Your Solution for SMART Response Plans

Regulatory Compliance Management and the Price of Non-Compliance

Posted on Thu, Oct 25, 2012

The increasing number of stringent regulatory compliance standards compounds the complexity of industrial operations. Most companies believe they have the regulatory compliance component of their business under control. However, agencies such as OSHA, EPA, and DOT, continue to inspect and fine companies for non-compliance for a variety of infractions. 

A bill put forth to Congress entitled “Providing Assistance with the Paperwork from Excessive Regulations Act of 2012” was referred to the Committee on Oversight and Government Reform and the Committee on Small Business. While the bill is aimed at small businesses, the title highlights the “excessive” number of regulations that may be applicable to one facility. 

If government regulations are applicable to operations, companies need to prioritize compliance in order to minimize financial burdens resulting from fines, negative public perceptions, and potential government mandated shutdown of operations. Every month, audits and enforcement mandates are issued from various federal and state agencies that oversee industrial facilities. Costly non-compliance fines continually result from the lack of an implemented, thorough, or effective regulatory compliance programs.

Below are examples of the price of non-compliance for the first eight months of 2012. The list is comprised of a wide array of companies from various regulatory agencies (dates are by citation, not occurrence).


  • EPA: Collected a penalty of $25,347 from an oil company in Pennsylvania for alleged violations of oil spill prevention regulations at an oil storage facility
  • OSHA: Proposed penalties of $148,000 in fines to a chemical company in Nebraska for 25 safety violations, 14 of which relate directly to OSHA's standard regulating the process safety management of highly hazardous chemicals.


  • DOT: The U.S. Department of Transportation announced it has resolved a record number of enforcement cases against pipeline operators over the last three years
  • OSHA: Cited chemical company $ 139,000 for eight repeat and 13 serious safety and health violations at its Delaware facility. Proposed penalties resulted from an inspection that was initiated as part of OSHA's Site-Specific Targeting Program for industries with high injury and illness rates.


  • EPA: Handed down a $1.2 million civil penalty to a power company for significant violations of the Clean Water Act, Chemical Bulk Storage Regulations, and Navigation Laws. A transformer explosion resulted in thousands of gallons of petroleum entering New York’s Hudson River.


  • OSHA: Cited an Atlanta based company for three repeat, three serious, and two other-than-serious safety and health violations at one of its plastics manufacturing facility. The proposed penalties totaled $71,000.
  • PHMSA: A fine of $251,170 was given to an energy company for serious violations regarding a pump/compressor related equipment failure.


  • EPA:  An Oregon chemical manufacturer failed to report the use of toxic chemicals at its facility. The violation of the Community Right-To-Know laws resulted in a penalty of $58,200.
  • EPA: According to a consent agreement, a frozen foods company will pay over $84,000 to settle hazardous chemical reporting violations at one of its facility.


  • OSHA: Penalties totaling $199,800 were presented to a vinyl manufacturer for a total of 30 safety and health violations; including three repeat violations for failing to properly ground electrical equipment and a lack of machine guarding.
  • EPA: A TSCA complaint resulted in a proposed penalty of $202,779. The complaint alleged that that the company had violated the 2006 IUR rule for 13 chemical substances.


  • USCG:  Charged an international shipping company $1 million in criminal fines, served probationary status, and required to pay $300,000 to the Department of Wildlife and Fisheries after the Coast Guard inspection revealed undocumented internal transfers and discharges of oily waste into the ocean.
  • PHMSA:  Proposed a record $3,699,200 in fines to one company. The agency listed 24 violations of hazardous liquid pipeline regulations, including failure to fix corrosion problems in the damaged pipe joint discovered 10 years prior.


  • PHMSA: Violations of federal pipeline safety regulations resulted in fines totaling more than $2.4 million for one company. Two employees were killed when pipeline repairs caused leaking crude oil to ignite.
  • EPA:  Fined an oil company $15,052 for failing to maintain and fully implement an oil spill prevention plan (SPCC). Negligence contributed to a release of approximately 1,500 gallons of used motor oil from a tanker truck at one facility. As part of the agreement, the company will spend $10,575 to upgrade equipment.


