LIABILITY MITIGATION MEASURES FOR HCFS
Negligent security claims can be very costly to HCFs in time, money, and negative publicity. Settlements can reach into the hundreds of thousands or even millions of dollars. Litigation costs of defending against such a lawsuit, which often include costs for experts in security, lighting, and other specialized areas, can be equally significant, even if the HCF eventually wins. While it may not be possible to completely prevent a negligent security lawsuit from being filed, HCFs can be proactive in protecting themselves from liability.
Having a well thought out security program in place can help to reduce the risk of claims and increase a HCF’s chances of successfully defending itself against a lawsuit. There are several actions that HCFs can take, among others, to improve the effectiveness of their security program and thus reduce the risk of crimes against patients, visitors and staff, depending on the circumstances. These include:
- Involve All Employees. One of the most effective ways to secure a workplace is to integrate all employees into the security program. All staff should be educated on the HCF’s security program and how the various elements work together to create a safe environment. Staff should also be trained to identify suspicious people and circumstances and how to respond appropriately to them, such as by calling emergency personnel or asking a suspicious person to leave the facility.
- Comply with all Legal Requirements. HCFs should regularly review and comply with all legal requirements. When necessary, organizations should seek the aid of a lawyer to see what security measures they are lawfully required to take.
- Comply with Regulatory Requirements and Industry Standards. Security standards established by CMS, TJC, and DNV must be complied with in order to receive accreditation from these organizations. Healthcare security directors can enlist the help of their Environment of Care personnel to identify shortcomings in the security program that may fall short of CMS, TJC, or DNV requirements.
- Physical Security Measures. HCFs should implement appropriate security measures. Examples of such measures include:
- Warning signs
- Safety lighting, including floodlights
- Motion sensor-controlled lights or alarms
- Security guards
- Alarms
- Locks
- Fencing
- Screening of those who enter the property
- Security cameras or surveillance
- Budget Appropriately for the Security Program. An HCF increases its risk of liability when budget cuts result in reductions in the level of security provided at the facility without a corresponding reduction in the level of security risk. HCFs should identify and correct inconsistencies in security staffing or security systems that are not supported by risk assessment data. Examples of such inconsistences include having security officers on duty at certain times but not others solely to reduce costs or having cameras in one area of the facility but not another for budgetary reasons.
- Be Aware of Local Crime. HCFs must be aware of current crime conditions at the property and in the surrounding community. HCFs risk liability if there have been previous attacks at the property, or if the HCF had reason to know that an attack might occur and did nothing to prevent it. If levels of crime in the surrounding neighborhood increase, there should be corresponding improvements in the facility’s security program. HCFs should be aware of, and provide, a level of security that is equal to or greater than that provided in similar neighboring facilities. It should be noted that criminology studies and related research have generally found that crime in the area may or may not be relevant to the subject property.13
- Pay Attention to All Incidents and Complaints. Security directors need to be tracking all incidents to ensure that security threats are not underreported. HCFs should be tracking and following up on all complaints about crime or security received from staff, patients, or visitors. HCFs may be well served by providing employees with a confidential reporting line or access to an electronic risk management portal to report security and safety issues. Workplace violence threats need to be taken seriously and steps taken to mitigate the risk. For example, if a nurse reports a threat of harm by an estranged husband, an HCF can take steps to prevent a confrontation by alerting security officers, changing the nurse’s shift, or relocating the nurse to another wing or neighboring facility.
- Provide Adequate Warnings. As discussed earlier, an HCF may be able to satisfy its legal obligation to make a known dangerous condition safe by giving a reasonable warning. If an HCF has knowledge of prior criminal activity, it can provide appropriate warnings for people to take proper safety precautions to avoid possible confrontations. In addition, HCFs should avoid representing or overselling the level of security they provide, for example by making statements such as “completely safe” or “crime-free,” or by stating that areas are under “24 Hour Surveillance” when in fact they are not.
- Hire a Security Consultant. HCFs can employ a certified healthcare security consultant who will prepare a comprehensive security analysis. Security consultant reports may be discoverable in a lawsuit, so HCFs may want to consider such a comprehensive study only if they intend to follow the recommendations. If, for example, an HCF decides not to follow a consultant’s recommendations for 24-hour security in a particular area, this may end up attached as an exhibit in a lawsuit.
- Security Officer Documentation and Training. HCFs should not shy away from accountability measures that not only make their own security departments more efficient but can also serve to mitigate specific claims. These measures include:
- Recording radio transmissions
- Recording phone calls to the Security Operations Center
- Use of Computer Aided Dispatch (CAD) systems
- GPS patrol vehicle tracking
- Foot patrol audit systems (e.g. Guard Tour Systems)
- Detailed daily Activity Reports
- Detailed Incident Reports
- Post Orders. Post orders are essential documents that provide guidance on expectations and instructions on performing security duties for each shift and each post. Post Orders may include some or all of the following:
- Reporting on and off duty
- Patrol frequency and locations
- Conducting escorts (if applicable)
- System monitoring (if applicable)
- Visitor management (if applicable)
- Perimeter and sensitive area inspections
- Documentation (Daily Activity Reports and Incident Reports)
- Rotating with other posts (if applicable)
- Security Officer Training. Security officer training is an integral part of the healthcare facility’s security program. The International Association of Healthcare Security and Safety (IAHSS) has published healthcare security best practices. IAHSS also offers a certification program for HCF security personnel.14
(13) IAPSC, Best Practices: Forensic Methodology, 2018.
(14) International Association for Healthcare Security and Safety, Training and Certifications, https://www.iahss.org/page/certifications