RSSAll Entries in the "Hospital security" Category

Don’t bleed before you are wounded, and if you can avoid being wounded…

…so much the better!

Part of me is wondering what took them so long to get to this point in the conversation.

In their latest Quick Safety utterance, our friends in Chicago are advocating de-escalation as a “first-line response to potential violence and aggression in health care settings.”  I believe the last time we touched upon this general topic was back in the spring of 2017 and I was very much in agreement with the importance of “arming” frontline staff (point of care/point of service—it matters not) with a quiver of de-escalation techniques. As noted at the time, there are a lot of instances in which our customers are rather grumpier than not and being able to manage the grumpies early on in the “grumprocess” (see what I did there?!?) makes so much operational sense that it seems somewhat odd that we are still having this conversation. To that end, I think I’m going to have to start gathering data as I wander the highways and byways of these United States and see how much emphasis is being placed on de-escalation skills as a function of everyday customer service. From orientation to periodic refreshers, this one is too important to keep ignoring, but maybe we’re not—you tell me!

At any rate, the latest Quick Safety offers up a whole slate of techniques and methods for preparing staff to deal with aggressive behaviors; there is mention of Sentinel Event Alert 57 regarding violence and health workers, so I think there is every reason to think that (much as ligature risks have taken center stage in the survey process) how well we prepare folks to proactively deal with aggressive behaviors could bubble up over the next little while. It is a certainty that the incidence rate in healthcare has caught the eyes and ears of OSHA (and they merit a mention in the Quick Safety as well as CDC and CMS), and I think that, in the industry overall, there are improvements to be made (recognizing that some of this is the result of others abdicating responsibility for behavioral health and other marginalized populations, but, as parents seem to indicate frequently, nobody ever said it would be fair…or equitable…or reasonable…). I personally think (and have for a very long time, pretty much since I had operational responsibilities for security) that de-escalation skills are vital in any service environment, but who has the time to make it happen?

Please weigh in if you have experiences (positive or negative are fine by me) that you’d feel like sharing—and you can absolutely request anonymity, just reach out to the Gmail account ( and I will remove any identifying marks…

In security we trust, insecurity we fear: Are you up for a challenge?

Last week we started noodling on where things might go from a regulatory/accreditation perspective as the dust “settles” relative to the management of behavioral health patients, ligature risks, etc., as well as the continuing march on infection control targets, items that are certainly on the radar. But there’s one other item that I keep coming back to (in my mind’s eye): Getting our arms around issues relating to workplace violence. While I have no data to support it beyond a general impression based on conversations with various folks, I would venture to say that, if you look at it purely in terms of “room for improvement,” concerns relating to the management of workplace violence has got to be sitting pretty near the top of the “to do” list (I suspect it’s at the top of that list, but if you should happen to either have this one completely under control or there’s something that concerns you more, I’d love to hear about it).

I don’t think (and I’m certainly not in a position to dispute) the numbers are indicative of anything but a pervasive, tough-to-solve issue, particularly in the current healthcare environment. I hear stories about difficulties getting funding for technology solutions, additional staffing to maximize those technology solutions, etc. sometimes forcing us to be reactive as opposed to being able to develop a proactive response. But in looking at the OSHA website as a warmup to penning this particular entry into the Safety Space canon, I noticed that some updated materials have been posted on the OSHA website, including an executive summary for hospital leaders, some examples of best practices, and some information on how you might integrate workplace violence prevention into your organization’s “regular” compliance activities. The addition of these materials, perhaps as a subset of being helpful, tells me that there’s still a fair amount of consideration being given to the subject and we, as an industry, might be well-served to give these materials a look-see. Share that executive summary with your organization’s leaders if you have not already done so; start talking with your organizational risk management and occupational health folks to start working towards elevating this to an organizational priority before the events of the day force you to do so (or to explain to your boss why you didn’t). I’ve worked in healthcare long enough to remember those halcyon days when hospitals were not the hotbed of safety and security risks they are today—until somebody invents a working time machine, we’re not going back there, so we have to focus on future improvement.

