RSSAll Entries Tagged With: "hospital security"

Wanna buy a watch? How about a patient watch?

It’s been a while (OK, more than a while: It would seem it’s been something more than a decade. My, how time flies!) since we’ve discussed the matter of using security officers to watch patients. I can absolutely say that it is often a topic of conversation when I meet with security folks over the course of consulting as it not infrequently has a significant impact on security staffing resources. As I have maintained for a very long time, it is very difficult to carry out security rounding, etc., when your security staff is eyeballing patients from a fixed post. If you’re interested in the “historical” perspective, please feel free to use the Wayback Machine to review the state of things in 2008!

If we have learned nothing else over the years, it is the truth in that old saw: “The more things change, the more things stay the same” (or variations thereof). I came across an article at the beginning of September referencing recent guidance from the International Association for Healthcare Security & Safety (IAHSS), which includes the advice of not to use security officers for patient sitting/watch activities. There are certainly any number of complexities that come into play—competency and education, “backfilling” security activities when security officers are caught up in patient care activities, etc. And with the increasing number and types of risks relating to security occurrences in hospitals, being able to effectively respond to those risks, should they occur, could make the difference in ensuring organizational viability. I personally (and particularly in those days in which I had operational responsibility for security) continue to believe that the use of security officers for “general” patient watches is an inappropriate use of resources. Sure, there will be those instances in which a security presence beyond a quick response is needed, but I can think of few more useless applications of security resources than a security officer watching a sleeping patient. Patients should receive care from caregivers, and not that security officers are uncaring, but their training and competence are “designed” for other duties.

As a quick closeout for this week (and perhaps it is the turning of the season that causes reflection on past experiences), for those of you that may be embarking on a managerial position for the first time or for those of you that have been managers for so long that your inception is lost in the mists of time (those mists, of course, are the result of the earth cooling), I ran across a piece that I think might be helpful or at least prompt some reflection on current and/or past experiences. “What I Wish I’d Known As A First Time Manager” offers 10 thoughts on those (sometimes tenuous) first steps into managerial bliss (yeah, right!). I don’t know that there’s anything particularly earth-shattering, but sometimes it’s nice to hear some practical thoughts in a place other than in your own mind. We are, after all, in this thing together, so improving one improves all—and if that’s not a pretty nifty raison d’être, I don’t know what is.

Would you believe there’s nothing up my sleeve?: Protective measures

Caution: This is not a product endorsement, but rather an observation of a product that might, at times, sound a little endorse-y. I can be persuaded…

While working at a hospital somewhere in the United States, I was apprised of a product being installed that will (hopefully) facilitate securing doors that might not otherwise be secured, in the event of an active shooter or other threat that would require the establishment of a safe barricade. Effectively, the product is a metal wedge-shaped sleeve (hence the product name: Fighting Chance) that slides over the arm of a door closer and prevents the door from being opened.

At first encounter, I thought it was a pretty nifty idea (and still do), but I was curious about how one would be able to consistently operationalize the device from a practical standpoint: How do you make sure that you’ve got someone tall enough to be able to reach up and slide the sleeve over the arm? I’ve seen a lot of doors and door arms in my time and I can tell you (I’m about 5’ 6”) that there are some door arrangements for which I would have a very difficult time being able to reach the arm.

So, the question I have (and I will be happy to share the information) is if you are using this product (or even considering using this product), are you including provisions/consideration to assist the more diminutive members of your organization (maybe some sort of step stool stored in close proximity, perhaps something else—I know you folks are creative as all get out)? Have you drilled the used of these devices and found any other opportunities for improvement? I am a great admirer or simple technology and I do like the simplicity of the design—I’m just curious as to how it will play in the field.

I hope it’s a winner!

