There have been many changes in the healthcare environment over the past decade. The Affordable Care Act has been established, severe weather events are on the rise, violence along with active shootings continue to increase, behavioural health patients present treatment challenges and hospitals continue to consolidate to increase purchasing and service capabilities. Over the next decade, healthcare will continue to transform. Emphasis will be on financial reform, violence response, emergency preparedness, the proper care and handling of behavioural health patients and service efficiencies.

Current issues affecting healthcare security

Violence in healthcare continues to pose the greatest risk to hospital staff. Several key healthcare organisations have published information to assist security directors in the reduction of violent incidents.

The International Association for Healthcare Security and Safety (IAHSS) publishes security and design guidelines specific for healthcare facilities. These resources provide valuable and internationally recognised practices and standards for addressing healthcare violence. The IAHSS Foundation (IAHSSF) publishes an annual crime and incident survey analysing violence in healthcare.

The American Hospital Association (AHA) recently published a webpage specifically to assist in the mitigation of violence. ASIS International has published several whitepapers addressing healthcare security; specifically violence related to behavioural health patients and disruptive and violent behaviors in healthcare. The Occupational Safety and Health Administration (OSHA) website offers numerous tools and resources pertaining to workplace violence and safety with a section devoted specifically to the healthcare industry.

Possibility of healthcare workplace violence prevention

At the time of writing, the Republican Party had not figured out how to change the Affordable Care Act (ACA) while still making healthcare more affordable. Most likely changes in health care will occur within the expanded purchasing options, Health Savings Accounts (HAS’s), Medicare reimbursement and the use of government exchanges. The indoctrination of the ACA included increased investigation to Medicare fraud and audits to hospitals for billing errors. In 2016, the Federal government collected over three billion dollars in fraud and reconciled billings to Medicare.

Violence will continue to challenge the healthcare sector in the future
Domestic violence, child abuse, behavioural health, drug and alcohol abuse will all continue to challenge hospital staff

The Joint Commission issued Sentinel Alert 57. This alert focuses on the role of leadership in developing a safe culture. The Occupational Health and Safety Administration (OHSA) contemplated issuing a healthcare workplace violence prevention standard. This standard required healthcare institutions to have a clearly defined prevention programme in place.

This year, a total of 25 states have legalised marijuana. This legislation will dramatically change how we care for patients and deal with patients, employees and visitors who are using the substance and may be impaired at work and within the hospital, and who may request continued use while being an in-patient within a facility that is smoke free.

The future for healthcare security

In the future, healthcare security professionals will have to deal with a variety of events from severe weather, violent and active shooter incidents, terrorist attacks, and continued changes to healthcare reimbursement. Severe weather has the potential to impact all healthcare systems across the globe. Specific attention must be directed at knowing the weather threats common to specific geographical locations. A Comprehensive Emergency Management Plan (CEMP) must be current and thorough for disaster response. Performing exercises is a valuable tool in staff education and opportunity to reinforced skills for those assigned to incident command positions.

The Hazard Vulnerability Assessments helps in defining risk severity and identifying historical
patterns of violence

Violence will continue to challenge the healthcare sector in the future. Domestic violence, child abuse, behavioural health, drug and alcohol abuse will all continue to challenge hospital staff in the Emergency Department, Women’s Health, and behavioural health areas. The Hazard Vulnerability Assessments (HVA) along with facility wide risk assessments helps in defining risk severity and identifying historical patterns of violence.

Active shooting incidents

According to the FBI, an analysis of 2014 and 2015 active shooter incidents identified 20 incidents in each of these years. This annual tally is an increase from 17 in the year 2013. In a John Hopkins study entitled, “Hospital-based Shootings in the United States: 2000 to 2011,” Hopkins identified 154 hospital related shooting events (26.6 events per 1,000 hospitals) in 148 hospitals, affecting 235 victims (0.79 per 1,000,000 population). The risk of experiencing an active shooter incident is increasing. Hospitals must be prepared to not only deal with their own active shooter incident, but any that could occur in their service community.

Changes in terrorist tactics now present a new challenge for the healthcare security. According to Homeland Security, hospitals play a major role in the response for terrorist-related incidents and terrorist activities within the United States. Today, incidents are comprised of local combatants whose goal is to kill civilians in crowded areas like restaurants, concerts, and other mass gatherings. Attacks in the past have focused on first responders and their ability to treat victims. Healthcare institutions need to be ready to again accept victims of terrorist events and prepare for the potential for becoming victims of an event as well.

