|
Volume 24 — Issue 32 | August 8, 2024 |
|
|
The 2019 COVID-19 outbreak highlighted the ongoing need for effective respiratory protective devices for workers, especially in healthcare. Many public safety workers also use respirators on a routine basis.
The Occupational Safety and Health Administration (OSHA) requires that respirators be fit-tested to the wearer’s face. However, the aim of fit testing is to achieve a tight seal to the face, and facial hair may interfere with this tight seal.
For this reason, OSHA’s Respiratory Protection Standard (29 CFR 1910.134(g)(1)(i)(A)) currently prohibits employees from wearing respirators with tight-fitting facepieces if there is any hair growth between the skin and facepiece sealing surface.
Some workers do not shave facial hair, and some have religious, cultural, or medical reasons for doing so, which can make compliance with OSHA’s facial hair requirement for respirator use difficult.
To address this, the National Institute for Occupational Safety and Health (NIOSH) has just announced a project it is undertaking to determine how well respirators provide protection to workers with facial hair when using an under-respirator cover (beard band).
The project will be conducted between NIOSH and respirator manufacturers, NIOSH approval holders, and beard band manufacturers. These stakeholders may volunteer to participate in the testing through collaborative agreements with NIOSH using a government-private partnership development model.
The outcomes of this study may have a significant impact on Respiratory Protection Programs and related policies for many public safety agencies, especially fire departments who use these respirators routinely.
Results of this project may be used by NIOSH approval holders to seek NIOSH approval for the use of beard bands as part of an approved respirator configuration. This will allow for an increase in respiratory protective devices available to workers with beards and the ability to accommodate workers who do not shave for religious, cultural, or medical reasons.
Public safety agencies may be interested in submitting comments to NIOSH in response to this notice or sharing information about this opportunity with manufacturers who may be interested in participating. Public comments and letters of intent to participate in this study are due by Monday, Sept. 23, 2024.
See NIOSH’s notice in the Federal Register, Partnership Opportunity to Determine the Fit of Air Purifying Filtering Facepiece Respirators Worn Over Beard Bands for Workers with Facial Hair, to learn more.
(Source: NIOSH)
|
|
|
In July, sixteen national and international emergency medical services (EMS), patient safety, and public policy associations released a Joint Position Statement on EMS Performance Metrics – Beyond Response Times, which was published in the journal Prehospital Emergency Care.
EMS exist to provide safe and effective out-of-hospital medical care to communities. Historically, response time has been the primary measure used to assess the performance of an EMS system or agency.
In the statement, the groups recommend prioritizing evidence-based clinical, operational and financial measures over response times.
The 16 associations recommend that local communities and governments modernize the assessment of the performance of their EMS systems/agencies by evaluating a broad array of domains with key performance indicators (KPIs) that can be measured and trended over time, and whenever possible, benchmarked with comparable EMS systems, or other national data, and published to local community stakeholders on a regular basis.
The statement is the second major collaboration among these national associations. The prior joint position statement from these groups encouraged EMS agencies to reduce lights and siren responses to improve community and patient safety.
Access the Joint Position Statement on EMS Performance Metrics – Beyond Response Times in Prehospital Emergency Care.
(Sources: Prehospital Emergency Care, JEMS, EMS1)
The National Council of Statewide Interoperability Coordinators (NCSWIC) Planning, Training, and Exercise (PTE) Committee announced the release of its Set Your PACE flyer on July 24.
The “Set Your PACE” flyer advocates for public safety agencies to practice and develop their Primary, Alternate, Contingency, and Emergency plans for emergency communications.
The flyer features a QR code that links to another Planning, Training, and Exercise Committee Product, Leveraging the PACE Plan into the Emergency Communications Ecosystem, which provides a deeper understanding of the importance of the PACE plan. Additional emergency communications resources are also linked within the flyer.
PACE planning is vital to preparing critical communications for out-of-the-ordinary situations. Developing and practicing a PACE plan improves an organization’s resiliency and preparation for the next disaster. Following the PACE model produces strategies and redundancies that maintain communications despite disrupted communications networks. It is important for practicing PACE to be at the top of mind for agencies across the nation.
The “Set Your PACE” flyer can be found on the Training and Exercises page. To learn more about NCSWIC’s work, visit the NCSWIC page or email NCSWICgovernance@cisa.dhs.gov.
(Source: CISA)
The Federal Emergency Management Agency (FEMA) recently gave its Building Science Videos page a makeover, with updates to several videos and a new video series on Designing for Wildfire.
The Designing for Wildfires training series is presented by FEMA's Building Science Disaster Support Program. This comprehensive five-part series, created by the Marshall Fire Mitigation Assessment Team, aims to expand knowledge of wildfire vulnerabilities in the built environment.
