SECURITY POLICY. Written By: Security Management Action Group. Authorised By: Chief Executive. Date: November Date: 18 th November 2014

Transcription

1 SECURITY POLICY Document Author Written By: Security Management Action Group Date: November 2014 Authorised Authorised By: Chief Executive Date: 18 th November 2014 Lead Director: Executive Medical Director Effective Date: 18 th November 2014 Review Date: 17 th November 2017 Approval at: Policy Management Group Date Approved: 18 th November 2014 Version 8 Page 1 of 32

2 DOCUMENT HISTORY (Procedural document version numbering convention will follow the following format. Whole numbers for approved versions, e.g. 1.0, 2.0, 3.0 etc. With decimals being used to represent the current working draft version, e.g. 1.1, 1.2, 1.3, 1.4 etc. For example, when writing a procedural document for the first time the initial draft will be version 0.1) Date of Issue Version No. Date Approved Director Responsible for Change Nature of Change Ratification / Approval 29 Mar Mar 12 Director of HR Logo and wording updated for new organisation 30 Oct Director of HR Amended to reflect changes in NHSLA standards Nov Director of HR Ratified at Risk Management Committee 14 Dec Director of HR Ratified at Policy Management Group 17 Dec Dec 12 Director of HR Approved by Executive Board 25 Jul Compliance officer 28 Jul Head of Corporate Governance 17 Sep Assistant Director Health & Safety & Security 29 Sep Assistant Director Health & Safety & Security 15 Oct Assistant Director Health & Safety & Security 18 Nov Nov 14 Assistant Director Health & Safety & Security Amended wording Amended wording Ratified at Risk Management Committee Ratified at Security Management Advisory Group Ratified at Health and Safety Committee Approved by Policy Management Committee NB This policy relates to the Isle of Wight NHS Trust hereafter referred to as the Trust. Version 8 Page 2 of 32

3 Contents Page 1. Executive Summary 4 2. Introduction 5 3. Scope 5 4. Purpose 6 5. Roles and Responsibilities 6 6. Policy detail / course of action 8 7. Lockdown Procedure 9 8. Consultation 9 9. Implementation / Training / Awareness Dissemination Process Committee / Reporting Structure Departmental Arrangements Equality Analysis Review and Revision arrangements Monitoring Compliance and Effectiveness Links to Other Trust Policies / Documents References Disclaimer 14 Appendices: A Checklist for the development and approval of controlled 15 Documentation B Impact assessment forms on policy implementation (including 18 checklist) C Equality analysis and action plan 21 D Security Risk Assessment Procedure for Managers 24 E Security Risk Assessment Form 25 Version 8 Page 3 of 32

4 1. EXECUTIVE SUMMARY Security means providing for the protection and safety of all persons interacting in the delivery of healthcare, and safeguarding the Trust and personal assets against theft, fraud, damage and disruption. Fraud is dealt with in the Trust Counter Fraud and Corruption Policy which can be found on the Trust Policy site. The National Health Service (NHS) is Europe's largest employer, employing more than one million staff. NHS staff have, along with patients and visitors, the right to expect a safe and secure workplace and NHS organisations have a legal and ethical duty to do their utmost to prevent staff and others from being assaulted or abused in the course of their work. The British Crime Report, however, found that nurses are up to four times more likely to experience work-related violence and aggression than other workers. NHS Protect is an arms-length organisation set up by the Department of Health to overview and support security within the NHS. Its main aims are to identify problems and assess risks, to develop a secure strategy, create an effective structure, undertake specific action areas and develop improvements to protect the NHS. Generic actions will include engendering a pro-security culture deterring security incidents and breaches, preventing security incidents and breaches, detecting security incidents and breaches, investigating security incidents and breaches in a professional objective and fair manner, ensuring lessons are learned and systems organised which fit into the policy development and revision to prevent further breaches. Applying a wide range of sanctions where necessary and appropriate and seeking redress to ensure that funds are put back into the NHS for improvement of clinical care. To this end, all NHS organisations must have a designated Executive Director or officer member to lead on security management work. This Director will be the Executive Medical Director and will carry the remit of Security Management Director (SMD) and a Local Security Management Specialist (LSMS). This must be a suitable person(s) to pass on the required training and undertake the day-to-day role of Security Management for the Trust. The Isle of Wight NHS Trust is a complex organisation. Whilst not particularly large in size, it encompasses all the disciplines within the NHS. It has been recognised that, because of the complexities, Local Security Management Specialists need to cover Mental Health services as well as all general services and therefore the Trust has two dedicated Local Security Management Specialists to ensure that all elements of the service are adequately supported. This policy establishes the basic principles of security within the Trust and is supported by related Policy, Guidelines and Protocols. Version 8 Page 4 of 32