And, interestingly enough, I’m not the only one thinking about this stuff; I would encourage you to check out Tim Richards’ blog post. He provides some good food for discussion and perhaps even some early budget planning. There’s a lot of technology out there, some of it (I daresay) could be very useful in protecting folks in a more effective way. This one’s not going away any time soon, and to be honest, I can see this becoming something of a survey focus in the not-too-distant future.

Workplace Violence: One Can Never Have Too Much Info…

I will freely admit that sometimes it takes me a while to get to everything that I want to share with you folks and this is one of those instances…

Back in May (yes, I know—mea culpa, mea culpa, mea maxima culpa—it was even longer ago that I was an altar boy), ECRI Institute published some information on violence in healthcare facilities that includes a white paper, some guidance on how to share the risk landscape of your facility as it relates to workplace violence and some other information that is accessible upon enrolling in a membership program (they have quite a few different programs, this week’s stuff comes from the Healthcare Risk Control program). I suspect that the provided information may be representative of a loss-leader to drive traffic to their website and service programs (much as this blog is a labor of love and obsession, its function is rather much the same—I don’t know that they would put up with my yammering otherwise), but the information available through the above links are certainly worth checking out (there are also free newsletters; as noted in this week’s headline, information coming directly to you saves having to hunt it down).

Another item on my mental to-do list (and it may very well be that it is on my to-done list, but a little reiteration never hurt anyone) was to encourage you to keep an close eye on The Joint Commission’s standards FAQ page (you have to do a lot of scrolling to get to the Hospitals section—they’ve changed the formatting of this section of their website and it just feels quite clunky to me). At any rate, there are way more FAQs than there used to be (maybe more than there needs to be, but if you make the presumption that the characterization of these questions as being frequently asked, then it is what it is) and you can’t really tell which ones have changed (they do highlight new FAQs; lots of pain management stuff on there right now). They used to include a date so you could more or less keep track of stuff. I’m going to guess that there’s going to be a lot of following up relative to the whole management of ligature risks—and make sure you talk to your organization’s survey coordinator to make sure you access the Suicide Risk Booster (there just seems to be something odd about that as a descriptor). As much as any issue there’s ever been in the physical environment, the management of ligature risks is one for which you cannot be too well prepared (think an infinite number of Boy Scouts and you’ll be moving in the right direction).


Fall On Me: Keeping Emergency Management Changes in Perspective

As I was ruminating on a topic for this week’s conversation, the October issue of Perspectives came zipping over the electronic transom, and I think there is just enough stuff here to cobble together a relatively cogent offering to you all out there in the blogosphere (that’s right—after 10+ years, I’m working on cogency—who’d a thunk…)

First up is the announcement of proposed changes to the Emergency Management chapter (I say proposed, because the indication is that these changes still require approval by CMS) with an intended survey implementation date of November 15, 2017 (when the Emergency Management final rule takes full effect). From my experiences with folks, I still don’t think they’re barking up a tree for which we cannot (collectively) provide a reasonable response, but if you’re interested in what they think they need to change in the standards, the list of additions includes consideration of:

  • Continuity of operations and succession plans
  • Documentation of collaboration with local, tribal, regional, state, and federal EM officials
  • Contact information on volunteers and tribal groups
  • Documented annual training of all new/existing staff, contractors, and volunteers
  • Integrated health care systems
  • Transplant hospitals

Again, I don’t see anything that strikes me as being particularly daunting, though there’s still a fair amount of angst relative to these changes (as is the case with anything that changes). I know there’s been some consternation relative to managing Memorandums of Understanding (or Memoranda, if that be your preference) and Alternate Care Sites, but I think the important thing to keep in mind is that the journey to the Final Rule started back when the 2008 TJC standards were in full bloom. And I suspect that those of you who have been doing this for a while recall those heady days of focus on MOU’s, ASC’S, COOP’s and the like, concepts that have really kind of faded into the operational ether as the efficacy of those approaches has yielded wildly inconsistent levels of preparation. For some folks, MOU’s, ASC’s and COOP’s are essential, but I’ve also seen evidence that when the feces is striking the rapidly rotating blades, it is often the group that shows up first with the closest thing to cash that has access to resources. When you think about it, things like MOU’s are only an agreement to do the best one can under the circumstances—that’s why the interface with local and regional EM authorities is so very important. At any rate, next we’ll chat a bit about what the CMS survey instructions involve and why I think you folks are going to be in pretty good shape. I am curious as to whether or not there is an intent to modify the emergency response exercise requirements to more closely mirror the Final Rule—I guess all in the fullness of time.

