“Workplace violence is part of an epidemic in healthcare now, and line staff — regardless of what unit they work in — must have at least a basic knowledge of how to recognize potential warning signs and how to react appropriately when an incident occurs,” he continues. “That’s the bare minimum, regardless of facility size, location or hours of operation. Only then can we start looking at the security staffing or engineering controls to help prevent these incidents. Workplace violence isn’t something you can solve by putting in a lock and a camera. You have to have the human component with the ability to recognize and report so the proper mitigation can be undertaken.”
Michelman agrees that training is the key, and that it must be done right. “Doing fun, dynamic training that people enjoy is the most effective approach. We offer many different training programs, and our goal is to make them enjoyable exercises rather than tedious meetings,” she says.
Reporting policies — especially zero-tolerance policies — are a main factor of decreased violence potential noted in the Emergency Nurses Association study, along with management commitment to workplace violence control. The use of a panic button and enclosed nurses’ stations, locked/coded emergency department entry, security signage and well-lit areas were also associated with lower levels of physical and verbal violence.
An excellent security staff is a critical element in the reduction of workplace violence incidents as well, Michelman adds. “You need well-trained, educated, competent and committed security staff — really professional people who understand the complexities and nuances of healthcare. They should be compensated well and should have excellent benefits. You have to hire the right people for these jobs. This is a very complex environment, and you need very sophisticated skills.
“I look for people who are very smart, who have a compassionate side,” Michelman continues. “They must understand the state that people may be in. (I look for) people that are not easily flustered and don’t take things personally — because sometimes it’s not pleasant to deal with psych patients in the emergency department or upset visitors. I look for people with a strong ability to multitask and who have the ability to de-escalate people, who have negotiating skills and who are creative about understanding the types of risks we face.”
Recognition of Hospitals as Soft Targets
While increased workplace violence is clearly on most hospitals’ minds, other trends have sometimes slipped under the radar. The terrorist threat is one of them. “Hospitals can be soft targets,” says Michelman, who is also a member of the Department of Homeland Security’s Advisory Council. “There are a lot of people in one place, and sometimes they are people others aren’t too happy with. They may be doing research in areas someone doesn’t agree with — there are radical groups against different types of research. Or there may be an individual or a domestic terrorist who believes a particular hospital was responsible for the death or severe injury of a family member.”
In addition, Warren says that hospitals play a crucial role in critical infrastructure, which heightens their target potential. “What happens if you have a bombing in your community followed by an attack on the hospital? That certainly limits your ability to treat the injured, and it adds to the psychological impact of a terrorist attack,” he says. Larger hospitals also contain equipment or radioactive source material that could be converted to weapons, he adds.
Planning for such events must be integrated into strong continuity plans, which all hospitals should test and maintain. “The best advice is to plan for an all-hazards approach, make sure all your plans, regardless of the source of the incident, can be put into effect, and make sure your plans are able to withstand any one of the many threats,” Warren says.
Preventing Data Breaches
Another risk trend many hospitals have clearly left unaddressed or incomplete, is data loss. One might think that the longstanding HIPAA data protection rules would have by now prompted notable advances in the security of private health information, but that doesn’t seem to be the case.
Privacy Rights Clearinghouse (www.privacyrights.org) data shows that the healthcare industry suffered more reported information breaches in 2011 than any other industry category. Ponemon Institute’s Second Annual Benchmark Study on Patient Privacy & Data Security found that the number and frequency of data breaches in healthcare have risen, as has the number of records stolen or lost per breach. Employee mistakes, loss or theft of computing devices, and third-party errors were the three top causes of data breaches, the study found.