Trump Care

At the writing of this article, “Trump Care” is still being debated. However, certain things seem clear. In the future, Medicare reimbursement will probably be reduced leaving hospitals with less money within their payor mix. Trump Care may also see increased State control over the reimbursement process, allowing each State to decide its own fate when it comes to Medicare and Medicaid payment rates. This could provide hospitals with less revenue, leaving hospital security departments with budgets struggles for both staffing and technology.

Severe weather, violent and active shooter incidents and terrorist attacks all affect healthcare security
Today, incidents are comprised of local combatants whose goal is to kill civilians in crowded areas like restaurants, concerts, and other mass gatherings

Staff recruitment will remain amongst the most challenging endeavour. The need for qualified and skilled security staff will challenge the best of talent recruiters. Competitive wages and benefits will require continual focus for attracting skilled labour. Recruiting practices and personal skill screening tools will be of benefit. Some systems find outsourcing their security department the best option. Hybrid models are options as well as contracting with local law enforcement for additional presence.

Training for healthcare security staff

A key factor of success for security in healthcare is training. Providing staff with the necessary tools and skills will afford significant return on investment with quality and satisfaction outcomes. Healthcare security staff should receive training focusing on patient safety, patient experience, customer experience and quality of service. Awareness and understanding of behavioural health, aggression management and de-escalation talents, crime prevention and customer service abilities and aptitudes are a must. The International Association for Healthcare Security and Safety (IAHSS) offers several educational certification levels designed specifically for healthcare security officers.

Importance of robust security department

Utilising concepts and dynamics of lean tools, technology options, clinical throughput, and Standard Work all influence security services. The concept of Standard Work is popular in the business world. Utilising this concept is beneficial to security. Standard Work can identify staffing needs, work flow process, consistency in service levels, and maximum utilisation of technology resources and equipment. Striving for the right person doing the right work with the right skill set is the desired outcome. Often the same concept will hold true for identifying the right department providing the right service for the right reason.

Data will be of extreme importance in the distribution of those resources. Security departments need to collect relevant data on all aspects of security services from reported crime data, security calls for service, annual risk assessments and benchmarking data. Hospital security departments must create a data-driven environment that can help to demonstrate service needs and improve processes over time. The real success of using data is the analysis of data to determine patterns and trends that can demonstrate the need for and successes in security services.

Methods for managing healthcare security are driving factors. A robust security department will implement and utilise security technology to support and influence safety, security and quality outcome measures. Return on investment (ROI) and the ability to show quality metrics and positive influence in life-safety, security and patient satisfaction scores will be core in driving positive capital decisions. Challenges of healthcare security in the future will require continued education and knowledge of current trends, guidelines, and standards within the healthcare security industry.

By Ben Scaglione and David LaRose

Download PDF version

In case you missed it

Enhance traditional security systems within your smart home
Enhance traditional security systems within your smart home