  • OSHA:  Cited a chemical company for 14 safety and health violations following an inspection. The company faces proposed penalties of $104,000

Effective technology can be inexpensively utilized to monitor continually evolving regulatory requirements. While some companies may use Excel spreadsheets to manage these requirements, this approach is typically burdensome and ineffective. As companies grow and operations grow, spreadsheets can be overwhelming and time consuming. Operators should consider utilizing database technology to ensure enterprise-wide compliance on multiple government agency fronts.

Key concepts for managing regulatory compliance from a corporate perspective include, but are not limited to:

  • Database Technology -
    • Each applicable regulatory requirement can be hyperlinked to associated site-specific information for each facility.
    • A database will minimize task repetition generated when multiple agencies have regulations that are related to the same subject matter.
    • Updating evolving regulatory information can be effectively managed across multiple facilities with the use of a central database.
    • The ability to search a database for key words and phrases associated with regulations will minimize maintenance time.
  • Compliance Consultations - Identify and utilize corporate resources or outsource compliance expertise to minimize the uncertainty of evolving regulations.
  • Facility-Specific Regulations - Identify mandatory operational and submission requirements for each facility associated with each regulatory agency.
  • Tasking - Assign compliance tasks, frequencies, due dates, persons responsible, and document completion actions.
  • Identify Best Practices - Apply best practices and potential mitigation measures related to compliance.

Regulatory non-compliance has proven to be expensive, time consuming, and potentially dangerous to company employees and the surrounding communities. An effective compliance management process can result in an efficient and integrated program that optimizes the efforts of company stakeholders, and improves compliance.


For a sample Emergency Response Checklist, download our helpful and informative guide.

Tags: USCG, PHMSA, OSHA, EPA, Regulatory Compliance, FEMA

Social Media and the Emergency Manager

Posted on Mon, Oct 01, 2012

As Hurricane Isaac churned in the Gulf in August 2012, public sector emergency managers were turning to social media to relay important information, as well as monitor feeds for trends relating to evolving emergency situations.

“This is the first time we’re rolling out full-blown Twitter and Facebook as well as our notification system through e-mails,” said Broward Emergency Manager Chuck Lanza in regards to Hurricane Isaac’s impact. “Any message that we send out will have to do with preparedness, evacuations, sheltering, stuff that’s easy to understand that people can get the message and act upon it pretty quickly.

Emergency managers must adjust to the “new normal” information flow and associated technologies. A new generation of internet-shackled employees is coming into the workforce, and is becoming increasingly dependent on social media for information. Within a short time span, social media has grown from a hobby-like befriending outlet into a vast two-way communication network, unlike radio and television. The concept of social media as a communication tool has garnered the attention of Federal Emergency Management Administration, which introduced a new course in July, 2012, entitled IS-42 Social Media in Emergency Management. 

According to the FEMA Social Media’s course description, “Social media is a new technology that not only allows for another channel of broadcasting messages to the public, but also allows for two way communication between emergency managers and major stakeholder groups.”

Emergency managers can utilize social media to communicate preparations for, necessary responses to, and recovery from an emergency event. Unlike passive traditional press releases and media interactions in which message content was typically controlled and timed, social media is accessible on a 24-hour basis with the potential for average citizens dispersing content. According to the Social Media in Emergency Management course, “The Internet has evolved from a static path of sharing information to a dynamic communication conduit for all to contribute”.

Common social media sites used by Emergency managers include, but are not limited to:

  • Blogger, Wordpress, and similar platforms: Allow for a single author or a group of authors using one account to post content and links as a series of articles or posts arranged in a chronological sequence like a diary or journal.
  • Twitter, a micro-blogging site: Provides users with a platform for 140 character messages that may include web links, pictures, audio, and video content.
  • Facebook and Google+: Allows individuals or organizations to keep others up to date on their status and activities or to advertise events.
  • LinkedIn: A professional platform used form communities of practice, for continual learning, and sharing of better practices.
  • Flickr, Picasa, YouTube, Vimeo, and Tumblr: Media sharing site that can include text commentary, group photos or video. 
  • Wikis: Repositories for information or documentsOnline encyclopedias typically offer subject specific areas where information can be obtained.  Wikis may be used as an outlet for users to submit ideas, solutions, or their opinions. 