5 2. INTRODUCTION 2.1 Security means providing for the protection and safety of all persons interacting in the delivery of healthcare, and safeguarding the Trust and personal assets against theft, fraud, damage and disruption. 2.2 The Trust s Risk Management Strategy and Policy and the Care Quality Commission (CQC) require, as far as is reasonably practicable, provisions for a secure working environment, and seek to ensure:- The personal safety, at all times, of patients, clients, staff, volunteers and visitors. The protection of property against fraud, theft and damage. The awareness of staff regarding security arrangements within the Trust, and their specific working areas. The smooth and uninterrupted delivery of health and community care. Compliance with current legislation including the Human Rights Act. 2.3 It is recognised that in order for a to succeed, management at all levels must strive to gain the commitment of staff to the implementation of the Policy. 2.4 The basic principles of security within the Trust will be:- To develop a pro-security culture among staff, professionals and patients to raise awareness and encourage them to report security incidents. To use case studies to raise awareness of those who have or for those who are minded to be dishonest or violent towards the Trust staff, patients and property; both of the consequences of their actions to themselves and others, to assist in deterrence of further incidents. To deny the opportunity for crime and to deter criminal activity, as far as possible. To detect crime when it is committed, working with the Police and the CPS (Crown Prosecution Service), to ensure a national approach to the investigation of security incidents. To respond effectively to incidents and security related events. To record, report and analyse security-related incidents/trends in order to seek improvements and reduce risk. To raise the profile of safety and security across the Trust in order to build staff confidence and encourage personal responsibility. To promote the Trust s policy on Zero Tolerance of abuse against Trust staff. To ensure the full range of possible sanctions is considered when dealing with offenders and to obtain redress in appropriate cases. 3. SCOPE 3.1 This policy will cover all premises owned or operated by the Trust and all staff working on Trust premises, or under arrangements with GPs or in the Community/ Patients homes. The Trust increasingly works with other organisations and agencies and will ensure co-operation between relevant bodies and their staff on safety and security issues. Version 8 Page 5 of 32

6 4. PURPOSE 4.1 The development of a pro-security culture is integral to security management work as it underpins all other areas of generic action that follow. A pro-security culture amongst staff, professionals, patients, visitors and other members of the public is one in which the responsibility for security is accepted by all, and the actions of a small anti-social minority who breach security are not tolerated. In essence, building a pro-security culture is about raising awareness by communicating to staff and members of the public the necessity of being vigilant and reporting incidents and ensuring that all are aware of the procedures in place to deal with security-related incidents. A key element of the pro-security culture is encouraging staff to take an active part in ensuring a safe and secure environment within the NHS. This is usually best done through practical measures such as inductions, newsletters and lessons learned; regular updates and briefings on security matters. 5. ROLES AND RESPONSIBILITIES 5.1 Chief Executive: The overall responsibility for security within the Trust rests with the Chief Executive, who must ensure that the right policies, procedures and systems are in place and kept under review. 5.2 Security Management Director (SMD): Executive Medical Director is the lead for security management at Board level. This is to ensure the monitoring of and compliance with Secretary of State Directions and subsequent guidance; and also to fulfil the requirements of NHS Protect in relation to measures taken to provide for effective Security Management. 5.3 Executive Director of Transformation and Integration: Physical Security, Environmental Security (to include CCTV, External/ Internal Monitoring and Maintenance, Alarms and Security Management Contractor covering Car Parking and Security Guards. 5.4 Executive Director of Finance: Financial Security, Counter Fraud. 5.5 FT Programme Director/ Company Secretary: Information Security. 5.5 Executive Directors/ Clinical Directors/ Associate and Assistant Directors are responsible through their management structure for: Ensuring compliance with this policy and associated policies throughout their areas of responsibility. Ensuring that thorough risk assessments, specifically focusing on maintaining a secure environment along with the physical security of premises and assets, are included within their directorate s risk assessment processes. Ensuring the appropriate provision of resources and training is made available to address the outcomes of assessments or incident investigations. The Trust will attach a high priority to supporting investments put forward as a result of the risk assessment process, whilst recognising the financial constraints of the Trust. Version 8 Page 6 of 32

7 5.6 Local Security Management Specialists (LSMS) are responsible for: Providing support, advice and guidance to all staff in measures to deal with Security Management. Ensuring the SMD and Executive Director of Nursing and Workforce (NED) are kept fully informed on issues relating to physical security management which may affect the Trust, its staff, service users or the levels of service which it offers. Acting as a central point of contact within the Trust for the Police in respect of security management. This is to ensure that relevant information is communicated and effective action is taken, both in the detection and prevention of crime and disorder. Reviewing incidents relating to physical security matters and providing reports on trends and security management performance. Monitoring effectiveness of any local physical security arrangements. Supporting managers to carry out risk assessments with training and expertise. Supporting and training managers with their action plans derived out of risk assessments as is necessary to protect people and property. Working collaboratively with the Education, Development and Training Department, to ensure that effective training in the protection of assets and general security is available to all. Staff and volunteers who require training as identified within the Trust s training needs analysis. Working collaboratively with the Trust Local Counter Fraud Specialist when necessary in accordance with standing financial instructions and the Counter Fraud and Corruption Policy. Complying with NHS Protect requirements to attend regional meetings, and to supply work plans and end of year reports. 5.7 Ward/Team/Departmental/Site Managers are responsible through their management structure for: Ensuring suitable and sufficient security risk assessments regarding the physical security of premises and assets are carried out within their ward/department. (See Appendices D and E). On an annual basis or when there is a change of service or environment, all services are required to review the local security arrangements by using the Trust Risk Assessment Information Pack. Managing their wards, teams and departments to ensure that local security arrangements contribute to a secure environment. Providing support and advice to staff following notification of an adverse event or security incident. Ensuring that all staff adhere to the Trust incident reporting policy and procedures. Liaising with the Trust LSMS to ensure incidents are investigated and appropriate action arising from the investigations is taken. Version 8 Page 7 of 32

