Articles by Ron Lander
The early October wildfires in Northern California and recent spate of hurricanes in the Southeast and Puerto Rico reinforce the fact that the healthcare community is in need of more stringent attention to organised and community-supported Emergency Management. Regulating healthcare facilities With the potential for catastrophes in the future, the Centers for Medicare and Medicaid Services (CMS) has been working on "All-Hazards" Emergency Preparedness for several years and published CMS-3178 - The Final Rule for Healthcare Emergency Preparedness on September 16, 2016. The purpose of this new regulation is to:(1) Establish consistent emergency preparedness requirements across provider and supplier networks,(2) Establish a more coordinated response to natural and man-made disasters, and(3) Increase patient safety during emergencies. This is not a sleepy regulation that gives the healthcare industry up to five years to prepare, like HIPAA (Healthcare Insurance Portability and Accountability ACT). This rule mandates that if healthcare facilities do not comply by November 15, 2017, they risk not receiving Medicare and Medicaid reimbursements in December. Who does this affect? This applies to seventeen Medicare and Medicaid provider sectors, ranging from Ambulance Service companies to hospice providers, clinical laboratories and everything in between. The seventeen disciplines Hospitals Religious Nonmedical Health Care Institutions (RNHCIs) Ambulatory Surgical Centers (ASCs) Hospices Psychiatric Residential Treatment Facilities (PRTFs) All-Inclusive Care for the Elderly (PACE) Transplant Centres Long-Term Care (LTC) Facilities Intermediate Care Facilities for Individuals with Intellectual Disabilities (ICF/IID) Home Health Agencies (HHAs) Comprehensive Outpatient Rehabilitation Facilities (CORFs) Critical Access Hospitals (CAHs) Clinics, Rehabilitation Agencies, and Public Health Agencies as Providers of Outpatient Physical Therapy and Speech-Language Pathology Services Community Mental Health Centers (CMHCs) Organ Procurement Organizations (OPOs) Rural Health Clinics (RHCs) and Federally Qualified Health Centers (FQHCs) End-Stage Renal Disease (ESRD) Facilities Security Integrators should prepare for demand for hardware and software to support the theme of this regulation Beyond the techno jargon and acronyms, the goals of the Rule recognise that there are systemic gapsthat must be closed by establishing consistency and encouraging coordination across the EmergencyPreparedness sector of the United states and its possessions. For example, “The Rehabilitation Center” in Hollywood Hills, Florida that had a portable generator and window air conditioning units because of the extreme heat, causing fourteen deaths, probably would have avoided that tragedy had there been better planning and training for a long-term power failure. “You can’t just back up a generator to a nursing home and plug it in,” said Bob Asztalos, a Florida lobbyist at a recent Florida state hearing. Ironically, this facility was “across the street” from a major hospital and some pre-planning and installation of an “emergency” generator connection with the hospital’s power plant could also have helped immensely. There were several other factors to this tragedy-refer to this website for a CBSN video about the facility. Las Vegas shooting The Oct. 1 mass shooting in Las Vegas where over twenty area hospitals were dealing with victims further reinforces the need for better “community-wide” support and communications. Further, there are four requirements that facilities must fulfill complete before the deadline: Risk Assessment and Planning DocumentEach individual facility must (internally or externally) perform a Risk Assessment to identify the areas that must be dealt-with to conform with the Final Rule. Policies and ProceduresBased on the Risk Assessment, develop an emergency plan using an all-hazards approach focusing on capabilities and capabilities that are critical for a full spectrum of emergencies, or disaster specific to the respective location(s). Communications PlanDevelop and maintain a communications plan to ensure that Patient care must be well coordinated within the facility, across healthcare providers and with State and Local public health departments and emergency systems Training and Testing PlanDevelop and maintain training and testing programs, including initial and annual re-training, conducting drills and exercises (full-participation and tabletop) in an actual incident that tests the plan. The Rule specifically aims at smaller facilities such as Eldercare Homes and Laboratories that are more focused on patient service Hardware and software demand What does this mean to the healthcare security and support community? While this rule does not apply specifically to healthcare security and safety departments, consultants who have experience in healthcare risk, vulnerability and threat assessments are best positioned to provide the necessary assessments in a timely manner. Security Integrators and other support vendors should also be ready for a demand for the following hardware and software to support the mandates of this regulation: Intelligent Access Control Visitor Management Mass Evacuation Alert Programs and Systems More extensive use of video surveillance so management can quickly assess an incident Interoperability appliances that community on public service networks Backup systems for all electronic functions from the Network Architecture to the simplest of healthcare support tools Electrical Upgrades Provision of Fresh Water and disposal of Sewage capabilities when the facility infrastructure fails Additional HVAC support through the facility’s backup systems Vendors for Fuel and other types of off-site support Suppliers of day-to-day supplies and medicine Communications support in the event of landline and cell phone failures What should the healthcare community do? What does this mean to the healthcare community? This Rule is not intended to focus only on large and medium-sized hospitals. It specifically aims at smaller facilities such as Eldercare Homes and Laboratories that are more focused on patient service rather than preparing the facility for a disaster. Download the entire rule and resource information from the ASPR-TRACIE website. ASPR-TRCIE has been a leader in providing for those desiring additional support in this and other areas of healthcare emergency preparedness. While this rule focuses on Emergency Preparedness, it obviously touches on Business Continuity, Facility Management, Community Relations, Human Resources and other disciplines in the healthcare community. Make sure the C-Suite is aware of this rule and emphasize the timeliness.