“Social media has added credibility challenges to the formerly unquestioned voice of the emergency manager.” - Tom Olshanski, Director of External Affairs at the U.S. Fire Administration

Social media creates its own set of challenges for companies incorporating the newest information medium into its emergency management process. These challenges include;

  • Leadership buy-in: Questions about the reliability of information, fear of the unknown, misuse, or abuse.
  • Potential lack of content control: Any witness with an Internet connection can report on an incident and the emergency response.  The potential reputational fallout can be catastrophic for a company if inaccurate information goes viral.
  • Global reach: Information shared on most social media is accessible by the masses, despite location.
  • Security policies: Social media platforms may be perceived as potential security risks for highly regulated facilities.
  • Personnel privacy: Policies must be in place to determine tracking, storage and usage of sensitive data.
  • Organizational capacity: Emergency management team may be unfamiliar with social media or might lack the skills required to use it effectively.
  • Sustainability: Overloaded emergency staff may not have the time necessary for a dedicated social media effort.
  • Company documentation: Legal records retention requirements for archiving communications at State and Federal level can damper use of social media tools. Social media usage is outpacing changes to legal documentation requirements
  • Multi-channel feeds: One post can be disseminated to a number of social media outlets making information viral before facts are confirmed.
  • Publicity: The public obtains its news and information from multiple sources (television, radio, and the World Wide Web) and chooses what, when, and in what form it receives it. Public relations efforts must cross-pollinate amongst various mediums.
  • Reversed Information Chain: A Company may receive information regarding its own company or facilities from outside sources. Eyewitnesses can be the first to “break the story”, potentially leading to a negative company reputation. The public perception may include discussions of a company cover-up or ignorance to its own failures, if a public statement is delayed.

However, despite its challenges, companies involved in an emergency can benefit from social media in critical ways that aid in emergency response: 

  1. Speed: Direct communication between informants and those who need information enables responders to react faster, minimizing the duration of the emergency.
  2. Relevance: Disseminate the right message to the right audience
  3. Accuracy: Ensure information is correct, confirmed by company sources, and backed up by facts or direct observation. Multiple informants can confirm accuracy or inaccuracies.

Emergency managers, in coordination with public relations personnel, should maintain a crisis management plan to address potential challenges and proactively inform employees, stakeholders, and the public regarding any company incident. This process should highlight situational awareness, company efforts to combat the emergency, and mediation measures to prevent the incident from reoccurring.

Initial social media contact via written messages, photographs, and videos after an emergency should contain the following elements:

  • A brief, focused, and factual description of the situation and initial response actions
  • Processes established to minimize and counteract the emergency
  • A statement of commitment to return to “business as usual”
  • An expression of empathy and concern for those involved in the incident and response.
  • Access to an employee with subject matter expertise to answer inquiries
  • Timing for media follow up (only promise what can be delivered)

For tips and best practices on designing a crisis management program, download Best Practices for Crisis Management.

TRP Download

Tags: Emergency Management, Incident Management, FEMA, Media and Public Relations, Social Media

The National Integration Center and NIMS

Posted on Mon, Aug 06, 2012

The Department of Homeland Security’s National Integration Center is responsible for managing the implementation and administration of the National Incident Management System (NIMS). NIMS is the consistent emergency management structure that has been adopted by countless companies to create a more effective, coordinated emergency response.

According to FEMA, NIMS provides “a consistent nationwide template to enable Federal, State, tribal, and local governments, the private sector, and nongovernmental organizations to work together to prepare for, prevent, respond to, and recover from domestic incidents, regardless of cause, size, or complexity, including acts of catastrophic terrorism.” Yet, when companies implement or utilize a basic template approach without consideration of site-specific details, the result is often an incomplete, ineffective, and non-regulatory compliant plan.

The goal, and typical result of NIMS, is a coordinated, faster, and more effective resolution. The National Integration Center (NIC) promotes this compatibility and NIMS compliance between the private corporate sector and its jurisdictional counterparts.


