H1N1 a Year Later: Lessons Learned

The Pandemic Wasn't as Severe as Feared, But Organizations Must be Vigilant for Next Disaster
H1N1 a Year Later: Lessons Learned
The 2009 H1N1 pandemic wasn't as devastating as some experts feared, but financial institutions still learned some valuable lessons that can be applied to future emergencies.

"This pandemic was really a good 'real world' test case of what the industry could handle in a pandemic," says Howard Sprow, President of the Securities Industry and Financial Markets Associations, (SIFMA).

June 11 marks the one-year anniversary of the first pandemic to be declared in more than 40 years by the World Health Organization. WHO has not declared the H1N1 (swine flu) emergency over yet, and says it will continue to monitor the disease's spread until July, when it will reassess the status.

The Centers for Disease Control (CDC) released the following data on the pandemic's impact:

  • Between 43 million and 88 million cases of 2009 H1N1 occurred from April 2009 to March 13, 2010.
  • Between 8,720 and 18,050 2009 H1N1-related deaths occurred during that same period.

Regina Phelps, a pandemic and business continuity planning expert, says these numbers show that the H1N1 pandemic was mild compared to what could happen the next time.

"Historically every pandemic is different," Phelps says. In the U.S., Georgia, Mississippi and Alabama are still experiencing some cases of H1N1. Phelps says that possibly by this summer the CDC will say the pandemic is over and move into the post-pandemic stage. But she says institutions should still keep an eye on what happens when the fall flu season rolls around.

How Financial Services Fared
As H1N1 spread throughout the country last spring, the financial services industry readied its plans. Sprow says the mildness of the disease helped lessen the impact on business operations.

Overall, the pandemic plans of financial services industry firms worked well, says Sprow. Even in areas where there were high levels of flu reported, there was minimal to no impact on the firms' ability to operate, he notes. One example he offered was the period when New York City schools were closing: No firms reported any real number of employees absent from their jobs.

When the pandemic was announced, industry organizations initiated their plans, but only went through the initial stages, with information being disseminated to employees.

Firms are now in the process of rewriting the different stages of their plans, adding different triggers -- not just basing their reaction to the WHO levels, but also looking at local conditions and adding them to the plan.

One key strategy of many pandemic plans included telecommuting. Sprow says that the question of how strong and robust the telcomm infrastructure is in the event of a major pandemic outbreak was tested. In the Dallas, TX area, industry watchers were able to capture a good amount of data from the firms around that area. "[The data] showed the resiliency of the Internet, and ISP firms in that location were able to keep up with the demand for bandwidth," Sprow notes.

Lessons Learned
Among the lessons learned from the H1N1 response:

  • Respond to Severity, Not Spread -- The single biggest lesson learned is that pandemic plans that were mapped to trigger on the different WHO phases didn't map well to what was actually happening in communities or geographic regions. "The WHO phases were based on the spread of the disease, not the severity," Sprow says. "The disease spread quickly, but wasn't severe in most areas of the world, including the United States." If an organization followed its plan based solely on WHO phases, there was a disconnect.
  • Don't be Complacent -- The good news is that the pandemic was mild. The bad news is that, because of the mildness, some organizations will develop a "ho-hum" attitude toward pandemic planning. "I've been telling my clients to remain vigilant and don't wave around the pandemic flag too much, but keep plans up to date," says Phelps. Her advice: Don't lie on your laurels. Remain vigilant, monitor illnesses with the organization. Don't lose contact with the local health department officials, and continue to monitor what is going on around the world through the WHO and the CDC.

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.