Moving on to other Perspectives topics, it would seem that last month’s Clarifications and Expectations column was indeed the last official communication under George Mills’ direction. The column is on hiatus for the moment—I guess we’ll have to wait and see whether November brings it back (though oy could certainly make the case that EC-EM-LS topics are taking up a fair amount of space in the monthly Perspectives, Clarifications and Expectations columns notwithstanding).

There is a new Sentinel Event Alert (#58!) regarding issues relating to inadequate hand-off communications; the reason I mention it here is that, while the focus in Perspectives is very much on the clinical side of things, I think there is more than a little crossover into the safety / physical environment realm. I’m just planting the seed here, but I suspect that I will have more thoughts on this in the coming little while.

Finally (for this week), there is a piece on Workplace Violence as a function of screening for early detection of risk to harm self or others. I suspect that this may be a harbinger of next steps as it relates to how organizations are managing at-risk patients, particularly as a function of the current focus on ligature risks. In recognition that all the risks that are not medically/clinically necessary have removed, if you don’t have a pretty robust screening process in place, it makes it very challenging to manage the risks that remain. At any rate, I’d keep an eye on this one—much as they’ve been peeling the Infection Control “onion” over the past couple of years, I think this is how they’re going to expand focus in the behavioral health realm.

But, as a subset of that, I did want to muse a bit on those instances when entities that were thought of as “friendly” turn out (under certain circumstances) to be not so much. I suspect that most of you saw the news item back in July regarding the nurse working in the ED of a hospital in Salt Lake City, UT, who was forcibly arrested by local police for not acquiescing to a request that was not allowed by organization policy (if you missed it, you can see some of the story here or here.) I mention this only to point out that the management of this stuff is not always simple (OK, it pretty much never is simple), but this does offer up yet another facet to how facilities safety and security professionals have to proactively advocate for staff (and patient) safety. Some of the images of the arrest are most harrowing and definitely beg the question of how this came to pass in this day and age (or maybe it’s not as questionable an outcome as perhaps it might once have been). At any rate, it’s always important to periodically review what I refer to as the “rules of engagement,” particularly when it comes to interacting with law enforcement folks. If our folks can’t be protected from our “friends,” then what shot do we have against an unknown/unknowable “foe.”

Remembering it wasn’t fair outside…

First off, a mea culpa. It turns out that there was an educational presentation by CMS to (nominally) discuss the final Emergency Preparedness rule, with a focus on the training and testing requirements (you can find the slide deck here; the presentation will be uploaded sometime in the next couple of weeks or so) and I neglected to make sure that I had shared that information with you in time for you to check it out. My bad!

That said, I don’t know that it was the most compelling hour I’ve ever spent on the phone, but there were one or two (maybe as many as three) aspects of the conversation that were of interest, bordering on instructive. First off, when the final rule speaks to the topic of educating all staff on an annual basis, the pudding proof is going to be during survey when staff are asked specific questions about their roles in your plan (presumably based on what you come up with through the hazard vulnerability assessment—HVA—process). Do they know what to do if there is a condition that requires evacuation? Do they know how to summon additional resources during an emergency? Do they know what works and what doesn’t work as the result of various scenarios, etc.? This is certainly in line with what I’ve seen popping up (particularly during, but not limited to, CMS/state surveys)—there is an expectation (and I personally can’t argue against this as a general concept) that point-of-care/point-of-service staff are competent and knowledgeable when it comes to emergency management (and, not to mention, management of the care environment). As I’ve noted to I can’t tell you how many folks, the management of the physical environment, inclusive of emergency preparedness/management does not live on a committee and it is not “administered” during surveillance rounds or during fire drills. Folks who are taking care of the patients’ needs to know what their role is in the environment, particularly as a function of what to do when things are not perfect (I’ll stop for a moment and let you chew on that one for a moment).

