SECURITY TOOLKIT 4/21/2015. Page 1 of 49

Transcription

1 SECURITY TOOLKIT 4/21/2015 Page 1 of 49

2 Working Group Members Name Brenda Snider Clinton Hodges David Borwick DJ Sanderson Heather Ramore John Tcherkezian Kelly Walker Sherri Bastos Organization Service Employee International Union Toronto East General Hospital Extendicare Southlake Regional Health Centre Peel Police Yee Hong Centre for Geriatric Care Northumberland Hills Hospital Revera Toolkit development was led by Frances Ziesmann, PSHSA and supported by Kaiyan Fu, PSHSA Page 2 of 49

3 TABLE OF CONTENTS Toolkit Objectives 4 Introduction.5 Understanding Security Functions 6 About Security Tools..7 Security Policies and Procedures..7 Security Guard Training..8 Training Program Considerations.9 Appendix A: Self Assessment Security Checklist.12 Appendix B: Security Program Gap Analysis and Action Plan 20 Appendix C: Sample Corporate Security Policy Template 27 Appendix D: Sample List of Security Related Policies and Procedures 34 Appendix E: Security Program Administrator Training 37 Appendix F: Sample Security Guard Training Program Components 38 Appendix G: Sample Security Guard Training for Healthcare Institutions Training Checklist.42 Appendix H: Workplace Security Fast Fact Awareness Tool 44 Page 3 of 49

4 TOOLKIT OBJECTIVES To incorporate knowledge from both empirical and experiential evidence to enhance the PSHSA Workplace Violence Risk Assessment Tool (WVRAT) for Acute Care and Long Term Care. To confirm and refine key components of the PSHSA WVRAT, including the risk matrix of probability and impact, hazards, corresponding controls, and potential solutions. To address risk assessment for all 4 types of workplace violence. To develop considerations for prioritization when implementing workplace violence risk assessment. Page 4 of 49

5 Introduction Workplace violence, vandalism, theft and property damage are not uncommon events in the healthcare industry and at times unfortunate and tragic events can occur. Workplace security is considered an important workplace violence prevention control with regards to all four types of workplace violence (i.e., Type 1: External, Type 2: Client or Customer, Type 3: Worker to Worker, Type 4 Domestic Violence). Healthcare Security is the prevention of harm to and protection of persons and property. Security is ensured through proactive measures, processes, monitoring, patrol, and emergency responses as necessary. It may include but is not limited to the implementation of a safety management plan, appropriately trained and competent personnel that fulfills security functions, policy, procedures, activities; and the use and application of equipment and materials. Although important, this toolkit does not address security as it relates to computer and or client health information or privacy legislation as it is beyond the scope of this document. Employers, managers, supervisors, and employees can all make a difference in keeping the workplace safe. Everyone in the workplace has roles and responsibility for both safety and security. Security can be integrated as part of the care team and also into the provision of care. Whether your organization has a formal security department and/or personnel or not, organizations in all subsectors of healthcare (i.e., acute care, community care, and long terms care) need to ensure security measures and procedures are in place to protect employees and the people they serve. Through the Discovery Phase of the Prevention and Management of Workplace Violence Initiative, the topic of security was identified as a priority area for toolkit development because of the limited resources available to healthcare organizations, including commonly accepted standards. Criteria need to be developed for healthcare organizations to adopt in order to ensure adequate and appropriately trained security guard or personnel responsible for security. Further, guidelines are required for ensuring worker safety for organizations that do not have designated security personnel. However, it is not within the scope of this toolkit to recommend security staffing levels. The goal is to develop a Security Toolkit that can be used by health care organizations with or without designated security personnel to ensure security functions are adequately performed by competent and trained staff. Specific objectives are: To develop a Security Program Self Assessment Checklist and Action Plan incorporating occupational health and safety program, continuous quality improvement principles, and comprehensive Security functions. To develop a framework of policies and procedures that corresponds to the Security Program checklist. To develop a list of training topics for both security personnel and general staff based on leading practices and training standards. To compile a list of resources on relevant topics related to Security, such as legislations, training standards, industry guidelines. To design Security Fast Fact(s) and materials that raise security awareness. Page 5 of 49