Sneaking Sally through the OR…

…when up pops somebody, eventually…

Interesting story in the news last week about someone infiltrating the perioperative area at a hospital in the Boston area (the news story identifies the hospital, so no need to do that here, IMHO). Every time I see one of these types of stories, it makes me glad that I do not still have operational responsibilities for a hospital security department. (In many ways, I have made something of a career of embracing thankless jobs in the healthcare realm; well, maybe not completely thankless, but it can be tough for folks at the bottom of the healthcare food chain. But enough about that.) Apparently, this individual was able to gain access to the perioperative areas, including the restricted portions, without having an identification badge. Now I will say that, based on my observations, the healthcare industry is much better about wearing ID badges, but I will also say that the OR is a tough spot to practice enforcement of your ID policy, especially during the busy times. And then there is the subject of tailgating, which is a time-honored tradition, particularly when you move to an electronic/badge access solution for controlling who gets where in your organization. And, short of installing turnstiles at all your entry points (now wouldn’t that create some noise?), tailgating is going to continue to be a vulnerability relative to security. Much as learning that the NSA was listening in on lots of conversations, I didn’t find this particular news story, or indeed the event, particularly surprising. In all likelihood it happens more than we know—from salespeople to distressed families to the media, the list of potential candidates for such an incursion is rather lengthy. (I’m sure you can add to that list and please feel free to do so!) The source article for the above story indicates that the individual was identified as an interloper when “physicians caught on” (I could be glib and throw out a “maybe she didn’t know the secret handshake,” but that would be catty), so I guess it’s good to make sure that you have good participation from your medical staff in the matter of ID badge compliance.

All that said, and in full recognition that logic doesn’t always prevail, I have a sneaking suspicion that this might just join active shooter response on the regulatory survey security hot topic list (remember when nuclear medicine deliveries were the flavor of the month?). I think anyone having survey over the next little while would be well-served in considering how to respond to queries regarding access control in your ORs and other areas.

It is a most delicate balance: protecting folks and yet providing access to all the patients we serve. Maybe there will be some grant money floating around that could be used for this purpose—nah!

Jan. 20 webcast highlights how to deal with high-risk patients

Patients with high-risk behaviors pose a danger to healthcare staff and other patients and are difficult for healthcare employees to manage. In this live webcast, expert speakers Tony W. York, MS, MBA, CHPA, CPP, and Jeff Puttkammer, M.Ed., will discuss the patient factors that often lead to violent events in the workplace, provide a clear understanding of environmental influences and triggers that contribute to violence, and supply tools and resources to help you reduce the risk of a violent event in your facility. The program is scheduled for Wednesday, January 20 from 1 to 2:30 p.m. ET.

Employees have the power to influence their own safety, but they often lack the proper training. Give your staff the knowledge they need to deal with high-risk patients and keep themselves and their facility safe!

At the conclusion of this program, participants will be able to:

  • Define high-risk patient behavior (more than just mental health patients)
  • Explain how a balanced approach to patient-focused care and personal safety impacts patient satisfaction and work-related injuries
  • Identify how workspace design and medical equipment placement can promote or reduce the safety of staff, patients, and visitors
  • Define policies, procedures, and practices aimed at reducing safety risks associated with at-risk patients
  • Understand the critical role staff education and training plays in helping provide the culture, tools, and competencies required to successfully reduce and manage patient-generated violence

Visit here for more information and to register.

Now be thankful…

While the events of recent weeks seem to focus our attentions on the darker side of humanity, before jumping into this week’s “serious” topic, I did want to take a moment to wish you all a most joyous Thanksgiving. Your continued presence in this community is one of the things for which I am thankful, so I will, in turn, thank each one of you for that presence—without you, there wouldn’t be much purpose to this little rant-o-rama! And a special thanks to Jay Kumar from HCPro, who manages to keep things going!

And so, onto the business at hand. In the aftermath of the Paris terror attacks, the folks at the Department of Homeland Security are encouraging hospitals and other healthcare organizations to review our security plans and to work towards exercising them on a regular basis (you can read the full notice here). The notice contains a whole bunch of useful information, including indicators to assist in identifying suspicious behaviors and to build a truly robust process for reporting suspicious activity. It’s always tough to say how much of an event could have been prevented if folks were more skilled in identifying threats before they are acted upon, but I guess we always have to use such events as a means of improving our own situations. At any rate, I think it would behoove everyone in the audience to take a look at the materials referenced in the notice. A lot of times, I think we find ourselves “casting about” for direction when it comes to the practical application of how we become better prepared, particularly in the healthcare world of competing priorities. I also know that it is sometimes challenging to get folks to seriously participate in exercises—I don’t know that we’ll ever completely get away from having to deal with what I will characterize as moderate indifference. The events in Paris (and Mali) only point out that this is a risk shared by everyone on the planet, whether we would want it or not. And the more we educate folks to recognize threatening situations, the better able they will be to keep themselves safe. I wish there were a simple solution to all this, but in the meantime, the strategy of increased vigilance will have to do.

You better run for your life?

Every once in a while I like to dip into the ol’ mail bag when I get a question that I either haven’t answered before or conditions/practices have changed enough to update an initial response. In this particular instance, we’re covering some territory that I’m pretty sure we’ve not aired previously (as near as I can tell…).

