Access Management

Preventing Healthcare Crime With Access Control and ID

In August 2010, the International Association for Healthcare Security & Safety (IAHSS) published a survey of healthcare security executives which revealed an increase in violent crimes within the reporting hospitals. Comparing survey data from 2004 and 2009, the study indicated that overall crime in hospitals increased by 75 percent. The survey showed a 200-percent increase in four categories of violent crime: rape/sexual assault, robbery, aggravated assault and simple assault. In the five non-violent crime categories surveyed, which account for 76 percent of all the reported crime, burglary, larceny, arson, vandalism and motor vehicle theft, the survey reported a 54 percent increase compared to 2004. 

Is violence within the healthcare industry really increasing at such a rapid rate? There is a trend toward patients being more easily agitated, especially in behavioral health, visitors having less patience and staff that are too tolerant of bad behavior.

How can the healthcare industry reduce the number of violent incidents? One of the easiest and most effective methods is the control of access and the use of identification. 

In the healthcare setting it is not a generally accepted practice to lock entry and exit doors while screening every person that enters a hospital, clinic or doctor’s office. However, if violence continues to increase at its current levels, healthcare institutions may have little choice but to take a harder look at that practice. However, the solution for healthcare is to control access into specific areas within the institution. In a sense, categorizing them based on the services they need and then restricting their access to only those areas that they need to navigate in order to obtain those medical services. The good news is that this process has already begun. Many healthcare institutions have started this process by building separate children’s, cancer and outpatient buildings that are either free-standing or attached to the main hospital but separately housing all the specialty services.

The design of hospitals from now and into the future should focus on access control through the classification or categorization of patients, visitors and staff by treatment or service. However, the problem is that hospital administrators and designers do not see the correlation between this new design philosophy and the security and safety of its users. In reality, the goals of both programs are the same: funneling patients and visitors into buildings or areas in order to provide them with a better clinical experience. Security is part of that positive experience. From a security perspective, patient segregation is one giant step to providing a secure healthcare experience for patients, visitors and staff. By utilizing CPTED techniques and incorporating electronic access control systems, security video, duress alarms and proper security training, the patient experience can be a very positive and secure one.

Additionally, identification can be a positive tool in the securing of healthcare institutions. Many industries, such as the entertainment and hospitality industries, require open access and still maintain an identification program. Having security officers stand around to check IDs or photograph faces might not help to identify potentially problematic persons, although many say it deters problematic persons from even entering the hospital. A better model, may be the authentication of purpose and customer service to help identify those individuals who will commit crimes. It is the problematic people who need to be identified and screened, not the individuals who act appropriately.   

This is known as exception reporting – the identification and handling of outliers or potential problems. Because of the high volume of people that access healthcare institutions each day, the exception model allows patients easy access but focuses on those who are problematic or require special services. Then, screen visitors based on their purpose and allow them access once they have been identified and authenticated. Security passes and the taking of photographs and licenses should be reserved for the exceptions so that security and staff can identify them easily and take the appropriate measures to remove them or service them as the institution requires. Finally, by removing staff from the general access equation and providing them with separate entrances and exits, they can get to work quickly and efficiently without having to be mistakenly identified as an exception. Additionally, security can spend more time with patients and visitors allowing for better authentication and identification of visitors, patients, staff and risks.    

Did you enjoy this article? Click here to subscribe to Security Magazine. 

Recent Articles by Bernard Scaglione

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security magazine February 2015 issue cover

2015 February

In the February 2015 issue of Security Magazine, see what other companies have learned from the massive data breach and what they are doing in the now and in the future. Also, what could adding thermal cameras to your operation do for you? and Mohegan Sun at Pocono Downs prepares for the future with security decisions.
Table Of Contents Subscribe

Tougher Cybersecurity Legislation

On January 20, President Barack Obama called for tougher cybersecurity legislation in his 2015 State of the Union address. Which of the following points do you feel is most needed today?
View Results Poll Archive


CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.