Market dynamics are changing the U.S. residential security market, creating new business models that better appeal to the approximately 70% of households without a security system. Smart home adjacencies have helped revitalise the traditional security industry, and alternative approaches to systems and monitoring for the security industry are emerging, including a new batch of DIY systems. Growth in the residential security market and its position as the channel for smart home solutions have attracted numerous new entrants. Telecoms, cable operators, and CE (consumer electronics) manufacturers are joining traditional security players as they compete to fulfill consumer demand for safety and security. Connected products also provide a layer of competition as consumers must decide whether having category devices such as doorbell video cameras, networked cameras, and other products suffice for their security. Increasingly competitive landscape Smart home services can provide additional revenue streams for the security industry For instance, IP cameras are a highly popular smart home device rooted in security, and Parks Associates estimates 7.7 million standalone and all-in-one networked/IP cameras will be sold in the U.S. in 2018, with $889M in revenues. Product owners may feel their security needs are fulfilled with this single purchase, as such dealers and service providers are under increasing pressure to communicate their value proposition to consumers. Categorically, each type of player is facing competition uniquely—national, regional, and local dealers all have a different strategy for overcoming the increasingly competitive landscape. Smart home services can provide additional revenue streams for the security industry. In Parks Associates’ 2017 survey of U.S. security dealers, 58% report that smart home service capabilities enable extra monthly revenue. Almost half of dealers also note they have to offer smart home devices and services in order to keep up with their competition. While white-label devices are acceptable in some instances, dealers need to integrate with hero products whenever possible when those exist for a category. For dealers who have added smart home devices and services are all potential benefits and good for business Improved customer engagement That 2017 survey also revealed 36% of security dealers that offer interactive services report security system sales with a networked camera and 16% report sales with a smart thermostat. For dealers who have added smart home devices and services, enhanced system utility, increased daily value, and improved customer engagement with the system are all potential benefits and good for business. Security has served as the most productive channel for smart home solutions, mainly because the products create natural extensions of a security system’s functions and benefits, but as smart home devices, subsystems, and controllers expand their functionality, availability, and DIY capabilities, many standalone devices constitute competition to classical security. Particularly viable substitute devices include IP cameras, smart door locks, smart garage doors, or a combination of these devices. Products that are self-installed offer both convenience and cost savings, and these drivers are significant among DIY consumers—among the 6% of broadband households that installed a security system themselves, 39% did it to save money. Enhance traditional security Self-installable smart home devices may resonate with a segment of the market who want security While many security dealers believe substitute offerings are a threat, some dealers do not find such devices an existential threat but instead view them as another path to consumer awareness. They argue that the difference between smart product substitutes and traditional security is that of a solution that provides knowledge versus a system that gives one the ability to act on that knowledge. A common theme among professional monitoring providers is that a homeowner who is aware of events happening in the home does not necessarily have a secure and protected household. For example, a Nest camera, a DIY product, notifies a consumer via smartphone about events in the home when it detects motion, but only when the notification is opened and identified will a consumer be able to act on the related event. Self-installable smart home devices may resonate with a segment of the market who want security but are unwilling to adopt professional monitoring; however, providers can leverage these devices to enhance traditional security features and communicate the value of professional monitoring. Smart home devices and features, while posing a threat to some security companies, are a potential way forward to increased market growth Increased market growth A key counterstrategy for security dealers and companies is to leverage their current, powerful role as the prime channel for smart home devices. Many security dealers now include smart home devices with their security systems to complement their offerings and increase system engagement. For example, as of Q4 2017, nearly 70% of U.S. broadband households that were very likely to purchase a security system in the next 12 months reported that they want a camera to be included as part of their security system purchase. In response, many security system providers now offer IP cameras as optional enhancements for their systems. Smart home devices and features, while posing a threat to some security companies, are a potential way forward to increased market growth. Security dealers have an opportunity to become more than a security provider but a smart home solutions provider rooted in safety. Provide status updates Comcast has entered both the professionally monitored security market and the market for smart home services The alternative is to position as a provider of basic security with low price as the key differentiator. Comcast has entered both the professionally monitored security market and the market for smart home services independent of security. It has discovered that monetising smart home value propositions through recurring revenue becomes increasingly challenging as the value extends further away from life safety. Since the security industry remains the main channel for smart home services, security dealers are in a unique position to leverage that strength. Value propositions must shift from the traditional arming and disarming of a system to peace-of-mind experiences that builds off the benefits of smart devices in the home to provide status updates (e.g., if the kids arrived home safely) and monitoring at will (e.g., checking home status at any time to see a pet or monitor a package delivery). These types of clear value propositions and compelling use cases, which resonate with consumer and motivate them to expand beyond standalone products, will help expand the home security market.

State of counter-drone regulation for public safety and physical security
State of counter-drone regulation for public safety and physical security