8 Links to other groups: 5.8 Security Management Advisory Group (SMAG): Meetings will be at least four times a year and normally held bi-monthly to ensure that there are effective security management processes and risk assessments in place to comply with legislation and national guidance and are responsible for: Ensuring the development and support of departmental action plans. Monitoring staff security and personal safety training. Integrating actions when trends are identified. Approving the LSMS work plan. Approving the Security Management annual report for the Board. Discussing any other matter relevant to security management work in accordance with legislative requirements and ensuring appropriate bodies are informed of change. Monitoring the effectiveness of all security management arrangements in the Trust. 5.9 Risk Management Committee (RMC) are responsible for: Ensuring that there are effective security management processes in place within the corporate and locality services. Ensuring that the actions identified in the Trust s risk register for physical security management are rolled out across all services and locations. Meeting bi-monthly to review security incidents and issues and monitor the implementation of this policy. Receiving and acting upon what is escalated from the SMAG Group All Staff are responsible for: Co-operating in measures and procedures to ensure the provision of a secure environment. Reporting all adverse events and suspicions to their line manager and completing an incident report form as appropriate in accordance with Trust procedures. Having due regard to their own security as well as that of other members of staff, service users and visitors by the proper use of all security facilities such as locks and alarms. Attending or undertaking appropriate mandatory training. 6. POLICY DETAIL / COURSE OF ACTION This policy sets out the principles and arrangements on which the Trust bases their commitment to security. The intention of the policy is: 6.1 To ensure arrangements are in place to reduce the amount of crime within the Trust s premises by identifying/defining problems, assessing action required, minimising risk and implementing effective procedures. 6.2 To provide a process for the prevention and management of violence and aggression in line with national guidance for the Security Management Service. Version 8 Page 8 of 32

9 6.3 To raise awareness of security matters, and to ensure staff are informed, educated and trained appropriately. 6.4 To provide a framework within which the Trust Security Action Plan will be developed, alongside Directorate and Departmental Security Procedures and Plans. 6.5 To formalise the procedures for reporting and recording of security incidents and where appropriate report to NHS Protect. 6.6 To review national initiatives and ensure local application of instructions from NHS Protect. 6.7 To monitor the implementation and effectiveness of security procedures through the Security Management Advisory Group. 7. LOCKDOWN PROCEDURE 7.1 Lockdown is the process of preventing freedom of entry, exit and movement around a Trust site or other specific Trust building/area, in response to an identified risk, threat or hazard that might impact upon the security of patients, staff and assets or indeed the capacity of that facility to continue to operate. 8. CONSULTATION 8.1 The authors have sent this policy to all attendees of the following meetings: SMAG, RMC and the H&S and Security Committee. There have been some minor grammatical changes suggested which have been incorporated. However there has been no rejection of any part of the policy intention or process. The acceptance of this policy will be recorded in the minutes at the next meeting of each of these forums. 9 IMPLEMENTATION / TRAINING / AWARENESS 9.1 The Trust will develop a workplan aimed at Crime Prevention and Reduction Programme in accordance with the NHS Protect advice on Crime Prevention as a cornerstone of the and all staff should be involved. 9.2 Managers of wards and departments will carry out their departmental risk assessment PART 1 Layout and personal security PART 2 Physical / document security PART 3 Awareness / procedure / training PART 4 Access control and will, when a security risk is identified follow The Ten Principles of Crime Prevention Target hardening Target removal Remove means to commit crime Version 8 Page 9 of 32

10 Reduce the payoff Access control Visibility and surveillance Environmental design Rule setting Increase the chance of being caught Detecting offenders 9.3 The LSMS will aid managers to reduce the risk of security related incident by lowering the likelihood and /or the severity of the security related incident. 9.4 Training Provision: an induction training programme for staff is already in place, including Five Core Security Aims which covers these six points below:- How best to protect patients How best to guard staff against assault and theft of personal belongings What staff are expected to do to safeguard property belonging to patients When and in what circumstances to call the Police The scale of the crime problem What is being done to reduce crime 9.5 All front-line staff, according to Risk, will be trained in Conflict Resolution (CRT) which conforms to the national syllabus which has been developed in conjunction with, and is supported by Unison, Royal College of Nursing and the British Medical Association. Ongoing refresher training will be established on a three yearly programme to ensure update and enforcement in Confict Resolution Practice. 9.6 In addition to CRT training, breakaway techniques will also be given to high risk areas indentifed by risk assessment, such as Ambulance, Emergency Department and MAAU. 9.7 Where the use of physical intervention has been identified, appropriate control and safety handling techniques will be used by appropriately trained staff, to General Services Association techniques. 9.8 This does have a mandatory training requirement which is detailed in the Trust s Mandatory Training Needs Analysis and is reviewed on a yearly basis. The above can also be accessed for non-mandatory groups at the request of managers to support good practice. 9.9 The Trust will do everything reasonably practicable to protect staff from the danger of assault and to prevent their property being stolen. This will include:- Providing adequate security lighting and CCTV. Providing protection devices, as necessary. Providing victim support counselling via Occupational Health. Liaising closely with local police services. Providing training and development courses within the annual programme and ensuring staff are given time off to attend training appropriate to their needs and working environment. Version 8 Page 10 of 32

