HR 3258 Analysis – Emergency Response Plans

This is another in a continuing series of blog postings about the recently introduced HR 3258, the Drinking Water System Security Act of 2009. This bill is designed to be a companion bill to HR 2868, the Chemical Facility Anti-Terrorism Act of 2009, extending chemical facility security rules to water treatment facilities. Previous postings in this series include: HR 3258 Section-by-Section Analysis HR 3258 Analysis – Political Background HR 3258 Analysis – 50 Enforcement Agencies HR 3258 Analysis – Substance of Concern HR 3258 Analysis – Vulnerability Assessments HR 3258 Analysis – IST Assessments HR 3258 Analysis – VA-SSP Review HR 3258 Analysis – Protected Information HR 3258 Analysis – Employee Participation One of the major differences between this legislation and HR 2868 is that here §1433(i) requires each covered system to prepare and periodically update an emergency response plan (ERP). Such plans are not specifically targeted at chemical issues, but they are only required to look at responses to effects of ‘intentional acts’. I am not familiar enough with other EPA water treatment facility regulations to know if there are similar emergency response plan requirements for results of accidents or incidents due to natural causes such as weather, earthquakes or fires. ERP Certification There are no requirements for facilities to submit their ERP to the Administrator or State agencies with oversight responsibility for the facility. Instead, the drafters of this legislation simply require the facility to certify to the Administrator that they have prepared such a plan. The timing for such certification is based upon the submission of the facility vulnerability assessment. The legislation would require the facility to submit their certification “not later than 6 months after the system’s first completion or revision of a vulnerability assessment under this section and shall submit an additional certification following any update of the emergency response plan” {§1433(i)(2)}. This time limit is interesting because the ERP is required to incorporate the “the results of the system’s most current vulnerability assessment and site security plan” {§1433(i)(1)}. Since the time frame for preparing and submitting a site security plan is not set in this legislation (the Administrator will set that time limit in subsequent regulations), it is not clear that the site security plan will be completed by the time that ERP certification is due. ERP Coverage The ERP will cover ‘plans, procedures and identification of equipment’ that will be used to respond to “an intentional act at the covered water system” {§1433(i)(3)(A)}and “…obviate or significantly lessen the impact of intentional acts on public health and the safety and supply of drinking water provided to communities and individuals” {§1433(i)(3)(B)}. This legislation does do more than look at just chemical related security issues related to water treatment facilities, but the failure to specify that the ERP must outline chemical release notification procedures for neighbors of the facility is difficult to understand. Facilities with substances of concern need to be required to include in their ERP to provide specific coverage of issues related to releases of chemicals, especially when there is a possibility of off-site consequences from such a release. ERP Coordination While §1433(4) is labeled ‘coordination’ it only requires one-way communication of ‘appropriate information’ from the covered facility to “any local emergency planning committee, local law enforcement officials, and local emergency response providers”. The provision of such information (presumably to be more clearly specified in the resulting EPA regulations) is certainly an important first step in the development of a comprehensive ERP, but does not constitute ‘coordination’ in any sense of the word. At the very least, since this is a certification requirement not a requirement to submit an ERP for approval, the facility should be required to include in its certification an acknowledgement by at least one local law enforcement agency and one local emergency response agency that it has coordinated its ERP with that agency. Real Emergency Response Planning As readers of this blog are well aware, I am an outspoken proponent of effective emergency response planning. While I am pleased to see an ERP requirement in this legislation, the specific ERP requirements are weak at best. The legislation should require the Administrator to develop specific requirements for the ERP just as it does for the vulnerability assessment and site security plan mandates in the bill. Certification of the existence of an ERP meeting such requirements might be appropriate for low-risk facilities, but higher risk facilities with the potential for significant off-site chemical release consequences should be required to submit their ERP for approval. A facility has no control of the planning actions or capabilities of other local government agencies that must actually execute the off-site ERP response. Covered facilities must however, be required to initiate specific coordination efforts. For facilities with potential for significant off-site chemical consequences, this legislation should require that they provide local law enforcement and emergency response agencies with the following information, at a minimum:

Identification of on-site chemicals with potential off-site affects; Material Safety Data Sheets for those chemicals; Potential exposure distance for a worst case release for those chemicals; Information about inbound shipments of those chemical; and Facility point of contact for incident information.

The facility should be required to include in their side of the ERP:

Methods for detecting a potential chemical release; Methods for directly notifying immediate neighbors of toxic chemical releases; Methods for notifying local law enforcement and emergency response personnel of initiation of the ERP; and Methods for ensuring communication with local law enforcement and emergency response agencies during a chemical release emergency.