In 1901 New York state made a pioneering regulation move and became the first US state to require automobile owners to register their vehicles. This marked the beginning of regulation on modern traffic, which - following decades of development - resulted in a multi-layer concept of regulation relating to vehicles and driver’s licenses, traffic signs and insurance mechanisms that we are all familiar with nowadays. While certain parallels can be drawn between the early days of cars and our contemporary experience with quadcopters, we are facing a new challenging era that is far more complex to organise and regulate. Integrating drones in existing regulatory ecosystem Similar to other pioneering technologies in the past, drones need to integrate into a long existing and well-balanced ecosystem, the rules of which have first been drafted some one hundred years ago and have evolved without taking vehicles such as drones into account. Yet the safety risks related to aviation hinder the quick integration of drones into that ecosystem, broadening the gap between existing regulatory landscape and the exponentially growing popularity and ever-advancing technology of drones. The safety risks related to aviation hinder the quick integration of drones into the legislative ecosystem For the past several years, governments and legislators have been trying to tackle this problem by trying to answer two questions: how to properly integrate drones into the airspace without creating a hazardous impact on existing airborne operations, and how to enforce regulations in order to prevent the side-effects related to careless or malicious drone flights, taking into consideration public safety and physical security. Counter-UAS measures and regulations Up until 2018, legislators tried to tackle these two questions as a whole by introducing bundled legislation drafts covering the entire landscape of gaps they needed to address, which resulted in multi-parliamentary committee efforts both in the US and abroad to review and approve each bill - a process that is very slow by design. It was only in the beginning of this year that the issues were starting to be addressed separately: legislation related to limitations and counter-drone measures on the one hand, and legislation related to integration into airspace on the other. Let’s take a closer look at Counter-UAS (unmanned aerial systems) measures and what makes them challenging in terms of regulation. Over the past years, various counter-drone technologies have been introduced to enable control over rogue drones in order to either stop them from achieving their flight purpose or prevent them from creating safety hazards to people or property. These measures can be grouped into 3 types of technologies: Military grade solutions - including lasers and surface-air missiles Kinetic solutions - including net-guns and autonomous drones set out to catch the rogue drone and disable it airborne Non-kinetic RF-based solutions - aimed at either disabling, disrupting or accessing the drone’s communications channels in order to trigger a return-to-home function, or guide the drone into a safe landing route Aside from combat military operations, the legality of using the above technologies is questionable as they tamper with an airborne aircraft, might be considered as wiretapping and/or violate computer fraud laws. Therefore, one can conclude that unless changes to regulation are made, non-military facilities will continue to be defenceless from and vulnerable to rogue drones.  One can conclude that unless changes to regulation are made, non-military facilities will continue to be defenceless from and vulnerable to rogue drones European c-UAS legislation Next, let’s look at the state of c-UAS legislation in both Europe and US to better understand different legislative ecosystems and how they affect the possibilities of using counter drone measures. In the European Union, there is currently no uniform legislation, and the member countries rely on their own existing legal infrastructures. Roughly speaking, most countries use a method of exemptions to the communications and aviation laws to allow the use of counter drone measures after a close examination by the relevant authorities. Such exemptions are approved under scrutiny to particular sites, which provide some relief, but they do not allow broad use of countermeasures. Further discussion regarding a broader regulation change, on a country level or EU-wide, is only preliminary. US c-UAS legislation Preventing Emerging Threats - provides an initial infrastructure for counter drone measures to be used by various DoJ and DHS agenciesUnlike the EU, in the US exemptions are not possible within the existing legal framework, and the possible violation of US code title 18 means that the hands of both the government or private entities are tied when attempting to protect mass public gatherings, sports venues, or critical infrastructure. Therefore, it was more urgent to introduce legislation that would allow countermeasures to some extent. In September, US Congress approved the FAA-reauthorisation act for the next 5 years (H.R. 302), which was shortly after signed by the President and came into effect. Division H of the act - Preventing Emerging Threats - provides an initial infrastructure for counter drone measures to be used by various DoJ (Department of Justice) and DHS (Department of Homeland Security) agencies under strict limitations. However, the act avoids determining which technology the agencies should use, yet it requires minimal impact on privacy and overall safety in order to strike the necessary balance. This is the first profound counter-drone legislation and is expected to be followed by additional measures both in the US and in other countries. Updating counter-drone legal infrastructure In summary, 2018 has been a pioneering year for counter-drone legislation, and while technology already allows taking action when necessary, legal infrastructure needs further updates in order to close the existing gaps: covering additional federal assets, state-level governments, and private facilities of high importance, such as critical infrastructure sites. Legislators in the US and around the world need to continue working in a rapid tempo to keep up with the growing threat of drones. As with cars a century ago, the number of accidents will rise with the increase in time taken to regulate.

Unlocking profits for integrators in the ever-evolving world of access control
Unlocking profits for integrators in the ever-evolving world of access control