6 Understanding Security Functions The International Association for Healthcare Security & Safety (IAHSS) is the only organization solely dedicated to professionals involved in managing and directing security and safety programs in healthcare institutions. The IAHSS Handbook on Healthcare Security Basic Industry Guidelines assists healthcare administrators in fulfilling their obligation to provide a safe and secure work environment. The guidelines describe a comprehensive list of Security Functions (Table 1) that can be helpful for healthcare organizations when conducting self assessment on roles and accountabilities for each of the security functions and whether the identified roles fulfilling security accountabilities have the required knowledge, skills, training and organizational support to competently fulfill these security functions. It is understood that some of the identified security functions may not be applicable to all healthcare settings. Table 1: Sample Security Functions Security Functions Specific Components Program Development Security Management Plan Security Risk Assessments Program Management Security Administrator Violence in Healthcare Prisoner Patient Security Security Role in Patient Management Security Officer Use of Physical Force Home/Community Health Security Security Staffing and Deployment Searching Clients and Client Areas for Contraband Security Response to a Critical Incident Emergency Measures & Procedures (e.g., Active Shooter) Restricting Weapons in the Healthcare Environment Training Security Guard/Personnel Training General Staff Security Orientation and Education Investigations General Covert Investigations Drug Theft/Misappropriation Documentation Security Incident Reporting Program General Measurement/Improvement Access Control Identification System Facility Restricted Access (Emergency Lockdown) Approaching Persons of Interest Client Access Physical Security Electronic Security Systems Use of Video Surveillance Areas of Higher Risk Security Sensitive Areas Infant/Pediatric Abduction Response and Prevention Security in the Emergency Care Setting Client Elopement or Wandering Page 6 of 49

7 Behavioural/Mental Health Emergency Management General Security Role in an Emergency Operations Centre Security Role in a Communicable Disease Outbreak Adapted from IAHSS Guideline (2012) About the Security Tools The security toolkit provides sample tools to assist healthcare organizations in identifying security program gaps in their organization and developing an action plan. In addition many of the tools focus on developing a better understanding of the security function components and security training requirements, many of which are based on leading practices and/or standards. Security Program Self Assessment, Gap Analysis and Action Plan Many organizations are unaware of their security program gaps. The Security Program Self Assessment tool can be used to determine specific security program gaps related to: Senior management commitment; Security oversight, functions, roles and responsibilities; Security program needs assessment; Security program documentation such as policies and procedures, safe work practices: security training; Security training and awareness; Provision and installation of security-related equipment and its maintenance; Security-related incident reporting and investigation; Security program evaluation. See Appendix A for the Security Self Assessment Checklist and instructions on how to use the tool. Appendix A also provides a list or resources that an individual organization may want to explore further when assessing and/or implementing a security program. Note the resources are not an all inclusive list. Once organizations have completed the self assessment, they can move on to indentifying security function and program gaps; developing an action plan; and assigning responsibilities and target dates for completion. In addition the organization can make recommendations to senior management as needed. See Appendix B Security Program Gap Analysis and Action Plan and how to use the tool. Security Policies and Procedures Healthcare organizations should have a corporate security policy or standard that outlines the purpose and scope. The policy should demonstrate the organization s commitment to workplace security and provide direction regarding communication, training and evaluation of the program. Most importantly the security policy should provide clarity regarding roles, responsibilities and expectations of the relevant workplace parties. Appendix C provides a sample policy that can be customized to meet the needs of an organization whether the organization has a formal security department and/or security guards, or not. Note the sample Corporate Security Policy promotes consultation with Joint Health and Page 7 of 49

8 Safety Committee (JHSC) and/or Health and Safety Representative (HSR) and it also highlights the need for organizations to comply with reporting requirements as outlined in the health and safety legislation (Occupational Health and Safety Act R.S.O. 1990; Ontario Regulation 67/93 Healthcare and Residential Facilities Regulation).These legislated inclusions will help protect the health and safety of workers in the workplace. Community and healthcare organizations are diverse in their security needs. Organizations will have to determine which additional security-related standards, policies and/or procedures apply to their situation based on their organizational risk assessment and knowledge of industry-related risks. Appendix D provides a sample list of additional security-related policies and/or procedures that may apply to an organization and there is an explanation on how to use the tool. Security Administrator Training The security administrator or designated leader who is authorized to oversee the security portfolio in a community or healthcare organization requires knowledge and training to fulfill their duties whether there is a security service and/or security guard(s) or not. In small organizations where there is no security manager or security guards, the security oversight needs to be delegated to a manager. In these cases other persons in the organization may share the various security roles. A summary of suggested training is summarized in Appendix E. Security Guard Training Background The Private Security and Investigative Services Act (2005) replaced the Private Investigators and Security Guards Act (1966). It now regulates private investigators, security guards and companies who are in the business of providing the services of private investigators and security guards. The training & testing provisions of the Private Security and Investigative Services Act (2005) came into force on April 15, 2010 (Training & Testing - Ontario Regulation #230/2010). These provisions were based on the previously published curricula. The new Act defines a security guard as a person who performs work for remuneration that consists primarily of guarding or protecting persons or property. This would include persons performing duties in provincial hospitals, mental health care settings and forensic units. As of this date, all persons desiring to become a licensed security guard in Ontario are first required to successfully complete the 40 hour security guard training program and the government security guard test. Once a person has successfully passed the government security guard test, they are then able to apply for a security license. Those security guards failing to successfully pass the government security guard test were required to complete the basic 40 hour security guard training program prior to re-taking the government security guard test. Licensing of security guards in the province of Ontario is overseen by the Ministry of Community Safety and Correctional Services. Page 8 of 49

