Mitigating Risk, Ensuring Staff Safety are Key Healthcare Security Concerns

Mitigating risk, protecting staff and patients loom as top concerns for hospital security leaders

Few will dispute that hospitals and healthcare facilities face some of the most challenging security issues today. Security directors are working with ever decreasing budgets as threats continue to increase. Federal mandates and compliance pressures are forcing new alliances among physical and IT personnel with the end game of ensuring patient and staff privacy.

Security Technology Executive editor-in-chief Steve Lasky talked with four influential healthcare industry security directors to get their take on some of the trends and key issues they see on the horizon.

Joseph V. Bellino, CHPA, is currently the Chief of Police/Director of Security, for the Greenville Health System, Greenville South Carolina. Prior to joining Greenville Health System he served as System Executive for Security and Law Enforcement Services for the Memorial Hermann Healthcare System in Houston Texas. He has been in healthcare leadership positions encompassing Safety, Security, and Emergency Management positions over the past twenty years. His professional memberships include, International Association for Healthcare Security and Safety, for which he has served in leadership positions at the Chapter level and served as Board Member and President of the IAHSS Board of Directors. Currently, he is serving as a board member of the IHSS Foundation.

Bruce Forman, CISO is for UMass Memorial Healthcare, Inc. He is responsible for the protection of electronic patient health information and overall IT security for one of the largest Healthcare providers in Massachusetts. Over the past four years, he has been instrumental in establishing security strategies and an effective IT control environment meeting HIPAA regulatory requirements. He also led the design of extensive IT controls across various processes (audit, application access, and network access). Prior to joining UMass Memorial, Foreman was the Director, Information Security for Genesis Healthcare Corporation.

Scott Jack CPP is the Security Technologies Director for Baylor Scott & White Health. He is responsible for the design and development of the security technology systems and police dispatch for Baylor Scott & White Health. Baylor Scott & White Health is the largest not-for-profit healthcare system in Texas and is also one of the largest in the United States with 43 hospitals, more than 500 patient care sites, more than 6000 active physicians and 34,000 employees. He has been involved in the security field for more than 25 years. He is a member of the American Society of Industrial Security (ASIS International)

James A. Romagnoli is the Vice President and CSO of Protective Services at the North Shore-Long Island Jewish Health System (NSLIJHS). Under Romagnoli’s leadership, the Corporate Security, Public Safety & the Emergency Management Divisions are constantly striving to be an industry leader in the disciplines of Protective Services and Crisis Management. He leads these initiatives in education and research to elevate the quality and efficiency of these services in the NSLIJS.


STE: As a security professional in the healthcare sector, what keeps you up at night?

Bellino: “Did I do everything possible to ensure my staff’s success and safety while performing their security functions? Have I and my team done everything to identify our potential risks and have we put into place proper mitigation strategies.”

Foreman: “The most challenging issue in information security is in not knowing what you don’t know. After all, you can’t develop controls to cover your blind spots if you don’t know that the risks exist.”

Scott: “In the current heath care environment we are seeing mergers and re-alignments with many health care systems. As these new entities move forward together, the disparity of security technology systems requires constant assessment and adjustment. As we approach each new opportunity, we have to continually refine the desired end result. Reviewing varied processes and procedures and ensuring a uniform approach to risk assessment and security process management are the initiatives that are always on my mind.”

This content continues onto the next page...