Corporate. Security Management Policy. Document Control Summary. Contents

Transcription

1 Corporate Security Management Policy Document Control Summary Status: Version: Author/Title: Owner/Title: Approved by: Ratified: Related Trust Strategy and/or Strategic Aims Implementation Date: Review Date: Key Words: Associated Policy or Standard Operating Procedures Replacement. Replaces: Security Management Policy v1.0 Date: March 2016 Giles Perry Security Management Specialist Liz Lockett - Associate Director or Quality and Risk Policy and Procedures Committee Date: 17/03/2016 Trust Board Date: 18/03/2016 Risk Management Strategy March 2016 March 2019 Security, safety, risk, Risk Management Strategy Community and/or Lone Working Non Clinical Risk Assessment and Management Management of Violence & Aggression Restrictive Practices Contents 1. Introduction Purpose Scope Compliance with statutory direction and guidance Responsibilities Compliance with other Policies and Procedures.8 7. Process for monitoring compliance and effectiveness Further Information... 8

2 Change Control Amendment History Version Dates Amendments 1. Introduction The information contained within this Policy will advise on procedures and processes to be adopted by South Staffordshire and Shropshire Healthcare NHS Foundation Trust (The Trust) to ensure full compliance with national and local direction related to the provision of a full and comprehensive security management service. The Trust recognises and accepts its responsibilities that the management of security related matters will always present as a significant risk to an organisation such as ours. It is also recognised that crime against the NHS can have a serious impact on everyone who works within or uses its services. All of those working in the NHS have a responsibility to be aware of these issues and play an active role in managing the risks related to criminal activity and breaches of security. The Trust remains committed to ensuring that adequate resources are afforded to manage all security related matters and by preventing and tackling crime the Trust can continue to be able to support and enhance the effective delivery of healthcare services to provide the best possible care for patients and service users. Commitment is also given to the creation of a pro-security culture and an environment where staff, patients and visitors feel valued, safe and secure. This Security Management Policy sets out the organisational arrangements to enable the Trust and staff to comply with these responsibilities and associated direction. 2. Purpose The purpose of this Policy is to promote a culture within the Trust which ensures security management and safety arrangements are embedded within all service provision through the activity of the Trust. The Policy has been written in general security management terms for all staff and is supported by Divisional, Directorate and Departmental working practices to address specific aspects relevant to these areas. Page 2 of 8

3 The key objectives are to: Ensure as far as is reasonably practicable the security, health, safety and well-being of all affected by Trust activities including employees at work, service users, contractors and members of the public. Comply with all current security management legislation, regulations and codes of practice. Assess and manage associated risks in all services provided and patient environments to ensure such risks are identified and minimised as far as is reasonably practicable. Monitor and audit that working practices are in accord with relevant policies and procedures. 3. Scope Information, direction and guidance contained within this document is recognised as the Trust s overarching Security Management Policy which is supported by a number of associated Standard Operating Procedures. The Policy applies to all staff employed by the Trust, either directly or as part of a contracted service, and to any other person, organisation or partner agency that uses Trust services or premises for any purpose. 4. Compliance with statutory direction and guidance The Trust has a statutory obligation to comply with direction issued through the NHS Standard Contract and guidance issued through NHS Protect. The following information will highlight such areas of responsibility. 4.1 The NHS Standard Contract In April 2013 Secretary of State Directions for the provision of security management services for Provider Trusts were formally replaced with revised directions issued through the NHS Standard Contract which directs that the Trust is contractually obliged to implement and maintain the following security management arrangements: Service Condition The Provider must put in place and maintain appropriate arrangements to address security management and counter fraud issues. Service Condition Within 1 month following the service commencement date, the Provider must complete an Organisation Crime Profile (OCP), using the appropriate toolkit provided by NHS Protect and in accordance with NHS Protect guidance. Service Condition Following completion of the OCP in accordance with SC 24.2 the Provider must take the necessary action to meet the Standards set by NHS Protect at the level indicated by the OCP. Page 3 of 8