9 Furthermore, the Canadian General Standards Board (CGSB) is a federal government organization that provides client-centered comprehensive standards development, training programs and conformity assessment services in support of the economic, regulatory, procurement, health, safety and environmental interests of the stakeholders that includes government, industry and consumers. The 2008 CGSB Security Training Program (Can/CGSB ) provided a 54-hour curriculum that was developed and intended for persons performing security related duties/functions. See Table 2. Table 2. Training Program Content Administration/Introduction/Evaluation of Candidates Knowledge Introduction to Duties and Responsibilities Professionalism and Public Relations Legal Authorities, Duties and Responsibilities Alarm and Protection Systems Traffic Movement Personnel and Material Access Control Report Writing, Note Taking, Evidence and Crime-Scene Sketching Response to Emergency Situations (Bombs, Fires, etc) Patrol Procedures Labour Disputes Relations with Police Use of Force Principles Effective Communications First Aid / CPR Training Suggested Hours of Training Additional Hours as Required CGSB Security Training Program (Can/CGSB ) Training Program Considerations While security guards play a key role in workplace violence prevention and management, there is a lack of consistent approach to orientation and ongoing training and development of security guards. This outline is developed based on a current training model at a large community hospital. It is informed by best practice and is consistent with the expectations and obligations in respect to the provision of services as a security guard. The intent of the training outline is to assist healthcare organizations to determine the validity and quality of training programs when acquiring a provider. Page 9 of 49

10 When evaluating a training program or considering an RFP for services, the following items should be considered. 1. Qualifications of the program developer/writer? 2. When the program was last updated / is the content current? 3. What are the qualifications of the trainers? 4. Does the company providing service have insurance related to the provision of opinion related to the subject material? 5. Will the company maintain records of training for your organization? 6. Can the company testify and defend the subject material if the course content is challenged through legal process? 7. Cost structure for both initial training and recertification process? All training should be conducted annually and should have testing processes to ensure both the course content is understood and that the students in training are able to perform the physical skills to a reasonable level of proficiency. Training Outline There are a number of training programs available to the security profession that are designed and intended to provide the requisite skills to enable persons to exercise judgment, display due diligence and to meet a duty of care. This includes persons performing security provision in provincial hospitals, mental health care settings and forensic units. These programs are the basis for industry standards, and are utilized and continue to be utilized throughout the province of Ontario. It is important to note that industry standards represent a method or technique that has consistently shown results superior to those achieved with other means, and that is used as a benchmark. See Appendix F for Sample Security Guard Training Program Components. The security guard position may possess many inherent health and safety risks. Under the Occupational Health and Safety Act (OHSA) the employer is required to ensure that worker s receive appropriate health and safety information and instruction including training. To demonstrate due diligence, the employer must provide training but also keep records of training content, and all new hire orientation training and refresher training. In addition the frequency of training should be established. Appendix G provides a Security Guard Training for Healthcare Institutions Checklist that demonstrates security topics and suggested frequency. Organizations with a security guard function can use this sample as a starting point and customized their training to meet their needs. Management and Worker Training Under the OHSA employers are required to acquaint workers and those with the authority over workers of existing and potential hazards, and also provide workers with information and instruction on Page 10 of 49

11 measures and procedures to ensure their health and safety. This also applies to health and safety hazards related to security. A security training needs assessment should be conducted for managers and workers. This can be partly based on the findings of the organizational risk assessment and on staff surveys or focus groups. A sample of relevant security topics may include but are not limited to: Corporate security policy Department security protocols Workplace violence prevention policy and procedures Emergency measures, codes and responses Non-violent crisis intervention Access control including sensitive areas Photo identification Reporting hazards and incidents Personal alarm systems Pandemic planning and infectious agents security protocols Working alone Protection of personal belongings Security in the community and home Parking lot security and safety Medication security Patient assessment Use of restraints Employers and managers or supervisors may find it easier to develop training matrices to ensure that all parties receive the appropriate training in a timely fashion. Raising awareness about the importance of security for everyone s safety is also an important step. Everyone needs to understand their roles and responsibilities related to security as well as the responsibilities of others. Security should be top of mind. To enhance workplace security awareness a Security Awareness Fast Fact in Appendix G outlines workplace party responsibilities and security safety tips and how to use the tool. Health and Safety Training Consultation Healthcare organizations such as hospitals, private hospitals, psychiatric facilities, long term care, group homes, and child and family services for instance are governed under the Healthcare and Residential Facilities Regulation (HSRFR). For organizations where the HSRFR applies, employers in consultation with and in consideration of the recommendations of the JHSC and/or HSR must develop, establish and provide training and education in health and safety measures and procedures for workers. These healthcare organizations need to establish clear processes to ensure that the JHSC and/or HSR are consulted as required in the regulation. Page 11 of 49

