for widespread adoption of a unified command system. The report also noted, however, that the conditions of the tragedy in New York City differed in important respects from those that occurred at the Pentagon.53 The National Response Plan (NRP) and NIMS incorporate the ICS approach; the challenge remains for DHS and state and local governments to become more adept at using and participating in an ICS controlled response. While the level of awareness and acceptance of the ICS standard appears greater than in years past, some might disagree with the conclusion of the 9/11 Commission that ICS should be adopted throughout the nation. In considering the 50 Under HAZWOPER regulations, for example, the incident commander assesses the need for resources under the following four levels: Level A, the highest degree of skin and respiratory protection of responders; Level B, the highest level of respiratory protection and a lower degree of skin protection; Level C, a lower level of respiratory protection but a comparable level of skin protection; and Level D, the lowest level of protection required. See Incident Command (Alsip, IL: North Central Environmental and Industrial Safety Training Center, 1995), p. 4-6. 51 Sec. 502(5) of P.L. 107-296, 6 U.S.C. 312(5). 52 U.S. President (George W. Bush), “Management of Domestic Incidents,” Homeland Security Presidential Directive-5, Sec. 15, Feb. 28, 2003, available at [http://www.fas.org/ irp/offdocs/nspd/hspd-5.html], visited Jan. 25, 2006. 53 See The 9/11 Commission Report, p. 315. CRS-19 recommendation Congress might elect to review several issues, including the following. ! The appropriate role of Congress, or an executive branch agency such as DHS, in encouraging or mandating the method by which state and local governments train and manage emergency response operations. Most of the disasters that occur throughout the United States are managed by local government officials, notably fire and law enforcement units. Some might contend that the imposition of the ICS system, as set out in the National Incident Management System (NIMS), signals federal involvement in an arena traditionally administered by state or local governments. Such individuals might argue that such an approach could lead to practices and decisions that may result in inefficiencies, more bureaucracy, or an erosion of state authority guaranteed under the Tenth Amendment of the U.S. Constitution.54 Others might argue that the national threat posed by catastrophic terrorist attacks, or other disasters, requires a more integrated response capability that can only be built with federal involvement.55 ! ICS might be a challenge for small jurisdictions with few resources that can be allocated to prepare for a multi-agency response. Small or lower-income communities would likely be overwhelmed by a significant terrorist attack, and often find their resources stretched to respond to lesser events. If such communities are required to adopt ICS principles as a condition of receiving federal funds, some may contend that they are ill-equipped to spend time and effort meeting the federal requirement, particularly if federal funding terminates and the community is faced with funding the enhanced capabilities on its own. The caution developed by one source appears applicable: A caveat should be entered here: ICS approaches incident control from the task, tactical, and strategic perspectives of the fire service and appears to assume a large, well-organized, and probably urban fire department. The system may not be appropriate for local governments with small or mid-sized fire departments and may require considerable refitting for nonfire emergency activities. Regardless of the size of the community, the ICS application should be flexible 54 For example, see William C. Nicholson, “The New (?) Federal Approach to Emergencies,” Homeland Protection Professional, vol. 2, Aug. 2003, p. 8. 55 One summary of the application of ICS to the wildfires that burned thousands of acres noted that both local and out-of-state firefighters were not familiar with ICS protocol and procedures. See Sandra Sutphen, “California Wildfires: How Integrated Emergency Management Succeeds and Fails,” in Richard T. Sylves and William L. Waugh, Jr., Disaster Management in the U.S. and Canada (Springfield, IL.: Charles C. Thomas, Pub., 1996), p. 182. CRS-20 enough to allow for local differences in organization, politics, and needs. ICS should therefore be reviewed for applicability before it is adopted.56 ! The ICS framework may help as well as hinder spontaneous and creative responses by volunteers. Following the attacks in New York City on September 11, 2001, thousands of volunteers arrived at the site to provide any assistance possible. Many arrived without skills or without a connection to one of the many voluntary organizations that