Q: I would like to get your take on patient elopement (or simply leaving without signing, or refusing to sign AMA forms), and the longstanding practice of having security staff, maintenance staff, etc., pursue these patients. These types of things make corporate legal departments cringe, and it leaves Plant Operations directors caught in the middle of “should we respond or not” debates. 

A: Thanks for your question. I really think that your description of the reaction of legal departments to the “pursuit” of eloped/eloping patients is pretty much on the money and that’s why (in my mind), they are the ones that need to be the determining factor when establishing a response protocol for elopement. I have certainly worked with organizations for whom a “simple pursuit” protocol has ended very badly with patients injured, and in a couple of instances, worse (I’ll refrain from the details) during response to an elopement. Someone who is eloping tends to want to elude (or otherwise outrun) their pursuers and sometimes they’re not paying attention to where they are going (I liken it to chasing a toddler—the “state of mind” of some of your elopers is not so very far from a toddler—they spend a lot of time looking over their shoulder and not looking where they are going). At the hospital at which I used to work, the legal folks said if the patient eloping leaves the property, then you let them go and call the local authorities (recognizing that their response is going to be dependent on what’s going on in the community) and work (which you can certainly interpret to mean “hope) towards a good outcome. Unless someone is really mentally incapacitated, you can usually figure out where they are going, so that becomes information that can be shared with law enforcement.

All that said, it is of critical importance to have a specific response plan (you can leave a little leeway for specific cases, but you really need to have a consistent overall approach) that has been developed in collaboration with clinical (including physicians), legal, and support leadership. Everyone has to be on the same page if we are not going to be putting anyone (and that includes the folks responding) at risk.

I know this is something that faces healthcare organizations all across the country including, I suspect, some of the folks out there in the audience. So I put the question to you: How are you managing response for eloped patients? Is it a “let them go and call the cops” response protocol or more of a “bring ’em back” response? I suspect that we could have some interesting dialogue on this one, so please weigh in as you can.

Searching so long…

I don’t hear too many stories like this anymore, but I can tell you, as a former manager of security services at a hospital, this is one that really gives me pause.

In September, at a hospital out in San Francisco, a patient disappeared from her room, after which a search ensued with no result. The awful thing is that the patient was found in a locked stairwell about two weeks later by an engineering staff member doing rounds. You can find the San Francisco Examiner story that caught my eye (as well as several related stories).

Now I’m sure the investigation will yield some indication of what happened, but I’m also thinking that the whole story may never be revealed. Was that stairwell inspected prior to the point when the engineering staff person made their rounds? How was the search conducted? Was there a conscious decision to limit the search to unsecured areas? At what point do you suspend the search?

I’m certainly not going to Monday-morning quarterback such an awful circumstance, but the question I ask myself is this: can you stop looking when you’ve not found the person you’re looking for? Again, it’s my understanding that the stairwell in question was secured, but how many times have you encountered a security system that was absolutely impregnable—my experience has been that the human element is all too frequently the means of defeating the certain security measure. So has this particular tragedy caused anyone to look at, or even rethink, their search protocols? Are there areas you might not consider as being accessible that might warrant at least inclusion in a comprehensive search grid? I’d be interested in what you all think about this one.

Mirror, mirror on the wall … is that me?

One of the curious things I encounter on an increasingly regular basis is the Dorian Gray-like (but in reverse) effect of the ID badges of folks who’ve worked at an organization for a rather long time. So long, in fact, that they really don’t look like their ID pictures any more. I know you’ve seen it too.

Now, I’ve always considered the hassle of having folks wear ID badges as being an important component of our security management strategies. As a general consideration, we do have an obligation to ensure that we’re not giving any interlopers a chance of breaching our security (and don’t get me started on those folks who are not nearly as careful about their ID badges as they should be. I know it makes me sound petulant, but we really ask so little of folks in this regard).

So, I ask those of you responsible for the ID process, have you established criteria for an update of photo IDs? Weight loss or gain, hair color changes, the aging process (all potentially contentious topics for discussion)? Or, like the motor vehicle registry folks, do you re-take pictures after a certain amount of time, maybe contingent on how much a person has changed in the ensuing period. Any feedback or discussion would be most appreciated.

Panic in Detroit – Panic at the Disco – Panic at the Surgery Center…Fire in the Hole!

I’m presuming (and please don’t attempt to disabuse me of this notion) that you are all dutifully conducting security risk assessments on a regular basis. As you conduct them, I’m sure you find risks of some events that are greater than some other areas. So, I to ask: When you’ve completed your security risk assessment, do you identify specific strategies, including the use of technology, for minimizing those risks to the extent possible? If you’re not including that facet in the risk assessment process, you might want to consider doing so.