Another expectation that was discussed (and this dovetails a wee bit with the last paragraph) is that your annual review of your emergency preparedness/management process/program must include a review of all (and I do mean all) of the associate/applicable policies and procedures that are needed for appropriate response. So far (at least on the TJC front—I’m less clear on what some of the other accrediting organizations (AO)—might be doing, though I suspect not too very far from this. More on the AO front in a moment), the survey review of documentation has focused on the emergency plan (or emergency operations plan or emergency response plan—if only a rose were a rose were a rose…), the exercise/drill documentation, HVA, and annual evaluation process. But now that the gauntlet has been expanded to include all those pesky policies and procedures. I will freely admit that I’m still trying to figure out how I would be inclined to proceed if I still had daily operational responsibility for emergency management stuff. My gut tells me that the key to this is going to be to start with the HVA and then try to reduce the number of policies and procedures to the smallest number of essential elements. I know there are going to be individual response plans—fire, hazmat, utility systems failures, etc.—is it worth “appendicizing” them to your basic response plan document (if you’ve already done so, I’d be interested to hear how it’s worked out, particularly when it comes to providing staff education)? I’m going to guess that pretty much everybody addresses the basic functions (communications, resources and assets, safety and security, utility systems, staff roles and responsibilities, patient care activities) with the structure of the E-plan, which I guess limits the amount of reviewable materials. There was a question from the listening audience about the difficulty in managing review of all these various and sundry documents and the potential for missing something in the review process (I am, of course, paraphrasing) and the response was not very forgiving—the whole of it has to be reviewed/revised/etc. So, I guess the job is to minimize/compact your response plans to their most essential (the final rule mentions the development of policies and procedures, but doesn’t stipulate what those might be) elements and guard them diligently.

The final takeaways for me are two in number. Number 1: Eventually, there will be Interpretive Guidelines published for the Emergency Preparedness final rule, but there is no firm pub date, so please don’t wait for that august publication before working towards the November implementation deadline. Number 2: While there is an expectation that the AOs will be reviewing their requirements and bringing them into accordance with the CMS requirements, there is no deadline for that to occur. Something makes me think that perhaps they are waiting on the Interpretive Guidelines to “make their move”—remembering it’s not going to be fair any time soon. I think the important dynamic to keep in mind when it comes to our friends at CMS (in all their permutations) is that they are paying hospitals to take care of their patients: the patients are CMS’ customers, not us. Which kind of goes a ways towards explaining why they are not so nice sometimes…

A bientot!

We mean it, man!

I’ve been watching this whole thing unfold for a really long time and I continue to be curious as to when the subject of managing workplace violence moves over into the survey of the physical environment. I think that, as an industry, we are doing a better job of this, perhaps as much as a function of identifying the component issues and working them through collaboratively as anything, but I don’t know that the data necessarily supports my optimistic outlook on the subject. One think I can say is that our friends at the Occupational Safety & Health Administration are going to be closing out the comment period soon (April 6, to be exact) on whether or not they need to establish an OSHA standard relative to preventing violence in healthcare and social assistance—if you have something to add to the conversation, I would encourage you to do so.

I do think that there are always opportunities to more carefully/thoughtfully/comprehensively prepare the folks on the front lines as they deal with ever greater volumes of at-risk patients (a rising tide that shows little or no sign of abating any time soon). They are, after all, the ones that have to enforce the “law,” sometimes in the face of overwhelming mental decompensation on the part of patients, family members, etc. As an additional item for your workplace violence toolbox, the American Society for Healthcare Risk Management has developed a risk assessment tool (with a very full resource list at the end) to help you identify improvement opportunities in your management of workplace violence. As I think we all know by now, a cookie-cutter approach rarely results in a demonstrably effective program, but what I like about the tool is it prompts you to ask questions that don’t always have a correct or incorrect response, but rather to ask questions about what happens in your “house.”