ASIS International, the membership organisation for security management professionals, announces the recipients of its 2019 Innovative Product Awards (IPA) for Global Security Exchange (GSX) 2019, to be held from September 8-12 in Chicago. The ASIS IPA competition, formerly known as Accolades, recognises the security industry’s newest, most innovative products, services, and technology solutions. These peer-distinguished solutions address critical industry trends and reflect the best of the innovation shaping the security industry. Recognising the expertise of winners We congratulate all honourees and look forward to showcasing each winning solution at GSX this year"The program saw a 17% growth in entrants over last year, receiving 35 product submissions from across the globe in this year’s competition. Product entries had to represent a technology that was introduced within the last year. A group of judges comprised of end users and experts in security technology selected the top winners based on level of innovation, unique attributes and the benefit the product or service brings to the security industry. “Developing a new security solution or service can be a difficult challenge, and, as such, we are excited to highlight the dedication, expertise, and sheer hard work of our deserving winners,” said Ronald Lander, CPP, Chief Specialist, Ultrasafe Security Solutions and Co-Chair, ASIS IPA Committee. “This year’s competition was the closest in the eleven-year history of this competition, with contributions from several new security sectors. We congratulate all honourees and look forward to showcasing each winning solution at GSX this year.” Winners of the 2019 IPA: Judge's Choice: Ouster – OS-1-64 Lidar and Object Tracking.Ouster's OS-1-64 Lidar achieves 360o superior vision, 24/7 night vision and reliability in challenging weather conditions. With object tracking software, the system builds precise 3D renderings of surroundings, identifies and tracks objects, and predicts threats before they happen. Compliant Technologies – The Force Multiplier Generated Low Output Voltage Emitter (G.L.O.V.E) quickly transforms into a Conducted Electrical Weapon (CEW) to supplement existing intermediate tools within Law Enforcement, Corrections, Security, EMS and the Military. IP Video Corporation – The ViewScan passive walkthrough Concealed Weapons Detection System does not require pat downs as it displays threat images of the exact location on a body and stores images. Orion Entrance Control – The Orion Secure DoorGuard is a high-accuracy tailgate detection system that uses disruptive, solid state LiDAR technology to accurately determine when there’s an attempt to gain invalid entry through a secured access point. Sternum – The EIV (Embedded Integrity Verification) solution offers a holistic and highly scalable solution, which enables IoT manufacturers to secure devices from end-to-end. Sure-Fi – The Serial Data Bridge provides a solution to the problem of wiring access points to controllers in any situation. Utilising the proprietary Sure-Fi 900 MHz Radio Module, users can connect any access point without running wire.