12 How to Use this Tool APPENDIX A. SELF ASSESSMENT SECURITY CHECKLIST 1. A multi-disciplinary committee or task force should complete the self-assessment checklist and recommended action plan. This committee or task force typically reports to senior management so it is important that the committee has the support and permission from senior management to proceed. Senior management should assign a committee lead that will coordinate the activities and act as a liaison between the two parties. Senior Management will need to establish which individual(s) at the Senior Management will receive the final report and any updates from the committee or task force. To ensure clarity of objectives, roles and responsibilities, the committee should establish a terms of reference. 2. Membership composition for the committee should be diverse and include management and worker members including joint health and safety committee (JHSC) and/or health and safety representative (HSR) and union. Various functional departments should be included but not limited to: client care programs; environmental services, maintenance and support programs; human resources and occupational health and safety; education; security services if any; and other relevant functions as the organization sees fit. Every organization is different and each organization will need to determine their committee structure and composition. For instance some organizations may utilize an existing workplace violence prevention steering committee and others may use their JHSC or a subcommittee of the JHSC. Using existing committee structures can add value to the process. 3. The committee should review the completed workplace violence organizational risk assessment to identify security-related risks as well as security-related controls that should be in place. Knowledge from the risk assessment will enhance completion of the self-assessment checklist. 4. There are 12 elements in the self-assessment security checklist for consideration. Those completing the tool are required to carefully read and review each element and determine whether the element applies. If it does not apply then select N/A for not applicable. If the element or sub-element applies use a check mark in the sub-element box and also indicate in the designated column whether the element is present yes, no or partial. 5. Document any comments regarding what is in place and what is not in place. The organization should use any evidence available to determine whether the element is in place or not e.g. documents, training records etc. Be specific as this will assist the organization in identifying security program gaps. 6. Ensure all committee members understand how to use the tool prior to commencing its use. 7. Once the Security Program Self Assessment Checklist is complete the organization can move onto completing the Security Program Gap Analysis and Action Plan (Appendix B), a sister document to Appendix A. Page 12 of 49

13 SECURITY PROGRAM SELF ASSESSMENT CHECKLIST ITEM KEY ELEMENTS CHECKLIST N/A Yes No Partial Comments Resources 1.0 There is commitment from senior management to develop, implement and maintain a security plan and program. There is senior leadership commitment to: financial and human resources PSHSA (2006) appointment of a security program administrator or leader establishment of multidisciplinary steering committee, including joint health and safety committee Hollier (2014) representatives provision of adequate training to enable roles to carry out the security functions. to oversee the development, implementation and monitoring of the security plan and program. 2.0 There is a security administrator or designated leader who is qualified and authorized to oversee the security program. Security administrator as designated leadership with primary responsibilities for the security functionor A designated leader in an alternate role when there is not a security administrator position: Security functions are clearly articulated in the job description(s) of the role(s) performing security administrator Has the relevant training and education to oversee the security program Has policy-making authority Has the authority to address imminent threat of danger Has the standing authority to deploy and implement necessary measures in response to the threat Is entitled to be consulted in building renovations and new building planning architectural design principles such as CPTED (Crime Prevention Through Environmental Design) and care principles Takes on a lead role in coordinating the Competent Supervisor: Occupational Health and Safety Act R.S.O International Association for Healthcare Security and Safety (2012) Crime Prevention Though Environmental Design Page 13 of 49

14 ITEM KEY ELEMENTS CHECKLIST N/A Yes No Partial Comments Resources multidisciplinary team that is appointed to develop and maintain the workplace violence program Takes on a lead role in the workplace violence risk assessment process and design of any safety plan ITEM KEY ELEMENTS CHECKLIST N/ A Ye s No Parti al Comments Resources 3.0 Security functions are clearly articulated in the job descriptions of roles performing security roles and responsibilities. Security roles and responsibilities: Carry out authorities available to a security officer under the Criminal Code, common law, protection of other persons, defense of property, self-defense, seizure and use of force; and under provincial and municipal legislation e.g. trespass and provincial offences legislation and parking by-laws; and duties as outlined by the employer (CAN/CGSB ) Conduct patrols, inspections, guarding and fulfill routine service requests Respond to emergencies in compliance with the organization s policies and procedures Report any hazards and deficiencies Complete documentation in accordance with the accepted standards Carry out other activities as required by the manager/administrator e.g. represent security on committees etc. Participate in investigations related to security matters and communicate findings in compliance with the organization s policies and procedures Competent Supervisor: Occupational Health and Safety Act R.S.O International Association for Healthcare Security and Safety (2012) 4.0 Security role in client management Policies and procedures are developed that identify responsibilities and scope of activities of security in performing client intervention activities. Client intervention activities may include performing International Association for Page 14 of 49

