The Time Before a Crisis : An evaluation of Region Östergötland’s pre-crisis phase before the COVID-19 pandemic

Björnqvist, Anton

January 2021

During the spring of 2020, COVID-19 rapidly started to spread within Sweden, causing a crisis that affected the entire society, and in particular, the health care sector. What makes the COVID-19 pandemic a unique crisis is that it did not appear as a complete surprise when it reached Sweden. Partly because pandemics are expected to happen and therefore anticipated, partly because reports of COVID-19 and its effects were available before the disease caused a crisis in Sweden. This makes the phase before the crisis, known as the pre-crisis phase, quite long. For this study, it is argued that the pre-crisis phase encompasses actions taken before COVID-19 was known, predominantly in the form of the development of pandemic preparedness plans, as well as the actions taken when COVID-19 was known before it reached Sweden. However, due to the decentralisation of the Swedish political system, the twenty-one regions being responsible for the health care sector, and the uneven geographical transmission of the virus, the pre-crisis phase most likely differed across the country. In this study, it is the pre-crisis phase of Region Östergötland which has been examined and evaluated as a part of the Center for Disaster Medicine and Traumatology’s general evaluation of the COVID-19 pandemic in Östergötland. The study has aimed to answer the research questions related to how the pre-crisis phase was conducted, and how three different theories can contribute to the understanding of the pre-crisis phase. The theories used were Conflicting Objectives Perspective, High Reliability Organisation, and Resilience Engineering. To answer the research questions, semi-structured interviews with eight employees of Region Östergötland involved in the pre-crisis phase were conducted. The interviews were analysed using the thematic analysis approach. The thematic analysis showed that the pre-crisis phase was mainly characterised by organisational changes within the regular organisational structures, different challenges predominately related to acquiring personal protective equipment, a lack of information from the national agencies, and a slight underestimation. These themes were used to answer the first research question. To answer the second research question, the aforementioned theories were applied to the themes. This application showed that there are aspects of the three theories that can contribute to the understanding of the pre-crisis phase. These aspects can also be used during future pre-crisis phases. Furthermore, based on the contributions of the three theories and the thematic analysis, a new model was developed which can be used to describe the different phases of the pre-crisis phase. The application of the theories and the new model resulted in general guidelines highlighting the important processes during a pre-crisis phase, including the processes of monitoring, anticipating, planning, and preparing.

COVID-19

Pre-crisis Phase

Conflicting Objectives Perspective

High Reliability Organisation

Resilience Engineering

Command and Control

Planning

Preparing

Anticipating

Monitoring

Crisis

Pandemics

Corona

Medical Command and Control

Applied Psychology

Tillämpad psykologi

Cyberepidemiologi : Hur kan utbrottsdetektion inom folkhälsa hjälpa IT-incidentsövervakning?

Richter, Andreas

January 2018

This study aims to shed light on what a comparison between cybersecurity intelligence and public health surveillance systems can yield in practical improvements. The issue at hand is best described by the amount of threats both systems must detect. Intelligent malicious software, malware, designed by humans to spread and reap havoc in the abundance of unprotected networks worldwide and contagious diseases with millions of years of evolution behind their design to bypass human defences, infect and multiply. These two threats stand as mighty competitors to actors who try to monitor their presence to be able to give advice on further action to hinder their spread. The sheer amount of experience in public health of dealing with surveillance of contagious disease can contribute with important lessons to cyber intelligence when malware is becoming an even more alarming threat against everybody who uses the Internet. To compare them both this study uses high reliability theory to understand how Folkhälsomyndigheten, Sweden’s main authority in public health surveillance, and CERT-SE, Sweden’s national computer emergency response team, operate to make their surveillance as reliable as possible to detect emerging threats. Some key findings of the study points to the lack of regional or global binding policy’s to share information in the cyber security sector of which CERT-SE takes part in. The major roll of trust-based information sharing can be subject to shifts in relationships between states and excludes states with which no bilateral arrangements are made, but who may possess information of urgent necessity. The lack of arrangements in the cybersecurity sector, correspondent to the International health regulations by World Health Organization in public health, stands as a major difference between the two sectors access to information. However, this study may not stretch as far as to prove that the greater access to information would have proved to be of ease in a specific cyberincident. Case studies of this kind or further research of how agreements can be made in an anarchistic domain like the Internet are to be continued from this study.

cyber

cyber security

cyber intelligence

cyber surveillance

high reliability organisation

high reliability theory

public health

epidemiology

Folkhälsomyndigheten

CERT-SE

informationssäkerhet

folkhälsa

cybersäkerhet

cyber

cyberövervakning

it-incident