Effective Response Planning 

Two contributors to effective preparedness comes from the site-specific information within the plans and a standardized response management process by which procedures are carried out. The two concepts, site-specific and standardization, may appear to contradict each other. However when merged properly, companies can strengthen preparedness initiatives and enable a flexible, effective, efficient, and all-hazards incident management response.


The NIC stresses standardization and credentialing to ensure the adoption of common national standards and systems that are compatible and aligned with the implementation of NIMS. The standards apply to the identification, implementation, and development of concepts and programs covering:

  • Documentation and database systems related to qualification, certification, and credentialing of emergency management/response personnel and organizations.
  • NIMS Training Requirements and exercises that enhance agencies’ and organizations’ knowledge, adoption, and implementation of NIMS.
  • Publication management ensuring NIMS documents are consistent and accessible.


Response Training

With properly trained employees, many emergency situations can be handled on-site without additional outside responders. However, if an emergency is beyond the scope of employee training, a unified incident management approach enables multiple entities to coordinate under one accepted management system.

Despite the efforts of the NIC to promote NIMS as the basis for emergency response, the 2012 National Preparedness Report identified a lack of understanding of specific roles and responsibilities. According to the report, emergency managers’ recovery roles and responsibilities were not always clearly defined, thereby confusing recovery progress. FEMA stresses continuous communication and collaborative efforts with responding jurisdictions in order to identify gaps. “Partners should identify gaps in achieving long-term recovery and report upon them to set recovery goals.”

Preparedness and Emergency Management - TRP Corp

Tags: DHS, Resiliency, Training and Exercises, Emergency Management Program, FEMA, National Preparedness

Emergency Resource Management and Equipment Deployment

Posted on Thu, Mar 15, 2012

Prepositioning emergency response equipment, whether on site or through contracted vendors, improves companys’ ability to quickly and successfully respond to emergencies. In addition to identifying the required personnel and response teams needed for specific emergencies, emergency managers need to identify the necessary response equipment to meet identified vulnerabilities.

Effective response equipment deployment requires the following minimal pre-planning:
1. Identifying necessary response resources for each applicable hazard
2. Acquiring necessary equipment or contracting with response organizations
3. Ensuring a training and maintenance programs is in place
4. Mobilizing resources in the event of an incident
5. Tracking and reporting deployed resources
6. Demobilizing required resources
7. Performing a post incident inventory and replenishing/refurbishing equipment as needed

Coordinating with response contractors and local and state resources can reduce the need to purchase and maintain all required equipment at smaller facilities. In addition, a well thought-out, tested, and available emergency response plan improves the potential for a rapid, effective response, thereby reducing the potential for an emergency to escalate.

However, in the event of a large scale disaster, FEMA has established the Prepositioned Equipment Program (PEP) to provide additional support to first responders. PEP strategically located sites are each supplied with standardized emergency first responder equipment.

According to FEMA, each site in the continental US has a 600 miles radius, enabling a response within 12 hours of an incident. There are ten PEP support teams located across the United States:

1. Kansas City, MO
2. Middletown, NY
3. Kent, WA
4. Sacramento, CA
5. Columbia, SC
6. McDonough, GA
7. Fort Worth, TX
8. Salt Lake City, UT
9. Frederick, MD
10. Las Vegas, NV

The PEP sites are able to provide and replenish responders with the following:
● Personnel protective equipment
● Detection instrumentation
● Emergency medical supplies
● Technical rescue equipment
● Decontamination equipment
● Interoperable communication equipment
● Logistic support equipment

Resource management should be flexible and scalable in order to support any potentially escalating incident. By coordinating applicable response equipment plans with comprehensive resource management concepts, companies will be better prepared to respond to emergencies.

For more details on available equipment provided by the PEP, review FEMA’s Prepositioned Equipment Program Overview.

For tips and best practices on designing a crisis management program, download Best Practices for Crisis Management.