15 ITEM KEY ELEMENTS CHECKLIST N/A Yes No Partial Comments Resources client watches, holds, restraints and seclusions relative to the medical evaluation or treatment of clients. Security s client intervention activities should be documented. Training is provided to security pertaining to its role in client management. Collaborative training with clinical staff should include de-escalation, proper client restraint techniques, and non violent crisis intervention. Healthcare Security and Safety (2012) 5.0 Security role in emergency management An emergency management program is developed and maintained to identify and address threats/hazards/emergencies that may impact the facility and its operations. Security Role in an Emergency Operations Centre: security personnel may be assigned to fulfill the security functions including monitoring and having authority over the general security of the facility and its people, management scene/facility protection and traffic control. Security Role in a Communicable Disease Outbreak that requires security to activate, adapt and supplement processes and mechanisms in order to continue the provision of a safe care environment. Planning for outbreaks should include identification of essential security services and measures to address shifting demand for security resources. 6.0 The organization has conducted a risk assessment to assess security program needs. International Association for Healthcare Security and Safety (2012) Identify people and property assets that are to be protected Review of current security measures and procedures in place - Inventory of policies and procedures in place - Inventory of security and security-related equipment International Association for Healthcare Security and Safety (2012) PSHSA (2006) Page 15 of 49

16 ITEM KEY ELEMENTS CHECKLIST N/A Yes No Partial Comments Resources - Inventory of security personnel Risk assessment of environmental security Analysis of internal documents such as security logs and security incidents, client/client/workplace violence incidents and hazard reports, local police crime statistic, information from like organizations, legislative requirements and security standards Security program climate survey - workplace survey Best practice is to have questions in the staff engagement/satisfaction survey and incorporating into the organization s plan Security plan should be part of the organizational plan 7.0 There is a documented security program in place and evidence of program implementation. Written security policy demonstrating senior management commitment, goals, definitions, scope, roles and responsibilities and commitment to annual review and evaluation Written procedures and protocols for both clinical and non-clinical situations; both prevention and protection, for example: - Prohibition of carrying firearms and weapons - Prevention and responding to targeted violence - Prisoner Client Security - Client Management security role - Communications - Training needs assessment, training matrix, training requirements for security personnel, administrator - Use of force - Premises safety - Home health security - Security staffing and deployment based on risk assessment - Duties and expectations of security staff - Searching clients and client areas for contraband - Response to critical incident - Active Shooter - Incident reporting and investigation Canadian General Standards Board. (2008). International Association for Healthcare Security and Safety Handbook (2012) PSHSA (2006) PSHSA (2012) Fast Fact: Protecting workers working alone PSHSA (2010) Fast Fact: Tips for guarding your personal safety on home visits The NHS Staff Council (2009) Improving Safety Page 16 of 49

17 ITEM KEY ELEMENTS CHECKLIST N/A Yes No Partial Comments Resources - Other e.g. covert investigations, drugs - Policies for community - Policies for long term care - Safe travel - Organizational Risk Assessment - Client Risk Assessment Documented training program for security personnel Documented training program for administrator or person in charge of security Awareness training and communication for all staff, management Awareness communication to visitors and clients Access control staff ID, facility restricted access, emergency lock down, approaching persons of interest, visitor access, signage Physical Security systems electronic security, video surveillance, High Risk Areas Emergency responses and codes Security during emergency management (incident management system) Security during infectious disease outbreak or pandemic Security in Emergency Department Security Safety Program is developed and reviewed at least annually Joint Occupational Health and Safety Committee (JHSC) or Health and Safety Representative (HSR) is consulted in revisions and training Security participation on committees and clinical teams for Lone Workers Carlson (2011) Dooley (2014) Fox & Whitehorn (2014) Hollier (2014) Morris & Oswalt (2014) See Security Policies List Document 8.0 There is a security training and awareness program. Any individuals performing security services should be trained to meet regulatory or legislatively required standards for security training and healthcare security industry standard practices. Security orientation and education needs of general staff should be identified and a orientation/education program should be implemented. Canadian General Standards Board (2008). International Association for Healthcare Security and Safety Handbook Page 17 of 49