A force of 85,000 police and military will patrol the Olympic grounds and environs to provide security A week before the Rio Olympics were slated to begin, Brazil fired the private security firm assigned to hire personnel to screen people entering the various Olympic venues located around Rio De Janeiro. The security plan called for 3,400 screeners. The security firm had only found 500. What happened? Today, prospective security officers must undergo background checks that do not raise red flags. Observers noted that unsatisfactory background checks and drug tests probably explain why it has been so difficult to find and hire the large numbers of security people needed in the short period of time allotted. That problem aside, a force of 85,000 police and military will patrol the Olympic grounds and environs to provide security. “Security officers and soldiers have different ways of thinking,” says Ron Lander, a principal with Norco, California-based Ultrasafe Security Specialists. “Soldiers may be more aggressive than security officers. That may be appropriate for an event like the Rio Olympics.” “Then again, security officers are trained to de-escalate aggressive behavior and calm unruly customers so that everyone walks away with a handshake,” says Lander. “The army may not have had that kind of training.” Olympic security technology Olympic size events make liberal use of technology. The Olympic grounds in Rio have surveillance cameras as well as access control points. In addition, there are cameras connected to facial recognition systems. “Facial recognition is getting better and better,” says Lander. “Camera placement is an important key. There are mullion cameras placed in doors that take head on video that is required for reliable facial recognition. As the camera system clears people, the access control system checks them in.” Checkpoint technologies also include magnetometers that check for metal weapons. It is recommended to create two or more concentric security circles around the perimeter of an event, with attendees passing through access points in the circles Concentric security circles Lander recommends creating two or more concentric security circles around the perimeter of an event. Physical barriers and ropes can create the barriers and funnel people to checkpoints that also provide access. Why concentric circles? “It is a security technique called progressive redundancy,” Lander says. “There could be many steps. In a security facility, for instance, you lock the door, place an alarm at the perimeter, put up a fence and assign a patrolling guard.” So security at an Olympic-style event will feature two concentric security circles around the location of the event. Attendees will pass through access points in the circles. At one checkpoint, they may pass through a magnetometer. At the second, two officers will check purses and bags, while a third officer looks for telltale behavioral recognition signs — individuals who are nervous and sweating, wearing a heavy coat on a warm day or exhibiting behavior that is unusual in some way. Video analytics “Today, some organisations are moving toward video analytics,” Lander says. “There are cameras with analytics software and network video recorders with analytics inside the engine. I prefer analytics on the front end.” Users can program video analytics cameras to look for and alarm on certain kinds of video. For instance, analytics can be set to alarm when people run through a camera’s field of view. Analytics can look for motion in a place and at a time when nothing should be moving. The technology can identify abandoned packages and alert security to investigate. There are a number of security scenarios that video analytics can stand in for human beings, who often get tired. Video analytics don’t tire out and fall asleep. In the end, the role of security technology is to support security officers, and their role is to remain alert, aware and responsive to alarms. Save
ASAP-to-PSAP technology automates communications between alarm monitoring companies & PSAPs and dispatches emergency service In April 2015, Cary, N.C., adopted a technology called Automated Secure Alarm Protocol to Public Safety Answering Point (ASAP-to-PSAP), but currently they are among only a handful of emergency 911 call response locales that use ASAP-to-PSAP technology in the United States. Commander Scott Edson of the Los Angeles County Sheriff’s Department, speaking to a seminar gathering at ISC West, emphasised the importance of rolling out more implementations of ASAP-to-PSAP. The technology benefits residential and commercial alarm monitoring companies and their customers by eliminating dispatching errors and speeding dispatching times. There are 6,500 PSAPs that respond to emergency 911 calls in the United States. They take more than 250 million 911 phone calls per year from the public and from central station alarm monitoring companies. PSAPs then route the information from 911 calls to the right emergency service and then dispatch police or fire services. ASAP-to-PSAP technology automates the communications between alarm monitoring companies and PSAPs and dispatches the emergency service. The Central Station Alarm Association, the Association of Public Safety Communications Officials and Vector Security developed the software technology back in 2009. So what’s the implementation hold-up? “As always, funding is the issue,” says Ron Lander, CPP, principal with Ultrasafe Security Specialists in Norco, Calif. “The cities don’t want to spend the money. The central stations want to implement it. They say it will reduce personnel needs.” Replacing central station phone calls with data entered by a central station operator offers three major benefits, according to a PowerPoint presentation developed by Bill Hobgood, project manager with the Richmond, Va., Public Safety Team. First, it eliminates telephone calls between alarm monitoring companies and PSAPs, which take up time that could be spent with individual 911 callers, who might be in immediate physical danger. It eliminates the inevitable miscommunications between two human beings talking on the telephone – “Speak up, I can’t hear you.” “Was that Fourth Street or Fifth Street?” “Oh, Fifth Avenue, sorry.” Then there are also communications problems related to language in our increasingly multi-cultural society. Finally, and perhaps most important, it speeds the processing and response times by crucial minutes. Research shows that an ASAP communication takes 15 seconds or less to dispatch police or fire units. By comparison, a telephone communication takes 1.5 to 3 minutes or more to dispatch units. Upon implementing ASAP-to-PSAP, there was a 13 percent drop in the number of police alarms handled by telephone An ASAP application carries out three tasks. It translates data from the alarm monitoring company into a format that the PSAP technology can read and process. Second, it updates the alarm monitoring company on the status of the alarm — message accepted and referred to the right emergency service or rejected for one reason or another. Finally, an ASAP application provides continuing updates including cancellation notices from the alarm monitoring company, notices that emergency service has been dispatched, notices that emergency responders have arrived at the scene and notices that events have been closed out. Houston implemented the technology in 2011 and has reaped enormous benefits. According to Bill Hobgood, Houston encompasses 634 square miles, has a population of 2.3 million people and runs the nation’s fourth largest PSAP. The city receives more than 2,600 police alarms weekly from 43,000 alarm systems monitored by three alarm companies. Upon implementing ASAP-to-PSAP, there was a 13 percent drop in the number of police alarms handled by telephone. Non-emergency telephone calls declined by 15 percent. The PSAP estimates that it is saving $1 - $2 million annually. What about accuracy and response times? Hobgood studied results in his own city of Richmond as well as York County, Va., in the Tidewater region, both of which implemented ASAP-to-PSAP in 2011. Hobgood’s study found that when the system eliminated call-taker involvement, it eliminated spelling mistakes and accidental transposition of street address numbers. It also eliminated problems related to low-volume headsets and accents. Those are impressive business and performance improvements, which is driving Commander Edson’s interest in rolling out more implementations.
NFC can strengthen security by turning smart phones into physical and logical access control credentials The trouble with access control cards is that people lose them, lend them to friends who use the cards, or lose them, or lend them to someone else. Losing a card is bad enough, but people that lose cards often make it worse: “When someone loses an access fob or card, he or she doesn’t always tell the security department right away,” says Paul Timm, president of Lemont, Ill.-based RETA Security, Inc. “People that lose cards don’t want to pay the $20 fee for a replacement, so they look for their cards. While they are looking, whoever finds the card can use it.” To be sure, electronic access control systems provide more security, more economically, than locks and keys. When a key goes missing, a locksmith has to make an expensive trip to the affected door and rekey it. Remote computers can quickly and easily decommission lost cards. Still, decommissioning and replacing lost access cards can take up a lot of time. Enter near field communication or NFC, a mobile technology that can turn smart phones and tablets into physical and logical access control credentials, and thus strengthen security. The security improvement arises from the fact that people don’t lose their mobile devices. Think about your smart phone. If it isn’t right beside you, it’s in your pocket or the palm of your hand. “If someone loses a card, he may ask to borrow a friend’s card, and the friend may give it to him,” says Timm. “But no one would loan a smart phone to a friend.” NFC technology also forms the basis of an emerging mobile payment system “People don’t lose their phones, and people don’t lend their phones. That’s why it makes sense to look at NFC as a way to tighten security.” There’s more. NFC technology also forms the basis of an emerging mobile payment system that will enable users to charge purchasers by holding a phone up to a reader. NFC boosts security over mag-stripe credit cards and aims to overcome well-known wireless security problems by reducing the distance of the wireless communication to a couple centimeters — and encrypting the communication. Security professionals say that NFC is a good idea but needs perfecting. “It is possible to conceal a sniffer close enough to a reader to intercept NFC communications,” said Ron Lander, CPP, a principal with Norco, Calif.-based Ultrasafe Security Specialists. “Someone can attach a sniffer under the counter, for instance. How often does management check for rogue devices? They should start checking.” “I do think NFC is a good technology, but we have to develop a standard, secure infrastructure for it,” Lander adds. Still, adoption has begun. A number of colleges and universities have pilot-tested NFC as an access control and payment tool. Research shows steady growth. According to the Statista research service, the percentage of smart phone users in the United States employing NFC for mobile payments will rise to 12.7 percent this year and more than double to 27 percent by 2018. Anyone planning to install electronic access control at a facility might want to plan for the possible adoption of NFC. Same for anyone looking to refresh their current supply of access control readers. Perhaps it’s time to look into NFC-enabled access control readers. There are readers on the market that will read both NFC and traditional cards. In fact, that capability is reportedly becoming standard. Adopters will also have to work with mobile phone service providers and their trusted service managers (TSMs) to set up a system enabling employees to download unique NFC identifiers for their phones. Preparing a little each year over the next two or three years will enable companies to be ready for employees with NFC-enabled technology to start “phoning in.”