Two speakers at the workshop were selected to be somewhat “outside the box,” said planning committee co-chair Scott Mugno, with the intention of showing how similar issues in disparate sectors can be addressed with universal processes or approaches. One outside perspective came from an information technology specialist at the Federal Reserve; the second came from a former high-ranking Israeli government official.
Peter Purcell, Banking Supervision and Regulation, Federal Reserve Board, pointed to some interesting common threads between the fields of finance and biosurveillance. One is that people count. “Unless you have the people in the field who have an intellectual curiosity to look at the information and get insight and share that, you really don’t have anything.” The other common thread is the way that data have changed over time. The Federal Reserve has decades of experience collecting financial data, analyzing it, understanding what it means for the economy, and making it publicly available. But before the 2008 financial crisis, which changed the nature of data and data reporting, it relied largely on static reporting. It engaged in interagency collaboration through memoranda of
1This section is based on the presentation by Peter Purcell, Banking Supervision and Regulation, Federal Reserve Board.
understanding. Information security was a critical consideration. Standardized reporting formats allowed effective monitoring and analysis.
Even before the crisis, the world was changing, said Purcell. Data started moving and becoming available much faster. Business processes underwent significant modifications to respond to a changing economic environment. Previously, most reports were quarterly or annual. In the new environment, analysts needed to examine data on a day-to-day basis while still maintaining information security.
After the crisis, new data needed to be monitored and evaluated on an ongoing basis. Large quantities of detailed and aggregate data had to be submitted to new modeling and prediction tools. Improved collaboration and communication were necessary across the agencies while continuing to move quickly. “You can’t collaborate casually anymore; you need to have a thoughtful approach to managing massive information. At the same time, you need to be flexible to capture new information you never thought you’d need to go after, because the public policy response to something that’s happened Thursday needs to be announced before the markets open on Monday, and it needs to be secure.”
Data collection and analysis need support from leadership, Purcell said, and Federal Reserve Chairman Benjamin Bernanke has been providing this support. In recent testimony, Bernanke said, “we have begun an enhanced quantitative surveillance program for large bank holding companies that will use data analysis and formal modeling to help identify vulnerabilities at both the firm level and for the financial sector as a whole. This analysis will be supported by the collection of more timely, detailed, and consistent data from regulated firms” (Bernanke, 2010).
Analysis and communication also requires trust, said Purcell. Memoranda of understanding can define protocols, but leadership and collaboration are essential for people to keep from getting overwhelmed. People cannot fight fires year after year without eventually burning out, he said, which means that systems and procedures need to be in place to take the pressure off them.
In response to a question about the Paperwork Reduction Act, Purcell noted that the collection of information has changed drastically in recent years. The broad mandate still holds to not add a burden to respondents
that is greater than the public value obtained from the information collected. “That is still good public policy.”
A workshop participant pointed out that one way to secure data from others is to make those data more useful to them—for example, by providing an integrated view of the data. Purcell pointed out that the Federal Reserve often tries to provide data that are useful to financial organizations, though it also has the statutory authority to collect data to do its mission.
With regard to overlapping authorities, roles and responsibilities evolve over time, especially as people adjust to conflicting directives. But it is also possible through law or presidential directives to define who does what.
“We must share information,” said Isaac Ashkenazi, National Leadership Preparedness Initiative, Harvard University. “The price for not sharing might be costly in terms of blood, property, and lifestyle, and in many cases in Israel it is a survival issue.” The 1991 Gulf War exposed many weaknesses in civil defense, including limited coordination, inadequate communications, and a lack of information sharing. The Home Front Command was established in 1992 with the responsibility for preparedness and response to home front emergencies.
Sharing occurs on different levels and involves many different types of information. It includes the development and communication of information on national threats, planning scenarios, the national response framework, the security information that is needed, and the same system of continuous and joined training. Also, sharing is not automatic, and it is not a technology problem, he said. It is a deeply embedded psychological and social engineering problem. Society encourages antisharing strategies, and people are taught to be individualists. Organizations and personnel are appraised by how well they hoard information and are evaluated on the basis of their individual missions, which creates a culture of silos.
2This section is based on the presentation by Isaac Ashkenazi, National Leadership Preparedness Initiative, Harvard University; former head of the Medical Services and Supply Center for the Israeli Defense Forces (IDF) and former Surgeon General for the IDF Home Front Command.
Solving the Problem
Systems approaches are essential to promote sharing, said Ashkenazi. As such, nations need to develop four key documents. The first is a summary of prioritized national threats in which the medical community develops scenarios based on intelligence. The second is a national planning scenario. The third is a national response framework that details how the emergency systems will work together. The fourth is a medical response framework. The United States does not have a national threat document or planning scenarios informed by the medical community. It does have a national response framework written by the Department of Homeland Security, which Ashkenazi deemed an “excellent document.” But it does not have a medical response framework.
“Information sharing requires a common language,” said Ashkenazi, as well. For example, acronyms and technical language can get in the way of understanding. “The provider and the receiver should well understand all information implications.”
Most important, emergency planners need to share information with the public. “If you share with the public, it means that you know and trust the public,” Ashkenazi said. If governments cannot share information with the public, then they will not be able to share information within government.
Leaders cannot pass on the responsibility for sharing, Ashkenazi said. They have a tendency to delegate this responsibility to lower-level managers, but this increases silos and decreases collaborative efforts. In a military environment, commanders expect obedience. But in the civilian environment, obedience does not have any meaning. People can only trust and build relationships.
An attractive environment for sharing includes such features as monthly interactions, a rotation of hosting, building trust and relationships, sharing relevant information, and time for play. Groups should engage in “games, training, learning, crisis games, simulations, drills, and workshops.”
Ashkenazi observed that sometimes there is too much information, causing overload. No single organization can control that amount of information, which means that information sharing can be interpreted as a
failure. Furthermore, only about 25 percent of the information that is collected in Israel is ever used, said Ashkenazi, and only 5 to 7 percent is used to determine outcomes. “We are collecting more than 90 percent of the information just to collect it. Start from minimal [needs] and essential sharing, then define the gaps, gives, and gets.”
Financing for emergency preparedness is siloed, just as information is. Instead, collaborative funding for emergency preparedness is crucial. Israel decided to support emergency preparedness in general rather than supporting organizations, and organizations were funded on the condition that they shared information. After 2 years of distributing the money by mission, said Ashkenazi, agencies were working together rather than in silos.
Finally, one needs to “start with the end and end with the start.” People should start by defining the outcome they desire. They then should define the information gaps needed to achieve that outcome, find information suppliers who can bridge that gap, share and analyze information, and show success. They also should acknowledge the outcomes achieved through that information, especially high-stakes outcomes such as preventing a bioterrorist event.
In response to a question from the moderator about cross-border information sharing, Ashkenazi said that Israel shares information even with its enemies. For example, it shares information about diseases, terrorist groups, natural disasters, and other items of mutual interest. “This is about saving lives and resilience; this is not about killing.”
When asked about the use of social media in an emergency, Ashkenazi said that the use of social media is “low threat, high benefit,” in that the users of social media are generally not in a threatening situation and gain many benefits from sharing information. But in an emergency, information sharing is high threat and low benefit, which reduces the value of social media exchanges.
Finally, in response to a question about government sharing of information, Ashkenazi said that discussions need to occur about which kinds of information the public, law enforcement, the medical community, and the emergency response system should receive.