…when up pops somebody, eventually…
Interesting story in the news last week about someone infiltrating the perioperative area at a hospital in the Boston area (the news story identifies the hospital, so no need to do that here, IMHO). Every time I see one of these types of stories, it makes me glad that I do not still have operational responsibilities for a hospital security department. (In many ways, I have made something of a career of embracing thankless jobs in the healthcare realm; well, maybe not completely thankless, but it can be tough for folks at the bottom of the healthcare food chain. But enough about that.) Apparently, this individual was able to gain access to the perioperative areas, including the restricted portions, without having an identification badge. Now I will say that, based on my observations, the healthcare industry is much better about wearing ID badges, but I will also say that the OR is a tough spot to practice enforcement of your ID policy, especially during the busy times. And then there is the subject of tailgating, which is a time-honored tradition, particularly when you move to an electronic/badge access solution for controlling who gets where in your organization. And, short of installing turnstiles at all your entry points (now wouldn’t that create some noise?), tailgating is going to continue to be a vulnerability relative to security. Much as learning that the NSA was listening in on lots of conversations, I didn’t find this particular news story, or indeed the event, particularly surprising. In all likelihood it happens more than we know—from salespeople to distressed families to the media, the list of potential candidates for such an incursion is rather lengthy. (I’m sure you can add to that list and please feel free to do so!) The source article for the above story indicates that the individual was identified as an interloper when “physicians caught on” (I could be glib and throw out a “maybe she didn’t know the secret handshake,” but that would be catty), so I guess it’s good to make sure that you have good participation from your medical staff in the matter of ID badge compliance.
All that said, and in full recognition that logic doesn’t always prevail, I have a sneaking suspicion that this might just join active shooter response on the regulatory survey security hot topic list (remember when nuclear medicine deliveries were the flavor of the month?). I think anyone having survey over the next little while would be well-served in considering how to respond to queries regarding access control in your ORs and other areas.
It is a most delicate balance: protecting folks and yet providing access to all the patients we serve. Maybe there will be some grant money floating around that could be used for this purpose—nah!
Patients with high-risk behaviors pose a danger to healthcare staff and other patients and are difficult for healthcare employees to manage. In this live webcast, expert speakers Tony W. York, MS, MBA, CHPA, CPP, and Jeff Puttkammer, M.Ed., will discuss the patient factors that often lead to violent events in the workplace, provide a clear understanding of environmental influences and triggers that contribute to violence, and supply tools and resources to help you reduce the risk of a violent event in your facility. The program is scheduled for Wednesday, January 20 from 1 to 2:30 p.m. ET.
Employees have the power to influence their own safety, but they often lack the proper training. Give your staff the knowledge they need to deal with high-risk patients and keep themselves and their facility safe!
At the conclusion of this program, participants will be able to:
- Define high-risk patient behavior (more than just mental health patients)
- Explain how a balanced approach to patient-focused care and personal safety impacts patient satisfaction and work-related injuries
- Identify how workspace design and medical equipment placement can promote or reduce the safety of staff, patients, and visitors
- Define policies, procedures, and practices aimed at reducing safety risks associated with at-risk patients
- Understand the critical role staff education and training plays in helping provide the culture, tools, and competencies required to successfully reduce and manage patient-generated violence
While the events of recent weeks seem to focus our attentions on the darker side of humanity, before jumping into this week’s “serious” topic, I did want to take a moment to wish you all a most joyous Thanksgiving. Your continued presence in this community is one of the things for which I am thankful, so I will, in turn, thank each one of you for that presence—without you, there wouldn’t be much purpose to this little rant-o-rama! And a special thanks to Jay Kumar from HCPro, who manages to keep things going!
And so, onto the business at hand. In the aftermath of the Paris terror attacks, the folks at the Department of Homeland Security are encouraging hospitals and other healthcare organizations to review our security plans and to work towards exercising them on a regular basis (you can read the full notice here). The notice contains a whole bunch of useful information, including indicators to assist in identifying suspicious behaviors and to build a truly robust process for reporting suspicious activity. It’s always tough to say how much of an event could have been prevented if folks were more skilled in identifying threats before they are acted upon, but I guess we always have to use such events as a means of improving our own situations. At any rate, I think it would behoove everyone in the audience to take a look at the materials referenced in the notice. A lot of times, I think we find ourselves “casting about” for direction when it comes to the practical application of how we become better prepared, particularly in the healthcare world of competing priorities. I also know that it is sometimes challenging to get folks to seriously participate in exercises—I don’t know that we’ll ever completely get away from having to deal with what I will characterize as moderate indifference. The events in Paris (and Mali) only point out that this is a risk shared by everyone on the planet, whether we would want it or not. And the more we educate folks to recognize threatening situations, the better able they will be to keep themselves safe. I wish there were a simple solution to all this, but in the meantime, the strategy of increased vigilance will have to do.
Every once in a while I like to dip into the ol’ mail bag when I get a question that I either haven’t answered before or conditions/practices have changed enough to update an initial response. In this particular instance, we’re covering some territory that I’m pretty sure we’ve not aired previously (as near as I can tell…).
