…when up pops somebody, eventually…
Interesting story in the news last week about someone infiltrating the perioperative area at a hospital in the Boston area (the news story identifies the hospital, so no need to do that here, IMHO). Every time I see one of these types of stories, it makes me glad that I do not still have operational responsibilities for a hospital security department. (In many ways, I have made something of a career of embracing thankless jobs in the healthcare realm; well, maybe not completely thankless, but it can be tough for folks at the bottom of the healthcare food chain. But enough about that.) Apparently, this individual was able to gain access to the perioperative areas, including the restricted portions, without having an identification badge. Now I will say that, based on my observations, the healthcare industry is much better about wearing ID badges, but I will also say that the OR is a tough spot to practice enforcement of your ID policy, especially during the busy times. And then there is the subject of tailgating, which is a time-honored tradition, particularly when you move to an electronic/badge access solution for controlling who gets where in your organization. And, short of installing turnstiles at all your entry points (now wouldn’t that create some noise?), tailgating is going to continue to be a vulnerability relative to security. Much as learning that the NSA was listening in on lots of conversations, I didn’t find this particular news story, or indeed the event, particularly surprising. In all likelihood it happens more than we know—from salespeople to distressed families to the media, the list of potential candidates for such an incursion is rather lengthy. (I’m sure you can add to that list and please feel free to do so!) The source article for the above story indicates that the individual was identified as an interloper when “physicians caught on” (I could be glib and throw out a “maybe she didn’t know the secret handshake,” but that would be catty), so I guess it’s good to make sure that you have good participation from your medical staff in the matter of ID badge compliance.
All that said, and in full recognition that logic doesn’t always prevail, I have a sneaking suspicion that this might just join active shooter response on the regulatory survey security hot topic list (remember when nuclear medicine deliveries were the flavor of the month?). I think anyone having survey over the next little while would be well-served in considering how to respond to queries regarding access control in your ORs and other areas.
It is a most delicate balance: protecting folks and yet providing access to all the patients we serve. Maybe there will be some grant money floating around that could be used for this purpose—nah!