4 Service Condition If requested by the Co-ordinating Commissioner or NHS Protect, the Provider must allow a person duly authorised to act on behalf of NHS Protect or on behalf of any Commissioner to review, in line with the appropriate standards, security management and counter-fraud arrangements put in place by the Provider Service Condition The Provider must implement any reasonable modifications to its security management and counter-fraud arrangements required by a person referred to in SC 24.4 in order to meet the appropriate standards within whatever time periods as that person may reasonably require. Service Condition The Provider must, on becoming aware of: Any suspected or actual security incident or security breach involving staff who deliver NHS funded services or involving NHS resources, report the matter to the Local Security Management Specialist of the relevant NHS Body and to NHS Protect SC On the request of the DoH, NHS England, NHS Protect or the Co-ordinating Commissioner, the Provider must allow NHS Protect or any Local Security Management Specialist appointed by a Commissioner, as soon as is reasonably practicable and in any event not later than 5 operational days following the date of the request, access to: All property, premises, information (including records and data) owned or controlled by the Provider relevant to the detection and investigation of cases of bribery, fraud or corruption and/or security incidents or security breaches directly or indirectly connected to this Contract; and All staff who may have information to provide, that is relevant to the detection and investigation of cases of bribery, fraud or corruption, or security incidents and/or security breaches directly or indirectly in connection with this Contract. 4.2 NHS Protect guidance issued through Security Management Standards for Providers Part of revised direction issued through NHS Protect also requires all Provider Trusts to implement and comply with a range of security management standards set out in 4 sections covering corporate responsibilities and three other key principles for action, as follows: Strategic governance sets out the requirements in relation to the strategic governance arrangements of the organisation to ensure that anti-crime measures are embedded at all levels across the organisation. Inform and Involve sets out the requirements in relation to raising awareness of crime risks against the NHS, and working with NHS staff and the public to publicise the risks and effects of crime against the NHS. Page 4 of 8

5 Prevent and Deter sets out the requirements in relation to discouraging individuals who may be tempted to commit crime against the NHS and ensuring that opportunities for crime to occur are minimised. Hold to Account sets out the requirements in relation to detecting and investigating crime, prosecuting those who have committed crimes, and seeking redress. A self-assessment against these standards is undertaken by the on an annual basis and the outcome of this assessment is submitted to NHS Protect. NHS Protect may also undertake a full or focussed assessment of compliance with the standards. 5. Responsibilities The following information details the management structure for the provision of security management services within the Trust and the key responsibilities of the highlighted individual members of Trust staff. Further information within this section details the key responsibilities of Service Leads, Managers and Team Leaders and all other employees to ensure that direction issued through the Policy is maintained. Figure 1 Security Management Structure Chief Executive / Trust Board Executive Director of Quality & Clinical Performance / SMD Associate Director of Quality & Risk Trust Security Management Specialist 5.1 The Chief Executive / Trust Board The Chief Executive and the Trust Board have overall responsibility and accountability for the implementation of all aspects of the provision of a Security Management Service and to ensure that the organisational commitment to Security Management is fully met and Page 5 of 8

6 monitored. The Board recognises that a successful healthcare organisation ensures that its expertise in service provision is translated into all aspects of its work and that effective security management is an integral part of effective working practice. 5.2 Nominated Security Management Director The Trust s Executive Director for Quality and Clinical Performance is designated by the Trust Board to undertake the role of the nominated Security Management Director and has overall responsibility for overseeing security management work and ensuring compliance with statutory direction and national guidance issued by NHS Protect, as well as ensuring that the Security Management Specialist has the necessary resources and support available to carry out their role effectively. Reporting directly to the Board the SMD will be responsible for ensuring that there are appropriate up to date security management services and specialist advice available within the Trust. The SMD will also be responsible for ensuring that effective systems and work practices are in place and for promoting preventative security measures throughout the Trust. 5.3 Associate Director of Quality & Risk The Associate Director of Quality and Risk line manages the Security Management Specialist and oversee the work that is undertaken on a day to day basis. The Post holder is also the Trust lead for other services provided within the Directorate, including Clinical/Nonclinical Risk Management, Health & Safety, Clinical Audit and Service User Experience. 5.4 Trust Security Management Specialist The role of the Security Management Specialist is to deliver security management work locally in accordance with National Statutory Direction and guidance issued through the Trust and NHS Protect. The post-holder is primarily responsible for the following: - Providing professional advice, support and assistance regarding security management issues and to ensure all work is undertaken in line with any relevant requirements of NHS Protect and the Trust. Actively promote security management issues and work closely with staff of all disciplines to ensure that a pro-security culture is developed and maintained. Ensuring that security management work is integrated into the Trust s systems for risk management, including incident reporting and risk assessment. Ensuring that arrangements are in place which promotes incident reporting procedures for security related matters and incidents of assault. Collection and analysis of information relating to security incidents in order to be able to identify trends and implement appropriate control measures to manage identified risks. Inspection and security audit/review of Trust premises and related work practices. Undertaking investigation, where necessary and appropriate, into breaches of security and related incidents. Effective liaison with NHS Protect and partner agencies including Police Services, Crown Prosecution Services (CPS), Probation Services and HM Courts Services. Page 6 of 8