This topic somehow brings to mind some thoughts I had recently relative to the recalcitrance of some of my fellow travelers (meaning folks I encounter while traveling and not those that might have been encountered during the era of McCarthyism…) when it comes to following the directions of the TSA folks or other “gatekeepers” who keep things moving in an orderly fashion. I have seen folks in suit and tie pitch an absolute fit because they couldn’t skip to head of the line, had three carry-on bags instead of the allowed two, or had liquids in excess of what is allowed. I understand being a little embarrassed in the moment for the bag thing or the liquid thing, but to give the person who identified the issue a hard time makes no sense to me. And I think that sometimes our frontline staff fall victim to this type of interaction and have to suffer the consequences of an unhinged (OK, that may be a little hyperbolic, but I suspect you know what I mean) patron—even if they don’t have to endure someone taking a swing at them during these moments of tension. There was a day when the customer was always right, but now far too often, the customer is nothing more than an entitled bully and we have to make sure that our folks know we have their backs.


Sneaking Sally through the OR…

…when up pops somebody, eventually…

Interesting story in the news last week about someone infiltrating the perioperative area at a hospital in the Boston area (the news story identifies the hospital, so no need to do that here, IMHO). Every time I see one of these types of stories, it makes me glad that I do not still have operational responsibilities for a hospital security department. (In many ways, I have made something of a career of embracing thankless jobs in the healthcare realm; well, maybe not completely thankless, but it can be tough for folks at the bottom of the healthcare food chain. But enough about that.) Apparently, this individual was able to gain access to the perioperative areas, including the restricted portions, without having an identification badge. Now I will say that, based on my observations, the healthcare industry is much better about wearing ID badges, but I will also say that the OR is a tough spot to practice enforcement of your ID policy, especially during the busy times. And then there is the subject of tailgating, which is a time-honored tradition, particularly when you move to an electronic/badge access solution for controlling who gets where in your organization. And, short of installing turnstiles at all your entry points (now wouldn’t that create some noise?), tailgating is going to continue to be a vulnerability relative to security. Much as learning that the NSA was listening in on lots of conversations, I didn’t find this particular news story, or indeed the event, particularly surprising. In all likelihood it happens more than we know—from salespeople to distressed families to the media, the list of potential candidates for such an incursion is rather lengthy. (I’m sure you can add to that list and please feel free to do so!) The source article for the above story indicates that the individual was identified as an interloper when “physicians caught on” (I could be glib and throw out a “maybe she didn’t know the secret handshake,” but that would be catty), so I guess it’s good to make sure that you have good participation from your medical staff in the matter of ID badge compliance.

All that said, and in full recognition that logic doesn’t always prevail, I have a sneaking suspicion that this might just join active shooter response on the regulatory survey security hot topic list (remember when nuclear medicine deliveries were the flavor of the month?). I think anyone having survey over the next little while would be well-served in considering how to respond to queries regarding access control in your ORs and other areas.

It is a most delicate balance: protecting folks and yet providing access to all the patients we serve. Maybe there will be some grant money floating around that could be used for this purpose—nah!

Jan. 20 webcast highlights how to deal with high-risk patients

Patients with high-risk behaviors pose a danger to healthcare staff and other patients and are difficult for healthcare employees to manage. In this live webcast, expert speakers Tony W. York, MS, MBA, CHPA, CPP, and Jeff Puttkammer, M.Ed., will discuss the patient factors that often lead to violent events in the workplace, provide a clear understanding of environmental influences and triggers that contribute to violence, and supply tools and resources to help you reduce the risk of a violent event in your facility. The program is scheduled for Wednesday, January 20 from 1 to 2:30 p.m. ET.

Employees have the power to influence their own safety, but they often lack the proper training. Give your staff the knowledge they need to deal with high-risk patients and keep themselves and their facility safe!

At the conclusion of this program, participants will be able to:

  • Define high-risk patient behavior (more than just mental health patients)
  • Explain how a balanced approach to patient-focused care and personal safety impacts patient satisfaction and work-related injuries
  • Identify how workspace design and medical equipment placement can promote or reduce the safety of staff, patients, and visitors
  • Define policies, procedures, and practices aimed at reducing safety risks associated with at-risk patients
  • Understand the critical role staff education and training plays in helping provide the culture, tools, and competencies required to successfully reduce and manage patient-generated violence

Visit here for more information and to register.

