Most organizations in hazard-related industries, such as natural gas pipeline organizations, chemical manufacturers, waste processing plants, and oil organizations, have examined their hazardous incident risk profiles. As a result, they have put together hazardous incident response policies and procedures, designated and trained response personnel, run hazardous response drills, and put a coherent response program in place. They might also have identified a number of third-party hazardous incident response organizations and written procedures for rapid response deployment.
Many state and federal laws, as well as regulations in a variety of industries, demand such preparedness. Yet, in very few instances have organizations included their records and information management (RIM) functions in the hazardous incident response program, even though incident response success and compliance with a variety of local, state, and federal agencies are largely measured and tracked via record-driven processes.
A relatively small fuel spill, for example, can create a mountain of data through the response operations in the field. Management and control of that data is essential- not only for running efficient day-to-day response operations and complying with the inevitable legal hold, but for mitigating future risk.
It makes sound sense, then, for organizations to leverage their RIM expertise as an integral part of their incident response operations. The development of RIM incident response processes will be the natural outgrowth of the RIM infrastructure.
For organizations with less overt hazard profiles and no existing incident response program, this article will provide valuable guidance in exploring hazardous incident response needs and the potential role of their RIM programs.
Using the RIM Program as Foundation
The cornerstone of a quality hazardous response program rests, of course, on the strength of the RIM department--its organization, the clarity of its policies and procedures, the efficiency of its workflow processes, and the quality of its record retention schedule.
An organization's clear, concise, and comprehensive record taxonomy and its associated retention requirements that are fundamental to the organization's success will also support its input and management of hazardous incident response data. Likewise, the continuation of strong record management workflows and procedures, with some adaption, are important to an incident response.
For example, much of the incident response field data can mirror, again with some adaptation, the functional record categories in an organization's established record retention schedule. With a little extra work and foresight, a template can be built for new types of incident response records.
The U.S. Federal Emergency Management Agency's (FEMA) Incident Command System (ICS) documentation discussed later in this article is an excellent resource for estimating response document types and records management workflow. See the sidebar below for more information about the ICS.
Establishing the Chain of Command
Another integral structural process in establishing a successful incident response program is defining a clear chain of command. It's essential to this process to have a top-down organizational flow. Management, compliance, and legal units must be on beard and understand the value of incident response records management and control.
Often in the initial frenzy to respond, an organization's focus narrows to a purely operational mode. This is understandable, as the main thrust should be to address the issue as quickly, safely, and efficiently as possible. However, initiating a two-pronged response with an operational and RIM-based document unit team (even in the early hours of the catastrophe) is desirable and certainly doable with the proper preparation. …