The series is available via the Building Science Videos page at FEMA.gov. On this page, you can review all videos in FEMA’s building science collection, which feature case studies, success stories, interviews with top experts, and training to shed light on how to create sturdy, sustainable, resilient structures.
(Source: FEMA)
|
|
Royal ransomware actors rebrand as “BlackSuit,” FBI and CISA release update to advisory
On Aug. 7, CISA—in partnership with the Federal Bureau of Investigation (FBI)—released an update to joint Cybersecurity Advisory #StopRansomware: Royal Ransomware, #StopRansomware: BlackSuit (Royal) Ransomware.
The updated advisory provides network defenders with recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with BlackSuit and legacy Royal activity. FBI investigations identified these TTPs and IOCs as recently as July 2024.
BlackSuit ransomware attacks have spread across numerous critical infrastructure sectors including, but not limited to, commercial facilities, healthcare and public health, government facilities, and critical manufacturing.
(Source: CISA)
CISA releases Secure by Demand Guide
On Aug. 6, CISA and the FBI released Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem which helps organizations buying software better understand their software manufacturers approach to cybersecurity and ensure that secure by design is one of their core considerations.
An organization’s acquisition staff often has a general understanding of the core cybersecurity requirements for a particular technology acquisition. However, they frequently don’t assess whether a given supplier has practices and policies in place to ensure that security is a core consideration from the earliest stages of the product development lifecycle.
This guide provides organizations with questions to ask when buying software, considerations to integrate product security into various stages of the procurement lifecycle, and resources to assess product security maturity in line with secure by design principles. Informed by the threat landscape, it provides categorized sets of actions that, if done correctly will demonstrate to the customer that the software manufacturer is taking actions that will drive down exploitable defects and misconfigurations – a safer product for the customer.
(Source: CISA)
|
|
McLaren hospitals disruption linked to INC ransomware attack
On Tuesday, Aug. 6, IT and phone systems at McLaren Health Care hospitals were disrupted following an attack linked to the INC Ransom ransomware operation.
McLaren is a non-profit healthcare system with annual revenues of over $6.5 billion, which operates a network of 13 hospitals across Michigan supported by a team of 640 physicians. It also has over 28,000 employees and works with 113,000 network providers throughout Michigan, Indiana, and Ohio.
Even though McLaren has yet to disclose the nature of the incident, employees at McLaren Bay Region Hospital in Bay City have shared a ransom note warning that the hospital's systems have been encrypted and stolen data will be published on INC RANSOM ransomware gang's leak site if a ransom is not paid.
INC Ransom is a ransomware-as-a-service (RaaS) operation that surfaced in July 2023 and has since targeted organizations in both the public and private sectors.
The list of victims includes education, healthcare, government, and industrial entities like Yamaha Motor Philippines, the U.S. division of Xerox Business Solutions (XBS), and Scotland's National Health Service (NHS).
(Source: Bleeping Computer)
Hackers release reams of stolen Columbus data on dark web
Foreign hackers from a group that calls itself Rhysida have begun releasing data stolen from city of Columbus servers onto the dark web, as Mayor Andrew J. Ginther remains mum as to how that may affect city employees and members of the public whose information may have been compromised.
The Dispatch reported Wednesday that the cybercriminals continued to blackmail the city of Columbus over a data breach of city computer files that occurred last month, threatening to publicly release a huge trove of stolen information unless someone purchased it on the dark web for roughly $1.7 million by Wednesday morning.
Brian Steel, who heads the Fraternal Order of Police Capital City Lodge #9, the union for city officers, said Wednesday that the number of officers who are experiencing issues with identity theft on bank and credit card accounts continues to multiply, "same type of stuff, including retirees," Steel said.
(Source: Columbus Dispatch)
North Miami City Hall closed after possible cyberattack, impacting some government services
North Miami City Hall is closed to the public until further notice after the city experienced a possible cyberattack, impacting some essential government services.
North Miami informed its residents that emergency response services, including the 911 call center, remain fully operational as the process unfolds.
(Source: CBS News)
Hackers attacked the Austin area's 911 call system on Sunday. Here's what that means.
A cyberattack threatened to shut down Central Texas' 911 call system Sunday, Aug. 4.
The Capital Area Council of Governments, which operates the system, confirmed to KUT that intermittent 911 outages were the result of a denial-of-service attack in which hackers flooded call centers with robocalls. The attack caused technical difficulties in Austin, Cedar Park, Hays County and Lakeway.
CAPCOG said it was notified about the hack around 1 p.m. by Round Rock's 911 call center. It said it determined the robocalls came from AT&T numbers, so it worked with the provider to identify and disconnect them. Normal operations were restored around 8 p.m.
APCOG said the attack disrupted service at call centers in at least seven of its 10-county area, affecting 21 law enforcement and first-response agencies in Central Texas.
CAPCOG said it informed federal authorities about the attack, per federal guidelines.
(Source: KUT News)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
|
Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|