traditionally provide disaster assistance. The surge of people to a disaster scene adds to the complexity of the event and creates additional demands on professional responders. Conversely, the positive effect volunteers have in helping victims as well as responders is well documented. The positive and negative impacts of ICS on spontaneous volunteer responses, both those initiated on impulse and those associated with some training could be investigated.57 In addition, formal volunteer efforts could be part of that analysis. Community Emergency Response Teams (CERTs) represent one method by which the efforts of volunteers can be systematically brought into the response process.58 ! Nationwide implementation of ICS is a challenge for certain types of first responders. At a recent hearing before Congress a DHS official noted that administration officials have spoken of “compliance with the ICS as being possible in the short term.” Such a claim, however, is being challenged. Representatives of the law enforcement, fire fighting, and emergency medical response communities testified that some agencies need more time to adopt NIMS and work under an ICS framework. Also, the witnesses spoke of the need to further develop the NIMS document to address specific concerns of their sector.59 In light of these concerns and cautions, Congress may wish to explore the following options: 56 Thomas E. Drabek and Gerard J. Hoetmer, eds., Emergency Management: Principles and Practice for Local Government (Washington: International City Management Association, 1991), p. 277. 57 For related research see James Kendra and Tricia Wachtendorf, “Creativity in Emergency Response to the World Trade Center Disaster,” and Seana Lowe and Alice Fothergill, “A Need to Help: Emergent Volunteer Behavior after September 11th,” both in: Beyond September 11 th : An Account of Post-Disaster Research, available at [http://www.colorado.edu/hazards/sp/sp39/], visited Jan. 25, 2006. 58 For example, see Colin A. Campbell, “CERT’s Growth Spurt,” Homeland Protection Professional, vol. 3, July 2004: pp. 30-38. 59 U.S. Congress, House, Select Committee on Homeland Security, Subcommittee on Emergency Preparedness and Response, Hearing on the National Incident Management System: Enhancing Response to Terrorist Attacks, 108th Cong., 2nd sess., hearing, Sept. 29, 2004, unpublished. CRS-21 ! fully endorse the recommendation of the 9/11 Commission regarding the ICS system by enacting legislation that would require the Department of Homeland Security (DHS) to condition homeland security funding for all state and local governments on adoption of and training associated with ICS procedures; ! endorse the recommendation, in part, by enacting legislation that would require DHS to condition homeland security funding for state and local governments that adopt the ICS framework and attain minimum accreditation status through EMAP or NEMB-CAP; ! consider the recommendation as guidance to be given to DHS in evaluating the emergency response capabilities of state, local, and tribal governments under NEMB-CAP; ! mandate that federal funds be conditioned upon adoption and implementation of ICS, so long as applicants meet specified criteria or indicators of need, such as population size, history of disasters and a track record of management problems, or vulnerability to terrorist attack; ! through its oversight mechanisms, monitor the application of ICS as the new procedures set out in NIMS and the NRP are implemented; ! through legislation or report language, mandate that DHS evaluate the advantages and disadvantages of nationwide adoption of ICS, and report to Congress by a specified date; or, ! take no action and allow DHS, state emergency management officials, and local officials to design the approach most appropriate to the nation’s and local areas’ safety. Federal Mutual Aid Legislation. The 9/11 Commission report includes the finding that “a serious obstacle to multi-jurisdictional response has been the lack of indemnification for mutual-aid responders in areas such as the National Capital Region.”60 The report continues that federal and state emergency management officials should develop “a regional focus” and promote mutual aid agreements, and that federal legislation is needed to address “long-standing indemnification and liability impediments” to mutual aid emergency response in the Washington, D.C. area “and where applicable throughout the nation.”61 60 The 9/11 Commission Report, p. 397. 