11 Implementing outcomes of Security Risk Assessments to ensure security risks are reduced to an acceptable level. This will be monitored by Secuity Management Advisory Group (SMAG). Provide a Security Response to any incident deemed necessary, via an agreement with the CP Plus Car Parking Management Group and their trained employees. 10. DISSEMINATION PROCESS 10.1 When approved this document will be available on the Intranet and will be subject to document control procedures. Approved documents will be placed on the Intranet within five working days of date of approval once received by the Risk Management Team When submitted to the Risk Management Team for inclusion on the Intranet this document will have fully completed document details including version control. Keywords and description for the Intranet search engine will be supplied by the author at the time of submission Notification of new and revised documentation will be issued on the front page of the Intranet, through e-bulletin, and on staff notice boards where appropriate. Any controlled documents noted at the Trust Executive Committee will be notified through the e-bulletin Staff using the Trust s intranet can access all procedural documents. It is the responsibility of managers to ensure that all staff are aware of where, and how, documents can be accessed within their areas of work It is the responsibility of each individual who prints a hard copy of any document to ensure that the printed hardcopy is the current version. Current versions are maintained on the Intranet. 11. COMMITTEE/REPORTING STRUCTURE 11.1 In accordance with the Care Quality Commission s essential standards of quality and safety, a committee structure has been put in place in order to ensure all aspects of security are appropriately managed and reported throughout the Trust, leading to the Trust s Board. 12. DEPARTMENTAL ARRANGEMENTS 12.1 In addition, Clinical Directors, Associate Directors and Heads of Clinical Services will be responsible for:- Arranging the dissemination of this policy document to all relevant members of staff. Whilst the main access route would be via the Trust policy intranet web page the provision must be made for those without access. Version 8 Page 11 of 32

12 The production of local procedures and arrangements for security within their respective areas of responsibility. These procedures should define the responsibilities and duties of all levels of staff within each department. Ensuring Security Risk Assessments are undertaken for all areas, to an agreed programme in accordance with the security risk assessment procedures. The Action Plan will be monitored by the Security Management Advisory Group (SMAG). 13 EQUALITY ANALYSIS 13.1 This procedure has undergone an equality analysis. Please refer to Appendix C. 14. REVIEW AND REVISION ARRANGEMENTS 14.1 This document will be reviewed no later than every three years, or earlier if necessary, by the Security Management Action Group (SMAG), should any change occur which affects the implementation or process of the policy 15. MONITORING COMPLIANCE AND EFFECTIVENESS 15.1 The compliance to this policy will be measured by the Security Management Advisory Group (SMAG) and an end of year Security Report will be submitted to the Health & Safety Committee which will monitor that the needs of the Trust in relation to security are met. Version 8 Page 12 of 32

13 16. LINKS TO OTHER TRUST POLICIES/DOCUMENTS 16.1 In addition to this overall Policy, the Trust is developing a framework of security policies and procedures including:- Security Risk Assessment Procedure Risk Pack Assistant Director, Health & Safety and Security Appendix to this document Patients Property Policy Risk Administrator Department Policy File. Policy Intranet site Safety Guidance for dealing with Bombs, and similar Risks or Threats Assistant Director, Health & Safety and Security/ Local Security Management Health & Safety and Security File Guidance on Intranet Specialist Transport Policy / Drivers Integrated (PTS & Fleet) Policy Intranet site Handbook Missing Patients Policy Offensive Weapons Guidelines Information Governance Risk Policy Misuse of Alcohol and Drugs Patients Guideline Management of Violence & Aggression Guidelines Transport Manager Head of Corporate Governance & Risk Management Assistant Director, Health & Safety and Security Information Governance Manager Local Security Management Specialist Local Security Management Specialist Department Policy File. Policy Intranet site Health & Safety and Security File Guidance on Intranet Department Policy File. Policy Intranet site Health & Safety and Security File Guidance on Intranet Health & Safety and Security File Guidance on Intranet Withdrawal of Care Deputy Director of Nursing Department Policy File. Policy Intranet site Lone and Isolated Worker Policy Local Security Management Specialist/ Assistant Director, Health & Safety and Security File Guidance on Visits by VIPs and Celebrities CCTV Protocol Counter Fraud and Corruption Policy Risk Assessment Information Pack Health & Safety and Security Assistant Director, Health & Safety and Security/ Head of Communications Local Security Management Specialist/ Assistant Director, Health & Safety and Security Local Counter Fraud Specialist Head of Corporate Governance & Risk Management Guidance on Intranet In production In production Policy Intranet site Guidance on Intranet 16.2 The Trust is totally committed to maintaining an honest, open and well- intentioned culture and is therefore dedicated to the elimination of any fraud within the Trust If Fraud or Corruption is suspected please report to the following: Local Counter-Fraud Specialist Director of Finance National Fraud and Corruption reporting line on Version 8 Page 13 of 32