18 ITEM KEY ELEMENTS CHECKLIST N/A Yes No Partial Comments Resources Security Personnel training matrix Security administrator with security personnel Security administrator without on site security personnel Employee and Management training training matrices including awareness training Personal protective equipment Awareness Training Campaign (2012) Ministry of Community Safety and Correctional Services. (2009). Hollier (2014),Morris Oswalt (2014) 9.0 Security equipment is available and maintained. Examples: Video camera surveillance Access control systems Intrusion alarms Personal alarms, panic buttons, GPS/cellular distress systems Personal protective equipment Other International Association for Healthcare Security and Safety Handbook (2012) 10.0 Work environment design or redesign Security is considered in new and existing work environment design or redesign International Association for Healthcare Security and Safety Handbook (2012) Crime Prevention Though Environmental Design (n.d.) 11.0 Incident Reporting and Investigation All related security incidents, accidents and hazards are reported and investigated promptly to identify immediate and root causes and implement timely corrective actions and/or recommendations. Ensure PSHSA (2006) Occupational Health and Safety Act Page 18 of 49

19 ITEM KEY ELEMENTS CHECKLIST N/A Yes No Partial Comments Resources JHSC/HSR involvement e.g. critical and fatal injury investigations; and hazard, accident and illness summaries and notifications as per OHS act Security Program Evaluation Security quality indicators both leading (e.g., training, patrol frequency, etc.) and lagging (e.g., use of force %, incident rate, loss time) have been selected and are used for evaluation. There is a process to evaluate the program at least annually JHSC/HSR is consulted in program revisions and training Security safety quality improvements recommendations are considered by senior management and where appropriate recommendations are implemented as required. PSHSA (2006) Adapted from Public Services Health and Safety Association Program Checklists Page 19 of 49

20 APPENDIX B. SECURITY PROGRAM GAP ANALYSIS AND ACTION PLAN How to Use this Tool 1. Once the Security Program Self Assessment Tool Checklist is complete, the steering committee or task force can move on to completing the Security Gap Analysis and Action Plan Tool. 2. The multi-disciplinary committee will need to review each element. If there is a gap in a Security Program Self Assessment Tool Checklist element please check the corresponding element and/or sub-element box in the Security Program Gap Analysis checklist. 3. Based on the findings identified in the Security Program Self Assessment Tool Checklist the committee should clearly develop actions to reduce the security program gap. This may include clear actions to remedy the gap in addition to further investigation of gap or identification of needed resources such as training. Robust discussions and brain-storming should take place by the committee members to ensure comprehensive actions are developed. 4. The next step is to assign responsibilities to a person that has the authority and ability to carry out the action. Consultation with management may be required. 5. Identify a target date for completion. Note that the action completion date will be entered when the activity is completed. 6. Once the document is complete the committee can develop a report for Senior Management outlining the purpose of committee activities, the findings from the Security Program Gap Checklist, Gap Analysis and the recommendation as outlined in the Security Program Action Plan. 7. The report including the recommendations established by the committee should be provided to the delegated senior management individual(s) or delegate for consideration and action. Page 20 of 49

21 SECURITY PROGRAM GAP ANALYSIS AND ACTION PLAN ITEM SECURITY PROGRAM KEY ELEMENTS GAPS (Check the box if it is a gap) Action Plan Person Responsible Target Date Date Completed 1.0 There is commitment from senior management to develop, implement and maintain a security plan and program. There is senior leadership commitment including financial and human resources e.g. - appointment of program administrator or leader - development of multidisciplinary steering committee 2.0 There is a security administrator or leader who is qualified and authority to oversee the security program Security administrator : Has the training and is competent to oversee the security safety program Has policy-making authority Has the authority to address imminent threat of danger and has the authority to deploy and implement necessary measures in response to the threat Entitled to be consulted in building renovations and new building planning architectural design principles such as CPTED (Crime Prevention Through Environmental Design) and care principles Integration of security leadership role with other leadership functions Security functions are added in the job descriptions of roles performing security administrator responsibilities 3.0 Security Guard functions are clearly articulated in the job descriptions of roles performing security roles and responsibilities. Security Guard roles and responsibilities : Carry out authorities available to a security officer Page 21 of 49

22 ITEM SECURITY PROGRAM KEY ELEMENTS GAPS (Check the box if it is a gap) Action Plan Person Responsible Target Date Date Completed under the Criminal Code, common law and case law, protection of other persons, defense of property, selfdefense, seizure and use of force; and under provincial and municipal legislation e.g. trespass and provincial offences legislation and parking by-laws; and duties as outlined by the employer (CAN/CGSB ) Conduct patrols, inspections, guarding and fulfill routine service requests Respond to emergencies in compliance with the organizations policies and procedures Report any hazards and deficiencies and ensure corrective actions are taken Complete documentation in accordance with the accepted standards Carry out other activities as required by the manager/administrator e.g. represent security on committees etc. Participate in investigations related to security matters and communicate findings to the security administrator as required 4.0 Security role in patient management Policies and procedures are developed that identify responsibilities and scope of activities of security in performing patient intervention activities. Patient intervention activities may include performing patient watches, holds, restraints and seclusions relative to the medical evaluation or treatment of patients. Security s patient invention activities should be documented. Training is provided to security pertaining to its role in patient management Collaborative training with clinical staff should include de-escalation, proper patient restraint techniques, mental health holds, and against medical discharges Page 22 of 49