Q: I would like to get your take on patient elopement (or simply leaving without signing, or refusing to sign AMA forms), and the longstanding practice of having security staff, maintenance staff, etc., pursue these patients. These types of things make corporate legal departments cringe, and it leaves Plant Operations directors caught in the middle of “should we respond or not” debates.
A: Thanks for your question. I really think that your description of the reaction of legal departments to the “pursuit” of eloped/eloping patients is pretty much on the money and that’s why (in my mind), they are the ones that need to be the determining factor when establishing a response protocol for elopement. I have certainly worked with organizations for whom a “simple pursuit” protocol has ended very badly with patients injured, and in a couple of instances, worse (I’ll refrain from the details) during response to an elopement. Someone who is eloping tends to want to elude (or otherwise outrun) their pursuers and sometimes they’re not paying attention to where they are going (I liken it to chasing a toddler—the “state of mind” of some of your elopers is not so very far from a toddler—they spend a lot of time looking over their shoulder and not looking where they are going). At the hospital at which I used to work, the legal folks said if the patient eloping leaves the property, then you let them go and call the local authorities (recognizing that their response is going to be dependent on what’s going on in the community) and work (which you can certainly interpret to mean “hope) towards a good outcome. Unless someone is really mentally incapacitated, you can usually figure out where they are going, so that becomes information that can be shared with law enforcement.
All that said, it is of critical importance to have a specific response plan (you can leave a little leeway for specific cases, but you really need to have a consistent overall approach) that has been developed in collaboration with clinical (including physicians), legal, and support leadership. Everyone has to be on the same page if we are not going to be putting anyone (and that includes the folks responding) at risk.
I know this is something that faces healthcare organizations all across the country including, I suspect, some of the folks out there in the audience. So I put the question to you: How are you managing response for eloped patients? Is it a “let them go and call the cops” response protocol or more of a “bring ’em back” response? I suspect that we could have some interesting dialogue on this one, so please weigh in as you can.
I don’t hear too many stories like this anymore, but I can tell you, as a former manager of security services at a hospital, this is one that really gives me pause.
In September, at a hospital out in San Francisco, a patient disappeared from her room, after which a search ensued with no result. The awful thing is that the patient was found in a locked stairwell about two weeks later by an engineering staff member doing rounds. You can find the San Francisco Examiner story that caught my eye (as well as several related stories).
Now I’m sure the investigation will yield some indication of what happened, but I’m also thinking that the whole story may never be revealed. Was that stairwell inspected prior to the point when the engineering staff person made their rounds? How was the search conducted? Was there a conscious decision to limit the search to unsecured areas? At what point do you suspend the search?
I’m certainly not going to Monday-morning quarterback such an awful circumstance, but the question I ask myself is this: can you stop looking when you’ve not found the person you’re looking for? Again, it’s my understanding that the stairwell in question was secured, but how many times have you encountered a security system that was absolutely impregnable—my experience has been that the human element is all too frequently the means of defeating the certain security measure. So has this particular tragedy caused anyone to look at, or even rethink, their search protocols? Are there areas you might not consider as being accessible that might warrant at least inclusion in a comprehensive search grid? I’d be interested in what you all think about this one.
One of the curious things I encounter on an increasingly regular basis is the Dorian Gray-like (but in reverse) effect of the ID badges of folks who’ve worked at an organization for a rather long time. So long, in fact, that they really don’t look like their ID pictures any more. I know you’ve seen it too.
Now, I’ve always considered the hassle of having folks wear ID badges as being an important component of our security management strategies. As a general consideration, we do have an obligation to ensure that we’re not giving any interlopers a chance of breaching our security (and don’t get me started on those folks who are not nearly as careful about their ID badges as they should be. I know it makes me sound petulant, but we really ask so little of folks in this regard).
So, I ask those of you responsible for the ID process, have you established criteria for an update of photo IDs? Weight loss or gain, hair color changes, the aging process (all potentially contentious topics for discussion)? Or, like the motor vehicle registry folks, do you re-take pictures after a certain amount of time, maybe contingent on how much a person has changed in the ensuing period. Any feedback or discussion would be most appreciated.
I’m presuming (and please don’t attempt to disabuse me of this notion) that you are all dutifully conducting security risk assessments on a regular basis. As you conduct them, I’m sure you find risks of some events that are greater than some other areas. So, I to ask: When you’ve completed your security risk assessment, do you identify specific strategies, including the use of technology, for minimizing those risks to the extent possible? If you’re not including that facet in the risk assessment process, you might want to consider doing so.
Recently, I was looking at a survey report in which an ambulatory surgery center was cited during a TJC survey because they had not installed a panic alarm “at the registrar’s desk in order to obtain immediate assistance in an emergent or hostile situation.” Now, as with so many things that have been popping up during surveys, I don’t disagree with the concept of having panic alarms at those customer service/interaction points where unhappy folks (or folks of any ilk) can experience the need to vent their frustrations, etc. But in that disagreement, I think I’d first be looking at what tools have been provided to staff to actively manage, if not de-escalate, these negative encounters. I would much prefer to avoid having to use a panic alarm by appropriately managing the encounter, much like I would just as soon not “need” to have an emergency eyewash station.
