From antiquity, hospitals have been places of healing, and ancient cultures such as Greeks, Romans, Indians, and Persians dedicated specific spaces to the treatment of the ill. In our day and age, though, violence too often erupts within hospitals, particularly in emergency rooms. OSHA has reported that “incidents of serious workplace violence (those requiring days off for the injured worker to recuperate) were four times more common in healthcare than in private industry on average.” Additionally, one survey found that “12 percent of emergency department nurses experienced physical violence—and 59 percent experienced verbal abuse—during a seven-day period.” Cybersecurity is also a problem, and the 2020 HIMSS Cybersecurity Survey discovered that seventy percent of respondents … indicated that their organizations experienced significant security incidents in the past twelve months.”
In this article, we will discuss the physical and cybersecurity threats facing hospital emergency rooms, as well as 13 mitigating emergency room security measures your facility can take.
The physical risks facing hospital personnel and patients can run the gamut. Some of these threats are obvious, such as physical altercations that do bodily harm to those involved. Others are less noticeable, but no less harmful. In this section, we will list the four most common physical threats that emergency room personnel face, threats that all safety measures in hospitals must take into account.
Abuse and Battery Toward Hospital Staff
The International Association for Healthcare Security and Safety Foundation’s 2022 Healthcare Crime Survey found that disorderly conduct was the most common crime found in hospitals with 56.8 incidents per 100 beds. However, assault was the second most common with 17.7 incidents per 100 beds. The American College of Emergency Physicians notes that violence in emergency rooms is particularly bad. They write that “almost half of emergency physicians report being physically assaulted at work, while about 70 percent of emergency nurses report being hit and kicked while on the job. Furthermore, the vast majority (80 percent) of emergency physicians say violence in the emergency department harms patient care.”
Active Assailant Attacks
Attacks on patients represent a different kind of threat, but one that’s no less serious. Citing a Johns Hopkins study, Becker’s Hospital Review “identified the emergency department as the most common site of hospital gun violence (29 percent), followed by the parking lot (23 percent) and patients’ rooms (19 percent).” Implementing patient safety measures to keep those in the ER safe prior to and during treatment should be a priority.
While relatively rare, infant abductions are by no means unheard of. The National Center for Missing & Exploited Children noted 135 child abductions from 1965 through August 2017 and found that nearly three-quarters of abductors posed as a health care worker. Hospital security standard operating procedures must account for interlopers posing as personnel.
Property and Supplies Theft
While theft doesn’t typically pose a direct risk to employees or patients, it can indicate a security problem. It also puts a drain on hospital resources, which can negatively impact patient care.
Hospital security requirements must protect against electronic threat as well as physical threats. In 2017, the WannaCry ransomware attack crippled the United Kingdom’s National Health Service, which led to the diverting of ambulances and the rejection of non-critical cases. A 2018 study published in Journal of Medical Internet Research stated that “hospital data security breaches in particular have the potential to cost a single hospital as much as US $7 million, including fines, litigation, and damaged reputation. A data breach has a combined estimated effect on the health care industry of about US $6 billion. Meanwhile, the health care industry lags behind other industries in securing its data, and in response, health care organizations must invest considerable capital and effort in protecting their systems.”
Because data breaches are a top developing threat and emergency rooms represent areas of maximum stress and vulnerability, it’s of vital importance that one of the functions of security departments in hospital contexts should include robust cybersecurity.
How to Prevent Physical Threats
Deterring physical threats in an emergency room setting involves combining personnel training with adequate security hardware and proper procedures. Careful planning can go a long way toward eliminating most threats before they happen and mitigating ongoing incidents as quickly as possible. Following are four security recommendations for preventing or dealing with physical threats.
Invest In Professional Security Camera Systems with Remote Viewing Capabilities
Physical incidents can erupt very quickly, and the delayed response by on-site personnel may prolong the incident significantly. By installing high-resolution cameras that can be remotely viewed by staff or third parties, administrator response times will be much faster.
Equip Security Staff with Security Devices Like Two-Way Radios
If staff can carry devices that allow them to easily communicate with security personnel in a prompt manner, they can improve the speed at which they manage potentially violent individuals. A fast call to report a developing situation may very well stop it before it escalates further.
Train Staff to Handle Physical Threats
Managing physical threats can be stressful. Professionally preparing staff about how to react when incidents occur not only provides them with a psychological sense of control, but it also helps keep the emergency room calmer and safer.
Add ID Clearance Systems
At AT&I Systems, we know firsthand that access control is a vital part of security for many different kinds of organizations — hospitals included. Installing and effectively implementing an access control system for all medical staff, patients, and visitors coming in and out of the facility is an essential safety step.
How to Prevent Cyber Threats
Cyber threats may seem far removed from the immediacy of a physical threat, but they can also interrupt patient care and may even end up costing lives. Additionally, they represent a large liability risk for hospitals and health care systems. The following steps will help keep your emergency room, your wider hospital, and your entire health system safer.
Conduct a Risk Assessment of IT Systems
Because of the unique challenges faced by hospitals, they require professional aid when determining risks. The Journal of Medical Internet Research concluded that hospitals “struggle to manage an array of devices ranging from legacy information technology (IT) to connected medical devices; unlike other organizations, they have orders of magnitude more of them.”
Provide Continuing Education About HIPAA
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires health care providers to safeguard the privacy of patients if they transfer records electronically. Continuing education helps employees continue to implement best practices, which protect against cyber risks.
Monitor All Electronic Devices and Records Across the Facility
Phishing is consistently the top cause of cyber breaches. Monitoring campus-wide devices and records can help stop such intrusions prior to them beginning.
Encrypt Patient Data and Hardware
Hackers and online criminals prefer to target the proverbial “low-hanging fruit.” Mandatory encryption of data and devices helps to frustrate their efforts.
Create Sub-Networks for More Sensitive Patient Information
Creating different tiers of security for different types of information can help protect data in case of a breach.
Strictly Manage Identity and Access
Administrators and security personnel wouldn’t let just anyone physically access hospital grounds. Similarly, logins should receive just such strict treatment.
Scrutinize Service-Level Medical Agreements Carefully When Moving Data to the Cloud
Service providers may not have the share a hospital’s data-protection standards. While cloud storage is invaluable, closely scrutinize documents prior to moving your data offsite.
Hold Top Executives Accountable
It’s not just rank-and-file employees who accidentally compromise data. Top executives can too, and they should serve as an example to the whole organization. If they fail to adhere to policies, they should suffer appropriate consequences.
Establish Reliable Legal Counsel
Despite best efforts, electronic intrusions can still happen. Given that they’re prime hacking targets, securing expert, reliable counsel is a must for hospitals of all sizes.
AT&I Systems has decades of experience in providing security services for hospitals and many other kinds of businesses. Contact us today to learn more about safeguarding your medical facility!