State switched emergency alert software months before missile-alert mistake

Always Investigating

A longtime provider of software for Hawaii’s emergency alerts says it’s not working with the state anymore, and its system had to have been replaced as recently as last fall.

The Hawaii Emergency Management Agency worked with AtHoc for years, managing emergency alerts in times of crisis like the 2011 tsunami.

But that decade-long partnership ended last year when Hawaii stopped renewing its software and support contracts.

AtHoc says that meant HI-EMA needed a new interface to use the public alert warning system called IPAWS, and its software was not used by HI-EMA when the false alert went out Saturday.

At the time, it didn’t have the “false alarm” option that now exists, so fully undoing the mess took 38 minutes.

“The one thing that took longest, unfortunately, was using the IPAWS system in putting out the broad alert through the phones,” said HI-EMA spokesman Richard Rapoza.

The state had said Saturday it needed Federal Emergency Management Agency approval to issue a correction, but after Always Investigating checked with FEMA and learned federal approval was not needed, HI-EMA recast it as seeking FEMA advice.

FEMA also told Always Investigating: “The state called us that morning to discuss the false alert and to ask for technical guidance….”

FEMA’s public alert network is just the back-end, and not the front-end user part of the system, so tech support would best come from the vendor who programmed the front-end interface.

HI-EMA did not yet respond to repeated requests for details about the AtHoc non-renewal, nor to confirm if it’s now using AlertSense, which appears to have hosted its weekend missile and cancel messages and was registered to do business in Hawaii last fall, nor to explain how much has been spent on the systems overall, other than to say the missile alert was added in November.

“The security alert type software, there are a number of vendors. We don’t want to say which vendor we use, because that kind of raises a security risk, because now people are going to want to hack into it,” Rapoza said. “We’re not going limit what could come out of the investigation. If there’s a finding that we need an interface that can’t be supported by this vendor, we would look at another vendor.”

HI-EMA responded just before this story aired to say a number of our questions are considered protected by a public records vetting process before any answers can be provided.

We will continue to follow up for answers about whose building, supporting and training how to use Hawaii’s emergency alert systems, and how much it’s all costing.

Copyright 2019 Nexstar Broadcasting, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.