Whether you are a veteran in the access control world or have never installed a card reader before, there are always ways to increase profits in the ever-evolving world of access control. The hope is that by considering a few key focal points, you can find ways to increase market share. Whether we are releasing an electronic lock through a simple intercom button or using biometric and multi-authentication based on a database; the tactics for bringing on more revenue is the same. Learning to focus on a few key items can help open up opportunities. Business access controls Understanding vertical markets is a strong strategy for success in increasing your profits with access controlIf you are new to access control, it’s important to determine the right product offerings for your business model and experience level of your team. Mistakes in estimating or installing can be costly and complex. Take advantage of manufacturer training both online and in the classroom for both your sales team and installation department. It’s important to understand the fire and building codes in your area to make sure you design the proper solution for your customers. Furthermore, understanding the products, components and proper wiring can save you money in labour and materials.  Today we will look at four focus points: vertical markets, cloud-based access control, technology upgrades, and preventative maintenance and service agreements. These four focal points are simple to implement and can be easily added to your current operation. Vertical markets Understanding vertical markets is a strong strategy for success in increasing your profits with access control. The concept is that understanding a certain vertical and their security needs can increase your sales team’s marketability. If you spend your time focusing on the healthcare industry, for instance, you will see that HIPA requirements open doors for selling access control. Getting to know the regulatory concerns of different verticals is a great strategy for more effective sales Having logs of who entered your HR files room or patient records storage is a crucial part of addressing privacy concerns. Getting to know the regulatory concerns of different verticals is a great strategy for more effective sales.  Another example could be apartment communities or other multifamily dwellings. In this competitive marketplace, these complexes are looking for ways to stand out in their market. Knowing this and being able to offer amenities like secured locks with Bluetooth credentials that tenants can open with their smartphones is a selling point for you and for your customer. Building on each customer you contact within a vertical is like free sales and marketing training. The more you learn from each potential client, the more you increase your conversation starters for the next potential client. Cloud-based access control With the growing cloud-based access control market, integrators can find more opportunities in small businesses and vertical markets that typically wouldn’t be on the radar of your sales team. A typical card access system often makes the move from the traditional lock and key systems to electronic card access cost prohibitive. This is due to the large upfront costs for a server, software and annual licensing. With cloud access, integrators can offer less expensive upfront costs with low monthly subscription fees that cover all software updates, database backups, security patches and more. The real benefit for the integrator is the reoccurring revenue. By helping our clients save money on server, software and IT infrastructure costs, we are securing reoccurring revenue for our companies that increase our profitability. Building reoccurring revenue not only provides cash flow but also keeps your name on the top of the minds of your customer and that leads to additional sales. By helping clients save money on server, software and IT infrastructure costs, we are securing reoccurring revenue for companies that increase profitability Technology upgrades Another often overlooked opportunity is technology upgrades. Training your sales staff and even service technicians to watch out for clients with older technology can reap major benefits. When you bring new technology to your clients, you show another value that you bring to the table. Even if your client isn’t ready to make an upgrade, you can easily plant a seed that will get their minds and budgets rolling. An easy example is a customer with an older intercom door access system An easy example is a customer with an older intercom door access system. This may have met their needs 10 years ago when it was installed, but the office has grown and perhaps an integrated card access intercom system is a great technology upgrade. Bringing this to the customer will once again show that you are the “subject matter expert” and your customer will be more apt to refer you to their friends and colleagues. Another easy way to find technology upgrades is to dig through your ageing client list and build a list of potential targets that you have not visited lately. If you keep records of what was installed previously, it will make it easier to plan ahead and bring solutions to your next visit, saving your sales staff time and again building confidence with your clients. Preventive maintenance and service agreements One thing that sales teams often miss is the opportunity to add service agreements and preventative maintenance agreements. Even if a customer already has an access control system, they may not have a service provider and may be interested in securing a service agreement. Typically, a service agreement can be written to cover all parts and labour or just labour for an annual feeShowing the value of a service agreement is paramount, adding annual or semi-annual preventative maintenance to your service agreement is one way to add value. Inspecting locking mechanisms, request to exit motions and buttons, door status switches, headend equipment, batteries and power supplies, can save your customer from a costly after-hours service call or the inconvenience of a non-functioning access control system during business hours. Additionally, checking computer hardware and software logs for errors can save a customer from a catastrophic failure.  Typically, a service agreement can be written to cover all parts and labour or just labour for an annual fee. It is helpful to come up with a percentage of the install value that makes sense so that your sales team can easily quote a service agreement for your customer. Offering several levels of service also opens the table for negotiations. You can offer an “all parts and labour 24/7” or a “parts and labour M-F 8AM-4PM”, as an example. Offering guaranteed response times can also be a marketing strategy. Critical area access management Checking computer hardware and software logs for errors can save a customer from a catastrophic failureA 24-7 facility that has 200 employees moving in and out of critical areas may be a great potential customer for a high-level service agreement with semi-annual preventative maintenance and a guaranteed 4-hour response time. Where a small office that is only open during standard business hours may be better suited for a labour only M-F with annual preventative maintenance inspection. The point is that a creative, intentional, and focused approach to access control can yield the fruit that brings long-term success to your team. Building a plan and learning from each prospect, sale, and installation will develop a process that brings results. Attending a trade specific expo like ESX will give you the opportunity to meet with manufacturers and other integrators that can help you implement a product offering and strategy for success.