23 ITEM SECURITY PROGRAM KEY ELEMENTS GAPS (Check the box if it is a gap) Action Plan Person Responsible Target Date Date Completed 5.0 Security role in emergency management An emergency management program is developed and maintained to identify and address threats/hazards/emergencies that may impact the facility and its operations. Security Role in an Emergency Operations Centre: security personnel may be assigned to fulfill the security functions including monitoring and having authority over the general security of the facility and its people, management scene/facility protection and traffic control. Security role in a Communicable Disease Outbreak that requires security to activate, adapt and supplement processes and mechanisms in order to continue the provision of a safe care environment. Planning for outbreaks should include identification of essential security services and measures to address shifting demand for security resources 6.0 The organization has conducted a security program risk assessment to assess security program needs lead by qualified and trained individuals Identify people and property assets that are to be protected Review of current security measures and procedures in place - Inventory of policies and procedures in place - Inventory of security and security-related equipment - Inventory of security personnel Risk assessment of environmental security Analysis of internal documents such as security logs and security incidents, patient/client/workplace violence incidents and hazard reports, local police crime statistic, information from like organizations, legislative requirements and security standards Security safety program climate survey - workplace survey Page 23 of 49

24 ITEM SECURITY PROGRAM KEY ELEMENTS GAPS (Check the box if it is a gap) Action Plan Person Responsible Target Date Date Completed Best practice is to have questions in the staff engagement/satisfaction survey and incorporating into the organization s plan Security safety plan should be part of the organizational plan 7.0 There is a documented security program in place and evidence of program implementation Written security policy demonstrating senior management commitment, goals, definitions, scope, roles and responsibilities and commitment to annual review and evaluation Written procedures and protocols for both clinical and non-clinical situations; and prevention and protection, Security training for security personnel Security training for administrator or person in charge of security Awareness training and communication for all staff, management Awareness communication to visitors and patients Access control staff ID, facility restricted access, emergency lock down, approaching persons of interest, visitor access, signage Physical Security systems electronic security, video surveillance, High Risk Areas Emergency responses and codes Security during emergency management (incident management system) Security during infectious disease outbreak or pandemic Security in Emergency Department Security Safety Program is developed and reviewed at least annually Joint Occupational Health and Safety Committee (JHSC) is consulted in revisions and training Security participation on committees and clinical teams Page 24 of 49

25 ITEM SECURITY PROGRAM KEY ELEMENTS GAPS (Check the box if it is a gap) Action Plan Person Responsible Target Date Date Completed 8.0 There is a security training and awareness program Security Personnel training matrix Security administrator with security personnel Security administrator without on site security personnel Worker and Management training training matrices including awareness training Personal protective equipment Awareness Training Campaign 9.0 Security equipment is available and maintained Examples: Video camera surveillance Access control systems Alarms Personal alarms Other for example security staff personal protective equipment 10.0 Environment and equipment design and planning take into consideration Security safety is considered in new work environment design or redesign Security is considered external premises. E.g. lighting, parking lot safety etc Incident Reporting and Investigation All related security incidents, accidents and hazards are reported and investigated promptly to identify immediate and root causes and implement timely corrective actions and/or recommendations. Ensure JHSC involvement e.g. critical and fatal injury investigations; hazard, accident and illness summaries and notifications as per OHS act. Page 25 of 49

26 ITEM SECURITY PROGRAM KEY ELEMENTS GAPS (Check the box if it is a gap) Action Plan Person Responsible Target Date Date Completed 12.0 Security Program Evaluation Security safety quality indicators both leading and lagging have been selected and are used for evaluation. There is a process to evaluate the program at least annually JHSC/HSR is consulted in program revisions and training Security safety quality improvements recommendations are considered by senior management and where appropriate recommendations are implemented as required. Page 26 of 49

27 APPENDIX C. SAMPLE CORPORATE SECURITY POLICY TEMPLATE How to Use this Tool 1. The following is a sample corporate security policy that organizations can use as a policy template. 2. Organizations will need to review their own organizational structure, workplace violence risk assessment, and security program self assessment checklist and action plan to determine which sections to include in their own corporate policy and procedures. 3. Organizations should customize the sample corporate policy including roles and responsibilities to ensure that it reflects the needs of their own organization. Page 27 of 49

