Layering security controls for healthcare projects

Looking down a hospital hall way lights
Photo ©

by Marilyn A. Collins, EDAC
It is not difficult to imagine the need for security in healthcare environments. Where are the eyes and ears ensuring the safety of a newborn transported from labor and delivery? Can family members visiting a sick relative be confident their valuables are safe at bedside if they leave to grab a snack? What security precautions are taken when a rear exterior door to the hospital is propped open so staff can take a break?

Of course, there are numerous other considerations. For example, an employee might notice certain supplies diminishing on a regular basis—how does the hospital protect clinical, professional, administrative, and environmental staff from suspicion of diverting equipment or even medication? When there is an influx of visitors during the shift change on the behavioral health unit, and an anticipated increase in patients through the Emergency Department due to a rapidly spreading virus, what are the visitor tracking and patient protection procedures to ensure safety for everyone—even in the case of a possible epidemic or weather-related crisis? There is also the matter of satellite functions and procedures performed by a hospital system at remote ambulatory care facilities and medical office buildings tied to the main building via an access control system.

Consideration of these and many more facets of hospital life provoke a host of thoughts about security, convenience, and safety (for patients, visitors, and staff alike), along with energy efficiency and resilience in the face of disasters. These are weighty topics requiring input from virtually every department in the hospital. Together, they form the ‘Environment of Care’ (EOC).

The EOC comprises three basic elements: building and space, equipment, and people. The first step in planning for this complex environment is to identify the stakeholders and decision-makers invested in the outcomes—whether related to compliance, the delivery of care, or the successful protection of people and assets.

While design/construction professionals are obviously not part of all the related choices and factors in a healthcare project’s creation and operations, their decisions and collaboration with the building owners can have important impacts.

Understanding stakeholders in the healthcare environment
Major departments in the hospital are now collectively involved in decisions affecting patient safety, Hospital Consumer Assessment of Healthcare Providers and Systems (HCAPHS) scores, building design, access control, and employee training. No longer are decisions made in the vacuum of one’s own department or even within the confines of a single hospital. (For more info, visit

Consolidation and acquisition in healthcare, as well as the requirements for reimbursement from the Centers for Medicare and Medicaid (CMS) have changed the game. Healthcare administrators, operations personnel, and virtually every department have recognized decisions made in one area of the hospital system may affect every other one. This domino effect can affect a hospital’s reputation.

For instance, if a hospital selects a unique or proprietary access control system, and then is acquired by a parent healthcare system, the parent may be constrained in its ability to cascade an efficient open architecture solutions across the entire healthcare system. Myriad results may include having to carry several ‘badges’ or credentials, increasing the complexity in accessing the hospitals in the system.

Every hospital wants its reputation to get the highest marks for welcoming families, caring for patients, retaining staff, and securing supplies, medical equipment, and controlled substances. As hospitals adjust to the various changes that are associated with the Affordable Care Act and cope with other changes in the delivery of care, consensus building and collaboration become the basis for making decisions.

Online access control—either hardwired or wireless—provides centralized control over facility doorways. Images courtesy Assa Abloy Door Security Solutions
Online access control—either hardwired or wireless—provides centralized control over facility doorways.
Images courtesy Assa Abloy
Door Security Solutions

The security department is the heartbeat of the hospital with regard to protecting the systems providing for the facility. However, the built environment itself is a critical element in both security and in healthcare delivery—design/construction professionals can also have a major role, both directly and indirectly.

Additionally, there is often a ‘compliance department’ spanning the many agencies, ensuring compliance with life safety regulations such as National Fire Protection Agency (NFPA) and other authorities having jurisdiction (AHJs). Other critical guidelines and compliance elements include the Americans with Disabilities Act (ADA), Health Insurance Portability and Accountability Act (HIPAA), and Facility Guidelines Institute (FGI).

The U.S. federal government supports the delivery of healthcare for a large percentage of the population through Medicare and Medicaid. CMS authorizes reimbursement for medical services provided to qualified recipients. The administration of such reimbursements includes a process ‘deeming’ each hospital worthy of the payment according to certain standards, which are surveyed or monitored by organizations such as Press Ganey, the Joint Commission, Healthcare Facilities Accreditation Program (HFAP), and DNV (i.e. National Integrated Accreditation for Healthcare Organizations [NIAHO]). Since a large percentage of hospital revenue comes from CMS, compliance with these ‘deeming’ bodies is a high priority.

Multidisciplinary committee decision-making, involving representatives from the above departments, regarding ‘layering’ security is the new normal in healthcare. Such decisions are put through a five-lens filter measuring the impact on patients, families, staff, physicians and cost. The Joint Commission requires all hospitals they survey to develop and implement a performance improvement framework for their processes affecting the safety of patients and everyone else entering the hospital, the security of everyone having access to the hospital, including fire safety and emergency operations.

Each hospital should perform an annual risk assessment to point out the need for a security plan for the entire hospital facility or system. This security plan is a major factor in compliance, as well as improving the ‘patient experience.’

Leave a Comment


Your email address will not be published. Required fields are marked *