The Harvard Business Review has an excellent article on how some Boston companies handled the Boston metro lockdown situation. The article points out that proper planning for emergencies is the best way to prepare in the event of a real emergency.
The Cambridge-based company, HubSpot, had an emergency operations plan in place and executed the plan.
Making sure employees know what to do in a fast-breaking emergency isn’t as easy as just sending a text or an email. It takes preparation as well as rapid execution. One Cambridge-based company, HubSpot, talked to me about how they coordinated their response, with people in IT, security, and HR all working together to first identify employees in the Watertown area who might be in harm’s way, and then reaching out to those people “to make sure they had heard the news and didn’t plan to go outside,” said Katie Burke, from the company. They phoned, texted, and as a last resort, emailed them individually. Then, says Burke, “Our Chief Security Officer notified all employees early [Friday] morning that the office would be closed so people wouldn’t drive or try to train into work and get stranded.” Finally, they made sure everyone knew there’d be no penalty for staying home, and encouraged them to reach out if they needed help.
EHR vendor athenahealth highlighted that their emergency operations plans were critical being that they are a HIPAA regulated company.
“As a HIPAA-regulated organization, we have a heightened sense of responsibility for business continuity and crisis management,” she told me. Their crisis plan was enviable.
The HIPAA Security Rule states:
EMERGENCY ACCESS PROCEDURE (R) – § 164.312(a)(2)(ii)
This implementation specification requires a covered entity to:
“Establish (and implement as needed) procedures for obtaining necessary
electronic protected health information during an emergency.”
Let’s look at athenahealth’s emergency operations plan
Every employee, when they first join the company, is handed a wallet card with Reckman’s phone number and other emergency contact numbers. At 4:30 in the morning on Friday, Reckman was awoken by a Watertown-based employee who’d called the number on that card to tell her that he had heard gunshots outside his home, and was now following the unfolding events on the news and listening to a police scanner. It sounded, he said, like this might go on for a while. Reckman jumped out of bed and activated their emergency notification system. The first alert went out to the firm’s crisis-management team, a group of about 15 or 20 people from around the company. Closing for the day “was a no-brainer,” Reckman said. So within another few minutes, they’d activated the automated emergency contact system that goes out to all employees — reaching their home phones, cell phones, work phones, work email accounts, and personal email accounts. They got the message out by 5:30 am.
“I was asleep until 6 a.m.,” said Amanda Guisbond, who works in the communications department. “I woke up and had a voicemail on my cell phone telling me the offices were closed, and I also had an email in my gmail account, which was good because I wouldn’t have been checking work email right away.”
What worked and what didn’t work?
- Email was not the best way to contact all employees
- The use of SMS text messages were a quicker way to push information out to people
- Make sure it’s a system multiple people can activate, from any location. Don’t rely on one person to activate an emergency operations plan
- Review the plan and make sure you continue to refine it so it works as smoothly as possible
What is your organization’s emergency operations plan? Take a step back and run the scenario of a Boston metro lockdown. How would you notify your employees? What steps would you take? Start by ensuring that you have multiple contact information for each of your employees. Make sure that employees can contact management and other employees.
Emergency operations plans do not have to be complicated or technology sophisticated but they do need to be properly planned for.
Leave a Reply