Now be thankful…

While the events of recent weeks seem to focus our attentions on the darker side of humanity, before jumping into this week’s “serious” topic, I did want to take a moment to wish you all a most joyous Thanksgiving. Your continued presence in this community is one of the things for which I am thankful, so I will, in turn, thank each one of you for that presence—without you, there wouldn’t be much purpose to this little rant-o-rama! And a special thanks to Jay Kumar from HCPro, who manages to keep things going!

And so, onto the business at hand. In the aftermath of the Paris terror attacks, the folks at the Department of Homeland Security are encouraging hospitals and other healthcare organizations to review our security plans and to work towards exercising them on a regular basis (you can read the full notice here). The notice contains a whole bunch of useful information, including indicators to assist in identifying suspicious behaviors and to build a truly robust process for reporting suspicious activity. It’s always tough to say how much of an event could have been prevented if folks were more skilled in identifying threats before they are acted upon, but I guess we always have to use such events as a means of improving our own situations. At any rate, I think it would behoove everyone in the audience to take a look at the materials referenced in the notice. A lot of times, I think we find ourselves “casting about” for direction when it comes to the practical application of how we become better prepared, particularly in the healthcare world of competing priorities. I also know that it is sometimes challenging to get folks to seriously participate in exercises—I don’t know that we’ll ever completely get away from having to deal with what I will characterize as moderate indifference. The events in Paris (and Mali) only point out that this is a risk shared by everyone on the planet, whether we would want it or not. And the more we educate folks to recognize threatening situations, the better able they will be to keep themselves safe. I wish there were a simple solution to all this, but in the meantime, the strategy of increased vigilance will have to do.

You better run for your life?

Every once in a while I like to dip into the ol’ mail bag when I get a question that I either haven’t answered before or conditions/practices have changed enough to update an initial response. In this particular instance, we’re covering some territory that I’m pretty sure we’ve not aired previously (as near as I can tell…).

Q: I would like to get your take on patient elopement (or simply leaving without signing, or refusing to sign AMA forms), and the longstanding practice of having security staff, maintenance staff, etc., pursue these patients. These types of things make corporate legal departments cringe, and it leaves Plant Operations directors caught in the middle of “should we respond or not” debates. 

A: Thanks for your question. I really think that your description of the reaction of legal departments to the “pursuit” of eloped/eloping patients is pretty much on the money and that’s why (in my mind), they are the ones that need to be the determining factor when establishing a response protocol for elopement. I have certainly worked with organizations for whom a “simple pursuit” protocol has ended very badly with patients injured, and in a couple of instances, worse (I’ll refrain from the details) during response to an elopement. Someone who is eloping tends to want to elude (or otherwise outrun) their pursuers and sometimes they’re not paying attention to where they are going (I liken it to chasing a toddler—the “state of mind” of some of your elopers is not so very far from a toddler—they spend a lot of time looking over their shoulder and not looking where they are going). At the hospital at which I used to work, the legal folks said if the patient eloping leaves the property, then you let them go and call the local authorities (recognizing that their response is going to be dependent on what’s going on in the community) and work (which you can certainly interpret to mean “hope) towards a good outcome. Unless someone is really mentally incapacitated, you can usually figure out where they are going, so that becomes information that can be shared with law enforcement.

All that said, it is of critical importance to have a specific response plan (you can leave a little leeway for specific cases, but you really need to have a consistent overall approach) that has been developed in collaboration with clinical (including physicians), legal, and support leadership. Everyone has to be on the same page if we are not going to be putting anyone (and that includes the folks responding) at risk.

I know this is something that faces healthcare organizations all across the country including, I suspect, some of the folks out there in the audience. So I put the question to you: How are you managing response for eloped patients? Is it a “let them go and call the cops” response protocol or more of a “bring ’em back” response? I suspect that we could have some interesting dialogue on this one, so please weigh in as you can.