A recent CentralSquare Technologies study revealed that one in three people surveyed are worried about having an active shooter incident in their community. This feeling is not surprising when you consider mass shootings (events involving the shooting of three or more people) are now a part of everyday life in the U.S. As of Sept 24, 2019, there had been an average of 1.24 mass shootings per day, killing 377 people and injuring another 1,347 victims.
While, statistically speaking, there is a low probability of this happening to you personally, organizations must come to grips with active shooter incidents as a complicated yet foreseeable event. It’s a known-known, so to speak. And this means if you are turning a blind eye or continuing to believe it won’t happen within the boundaries of your organizational control, you could be held responsible for the outcome.
This was shown to be true for the company that owns the Las Vegas hotel where a gunman opened fire from his room onto a country music festival two years ago. The company agreed to pay up to $800 million to settle lawsuits filed by victims. The New York Times reported that the settlement “appears to resolve litigation that had raised novel and significant issues of law, including how culpable large companies and property owners are in mass-casualty attacks.”
If an active shooter incident does arise in an environment where your organization is wholly or even partially responsible for ensuring the safety of others, you need to have done the hard work ahead of time. Organizations must have measures in place to reduce the likelihood of firearm violence, know how to respond if an incident does occur, and have a plan to deal with the aftermath.
The tragic recent school shootings have shined a bright light on the threats that exist in our society, particularly within settings where mass casualties are possible. Hospitals have long been a target for workplace violence, and a place where people go for help. Emergency rooms are a particularly vulnerable target, which leaves hospitals with dual challenges of preparing to treat victims of a mass shooting in their communities and protecting their own environments from the same threat.
A 2012 Annals of Emergency Medicine study found 154 hospital shootings occurred from 2000 to 2011 across 40 states. Roughly 30% of those incidents occurred in emergency departments.
These numbers point to the fact that while active assailant incidents are relatively rare, they are nonetheless “predictable” in the sense that hospital administrators must know the threat exists and actively work to manage it. Across all facets of society, those responsible for protecting people can no longer simply ignore the threat of active assailants.
So, how should hospital security evolve to address the threat of workplace violence and active assailants? The answer is multi-faceted and detail-laden, but here are four high-level components:
1. Prioritize training and management that is specific to the threat of active assailants.
A recent study found that 69% of organizations view an active shooter incident as a potential top threat, but 79% feel their organizations are not fully prepared for this type of event. Active assailant events in a hospital environment are particularly unique and challenging. The International Association of Emergency Medical Services Chiefs (IAEMSC) published an in-depth document designed to help healthcare professionals address the threat. While the publication acknowledges there is no single method to respond to an incident, prior planning can help staff make the right decisions to achieve the goal of maximizing lives saved.
This is where it is worth bringing in experienced outside help to provide training and incident response planning specific to the threat of active assailants in your unique hospital or clinic environment.
2. Maintain a strong security presence.
An effective hospital security program is an ever-present one, highlighted by access control with robust training protocols and an always-active security approach. Access control is perhaps the strongest component of a healthcare security system and the greatest contributor to minimizing the risk of violence within a facility. In any healthcare environment, it is critical to limit access to only those patients, staff, and visitors with appropriate security clearance for the level of access they are seeking. This holds true for access to medications, newborns, patient rooms, patient data, and patients themselves.
For an always-active presence, hospitals should combine tangible security measures (e.g. patrols and presence at lobbies and other key entry points and recording cameras) with intangible practices (e.g. tight security protocols including badge for access control and a consistent check-in and check-out process). Implementing effective security protocols also must take into consideration the importance of training and background checks. For a safer hospital environment, staff must be appropriately screened and trained to execute all necessary security measures.
3. Keep security highly visible.
To design the visibility of your security system, look at it from the eyes of your patients. By adopting a patient-centered approach, you can better appreciate what a patient needs to feel secure when they are in a vulnerable position. For patients to feel secure, it helps to have visible security measures in place. These include physical signage, such as signs that explain security protocols, or visible cameras or security officers. These send the message that the hospital is there and ready to act to protect the safety of its patients.
4. Ensure prompt and complete response to all security incidents.
In a secure healthcare environment, no issue is too big or small. When a door lock breaks, it should be promptly fixed. Ignoring even small details can open the floodgates to bigger details being ignored as people begin to think no one is really paying attention.
This attention to detail should be applied to all hospital security practices, as every issue involving the safety of patients, visitors, and staff should be taken seriously. In response, this will permeate a culture of security, attentiveness, responsibility, and responsiveness across the entire healthcare security team.
A third-party risk management provider can be helpful to perform a thorough assessment of the above factors and to make a prioritized list of recommendations. They can even help you find and implement the right solutions. If you are in a situation where you don’t have the resources to take your security to the next level, or to address the specific threats of active assailants, then considering an external support partner may be the right next step.