Hospital Security: The Past, The Present, and The Future, Part 2 of 2

Healthcare security consultant Jeff Aldridge examines the need of risk assessments and the hospital security management plan


The hospital security assessment should evaluate a facility beginning in the parking lot and continue all the way to the roof. Some of the components that should be considered are:

  • Geographical Location (Inter-City, Suburb, Rural)
  • Physical Design and layout of campus and surrounding property
  • Number of uncontrolled access points into and out of the Facility
  • Criminal Demographics surrounding the hospital and campus
  • Security Incident data within the hospital as well as incidents on campus
  • Level of physical security protection.
  • Previous Security Sentinel Events
  • Quality of the Security Department and Security Management Program
  • Employee Security Awareness associated with on-going educational programs
  • Administration and Management Support
  • Patient, Staff, Employee, vendor, and visitor identification
  • Emergency Department Security
  • Violence in the Workplace issues, (Clinical and other locations)
  • Birthing Center Security
  • Pediatric Security
  • Pharmacy
  • Employee Education
  • Patient Education

Security Sensitive Areas

The Joint Commission requires that healthcare facilities identify security sensitive locations within the hospital that may require unique security protection. Sensitive locations require special training, additional physical protection, and policy / procedures specific to the location identified.

Sensitive locations include, but may not be limited to:

  • Birthing Center (Maternity, Nursery, L&D, Postpartum)
  • Pediatrics
  • Emergency Department
  • Psychiatry (Inpatient)
  • Psychiatry (Outpatient)
  • Radiation Therapy
  • Nuclear Medicine
  • Pharmacy
  • Medical Records
  • Information Services
  • Human Resources
  • Surgical Services (Operating Room)
  • Food Services

Physical protection may include but is not limited to:

  • CCTV
  • Time delay lock & alarm system
  • Panic Alarms
  • Special Locks
  • Protective Barriers
  • Security Presences
  • Dedicated Security Patrols

Unique policies include, but may not be limited to: access control, visitation, identification procedures, information security, and patient privacy.

Sensitive areas should identified with a Risk Value Rating 1-5, where:

1 = No Risk or not applicable
2 = Minimal Risk
3 = Moderate Risk of Injury / theft
4 = Significant Risk without history of injury / theft
5 = Significant Risk with history of injury / theft

Access Control

We have already established that, for the most part, criminal assaults which occur within our hospitals are perpetrated by persons not authorized to be there. Access control is designed to insure that only authorized persons are allowed to enter and leave the hospital. It is imperative that everyone having a legitimate reason for requesting entry into a hospital be appropriately identified. By the same token, controlling access out of the hospital is just as important. For example, infant abductors have been granted access into hospitals as authorized visitors, but after abducting a baby they escape capture by NOT using authorized / controlled exits. Unauthorized persons perpetrating other acts of crime in hospitals including criminal assaults, rape, murder, and theft will immediately look for the closest escape route, which is usually an unlocked emergency egress.

The public should be educated and directed to use an entrance that is dedicated to patients, visitors, and guest. A separate entrance should be dedicated to employees and staff. Control all employee, staff, and doctor entrances using card access. Issue a visitor’s badge to visitors, contractors, volunteers, and students. Require the vendor’s badge to be returned and the vendor to sign-in and out of the facility.

Emergency Egress /Locks & Alarms