Avoiding duress device pitfalls

Best practices organizations should implement when using duress technology


Lack of sufficient attention to how duress devices are used and maintained has always been a risk factor, but it now has greater seriousness for those organizations that have seen their risks increase relating to aggression.  Any location where a disgruntled individual may appear - whether employee, customer or visitor - requires full consideration of the people, process and technology aspects of risk reduction and protection.

Duress devices are often known by other names that most specifically depict their usage, including panic buttons, hold-up buttons, medical or emergency alert buttons, watches, pendants, and bracelets. Access control and alarm systems also have keypad duress features that allow an individual to enter a code indicating that the person is under the direction of an intruder or that an attacker is present.

Dangers and Liabilities

Over the past year I have conducted walkthrough inspections of a number of facilities and found duress devices that had not been tested since originally installed and also some that were damaged, missing or simply considered non-operational. High risk facilities such as airports and banks usually test their alert devices at least once per day. Many retail and other organizations do have policies and procedures about testing duress devices, but there are still plenty of organizations do not regularly test them.

But device testing is not enough to fully address the risks involved—which include both personal and organizational liabilities—in duress situations.

Except for high risk facilities, in our facility walkthroughs few or no personnel who had been provided with duress devices could describe exactly what was supposed to happen when they activated the device, and some individuals had completely wrong expectations. These personnel had not received any training in how they should respond to the types of threats that they may encounter or what to do after activating the duress signal.

Liability situations include:

  • A device that doesn’t work
  • Someone who doesn’t know how to use a working device
  • Someone who doesn’t know what to do after sending a duress signal
  • Someone who counts on rescue activity that will not occur
  • Responses to the duress call (human or technological) that further enrage a hostile attacker or otherwise put the at-risk individual in greater danger
  • Someone who applies training from a previous organization or facility that is not appropriate for  the current organization or location
  • Response teams who are put at risk because they don’t have appropriate training
  • Responders who have no situational awareness enabled for them

There are several concerns with regard to procedures and training including minimizing the risk to at-risk employees (both the initial at-risk individual and duress call responders); enabling employees to de-escalate if possible and to avoid escalating the situation; and liability to the company.  A security supervisor’s perspective on liability for actions taken can be found in this article about employer liability. The company’s chief legal officer or general counsel should be consulted with regard to the legal risks involved.

There is also the risk of not having a duress device where there should be one. Most duress devices are installed when an access control or alarm monitoring system is installed. Many years can go by without reevaluating the risk picture to determine if additional duress coverage is warranted.

Duress System Design

As used here, the term "duress system design" refers to both technology design and the plan for how the technology is to be used. Such a plan is the basis for the written guidance and procedures that should be developed, and the training that incorporates drills and exercises to teach how to apply the guidance and procedures.

Implementing the full design (people, process and technology) ideally would result in:

This content continues onto the next page...