I’m a great believer in the proactive management of risk, but I’m also a great believer in implementing risk management and response strategies that make operational sense. So, the question to the studio audience is: Where have you installed panic alarms and where have you not installed panic alarms, and why? There’s always the risk that some surveyor will disagree with your strategy, but if that strategy was derived through thoughtful analysis of the involved risks, does that not meet the intent of all this?
I like the concept of best practice as much as anyone, but I also recognize that there is a tremendous amount of variability in the safety landscape. Just because something works in one place does not necessarily mean that it will work in all cases—that’s the mystical, magical, and ultimately mythical power of the panacea. One size doesn’t fit all—never has, never will. But if we’re going to be held to that type of an expectation, how does that help anyone? Ok, jumping down from soapbox for now, but rest assured, you’ll see me back up here before too long.
During a recent Joint Commission survey, a concern was raised because the hospital’s pediatrics and OB units were not “equipped” with the same security system, etc. I’m not certain whether the result was a specific finding, but the question, in and of itself, is instructive when it comes to the science of assessment.
First off, I’ve never actually seen the areas in question, so I will engage in a little bit of conjecture, but I think the general themes can be applied in your house, particularly if you don’t have a whole lot of pediatric patient volume. Now certainly, the historical focus on abduction prevention has been primarily on the security of newborns, which I think we can all agree is a vulnerable patient population. That said, there are certainly risks involved in providing for the security of pediatric patients (and maybe some adult patients as well—it’s getting kind of crazy out there in the world), risks that would have to include abduction.
From a regulatory standpoint, there is very little specific guidance beyond the caveat of ensuring that you are not compromising life safety concerns as you install security systems. Locking doors in egress paths can be tricky and, in virtually every instance I can think of, the process was much more complicated than was originally presumed, but that’s a story for another day. We know what the result will be if our security efforts are not sufficient/appropriate, etc.: something will happen and that something will not be good. But that raises the somewhat rhetorical question of whether you can “rest” based on nothing bad happening. Is that a legitimate conclusion to make? Variations on this theme have become very noticeable during surveys this year. Maybe it’s something identified by a vendor that you haven’t gotten around to fixing, maybe it’s a new piece of technology that you have budgeted for next year, but that’s going to take time to purchase, install, educate staff, etc. Maybe (as is more or less the case in the recent survey mentioned above) from an operational standpoint, your pediatrics unit is in a small part of a regular medical/surgical unit and the geography of the space does not lend itself to the same security measures as you have on your OB unit.
These are all real life occurrences and each has its own security or EC implications that need to be managed. But (and this is a sizable one), you have to be able to articulate where you are in the process and how you are making sure that any elevated risks that are the result of not being able to do something right now are being appropriately managed. I hate to say this, but it’s been coming up far too often in surveys this year for this to be ignored: you absolutely need to discuss and document the management of these types of risks, including those all-important interim measures (if they are needed). Otherwise, you leave yourself vulnerable to a survey finding for which it is very difficult to negotiate a “settlement” either during survey or as part of the clarification process.
There are no standards that specify a time frame for completion, a technology enhancement, etc. That’s the responsibility of each organization to manage. But with that responsibility comes the obligation to manage any associated risks in fairly transparent fashion (I think I’ve managed to avoid invoking the transparency card until now): frontline point of care/point of service staff need to be able to articulate how we are managing risk until such time as solutions can be implemented. If they can’t, the risk of a survey finding rises exponentially. It’s no longer enough for leadership to know what’s going on, the folks in the field have to know, too. Pediatrics staff need to articulate how they are managing abduction risks for their patients. And if you have pediatrics in the ED, there needs to be some competency there as well. We can’t always do what we want when we want to do it, which is the reality of healthcare. But we do need to understand and share the risk implications of all those decisions and non-decisions.
Hospital safety is being questioned after a patient shot and killed a doctor at Florida Hospital in Orlando on May 27.
Last month, a 53-year-old patient shot and killed a 41-year-old transplant surgeon in the hospital’s parking garage and then killed himself, reports the Los Angeles Times.
Since the murder, the hospital has stepped up its security and police escorts are available for those who need it.
Security experts say physicians are becoming more common targets of angry patients.
A new infant security system involving ankle straps and monitors has been launched at St. Lucie Medical Center in Port St. Lucie, FL, to ensure infant abductions and mix-ups don’t occur.
Infants born at the hospital will wear ankle straps and a monitor known as a Hugs tag so nurses can track the infants anywhere on the maternity floor, reports tcpalm.com. An alarm will sound if an infant is moved to an unauthorized zone or if the ankle straps are removed.
Mothers will don a tag—called the Kisses tag—that electronically connects to her baby’s monitor. An alarm will also sound if the mother and baby’s tags don’t match.
Though no specific incident triggered the new alarm system, hospital spokeswoman Ginger King says the organization wanted an extra layer of protection to help parents feel safer.
How does your facility prevent infant abductions? Let us know in our comment section.