7 5.5 Service Leads / Managers / Team Leaders Trust Service Leads, Managers and Team Leaders are responsible for leading on and promoting security management measures and safe working practices within their areas of responsibility. In particular they ae responsible for the following: Ensuring all breaches of security and criminal acts are reported. Ensuring that they and their staff are trained so that they are familiar with the content of the Security Management Policy and associated procedures. Implementing effective measures to ensure that safe working practices are promoted and Trust premises and property are maintained in a safe and secure condition. Producing and implementing, where necessary and appropriate, local security procedures and protocols, in line with the directions of this Policy. Undertaking risk assessments of their areas of responsibility and acting to remove/reduce (as far as is reasonably practicable) any security risks identified. 5.6 Employees Employees of the Trust must ensure that they comply with security management direction issued through NHS Protect, the Health & Safety at Work Act 1974 and other related law and legislation. This includes ensuring that they co-operate with the Trust as an employer with regards to measures put in place to safeguard the security, safety and wellbeing of themselves and others. This will include the following: Abiding to all Trust Policy and local procedure Not compromising security or safety by their actions Ensuring that all security related incidents are reported in line with Trust policy and procedure 6. Policies and Procedures 6.1 Standard Operating Procedures (SOP) This policy permits the use of Standard Operating Procedures to address other areas of security management activity which arise within the Trust where it is considered that this is a preferred format. Policies may continue to be used where the subject matter merits. 6.2 Relationship to other Policies The Trust has a range of policies and procedures covering a wide range of subjects. There are also strong links between documents, for example nursing procedures, Human Resources and Health and Safety; therefore they must be implemented jointly. 6.3 Divisional, Directorate and Departmental and Procedures In addition each Division, Directorate or Service Area may adopt their own security management procedures pertinent to their activity. These are to be observed by staff Page 7 of 8

8 normally working within the respective areas and others e.g. maintenance staff and contractors not normally present but who visit on occasions. Such other procedures will be read implemented in line with direction issued through this Trust Security Management Policy. 6.4 Resolving security management matters In the first instance security management matters should be discussed directly with managers as safety and security will always be an essential and integral function of management. If the matter is unresolved or more specialist advice is required you all Trust staff have access to raise the issue with the Security Management Specialist or a member of the Risk Management Team. The Trust will always endeavour to reduce the impact that crime and security related matters may have on patients, staff and visitors and will always aim to identify solutions and prioritise resources to address identified issues. 7. Process for Monitoring Compliance and Effectiveness Compliance to this policy and all associated Standard Operating Procedures will be monitored through security management annual report, internal & external assessments, reports to relevant committees and incident reporting analysis. 8. Further information A full schedule of associated Policies and Standard Operating Procedures is available on the Trust website section at: Examples include but are not limited to Risk Management Strategy, Health & Safety, Non Clinical Risk Assessment and Management, Management of Violence & Aggression, Restrictive Practices and Community and/or Lone Working. Further useful sources of information which support the principles of this Policy can be found at: NHS Protect The Health & Safety Executive Page 8 of 8