|
The Joint Commission’s proposal to combine the disciplines of Safety and Security within a consolidated Environment of Care Standard is clearly a mistake that is fraught with potential unintended consequences. Here is the proposal: Current EC.2.10 (managing security risks) has been consolidated with current EC.1.10 (managing safety risks) into revised EC.2.01.0 (managing safety and security risks). The field has indicated that because the safety and security requirements are closely related, it would be appropriate to consolidate both sets of requirements under one standard.
The assumptions and philosophies that drive healthcare safety programs and those that drive hospital security programs are significantly differentiated from each other, and well they should be. Generally speaking, safety programs are driven by identifiable cause and effect assumptions. Safety policies related to errant needle sticks, universal precautions and blood borne pathogens, lifting injuries and hazardous materials are predicated on the knowledge that if well defined practices are not followed, patients and employees will surely suffer the consequences. The strategies for avoiding slip and fall mishaps or site mistakes in the surgical suite, differ very little from one hospital to another. A hazardous material spill in Bangor, Maine generally poses the same threat as a hazardous spill occurring in Topeka, Kansas. Of course there may be some circumstantial variances between one location and the other, but enlarge there are more similarities than differences.
These examples support the notion that hospital safety programs are well formatted and structured and they have evolved from the totality of the accumulative experiences of many hospitals. When safety breaches do occur it is usually not difficult to determine whether a reasonable standard of care was met. That is because the reasonable standards for safety are well defined throughout the industry. When unsafe practices result in lawsuits, defining a reasonable standard of care is not an exercise abstract reasoning. Finally, that portion of the safety program that addresses patient’s safety within a clinical milieu can be very parsimonious and detail driven, while security is more of a big picture discipline. For example the avoidance of medication errors may require redundant behaviors and redundant and detailed documentation. The application of safety standards is generally the result of micromanagement oversight.
The disciplines and skill sets required of a healthcare safety expert are at the opposite end of the spectrum of that of a qualified healthcare security professional. The security program is generally the result of macro-management techniques. Unlike safety, security is a situational discipline. That means that the efficacy and adequacy of the security program is subject to situational factors as opposed to universal guidelines. The determination of the security needs of any hospital is predicated on a number of disparate factors. Factors to be considered include the socio-economic characteristics of the clientele the hospital serves, such as the percentage of indigent patients. The Crimecast (CAP Index) data and the capability of local law enforcement to respond will have a major impact on how the security program is structured. The security program needs to take into consideration the diversity of ethnicities the hospital serves. The number and proximity of potential targets of terrorism must also be factored into any effective security operation.
The behavioral paradigm between safety and security are different. Most safety beaches that result in harm to patients of staff are the result of carelessness and/or are accidental. On the other hand most security breaches and the ensuing criminal behavior that follows is mostly intentional and calculated. Security events result from the criminal behavior of outside interlopers as well as from the criminal acts of hospital’s employees against other employees, against visitors or against patients. In the case of property crimes the threat may be from within or from without. This means that an effective security manager must have creative thinking skills that allow him or her to anticipate problems and mitigate the threat.
On the liability front security driven lawsuits, for the most part, fall into the category of premises liability claims. Most cases involve criminal victimization of patients, visitors or staff by known and unknown third parties. A smaller number of lawsuits arise from intentional torts such as excessive use of force, false imprisonment and false arrest. We at SMSI have been retained as forensic security experts in well over 550 such lawsuits with over 90 cases in the healthcare environment. We know the territory. When compared to other industries such as shopping malls, apartment complexes, high rise office buildings or hotels, hospital security programs are held to the highest standard of care.
The security professional must understand how and when to apply security personnel, as well as how much. The security manager will need to know how and when to use integrated security technology such as access management systems, CCTV, lighting, alarms and CPTED (Crime Prevention Through Environmental Design). All of these systems must be integrated with the use of security personnel. The effective security manager must be a prudent and discerning consumer of security equipment and services. The security director must also understand how and when to conduct investigations as a means of deterring future breaches. He or she must be conversant with the Management of Aggressive Behavior.
There is also a dimension of security that is under applied among most hospitals, the dimension of asset protection. That omission is likely to become even more obscured if safety and security are under the same banner. This means the potential to capture dollars and bring them to the bottom line, heretofore neglected by many hospitals, will be further diminished.
Both the security management function and the safety management function are anticipatory and preventative disciplines. With safety, the methodologies are more amenable to standardized approaches. On the other hand the panoply of security solutions that are applied to hospitals is unique to each and every facility.
When negative outcomes occur, there are some similarities between disciplines of security and safety. Whether a patient falls victim to a breach of safety or a breach of security, in addition to the liability exposure, the incident is likely to receive media attention. The financial cost as well as damage to the hospital’s reputation can be considerable in both cases.
The melting of these two distinct disciplines is more likely than not to result in mediocrity for one program or the other.
It is important to remember that there is no similarity between meeting an Environment of Care Standard and meeting the legally defined Reasonable Standard of Care. The tasks necessary to meeting the Environment of Care Standards are fairly well spelled out. The question then becomes: How does one determine a reasonable standard of care for a hospital security program? As stated earlier, security is a situational discipline. This requires that each hospital must determine what needs to be done in order to ensure their security program is adequate.
The most effective way to make this determination is to conduct a thorough security audit of all aspects of hospital operations. This requires that those conducting the assessment are conversant with threat analysis and vulnerability assessment. Vulnerability assessment must be applied to all areas of hospitals operations, including, but not limited to:
- The Business Office
- Labor & Delivery and Postpartum
- Pediatrics
- Psychiatric Facilities
- Pharmacies
- The Surgical Suite
- Materials Management
- Food Services
- The Emergency Department
- Clinical Floors
- Parking Facilities & Exteriors
- Facilities
- Research Facilities
- Common Areas
This list is not all inclusive.
Areas assessed must be examined within the context any previous security incident history. The environment in which the hospital is located must also be taken into consideration. This means crime and socioeconomic information must be part of the audit calculus. Once threats and vulnerabilities are determined they both must be quantified in order to derive a rationale for effective and cost-efficient mitigation. Hospitals will find it prudent to conduct this exercise in advance of serious security incidents with an eye toward deterrence and prevention. You can be sure that if a serious incident occurs, this evaluative exercise will be conducted after-the-fact by the plaintiff’s legal team.
In summary the altering of EC Standards resulting in JCAHO inspectors evaluating hospitals through a revised prism when considering safety and security, on the surface may seem innocuous. However this change has the potential to inadvertently provide an escape mechanism for some hospitals to down-grade security programs and still stay within JCAHO EC requirements. This could mean hospital security programs will suffer. The benefactors will be the trial lawyers. The concern is that a given hospital, in the wake of a JCAHO inspection, could be well within the required standard and still have a woefully inadequate security program and fall below a reasonable standard of care. Admittedly, this potential existed before this change. However, under the new standard the unintended consequence is likely to degrade the quality of some existing hospital security programs, especially in those hospitals that do not have well seasoned and qualified security professionals on board.
Submitted by:
William H. Nesbitt, CPP
President
Security Management Services International, Inc.
805-499-3800
|