14 16.4 Please refer to the Trust s Fraud and Corruption Policy and Reporting Procedure for details, the policy is available on the Counter Fraud Intranet Page This action will ensure that the Trust is demonstrating every effort to Countering Fraud. 17. REFERENCES Health and Safety at Work etc Act 1974 Available from Reporting of Injuries Diseases and Dangerous Occurrences Regulation 1995 Available from Health & Social Care Act 2008 Essential Standards of Quality and Safety Care Quality Commission Available at DISCLAIMER It is the responsibility of all staff to check the Trust intranet to ensure that the most recent version/ issue of this document is being referenced Version 8 Page 14 of 32

15 Appendix A CHECKLIST FOR THE DEVELOPMENT AND APPROVAL OF CONTROLLED DOCUMENTATION To be completed and attached to any document when submitted to the appropriate committee for consideration and approval. Title of document being reviewed: Y/N/ Unsure 1. Title/Cover Is the title clear and unambiguous? Does the title make it clear whether the controlled document is a guideline, policy, protocol or standard? 2. Document Details and History Have all sections of the document detail/history been completed? 3. Development Process Is the development method described in brief? Are people involved in the development identified? Do you feel a reasonable attempt has been made to ensure relevant expertise has been used? 4. Review and Revision Arrangements Including Version Control Is the review date identified? Is the frequency of review identified? If so, is it acceptable? Are details of how the review will take place identified? Does the document identify where it will be held and how version control will be addressed? 5. Approval Does the document identify which committee/group will approve it? If appropriate have the joint Human Resources/staff side committee (or equivalent) approved the document? 6. Consultation Do you have evidence of who has been consulted? 7. Table of Contents Has the table of contents been completed and checked? 8. Summary Points Have the summary points of the document been included? 9. Definition Is it clear whether the controlled document is a guideline, policy, protocol or standard? 10. Relevance Has the audience been identified and clearly stated? Comment s Version 8 Page 15 of 32

16 Title of document being reviewed: 11. Purpose Are the reasons for the development of the document stated? 12. Roles and Responsibilities Are the roles and responsibilities clearly identified? 13. Content Is the objective of the document clear? Is the target population clear and unambiguous? Are the intended outcomes described? Are the statements clear and unambiguous? 14. Training Have training needs been identified and documented? 15. Dissemination and Implementation Is there an outline/plan to identify how this will be done? Does the plan include the necessary training/support to ensure compliance? 16. Process to Monitor Compliance and Effectiveness Are there measurable standards or Key Performance Indicators (KPIs) to support the monitoring of compliance with and effectiveness of the document? Is there a plan to review or audit compliance within the document? Is it clear who will see the results of the audit and where the action plan will be monitored? 17. Associated Documents Have all associated documents to the document been listed? 18. References Have all references that support the document been listed in full? 19. Glossary Has the need for a glossary been identified and included within the document? 20. Equality Analysis Has an Equality Analysis been completed and included with the document? 21. Archiving Have archiving arrangements for superseded documents been addressed? Has the process for retrieving archived versions of the document been identified and included within? 22. Format and Style Y/N/ Unsure Comment s Version 8 Page 16 of 32

17 Title of document being reviewed: Does the document follow the correct style and format of the Document Control Procedure? 23. Overall Responsibility for the Document Is it clear who will be responsible for co-ordinating the dissemination, implementation and review of the documentation? Committee Approval Y/N/ Unsure Comment s If the committee is happy to approve this document, please sign and date it and forward copies for inclusion on the Intranet. Name Committee Print Name of Date Signature of Chair Version 8 Page 17 of 32

18 Appendix B IMPACT ASSESSMENT ON DOCUMENT IMPLEMENTATION Summary of Impact Assessment (see next page for details) Document title SECURITY POLICY VERSION 7.0 Totals WTE Recurring Non Recurring Manpower Costs Nil Nil Training Staff Nil Nil Equipment & Provision of resources Nil Nil Summary of Impact: The impact of this Policy remains the same as Version 6.0. Risk Management Issues: Benefits / Savings to the Trust: Ensures legal compliance. Equality Impact Assessment Has this been appropriately carried out? YES / NO Are there any reported equality issues? YES / NO If YES please specify: Use additional sheets if necessary. IMPACT ASSESSMENT ON POLICY IMPLEMENTATION Version 8 Page 18 of 32

19 Please include all associated costs where an impact on implementing this policy has been considered. A checklist is included for guidance but is not comprehensive so please ensure you have thought through the impact on staffing, training and equipment carefully and that ALL aspects are covered. Manpower WTE Recurring Non-Recurring Operational running costs Additional staffing required - by affected areas / departments: Totals: Nil Nil Staff Training Impact Recurring Non-Recurring Affected areas / departments e.g. 10 staff for 2 days Totals: Nil Nil Equipment and Provision of Resources Recurring * Non-Recurring * Accommodation / facilities needed Building alterations (extensions/new) IT Hardware / software / licences Medical equipment Stationery / publicity Travel costs Utilities e.g. telephones Process change Rolling replacement of equipment Equipment maintenance Marketing booklets/posters/handouts, etc Totals: Nil Nil Capital implications 5,000 with life expectancy of more than one year. Funding /costs checked & agreed by finance: Signature & date of financial accountant: Funding / costs have been agreed and are in place: Signature of appropriate Executive or Associate Director: Version 8 Page 19 of 32

