|
Security managers in many industries, including health care, have been slow to embrace the computer as a friend and a tool to be used on a daily basis. Computers were initially introduced to the security industry primarily as a means of managing large proprietary alarm systems and later as a tool to manage card access systems. Because the installing alarm companies supported these computer-based systems with hands-on training and support, some of the early phobia was broken down. Those security managers who worked with these earlier systems were less reticent to view the computer as an ally in other endeavors.
Today the computer is able to provide a wide range of support to any security operation. We are beginning to see the computer used as a tool, on a daily basis, to manage data. Some security managers developed home-grown systems to manage their incident reports. Some of these systems were developed on the backs of existing word-processing and/or spread-sheet programs such as WordPerfect and Lotus. These home-grown efforts provided a marginal tool for the storage of information but were practically deficient in the retrieval of meaningful data. Just a few years ago there was either no, or very little, security industry specific software available.
All that has changed today. Hospital security programs that are not using the latest computer-based system to manage information are falling behind the technology curve Those that choose to do it the old fashion way are more likely to misallocate resources, bungle investigations and increase the probability of security-related lawsuits. Security managers now have available to them software that will record and track incidents, help schedule and manage security personnel, as well as aid in the quantitative analysis of security vulnerabilities. We will now take a brief look at some of these applications.
Incident Reporting
As a Security Consultant, I have been retained as a security expert in over 100 lawsuits. One of the common threads in each and every case has been, in one way or another, the issue of documentation. Documentation plays a tremendous role in the dynamics of any security program. The quality of incident documentation can provide the brush with which the entire security program may be painted. Plaintiff attorneys can successfully challenge the professionalism of any security program when reports are anything less than professional. Let's review some common pitfalls in the documentation of security events.
Reports are often unintelligible. They may contain misspelled words as well as grammatical deficiencies. The syntax may be inappropriate. Handwritten reports may be unreadable. Clearly, when these reports reach the light of day, an otherwise effective security program can be made to look inadequate at best. These reports may provide hard evidence that could effectively counter favorable testimony.
Another common pitfall is that the author of the report may inadvertently confuse facts with opinions. He or she may draw inappropriate conclusions from a collection of facts and, in turn, state that opinion as factual. For example, an officer may observe a set of symptoms (facts) and choose to make a diagnosis (opinion) and state it as a fact." The suspect was very drunk at the time."
The credibility of reports may also be challenged when there is inconsistency in reports of the same incident. If two or more security officers report the same incident with substantial inconsistencies, all of the reports will be subject to challenge if they come up in court. One must also be concerned when inconsistencies occur between the reports of security personnel and police officers.
There must also be consistency of nomenclature. For example, one officer cannot refer to the location as "Building 22," while another refers to the same building as " The North Building," while yet another refers to the same building as "The Research Center". All reports must answer the fundamental questions of : Who? What? Where? When? Where? and How?
Computerized Incident Tracking
There is available to the security practitioner Incident Tracking Software. The right incident tracking software will address all of the aforementioned pitfalls and much more. Through the use of pop-up menus and user-defined fields, the Security Manager can insure consistency of style as well as accuracy. Professional looking reports are less likely to be challenged as to veracity. Because the software places a heavy emphasis on pop-up menus, there is less reliance on narrative. The greatest dividends derived from computerized incident tracking comes from the output side. Typically, security reports find their way into a filing cabinet, never to be seen again. The information contained in a drawer of security reports could be extremely valuable if it could only be easily retrieved.
The security function is much different than that of public law enforcement. Security programs are supposed to be pro-active and anticipatory. How do you suppose security programs achieve pro-activity? By learning from past events.
Security programs that are not dynamic and fail to adjust to meet ever-changing needs are doomed to a substandard status and are much more likely to suffer the scrutiny of litigation if things go wrong. When security events do occur, the security manager, unlike the police officer, must try to insure they do not reoccur in the future. The security manager must take and document corrective action. Any security software program should prompt the recording officer to note the corrective action taken. If you fail to take corrective action to prevent security incidents from reoccurring, or even worse, fail to document corrective action, you are laying the groundwork for foreseeability. (Foreseeability is a necessary proof in a negligence case.The plaintiff's attorney must show that the hospital had prior knowledge that like events were likely to occur based on historical information.) Security incidents raise the specter of litigation in the future only when you fail to take and document corrective action.
vThere are also many cost beneficial attributes derived from the use of computer-based incident tracking systems. By applying data-based information toward the reduction of security exposures, the security manager is armed with a rifle instead of a shotgun. Computer-based systems allow the user to do trend analysis which will help insure that the security program is effectively meeting current needs. Finally, these systems provide the kind of information that management should require for the justification of security budgets.
Other Computer-Assisted Security Management Tools
Because hospitals are such diverse entities, the security needs can differ drastically from area to area. For example, the needs of the ED are much different than the needs for L&D. The security requirements on the exterior of the facility are much different than needs on the interior. Each area of the hospital requires security personnel with different levels of expertise and experience. To address these needs, security managers have software available to them that will enable them to assign the appropriate officer to the proper duty assignment and schedule.
There is also security management software that will allow the security manager to manage parking programs, handle lost and found problems and even manage lock and key programs.
There is also software available that will provide a quantitative adjunct to the security assessment process. Security audits, which should be performed every 12 to 18 months, often lack quantitative specificity. Hospitals that opt to use consultants to perform security audits should insist on quantitative data along with the usual qualitative evaluation.
What Are The Practical Implications Of These New Technologies?
Hospital administrators should hold the security program accountable and insist that it is, truly,a value added service. Security programs that fail to use these tools will find it increasingly difficult to justify their continued existence. In a climate of budget-cutting, downsizing and the need for increased efficiency, security departments within the hospital community can no longer afford to operate as quasi police departments.
We are also operating within an environment that has regulatory agencies such as OSHA and JCAHO, raising the bar with regard to what a hospital security program should look like. Also, within the State of California, regulations are in place that establish minimum guidelines for hospital security programs. Clearly, these guidelines in California are establishing a standard of care that is increasingly being inculcated into regulatory agency standards. These laws in California also establish a base-line standard that security lawsuits may be measured against anywhere in the country.
Clearly, the implication is that hospitals that improve their documentation procedures and apply these new technologies toward the identification of problems will be in a much better position to develop cost-effective solutions. These methods provide an effective hedge against future lawsuits. The information gained from computer-based systems will ensure the improved use of security personnel (the most costly component in any security budget) as well as the effective application of physical security technology such as card access systems, CCTV and alarms. These data management systems also provide the hospital with tools to meet the needs of Joint Commission criteria.
Security programs do not lend themselves to universal standards. These programs are very situational. The security needs from one hospital to the next vary tremendously. The only way one can successfully develop a relevant security program is through the application of a security audit which, in part, makes use of accurate and complete historical information.
|