TRP Download

Tags: Emergency Management, Crisis Management, Facility Management, Supply Chain, FEMA, Disaster Response, National Preparedness

Emergency Response Plan - Annexes for Added Incident Management

Posted on Mon, Aug 08, 2011

According to FEMA, the basic emergency operations plan should provide a broad scope of responses for potential emergency and crisis situations. Additional emergency response annexes that focus on hazard, threat, or incident-specific response needs can be added to broaden a site-specific basic plan to encompass the full range of hazards associated with a facility. These annexes contain unique and regulatory response details that apply to a single hazard, such as a pandemic response or hurricane plan. Depending upon the emergency operation plan’s structure and content amount, hazard-specific information may be included as either separate functional annexes or stand-alone hazard-specific annexes.

Hazard or incident-specific annexes should include many of the same details of the basic operations plan including, but not limited to:

  • Details of hazard-specific location(s)
  • Evacuation routes
  • Plot Plans
  • Specific provisions and protocols for warning employees, the public and disseminating emergency  information
  • Personal protective equipment and detection devices
  • Policies and processes for each specific hazard
  • Roles and responsibilities

Just as in the basic emergency operations plan, a planning team may use supporting documents as needed to clarify the contents of the incident specific plan. These supporting documents can include hazard specific aerial and facility maps, charts, tables, checklists, resource inventories, and summaries of critical information. For example, the hurricane plan may be made clearer by attaching maps marked with evacuation routes or shelter in place areas. Evacuation routes may change depending on the location or scale of the hazard.

Hazard-specific operational information usually includes, but is not limited to:

  • Assessment and control of the hazard information
  • Identification of unique prevention and preparedness of critical infrastructure/key resources
  • Protective actions
  • Communications procedures and warning systems
  • Implementation of protective actions
  • Identification of short-term stabilization actions
  • Implementation of recovery actions.

It is crucial to identify the critical functions necessary for a successful emergency response to a specific hazard in the planning development stage.  This may include identifying alternate communications methods in the event of a hurricane or pinpointing essential personnel to implement a pandemic plan. Hazard-specific annexes should follow the same layout and organizational format as the main operational plan to ensure consistency.

For tips and best practices on designing a crisis management program, download Best Practices for Crisis Management.

TRP Download

Tags: Pandemic Planning, Fire Pre Plans, Emergency Preparedness, Crisis Management, Facility Management, Emergency Management Program, Security plans, Terrorism Threat Management, FEMA, Hurricane Preparedness, Flood Preparedness

FEMA's Plan for the Future - Strategic Foresight Initiative

Posted on Mon, Jul 11, 2011

The Federal Emergency Management Administration (FEMA) released the Strategic Foresight Initiative in hopes to assist the emergency management profession better plan for the future.

The Strategic Foresight Initiative, derived from over 500 members of the emergency response community, addresses nine areas that will affect the future of emergency management:

1. Changing role of the individual in disaster preparedness
- Increased empowerment of the individual through availability of information
- Lack of trust in government authorities
- Changing definition of community from the traditional geographic community to a virtual community

2. Climate change
- Heightened weather patterns (ex: more flooding rains, intense storms, droughts)

3. Critical infrastructure
- Aging transportation, communication, energy, and health care infrastructure may create additional emergency situations

4. Evolving terrorist threat

- Availability of technical and scientific knowledge may increase terrorist access to “high consequence” weapons

5. Global interdependency
- Emergency managers may take on greater role in Emergency Management internationally
- A more global role for American emergency managers could have major resource and capability implications

6. Technological innovation and dependency
- Our communications, energy, and transportation infrastructure are all heavily dependent on technology
- This dependency creates a significant vulnerability to cyber-attack, particularly if our reliance creates single points of failure within our systems

7. Universal access to and use of information
- Access to real time information will continue to increase as social media and advances in technology create new patterns of communications
- Citizens are becoming both producers and consumers of information
- Legitimacy and accuracy of information must constantly be questioned and verified

8. U.S. demographic shifts
- Potential increasing populations, ethnic diversity, and larger percentage of senior citizens will create additional planning challenges

For tips and best practices on designing a crisis management program, download Best Practices for Crisis Management.

TRP Download

Tags: USCG, PHMSA, OSHA, Emergency Preparedness, EPA, Facility Management, Emergency Management Program, FEMA