20 IMPACT ASSESSMENT ON DOCUMENT IMPLEMENTATION - CHECKLIST Points to consider Have you considered the following areas / departments? Have you spoken to finance / accountant for costing? Where will the funding come from to implement the policy? Are all service areas included? o Ambulance o Acute o Mental Health o o Community Services, e.g. allied health professionals Public Health, Commissioning, Primary Care (general practice, dentistry, optometry), other partner services, e.g. Council, PBC Forum, etc. Departments / Facilities / Staffing Transport Estates o Building costs, Water, Telephones, Gas, Electricity, Lighting, Heating, Drainage, Building alterations e.g. disabled access, toilets etc Portering Health Records (clinical records) Caretakers Ward areas Pathology Pharmacy Infection Control Domestic Services Radiology A&E Risk Management Team / Information Officer responsible to ensure the policy meets the Trust s approved format Human Resources IT Support Finance Rolling programme of equipment Health & safety/fire Training materials costs Impact upon capacity/activity/performance Version 8 Page 20 of 32

21 EQUALITY ANALYSIS AND ACTION PLAN Appendix C (This template should be used when assessing services, functions, policies, procedures, practices, projects and strategic documents) Step 1. Identify who is responsible for the equality analysis. Name: Role: Connie Wendes Assistant Director Health and Safety and Security Other people or agencies who will be involved in undertaking the equality analysis: Local Security Management Specialist Robert Jubb Step 2. Establishing relevance to equality Show how this document or service change meets the aims of the Equality Act 2010? Equality Act General Duty Eliminates unlawful discrimination, harassment, victimization and any other conduct prohibited by the Act. Advance equality of opportunity between people who share a protected characteristic and people who do not share it Foster good relations between people who share a protected characteristic and people who do not share it. Step 3. Relevance to Equality Act General Duties Legal discrimination may be overridden by general duties under the Health and Safety Legislation. N/A N/A Scope your equality analysis What is the purpose of this document or service change? Who will benefit? What are the expected outcomes? Why do we need this document or do we need to change the service? Relevance Protected Groups Staff Service Users Wider Community Age N/A N/A N/A Gender Reassignment N/A N/A N/A Race N/A N/A N/A Sex and Sexual Orientation N/A N/A N/A Religion or belief N/A N/A N/A Disability N/A N/A N/A Marriage and Civil Partnerships N/A N/A N/A Human Rights N/A N/A N/A Pregnancy and Maternity N/A N/A N/A Scope Health and Safety of the healthcare services provided by the Trust, including the safety of staff, patients and the public. All of the above Healthy and safe working environment. Statutory requirement and good practice. Version 8 Page 21 of 32

22 It is important that appropriate and relevant information is used about the different protected groups that will be affected by this document or service change. Information from your service users is in the majority of cases, the most valuable. Information sources are likely to vary depending on the nature of the document or service change. Listed below are some suggested sources of information that could be helpful: Results from the most recent service user or staff surveys. Regional or national surveys Analysis of complaints or enquiries Recommendations from an audit or inspection Local census data Information from protected groups or agencies. Information from engagement events. Step 4. Analyse your information. As yourself two simple questions: What will happen, or not happen, if we do things this way? What would happen in relation to equality and good relations? In identifying whether a proposed document or service changes discriminates unlawfully, consider the scope of discrimination set out in the Equality Act 2010, as well as direct and indirect discrimination, harassment, victimization and failure to make a reasonable adjustment. Findings of your analysis Description No major change Your analysis demonstrates that the proposal is robust and the evidence shows no potential for discrimination. Adjust your document or This involves taking steps service change proposals to remove barriers or to better advance equality outcomes. This might include introducing measures to mitigate the Continue to implement the document or service change potential effect. Despite any adverse effect or missed opportunity to advance equality, provided you can satisfy yourself it does not unlawfully discriminate. Stop and review Adverse effects that cannot be justified or mitigated against, you should consider stopping the proposal. You must stop and review if unlawful discrimination is identified Justification of your analysis This Policy supports national guidance, good practice and legal process. Version 8 Page 22 of 32

23 5. NEXT STEPS 5.1 Monitoring and Review. Equality analysis is an ongoing process that does not end once the document has been published or the service change has been implemented. This does not mean repeating the equality analysis, but using the experience gained through implementation to check the findings and to make any necessary adjustments. Consider: How will you measure the effectiveness of this change When will the document or service change be reviewed? Who will be responsible for monitoring and review? What information will you need for monitoring? Incident Reports How will you engage with stakeholders, staff SMAG/ RMC and service users Monitoring of the Policy is contained in the document above and the equality issues will be monitored as an integrated part of this process. 2017, or if change occurs that affects the function of the policy. Security Management Advisory Group 5.2 Approval and publication The Trust Executive Committee / Policy Management Group will be responsible for ensuring that all documents submitted for approval will have completed an equality analysis. Useful links: Under the specific duties of the Act, equality information published by the Trust should include evidence that equality analyses are being undertaken. These will be published on the Trust s Equality, Diversity and Inclusion website. Equality and Human Rights Commission Version 8 Page 23 of 32

