Water safety
In the months after the terrorist attacks of Sept. 11, 2001, F-16s patrolled the skies over New York and Washington, D.C., and the FBI launched an intensive hunt for terrorists. But homeland security involves more than F-16s and the FBI: It also concerns water treatment plants, pump stations and distribution pipes.
The safety of the water supply is a pressing issue, and the focus on terrorism has prompted new federal requirements to safeguard water systems. While it is impossible to prepare for every contingency or prevent every threat from becoming reality, straightforward solutions often provide the greatest security measures. It is important to use common sense. Keeping gates locked and employee awareness high will significantly increase facility security.
Understanding risks
The first step in safeguarding facilities is to understand the threats. Utilities must prepare for unlikely events that could result in catastrophic loss of service as well as fairly frequent problems that cause little disruption to the system.
Weather problems and natural disasters are the most likely threats. Coastal areas must prepare for risks from hurricanes like flooding, high winds and storm surges. Utilities in the Great Plains must address tornadoes and ice storms. West Coast systems must consider earthquake response.
Sabotage or terrorism-related risks are less likely — no water system in the United States has been attacked by terrorists — but are of greater public concern. In fact, terrorist threats often are more perceived than real risks.
For example, while the public may worry about contamination of the water supply with biohazards such as bacteria, viruses or poisons, studies have revealed that only massive amounts of those materials could endanger public health. Tanker truckloads of the biohazard would be required to cause a major public health threat to a large utility. It is not a likely risk, but even a tiny amount of a contaminant released into the water supply could cause public hysteria and mistrust of the system.
Utilities must address perceived risks as well as real ones to calm public fears. The key is education, according to Mike Stone, assistant director of the Upper Trinity (Texas) Regional Water District. “We provide information to our client utilities to help them meet public concerns,” Stone says. “We also educate our 26-member board, which is made up of client representatives, so they have the information they need to reassure the public.”
Evaluate all possible risks by their likelihood and the amount of damage they would cause. The most likely and the most catastrophic threats should receive the greatest attention.
Meeting federal requirements
In response to the Sept. 11 attacks, Congress passed the Public Health, Security and Bioterrorism Preparedness and Response Act of 2002. The act requires that water utilities serving more than 3,300 customers certify the completion of vulnerability assessments and emergency response plans, and submit copies of the assessments to the Environmental Protection Agency (EPA). The act also requires EPA to develop information on the threats faced by water utilities (that information was supplied to utilities last fall), research methods to detect and respond to risks, and set protocols to protect the information submitted to the agency.
The largest utilities, those serving 100,000 people or more, submitted their vulnerability assessments by March 31 this year and currently are completing emergency response plans, which are due six months after the assessments. Utilities serving 50,000 to 100,000 customers must submit their vulnerability assessments by Dec. 31, 2003, and those serving 3,300 to 50,000 must submit assessments by June 30, 2004.
According to EPA, grants were available for the largest utilities to help prepare assessments; more than 400 systems received funding. To support mid-sized and smaller utilities, EPA is working with organizations and associations to develop intensive workshops and follow-up consultations. The workshops and consultations will be free and widely promoted.
However, numerous models and guides are readily available now. Utilities can begin by visiting the Web sites of EPA (www.epa.gov) and the Denver-based American Water Works Association (www.awwa.org). Stone recommends utilities take advantage of those resources. “The publicly available models are good, and they’re free,” he says. “I would also recommend if you’re a smaller utility with no one on staff with experience in security, hire a consultant. They’ll help you get through the process.”
EPA has established numerous procedures to ensure the confidentiality of submitted documents. Utilities are asked to send the vulnerability assessments by courier service and to use EPA-provided shipping labels. Documents should not be transmitted electronically and, once filed, are exempted from the Freedom of Information Act. According to EPA, vulnerability assessments are protected to the same extent as secret classified documents. They are stored in safes in secure locations, and only a limited number of EPA staff have been granted access to them.
Safeguarding facilities
In cooperation with EPA, Albuquerque, N.M.-based Sandia National Labs developed a methodology for water system security that recommends a deter, detect and respond approach. The most effective deterrents are often common-sense measures. Keep gates locked. Make sure fences are maintained and that there are no trees or overgrown grass around the perimeter of a facility. Increase lighting at night.
Utilities should issue security badges to staff and require everyone entering facilities to either have a badge or a staff escort. Making it difficult for anyone inappropriate to get in provides a reasonable level of security in itself.
Detecting intruders also takes common sense. Stone advises training staff to be more aware of anomalies in or near sites. “If your staff sees something out of the ordinary — a truck parked where it shouldn’t be, or someone they don’t recognize — they need to check it out or call the police,” he says.
Readily available security technology such as motion detectors, video cameras and intrusion alarms also can help detect intruders. Those technologies are useful particularly for remote facilities that are not staffed constantly.
Threat response also is difficult for remote facilities. It might take someone from a local sheriff’s office 30 minutes or more to reach a particularly remote pump station. Sometimes it makes sense to connect an intrusion alarm system directly to local law enforcement — but remote facilities are still at risk. That is why deterrents are so critical.
The days of a water treatment facility leaving its gates open so that the public can walk onto the site are over. That is the new reality. Security must be a priority for water utilities, so that they can address real threats and calm the public’s fears about perceived risks. However, common sense solutions often can provide the greatest safeguard for the public water supply.
The author is a vice president, Public Works Division, for Fort Worth, Texas-based Carter & Burgess.