61 Ibid. CRS-22 Relatively little support is offered by the commission for the recommendation that Congress enact legislation to rectify indemnification and liability impediments.62 Some may contend that this statement is given a lower status than the formal recommendations as it is presented as a statement in a paragraph, not a bolded recommendation.63 To assist Congress in more fully evaluating the 9/11 Commission report, this statement is examined as a commission recommendation in this report. Emergency management mutual aid agreements have been negotiated and approved by the states for years.64 Of greatest significance, the Emergency Management Assistance Compact (EMAC), approved by Congress in 1996, is the primary mutual aid agreement that facilitates the provision of emergency response aid among signatory states.65 EMAC establishes a framework under which standard procedures and operational policies are agreed upon by the states to facilitate the provision of mutual aid when emergencies occur. Article VI of EMAC includes a provision which ensures that when officers or employees of one state render aid in another in emergency situations, they are treated as agents of the requesting state for tort and immunity purposes. The text of the article follows. Officers or employees of a party state rendering aid in another state pursuant to this compact shall be considered agents of the requesting state for tort liability and immunity purposes. No party state or its officers or employees rendering aid in another state pursuant to this compact shall be liable on account of any act or omission in good faith on the part of such forces while so engaged or on account of the maintenance or use of any equipment or supplies in connection therewith. 62 To the extent found, references in the report and the pertinent staff statement evoked positive aspects of mutual aid at the Pentagon. For example, Staff Statement #14 noted that “Local, regional, state and federal agencies immediately responded to the Pentagon attack .... Regional mutual aid, as in Northern Virginia, could become a formal joint response plan with neighboring jurisdictions working together ....” See pp. 5,6. By comparison, the report noted that a lack of coordination hampered the response in New York City. However no references could be found in the report or staff statements indicating that indemnification and liability impediments obstructed the response in New York City. It is appropriate to note, however, that New York and five other states were not EMAC participants until after September 11, 2001. It is possible that the commission staff found that the absence of the liability protection offered through EMAC impeded response efforts from other states, but failed to include that finding in the report. 63 This statement is considered a recommendation in this CRS report as the 9/11 commission report uses the phrase “Congress should ....” 64 For a summary of state emergency management mutual aid agreements see CRS Report RL32287 Emergency Management and Homeland Security Statutory Authorities in the States, District of Columbia, and Insular Areas: A Summary, by Keith Bea, L. Cheryl Runyon and Kae M. Warnock. For citations to emergency management mutual aid agreements adopted by each state see the “Mutual Aid” section of each state profile listed in Table 1 of CRS Report RL32287. 65 For information on EMAC, see CRS Report RS21227, The Emergency Management Assistance Compact (EMAC): An Overview, by Keith Bea. CRS-23 Good faith in this article shall not include willful misconduct, gross negligence, or recklessness.66 EMAC does not provide for indemnification of officers or employees held liable for acts or omissions not accomplished in good faith.67 Through EMAC or specific provisions enacted into law many states have adopted mutual aid compacts that address liability concerns. For example, Washington, D.C., Virginia, and Maryland, the sovereign entities within the National Capital Region (NCR), have incorporated EMAC into their statutory codes, in addition to other mutual aid provisions.68 Through enactment of the Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108-458) the 108th Congress acted to resolve concerns that the existing provisions did not provide sufficient protection. The statute authorizes NCR state and local officials to enter into mutual aid agreements for emergency response and training purposes. The statute also specifies that EMAC provisions are not affected by this provision. This provision, limited to the NCR, was adopted in conference committee negotiations instead of the broader provision adopted by the House in its version of the legislation.69 During the 109th Congress Members may elect to revisit the issue by considering the following options: 66 ! enact legislation, comparable to that passed by the House in 2004 in H.R. 10, that specifically protects all emergency responders from liability concerns and provides indemnification; ! assess the scope of the problem and determine whether legislation should: reach beyond the provisions of Article VI of EMAC, solely address the issue of indemnification or extend other protections, or authorize the use of disaster relief funds to reimburse states and municipalities for costs associated with providing mutual aid;70 P.L. 104-321, 110 Stat. 3880. 