24 SECURITY RISK ASSESSMENT PROCEDURE FOR MANAGERS Appendix D In order to facilitate the Security Risk Assessment Process, you will need to divide your management area into logical service areas or units, and then assess and rate each area for possible security threats. Firstly, discuss with staff in each area, any security measures already in place and assess these for effectiveness and currency. Any strengths and weaknesses should be identified by the risk assessment process and local action plans for managing and/or treating these risks can then be developed. Use the assessment process to identify issues which are critical or sensitive to the operation of the department/ service/area, which if lost or threatened would affect the ability of the service to function give consideration to people (staff, patients, visitors) equipment, information, utilities, consumables etc. When the assessment is complete, you should have a prioritised list of actions to take forward. Depending on the risk assessment scores, you will then need to determine which actions you can manage/ implement locally: which you should report to your general/operational manager and which you should report via the Risk Management Office, for inclusion in the Trust s Risk Register (Scores in the red zone). You should now complete the following Security Risk Assessment Forms to determine what level of action needs to be taken. Advice can be obtained from the Local Security Management Specialist. Connie Wendes Local Security Management Specialist Version 8 Page 24 of 32

25 SECURITY RISK ASSESSMENT FORM Appendix E CARE GROUP/DIRECTORATE WARD/DEPARTMENT/SERVICE SECURITY RISK ASSESSMENT FOR COMPLETION BY:-. SERVICE/DEPARTMENT/MANAGER SIGNED.DATE SECURITY RISK FACTORS TO BE ASSESSED Part 1 Layout and Personal Security Apply C L SUM Priority ACTIONS/ Y/N (Score (Score (CxL) (1,2 or 3 see RECOMMENDATIONS 1-5) 1-5) matrix) /COMMENTS 1.1 Is the Unit/Ward/Department designed in a way that will allow an easy escape in an emergency? Are there any blind alleys or areas in which a person could be cornered by a potential aggressor? 1.2 Does the service require the area to be totally accessible to all staff/public? What controls are already in place to restrict access? 1.3 What are the minimum numbers of staff on duty at any one time? Do you have any lone workers ( see part 5 )? POSSIBLE CONSEQUENCES (C ) 1. Insignificant - No adverse affects to staff/clients/service 2. Minor verbal abuse/petty theft/minor property damage 3. Moderate aggression to staff/damage or loss of property 4. Major actual harm to staff/loss of valuable equipment/interruption to service 5. Catastrophic major injury through physical assault/shutdown of service/major property loss or damage LIKELIHOOD (L) 1. Rare Don t believe that this will happen 2. Unlikely Do not expect to happen but is possible 3. Possible May occur occasionally 4. Likely Will probably occur but is not a persistent issue 5. Certain Likely to occur on many occasions, a persistent issue Version 8 Page 25 of 32

26 CARE GROUP/DIRECTORATE WARD/DEPARTMENT/SERVICE SECURITY RISK ASSESSMENT FOR COMPLETION BY:-. SERVICE/DEPARTMENT/MANAGER SIGNED.DATE SECURITY RISK FACTORS TO BE ASSESSED Part 1 (Continued) Apply C L SUM Priority ACTIONS/ Y/N (Score (Score (CxL) (1,2 or 3 see RECOMMENDATIONS 1-5) 1-5) matrix) /COMMENTS 1.4 What is the availability of back-up staff for any emergency? (Colleagues, neighbours, porters, security staff, etc) 1.5 What is the anticipated response from the emergency services? Part 2. Physical/Document Security 2.1 Is sensitive property protected? 2.2 Does a local equipment inventory exist? Is it up to date and monitored by somebody? 2.3 Are organisational SFIs adhered to where money and valuables are concerned? (Both patient and Trust) 2.4 Can expensive equipment or staff clothing (private or uniform) be seen through ground floor windows? POSSIBLE CONSEQUENCES (C ) LIKELIHOOD (L) Version 8 Page 26 of 32

27 1. Insignificant - No adverse affects to staff/clients/service 2. Minor verbal abuse/petty theft/minor property damage 3. Moderate aggression to staff/damage or loss of property 4. Major actual harm to staff/loss of valuable equipment/interruption to service 5. Catastrophic major injury through physical assault/shutdown of service/major property loss or damage 1. Rare Don t believe that this will happen 2. Unlikely Do not expect to happen but is possible 3. Possible May occur occasionally 4. Likely Will probably occur but is not a persistent issue 5. Certain Likely to occur on many occasions, a persistent Issue Version 8 Page 27 of 32

