COVID-19 Endemic and CFATS

Last March at the start of the COVID-19 pandemic I wrote a blog post about the potential effects of the pandemic on facilities covered by the Chemical Facility Anti-Terrorism Standards (CFATS) program. Looking back at that post I am really happy with many of the forward-looking comments that I made. Today, with the rollout of vaccines well (if slowly) underway I hope for the same level of prescience in looking at the next stage of the evolution of this medical problem, the COVID-19 endemic. An article on the Wall Street Journal website describes that potential evolution.

Vaccine Mandates

While there are political and legal realities that prevent the Federal government from mandating widespread COVID vaccination there has been an increasing discussion of whether or not private companies can insist that their employees get vaccinated as a condition of employment. I am certainly not an employment lawyer (not any kind of lawyer), but I suspect that there would be all sorts of problems for chemical facilities that attempted to enforce such a mandate, union contracts and employee resistance being the two most obvious.

This does not mean that management cannot take measures to encourage voluntary vaccination. The simplest and most important will likely to be to provide employees time-off to stand in the vaccination lines; larger facilities may want to consider offering monetary or material support for mass vaccination sites. All of these outreach efforts should certainly include encouraging employee families to get vaccinated.

Industry associations should become politically involved in advocating for staff at critical infrastructure facilities to be included in priority vaccination programs.

Testing

While we have lived with other endemic infections facility management needs to remember that with most of these other diseases people are most infectious after the disease is physically manifested, the same cannot be said about COVID-19. Facility management is going to have to consider the advisability of being able to conduct testing of employees as local infection rates rise. Testing and tracing are going to be a long-term requirement to contain COVID-19 outbreaks in the future. This testing could be done on-site at facilities that have professional medical staffing (typically nurses or EMTs); smaller sites may want to consider contracting testing support with their current industrial hygiene supplier.

This medical testing is going to have to comply with local, State and federal privacy regulations. Facilities need to fully understand those requirements before implementing such a program.

Security Measures

Security is going to be affected by the waning and surging of COVID-19. Facilities will have learned a lot of security lessons over the past ten months. While the CISA chemical security inspectors have been allowed a certain amount of leeway in accepting temporary changes to site security plans to reflect changes in staffing and operations during the uneven progress of the pandemic, that will not continue as the pandemic transforms into an endemic. Facilities need to take a concerted look at their security processes over the last year and determine which ones they want to formally memorialize in their site security plans, either as permanent changes or as optional changes when changes in the medical environment warrant.

Where a facility wants to include COVID-reactive security changes in their security plans, they need to be careful in how they describe the conditions that would require their implementation. Failure to implement those changes when the described conditions apply would then be a violation of the facility’s SSP. One thing that facilities must include in these changes is a clear delineation of responsibilities for notifying CISA’s Infrastructure Security Compliance Division of the intent to implement the changes and when those changes revert to standard procedures.

This would also be a good time for facilities to start thinking about their future plans for new pandemics. The next pandemic will probably not be COVID-2X, the virus will likely be different as will the infection rate, the timing of infection, and the mortality rates. A pandemic response plan is going to have to deal with the different scenarios dealing with those variabilities. Lessons learned from COVID will be a starting point for those plans, but those lessons should not be the endpoint. Higher mortality rates, in particular, or going to have be seriously considered as they will have major impacts on facility slowdowns and closures.

The Insurrection

While there has been a definite pull-back in operations being conducted by right-wing radicals since January 6^th, the conditions that drive much of the support for those groups have not really changed. If there is another pandemic in the near future (and the timing of the next pandemic cannot be predicted), those socio-economic conditions will worsen quickly. Security planning for future pandemics will have to take that into account.

In the near term we are going to start seeing a new problem arise as federal officials really begin to look at these groups in ways that were not encouraged under the Trump administration. More people in the United States are going to be identified as being associated with various groups and a significant number of those so identified will start to show up on the lists that the TSA uses to vet people as being associated with terrorist organizations. That means that there will inevitably be current employees at CFATS facilities that will be so identified under the CFATS personnel surety program.

There is not much facility management can do in the advance of such notifications unless they are specifically aware of illegal activities being conducted on their premises. Facilities would run into all sorts of legal obstacles to firing employees for political views, even in the most ardent ‘right-to-work’ states. Facility management is going to need to have plans in place for what they intend to do when notified by ISCD that a current employee or contractor with unaccompanied access to their facility is identified by the TSA as having ‘terrorist ties’.