67 Liability protection statutes ensure that individuals or organizations that take certain action cannot be sued. Indemnification statutes, by comparison, provide for government reimbursement of individuals and organizations for payments for which they are held liable. 68 See D.C. Code Ann. §7-2332, §7-2206; Virginia Code §44-146.28:1, §44-146.14(b); Maryland Criminal Procedure Code §2-105(e). 69 Section 5101 et. seq. of H.R. 10, as approved by the House, (“Mutual Aid and Litigation Management Authorization Act of 2004”) would have limited liability of responders, throughout the nation, to the extent permitted by law of the source state of the responding party. 70 Congress appropriates disaster relief funds to DHS to pay for the costs associated with the Robert T. Stafford Disaster Relief and Emergency Assistance Act, 42 U.S.C. 5121 et seq. For background see CRS Report RL33053, Federal Stafford Act Disaster Assistance: Presidential Declarations, Eligible Activities, and Funding, by Keith Bea. CRS-24 ! assess the impact of such legislation on EMAC-based agreements among the states, and the consequences of increased federal action in an area that has historically been addressed among the states; or, ! evaluate the areas in which existing mutual aid agreements, including EMAC, have proven deficient and could benefit from federal action. ANSI Standards for Private Sector Emergency Preparedness. The 9/11 Commission report endorsed the emergency management standards recommended by ANSI; those standards are based upon NFPA 1600. According to the commission, the adoption of such standards is essential, since the private sector owns and manages the majority of the critical infrastructure in the United States. Private civilians at their places of employment may be the first responders to the scene of an attack.71 ANSI has traditionally operated on the basis that the standards adopted by the organization are voluntary. If the recommendation is adopted, consumers and government officials recognize that a company or product in compliance with ANSI standards meets specified levels of quality and safety. The 9/11 Commission concluded that private preparedness plans should consist of three components — evacuation plans, communications capabilities, and continuity of operations plans. The Commission report does not recommend legislative action on this issue; instead, the report urges DHS to promote adoption of the standard and encourages private sector action through insurance and credit-rating actions. Members of the Commission may have concluded that congressional action might not be appropriate because legislation might involve a discussion of whether the Unfunded Mandates Reform Act (UMRA) provisions would be at issue.72 UMRA established mechanisms to limit federal imposition of unfunded mandates on other levels of government (called “intergovernmental mandates”) and on the private sector. The statute allows points of order to be raised if committees do not include a report on mandates projected to cost the private sector $117 million or more.73 Options that might be considered by Congress in this area include: ! require that private companies adopt ANSI standards in order to be certified as a “responsible source” under the Federal Acquisition Regulation (FAR);74 71 The 9/11 Commission Report, p. 398. 72 P.L. 104-4, 2 U.S.C. 658(5), (7). 73 For background on UMRA see CRS Report RS20058, Unfunded Mandates Reform Act Summarized, by Keith Bea and Richard S. Beth. See provisions at 2 U.S.C. 658b(c), 2 U.S.C. 658c, 2 U.S.C. 658d. 74 Under FAR, such companies must meet certain compliance requirements. For example, (continued...) CRS-25 ! enact legislation authorizing funds that would extend existing accreditation processes, either or both EMAP and NEMB-CAP, to the private sector, bringing to the companies the resources necessary to fully assess their emergency preparedness capabilities; ! approve incentives for the private sector to adopt the ANSI standards, perhaps through the use of business tax write-offs, extension of tax credits, tax deduction of accelerated depreciation, or conditioning the receipt of federal assistance such as Small Business Administration loans; or ! take no action. On September 23, 2004, DHS released an Internet-based campaign that provides instructions to businesses on preparedness for and response to attacks and other disasters. Continuity of business plans, physical security, cost estimates of certain preparedness activities, and emergency plans are components of the program.75 Businesses can also obtain information on preparedness activities by calling a tollfree number established by DHS (1-800-237-3239). Additional Issue Areas and Options The 9/11 Commission focused on