28 SAMPLE CORPORATE SECURITY POLICY Organization Name Policy Number: XXX Date Approved: XXX Subject: Security Policy Date Reviewed: XXX POLICY Purpose The purpose of the security policy is to ensure the: protection of organizational property and people working, visiting, receiving and/or providing services at or for the organization; and prevention of incident and accidents related to security risk factors and other related workplace hazards. Policy Commitment Statement <Name of the Organization> is committed to the providing a safe environment for everyone. <Name of the Organization> recognizes the significant hazards related to workplace violence and potential security risk factors; and the legal and moral responsibility to take every reasonable precaution under the circumstances to protect employees and others. Our organization is committed to providing financial and human resources for the development, implementation and maintenance of a sustainable security protection and prevention program that will help to prevent or minimize security risk factors through hazard recognition, assessment, control and evaluation processes. All workplace parties are required to comply with the policy and any associated procedures as appropriate. Goals Develop, implement, maintain and annually evaluate the security program Prevent and/or reduce the harm to people related to security risks and workplace violence hazards Prevent and/or reduce the incidence of property damage Increase security awareness to all workplace parties and the public Ensure those participating in security prevention and protection receive the necessary training and records of training are maintained Ensure that security equipment, materials and resources are provided and maintained Scope The security prevention program applies to everyone in the organization. Page 28 of 49

29 Definitions Security: Healthcare security is the prevention of harm and property damage, and protection of property and of all persons from potential harm related to workplace violence exposures, various occupational health and safety hazards in healthcare. Security is ensured through proactive measures, processes, monitoring, patrolling, and through emergency responses as necessary. It may include, but is not limited to, the implementation of a safety management plan, appropriately trained and competent personnel that fulfill security functions, policy, procedures, processes, protocols, activities; and the use and application of equipment and materials. Security Guard: A security guard is a person who performs work, for remuneration, that consists primarily of guarding and/or patrolling for the purpose of protecting persons or property. [Private Security and Investigative Services Act, 2005, c. 34, s. 2 (4)] Roles and Responsibilities Employer Appoint a competent person to administer the security program Ensure the development, implementation, maintenance and evaluation of a security protection and prevention program Ensure a workplace violence risk assessment is conducted including security risks Advise the JHSC or HSR of workplace violence assessment including risks associated with security Provide any OHS security-related reports to the JHSC Ensure the review and revision of the security measures and procedures for the health and safety of their workers is done at least once a year, in light of current knowledge and practice Where the security program requires revision consult with the JHSC or HSR and consider their recommendations when developing, establishing and putting into effect the revised measures and procedures Consult the JSHC or HSR on security program training Provide fiscal and human resources to support the security program including the necessary resources for training and equipment Approve and annually review the security corporate program policy and procedures Enforce the security policy and procedures Ensure there are processes in place to identify and assess security risks and hazards; and identify, implement and evaluate security controls Promote a culture of security and safety awareness Take every reasonable precaution under the circumstances for the protection of the worker Supervisor Participate in security risk factor and hazard recognition, assessment, control and evaluation processes in the areas under their authority Be familiar with the security risks and health and legislation that applies to their work area Enforce the security policy and procedures Post emergency numbers in a visible area Page 29 of 49

30 Monitor security strategies in the area under their authority by, but not limited to, conducting management inspections and auditing worker safe work practice related to security Encourage employees to report security hazards and risk immediately Respond to security reports and participate in investigations of security hazards and incidents in the area under their authority Communicate security concerns, solutions and controls to employees and others in a timely manner Develop a training matrix for employees that includes security Ensure employees attend regular security awareness training and workplace violence prevention training that pertains to their work area for instance emergency responses, nonviolent crisis intervention, working alone, alarms etc. Ensure employees know what to do in the case of an emergency and where indicated participate in mock drills Maintain training records (scope and content, date, length of training, signatures, evaluation of understanding) Promote a culture of security and safety awareness Take every precaution reasonable in the circumstances for the protection of a worker Worker Participate in security hazard recognition and controls Comply with security policies and procedures as required Attend regular security and workplace violence prevention training Report any security hazards or incidents to the supervisor or employer immediately Respond to a security incident within their scope of knowledge and training Cooperate in any investigations as required Security Administrator or Delegate Must be competent and qualified because of knowledge, training and experience to oversee the security administrator function Be familiar with the security risks and relevant legislation that applies to the work Take a leadership role in corporate security and promote a security and safety culture through an ongoing security awareness communications and marketing plan Develop written corporate security program including a plan, policies, procedures, safe work practices, training and determining appropriate security staffing levels as appropriate; and coordinate the annual review of the policy Ensure consultation with JHSC/HSR when revisions of the security policies and procedures are required Implement, maintain and evaluate the security program Identify metrics and quality indicators to evaluate the security program Develop, implement, maintain and evaluate processes for recognizing, assessing, controlling and evaluating security risk factors and hazards Obtain and maintain appropriate security equipment and materials in compliance with organizational purchasing policies and procedures, and approval processes Address imminent threats of danger and has the authority to deploy and implement necessary measures in response to the threat and where required notify the JHSC/HSR Work closely with local police, fire and EMS to manage threats to the organization Page 30 of 49