Recently, I was looking at a survey report in which an ambulatory surgery center was cited during a TJC survey because they had not installed a panic alarm “at the registrar’s desk in order to obtain immediate assistance in an emergent or hostile situation.” Now, as with so many things that have been popping up during surveys, I don’t disagree with the concept of having panic alarms at those customer service/interaction points where unhappy folks (or folks of any ilk) can experience the need to vent their frustrations, etc. But in that disagreement, I think I’d first be looking at what tools have been provided to staff to actively manage, if not de-escalate, these negative encounters. I would much prefer to avoid having to use a panic alarm by appropriately managing the encounter, much like I would just as soon not “need” to have an emergency eyewash station.

I’m a great believer in the proactive management of risk, but I’m also a great believer in implementing risk management and response strategies that make operational sense. So, the question to the studio audience is: Where have you installed panic alarms and where have you not installed panic alarms, and why? There’s always the risk that some surveyor will disagree with your strategy, but if that strategy was derived through thoughtful analysis of the involved risks, does that not meet the intent of all this?

I like the concept of best practice as much as anyone, but I also recognize that there is a tremendous amount of variability in the safety landscape. Just because something works in one place does not necessarily mean that it will work in all cases—that’s the mystical, magical, and ultimately mythical power of the panacea. One size doesn’t fit all—never has, never will. But if we’re going to be held to that type of an expectation, how does that help anyone? Ok, jumping down from soapbox for now, but rest assured, you’ll see me back up here before too long.

How soon is now, how safe is safe enough?

During a recent Joint Commission survey, a concern was raised because the hospital’s pediatrics and OB units were not “equipped” with the same security system, etc. I’m not certain whether the result was a specific finding, but the question, in and of itself, is instructive when it comes to the science of assessment.

First off, I’ve never actually seen the areas in question, so I will engage in a little bit of conjecture, but I think the general themes can be applied in your house, particularly if you don’t have a whole lot of pediatric patient volume. Now certainly, the historical focus on abduction prevention has been primarily on the security of newborns, which I think we can all agree is a vulnerable patient population. That said, there are certainly risks involved in providing for the security of pediatric patients (and maybe some adult patients as well—it’s getting kind of crazy out there in the world), risks that would have to include abduction.

From a regulatory standpoint, there is very little specific guidance beyond the caveat of ensuring that you are not compromising life safety concerns as you install security systems. Locking doors in egress paths can be tricky and, in virtually every instance I can think of, the process was much more complicated than was originally presumed, but that’s a story for another day. We know what the result will be if our security efforts are not sufficient/appropriate, etc.: something will happen and that something will not be good. But that raises the somewhat rhetorical question of whether you can “rest” based on nothing bad happening. Is that a legitimate conclusion to make? Variations on this theme have become very noticeable during surveys this year. Maybe it’s something identified by a vendor that you haven’t gotten around to fixing, maybe it’s a new piece of technology that you have budgeted for next year, but that’s going to take time to purchase, install, educate staff, etc. Maybe (as is more or less the case in the recent survey mentioned above) from an operational standpoint, your pediatrics unit is in a small part of a regular medical/surgical unit and the geography of the space does not lend itself to the same security measures as you have on your OB unit.

These are all real life occurrences and each has its own security or EC implications that need to be managed. But (and this is a sizable one), you have to be able to articulate where you are in the process and how you are making sure that any elevated risks that are the result of not being able to do something right now are being appropriately managed. I hate to say this, but it’s been coming up far too often in surveys this year for this to be ignored: you absolutely need to discuss and document the management of these types of risks, including those all-important interim measures (if they are needed). Otherwise, you leave yourself vulnerable to a survey finding for which it is very difficult to negotiate a “settlement” either during survey or as part of the clarification process.

There are no standards that specify a time frame for completion, a technology enhancement, etc. That’s the responsibility of each organization to manage. But with that responsibility comes the obligation to manage any associated risks in fairly transparent fashion (I think I’ve managed to avoid invoking the transparency card until now): frontline point of care/point of service staff need to be able to articulate how we are managing risk until such time as solutions can be implemented. If they can’t, the risk of a survey finding rises exponentially. It’s no longer enough for leadership to know what’s going on, the folks in the field have to know, too. Pediatrics staff need to articulate how they are managing abduction risks for their patients. And if you have pediatrics in the ED, there needs to be some competency there as well. We can’t always do what we want when we want to do it, which is the reality of healthcare. But we do need to understand and share the risk implications of all those decisions and non-decisions.