broad policy areas, notably the intelligence failures related to the attacks. The emergency management issues considered by the commission were limited to those observed during the immediate response to the attacks. While the work of the commission has raised awareness of emergency response issues, it arguably has identified only the tip of the iceberg of a vast area of public policy. The devastation of September 11 and the problematic response to Hurricane Katrina made evident a number of issues, deficiencies, and problems that might be explored by Congress. Taken together, the findings and recommendations from the investigations other issues for congressional attention, among which are the following. ! Authorities and triggers for federal action. Both the attack on the Pentagon and in New York City resulted in explosions. The Stafford Act authorizes the President to issue a major disaster declaration, and therefore dedicate the full range of federal resources, in the event of fires or explosions “regardless of cause.”76 Some terrorist attacks, however, may involve the dispersal of chemical weapons, 74 (...continued) pursuant to the Drug-Free Workplace Act of 1988 (P.L. 100-690), companies must agree to provide a drug-free workplace to employees. Congress could enact legislation that similarly required that companies meet the ANSI emergency preparedness standard. For the FAR regulation, see Subpart 23.5, “Drug-Free Workplace,” at[http://www.arnet.gov/far/current/pdf/FAR.book.pdf], visited Jan. 25, 2006. 75 “Ready Business,” at [http://www.ready.gov/business/index.html], visited Jan. 25, 2006. 76 42 U.S.C. 5122(2). CRS-26 prolonged small arms fire in different locations, cyber-attacks, or other causal agents that are not covered by existing law. To a certain extent, the President may use the authority under the National Emergencies Act to expedite federal assistance and coordinate response. At issue may be the adequacy of existing emergency response authorities and triggers and whether there is a need to establish legislative standards for presidential or other executive actions.77 ! Emergency responder and civilian/responder health. Some have contended that the air was so full of pollutants in downtown Manhattan on September 11, 2001, that it could have been declared a site for federal assistance under major environmental laws. The combination of toxic substances in New Orleans after Hurricane Katrina has resulted in long-lasting concerns about environmental quality in the soil.78 The adequacy of existing laws, and the need for standards for measuring environmental threats to responders and civilians might be considered by Congress.79 ! Emergent or spontaneous actions. Disaster research indicates that the behavior of responders and civilians at the scene of a catastrophe does not resemble the horrified mass of people running away and trampling each other (as often represented in movies) but concerned and committed individuals willing to sacrifice to help others. The effect of federal policy on informal emergency response activities might be examined. As summarized by one team of researchers, “Creative action as exhibited by emergency response personnel and groups after the attacks yielded not only positive results but also conflicts and challenges, not unlike those documented in prior studies of the convergence phenomenon after disasters, in which volunteers, opportunists, and others converge on the scene, adding an element of uncontrollability that can complicate emergency operations, safety, and security.”80 77 For background on the National Emergencies Act see CRS Report RS21017, Terrorist Attacks and National Emergencies Act Declarations, by Harold C. Relyea. 78 The Environmental Protection Agency has issued a statement that, “in general, the sediments left behind by the flooding from the hurricanes are not expected to cause adverse health impacts to individuals returning to New Orleans.” See U.S. Environmental Protection Agency, Summary Results of Sediment Sampling Conducted by the Environmental Protection Agency in response to Hurricanes Katrina and Rita, available at [http://www.epa.gov/katrina/testresults/sediments/summary.html#c], visited Aug. 18, 2006. 79 See sections on public health studies and environmental hazard assessment in CRS Report RL31464, Federal Disaster Policies After Terrorists Strike: Issues and Options for Congress, coordinated by Keith Bea (available from the author). 