By John Schrot, Jr.

Don’t let a disaster black out your business.  Most companies don’t survive emergencies.  Delay, in and of itself, can be devastating to the success and/or viability of a business.   While there are many aspects of business preparedness, this article focuses on legal preparations.

Perhaps the most relevant law to remember is Murphy’s Law.  “Murphy’s Law” provides that if anything can go wrong, it will at the worst possible time.  Murphy’s Law is synonymous with emergency or disaster, and therefore emergency preparedness is today in many instances a legal requirement, and if not achieved will possibly result in adverse legal consequences to you and/or your business.

From a legal perspective, it is imperative that you prepare your business for the unthinkable.  Prepare your company in the event of a lawsuit.  With tort reform in the law, various lucrative litigation areas for attorneys such as products liability and medical malpractice are not as inviting, and plaintiff attorneys continue to explore new ways and targets to address the void.  Do not consider yourself and/or your business immune, and do more than cross your fingers.  The businesses and situations ripe for disaster are so diverse that we cannot possibly address them all.

In any emergency or disaster it is imperative that your business has a disaster plan.  Of course this has to include human resources, physical resources and business continuity.  It should also include a litigation technical support team, including your corporate counsel and professionals with a knowledge and understanding of both contemporary and historical protection  issues.  You should also have a crisis management team, that is sufficiently trained and practiced.  It may be advisable to have emergency management software, and computer data distribution, such that if the central server goes down, the employees have up-to-date information and backup.  Should you get involved in litigation, this information will be very important.  Protect against virus attacks and computer hackers, as there is potential liability for failing to protect, and this is especially true with respect to the emphasis on privacy today and against losing valuable customer records.

Emergencies are more predictable today.  Even our government is stating that it is not a question of whether our country will again be attacked as terrorists, but rather when.  It is becoming more difficult to defend a lawsuit or prosecution by stating that you reasonably could not have known of the possibility of the emergency.  The climate is such that it appears that there is an expanded duty to protect your employees, customers and business.  You risk legal exposure today if you fail to train your employees how to handle a workplace crisis, as such training can be instrumental in preventing or reducing some types of crises from occurring or escalating.  Employing practical training principles can help you stay focused and allow you to function effectively during a crisis.  Businesses also have a duty to mitigate their damages associated with any loss.  The information, training, organizations and other resources are currently available to you and your businesses, and failure to reasonably implement a disaster plan, principles and/or training will weaken your legal defense in the event a claim, demand or lawsuit is made against you and/or your company.  There are hundreds of books, software tools and research reports that are available as business continuity resources.

Emergency management from a legal perspective should be looked at with an emphasis on the positive aspects of preparedness, rather than the negative effects of an emergency such as deaths, fines and criminal prosecution.  Such preparedness reduces exposure to civil or criminal liability in the event of an incident, and facilitates compliance with regulatory requirements of federal, state and local agencies, as well as other positive aspects.

The importance of effective emergency preparedness in management is now greater than ever and requires renewed attention by every company.  Any company is susceptible to catastrophic emergencies, which can have adverse consequences to the company, its employees, creditors, shareholders and others.  Directors and officers have the ultimate responsibility to prepare for and manage through such emergencies, and therefore I would like to focus on their legal exposure.

The business world has been placed on notice with respect to the magnitude and potentially incapacitating nature of severe emergencies.  Accordingly, directors and officers now have a heightened obligation to anticipate and prepare for this level of unprecedented exposure.  Absent comprehensive and effective planning, directors and officers may face serious legal, public and moral criticism if disaster strikes.  Though most large businesses have had disaster plans, recent developments demonstrate the importance of updating those plans and developing a predictable, functioning and effective program for catastrophic emergency preparation and response.

From a directors’ and officers’ claims perspective, liability exposure in this context can potentially arise in lawsuits by (i) employees, customers and other persons who suffered personal injury, bodily injury, property damage or other injury or economic loss, (ii) creditors and other company constituents who incur damage as a result of the company’s inability to pay debts or otherwise comply with its obligations, and (iii) shareholders who allege derivative claims on behalf of the company for losses incurred by the company or who allege securities claims for failure to disclose material information regarding the company’s risk and level of preparedness.  In any such litigation, potential allegations could focus on the extent to which the directors and officers adopted adequate precautions, implemented effective response plans and appropriately reacted to actual or threatened incidents.

We live in a dramatically altered world.  Nothing can fully prevent emergencies and/or disasters, but the consequences from such events can be significantly altered with appropriate preparedness.  It is now the job of directors and officers to formulate and implement those plans of preparedness, even if the threats appear to subside.

Directors and officers need to address emergency planning.  They should approach this task with the same sense of urgency, importance and thoroughness as is given the most important issues within the company.  As previously stated, use of external consultants and other resources is recommended in order to assure that an appropriate perspective is realized and all necessary components of the plan are being addressed.

From a director’s and officers’ perspective, some of the more important elements of an emergency preparedness plan include:

  1. Develop or update the company’s emergency preparedness plan.  Assemble the appropriate team, assess the company’s risks for various types of emergencies, set forth specific procedures for different types of emergencies, and provide ongoing education and training.
  2. The company should re-evaluate its commitment to and policies regarding security at all levels of the company.
  3. Companies are now faced with a variety of new challenges relating to employee safety and relations.  Companies may have a higher legal standard for screening the backgrounds of job applicants and current workers in order to detect possible security risks, although making employment decisions on that basis without strong evidence demonstrating a true security risk may lead to charges of wrongful employment practices.  Also, companies should be sensitive to the potential for workplace harassment against women and/or certain ethnic groups and may need to implement specific training or other workplace protections in light of those risks.  There are no easy answers, and management is often placed in a catch 22 situation, but companies can increase the likelihood that their decisions are eventually supported by the Courts if the companies can demonstrate that their decisions were thoughtful, consistent with expert advice, and made in good faith so as to balance the legitimate competing interests of employees and the company.
  4. Lastly, there should be an effective emergency plan which includes contingencies for a sudden change in the location of the company’s nerve center, or alternative means to perform the company’s critical functions, and senior management emergency succession.

Recent developments also require companies to re-examine numerous aspects of their entire insurance program.  If litigation ensues, they will want coverage for defense costs and any settlement, award or verdict.  All company insurance policies should be audited comprehensively not only for coverage, but also with focus upon the financial security of the insurers providing the coverage.  Also underwriters are focusing more on the existence and extent of a company’s emergency preparedness, training, education and precautions.  Those companies which can demonstrate a thorough, comprehensive and effective approach to managing risks from catastrophic emergencies will likely receive better underwriting treatment and head off higher insurance premiums.  From the standpoint of officers and directors, the three standard insurance policies which should be particularly re-examined are the D & O liability, general liability, and the kidnap/ransom insurance policies.  But business insurance is not enough.  You need to have an emergency plan.

Technology and terrorism have changed the world in many ways.  Among other things, they have changed to some extent the focus and responsibility of directors and officers.  Those companies that respond to this new and volatile environment with thorough, comprehensive and informed initiatives will likely adapt to these changes quite well.  However, those directors and officers who do not give adequate attention to these developments run an increased risk of incurring for themselves, their company and their constituents dreadful and perhaps avoidable financial, human and other loss.  How vulnerable is your company or organization?  How vulnerable are you personally?