28

29 CARE GROUP/DIRECTORATE WARD/DEPARTMENT/SERVICE SECURITY RISK ASSESSMENT FOR COMPLETION BY:-. SERVICE/DEPARTMENT/MANAGER SIGNED.DATE SECURITY RISK FACTORS TO BE ASSESSED Part 3 Awareness/Procedure/Training Apply C L SUM Priority ACTIONS/ Y/N (Score (Score (CxL) (1,2 or 3 see RECOMMENDATIONS 1-5) 1-5) matrix) /COMMENTS 3.1 Are staff who work in sensitive areas made aware of the need to minimise security risks? 3.2 What are the habits of staff/patients: do they affect security, eg self-closing doors wedged open for ventilation? Are security measures already in existence still effective? 3.3 Are short cuts used through your area? If so, how does this affect security? POSSIBLE CONSEQUENCES (C ) 1. Insignificant - No adverse affects to staff/clients/service 2. Minor verbal abuse/petty theft/minor property damage 3. Moderate aggression to staff/damage or loss of property 4. Major actual harm to staff/loss of valuable equipment/interruption to service 5. Catastrophic major injury through physical assault/shutdown of service/major property loss or damage LIKELIHOOD (L) 1. Rare Don t believe that this will happen 2. Unlikely Do not expect to happen but is possible 3. Possible May occur occasionally 4. Likely Will probably occur but is not a persistent issue 5. Certain Likely to occur on many occasions, a persistent Issue Version 8 Page 29 of 32

30 CARE GROUP/DIRECTORATE WARD/DEPARTMENT/SERVICE SECURITY RISK ASSESSMENT FOR COMPLETION BY:-. SERVICE/DEPARTMENT/MANAGER SIGNED.DATE SECURITY RISK FACTORS TO BE ASSESSED Part 4 Access Control Apply C L SUM Priority ACTIONS/ Y/N (Score (Score (CxL) (1,2 or 3 see RECOMMENDATIONS 1-5) 1-5) matrix) /COMMENTS 4.1 a.are keys, particularly for sensitive areas, properly controlled, limited in number and signed out and in? b.do all staff wear there security badges? c. Do all staff keep the hospital / door codes confidential? d. Do all staff understand and prevent the dangers of tail gating? 4.2 Is an alarm fitted? Why? Where does it sound, is this correct, who responds? Are systems maintained and tested regularly? By whom? Is this recorded locally? POSSIBLE CONSEQUENCES (C ) 1. Insignificant - No adverse affects to staff/clients/service 2. Minor verbal abuse/petty theft/minor property damage 3. Moderate aggression to staff/damage or loss of property 4. Major actual harm to staff/loss of valuable equipment/interruption to service 5. Catastrophic major injury through physical assault/shutdown of service/major property loss or damage LIKELIHOOD (L) 1. Rare Don t believe that this will happen 2. Unlikely Do not expect to happen but is possible 3. Possible May occur occasionally 4. Likely Will probably occur but is not a persistent issue 5. Certain Likely to occur on many occasions, a persistent Issue Version 8 Page 30 of 32

31 CARE GROUP/DIRECTORATE WARD/DEPARTMENT/SERVICE SECURITY RISK ASSESSMENT FOR COMPLETION BY:-. SERVICE/DEPARTMENT/MANAGER SIGNED.DATE SECURITY RISK FACTORS TO BE ASSESSED Part 5 Lone / isolated worker Apply C L SUM Priority ACTIONS/ Y/N (Score (Score (CxL) (1,2 or 3 see RECOMMENDATIONS 1-5) 1-5) matrix) /COMMENTS 5.1 Does the task involve lone working? If so, has the necessary supervision of the lone worker been arranged: a. are the movements and whereabouts of the lone worker known at all times b. Is there an alert system if they fail to turn up? c. Is there a local policy for lone workers and has the individual been made fully aware of practices and procedures? d. Are there sufficient checks in place to monitor the individual s safety and security whilst working alone? POSSIBLE CONSEQUENCES (C ) 1. Insignificant - No adverse affects to staff/clients/service 2. Minor verbal abuse/petty theft/minor property damage 3. Moderate aggression to staff/damage or loss of property 4. Major actual harm to staff/loss of valuable equipment/interruption to service 5. Catastrophic major injury through physical assault/shutdown of service/major property loss or damage LIKELIHOOD (L) 1. Rare Don t believe that this will happen 2. Unlikely Do not expect to happen but is possible 3. Possible May occur occasionally 4. Likely Will probably occur but is not a persistent issue 5. Certain Likely to occur on many occasions, a persistent Issue Version 8 Page 31 of 32

32 MATRIX FOR DETERMINING RISK SCORE & PRIORITIES Severity Frequency 1 Insignificant 2 Minor 3 Moderate 4 Major 5 Catastrophic 5 Certain Likely Possible Unlikely Rare GREEN SECURITY RISKS (Score 1 4 = Low risk/priority 3) Local action only i.e. inform line manager of risk assessment outcomes and agree any local (Ward/Department) actions required. YELLOW SECURITY RISKS (Score 5 10 = Moderate risk/priority 2) For action at Operational Manager level. Send written risk assessment outcomes/scores to Operational Managers and agree action plan with responsibilities and timescales confirmed. RED SECURITY RISKS (Score = High risk/priority 1) For action at General Manager level. Send written risk assessment outcomes/scores to General Manager/Director and agree action plan with responsibilities and timescales confirmed. Copy risk assessment outcomes/scores to Risk Management Office, for inclusion in Trust s Risk Register. Maintain records of Risk Assessment Outcomes and any action taken/agreed on ward/department/service risk assessment file. Review/repeat assessment after 1 year. Version 8 Page 32 of 32