80 Natural Hazards Research and Applications Information Center, Public Entity Risk Institute, and Institute for Civil Infrastructure Systems, Beyond September 11th: An Account of Post-Disaster Research (Boulder, CO: University of Colorado, 2003), p. 6, available at (continued...) CRS-27 ! Coordination of standards with the national preparedness goal. President Bush directed the Secretary of Homeland Security to prepare a national preparedness goal that must include “standards for preparedness assessments and strategies, and a system for assessing the nation’s overall preparedness to respond to major events, especially those involving acts of terrorism.”81 One aspect of the effort to ensure that capabilities comply with the goal concerns equipment standards. The directive specifically requires that the Secretary “establish and implement streamlined procedures for the ongoing development and adoption of appropriate first responder equipment standards that support nationwide interoperability and other capabilities...”82 According to a report conducted by staff of the Office of Inspector General for DHS, “some progress” has been made by adopting 12 standards for equipment and communication interoperability.83 The report notes concern, however, because no new standards have been adopted since February 2004, adopted standards rarely apply to equipment designated as eligible for purchase by grantees, and the standards are limited to specific types of equipment (personal protection and detection). Congress might elect to conduct investigations on efforts by DHS to comply with the presidential directive. ! Authority to establish standards. DHS adopts equipment standards generated by nongovernmental standard development organizations, such as ANSI and the NFPA. The Homeland Security Act of 2002 (P.L. 109-296) prohibits the Secretary, through the Science and Technology Directorate, from establishing standards for first responders.84 Congress might elect to reconsider this prohibition by eliminating the restriction, modifying it to set limits on the types and reach of the standards that might be developed by DHS, or directing the Secretary to ensure that affected communities have the opportunity to exercise appeals of DHS decisions. As another 80 (...continued) [http://www.colorado.edu/hazards/sp/sp39/], visited Jan. 25, 2006. 81 U.S. President, George W. Bush, “National Preparedness,” Homeland Security Presidential Directive/HSPD-8, Dec. 17, 2003, section (6). For information on the national preparedness goal see CRS Report RL32803, The National Preparedness System: Issues in the 109th Congress, by Keith Bea. 82 “National Preparedness,” section (14). 83 U.S. Department of Homeland Security, Office of Inspector General, Review of DHS’ Progress in Adopting and Enforcing Equipment Standards for First Responders, OIG-06-30 (Washington: 2006), p. 2. 84 “Nothing in this section shall be construed as authorizing the Secretary or the technical assistance team established under subsection (b)(3) of this section to set standards for technology to be used by the Department, any other executive agency, any State or local government entity, or any private sector entity.” 6 U.S.C. 193(c) CRS-28 option, DHS might use the existing authority to issue regulations that have the effect of directing standards development.85 Conclusion The report by the 9/11 Commission has stimulated discussion throughout the nation on a range of issues, primarily concerned with intelligence reform, associated with the attacks of 2001. Recommendations in the report section “Protect Against and Prepare for Terrorist Attacks” concern the capabilities of the public and private sectors to adequately prepare for and respond to further attacks. Those recommendations, and the final assessments issued by the Public Discourse Project that are pertinent to the adoption or use of emergency management standards, have been discussed in this report. While most observers believe some of the recommendations have merit and may lead to improved protection and response capabilities, it may also be argued that adoption of the recommendations may impact long-standing practices, impose new obligations, and possibly affect constitutional protections for the states. It appears that the federal role in emergency management will continue to grow in certain areas, presaging a more activist federal government and a greater span of federal control. It is also possible that the actions taken by Congress will stimulate and maintain a commitment of non-federal resources and capabilities by funding programs, encouraging DHS and the states to incorporate standards in their operational procedures, and more fully engage in emergency management activities. On the other hand, Congress might take no action on some or all of the recommendations, allowing the private sector and the state and local governments to develop mechanisms for improving emergency response capabilities. 85 “The Secretary, acting through the Under Secretary for Science and Technology, may issue necessary regulations with respect to research, development, demonstration, testing, and evaluation activities of the Department, including the conducting, funding, and reviewing of such activities.” 6 U.S.C. 186(c)