DGD15-010
Security Standard Operating Procedure (SOP)
Purpose
ACT Health is committed to minimising security risks in the public health care system, through the provision of a safe and secure environment for staff, patients, visitors and contractors.
This SOP cascades down from the overarching ACT Health Security Policy in conjunction with the ACT Government Protective Security Policy & Guidelines and provides direction and structure in the management of security measures for all managers, staff and contractors in the implementation local security arrangements to minimise risks to person, property and equipment.
This SOP outlines the actions and responsibilities of ACT Health staff, contractors, students and volunteers in the case of security incidents. This SOP also outlines a range of security related incidents or business practices that need to be managed from a security perspective and these SOP will assist staff and contractors to either manage these issues or provide advice to staff and
contractors on their response or actions to these situations when they occur.
The SOP outlined will assist all staff and contractors of ACT Health to manage:
The personal safety of staff, patients, visitors and contractors.
Protection of property and other assets against fraud, thef and damage.
The provision of a safe environment minimising the risk of an interruption to service delivery as a result of a Security incident.
Note:
With the implementation of the ACT Government Protective Security Policy Framework (PSPF) during the period 2014 to 2016 these current SOPs will be replaced with new procedures compliant with the requirements of the PSPF as they are developed.Scope
This Security SOP applies to all employees of ACT Health and requires an integrated management approach between ACT Health Security Services and each business unit to develop local site-specific security SOPs where applicable. This SOP applies at any premises which are controlled in full or in part and occupied by ACT Health whether the facility is owned, managed or leased by ACT Health.
ACT Health managers and staff are required to adhere to these SOPs. In specific instances some SOPs may need to be tailored in regard to specific requirements; however, this should only be done in consultation with the Senior Manager Protective Security.
These SOPs are complementary to, and should be read and implemented in conjunction with the ACT Health Emergency Management Plans.
Procedure
Security Operating Procedures (SOPs)
ACT Health SOPs cover a range of the most identifiable and at risk security incidents and business
Doc Number Version Issued Review Date Area Responsible Page
DGD15/010 1.0 Feb 2015 Feb 2016 B&1 CSSE 1 of 11
Do not refer to a paper based copy of this policy document. The most current version can be found on the ACT Health Policy Register
DGD15-010
practices within ACT Health including:
1. Physical Assault (Code Black).
2. Armed hold-up (Code Black).
3. Security of Communication systems.
4. Duress /Alarm systems.
5. Key control.
6. Thef of property.
7. Pharmacy security
8. Security in ACT Health car-parks.
9. Patients in custody.
10. Emergency Department security.
11. Mail security.
12. Paediatric, neonatal and maternity security.
In the event of a security incident as defined in these SOPs or any other security incident, the reporting of such incidents should be made in the first instance to ACT Health Security Services who can provide the appropriate advice or initiate the appropriate response to the incident. In cases of an extreme emergency the Police should be contacted on ‘000’. The contact details for Security Services are:
Business hours Monday to Friday:
ACT Health Senior Manager Protective Security: 624 44070
ACT Health Security Operations Manager: 624 47793
ACT Health Security Services Office: 624 42141 After hour’s contacts:
Canberra Hospital Switchboard: 24/7 624 42222
Canberra Hospital on-site Security (SNP): 0418 726 253
Note: For urgent or serious matters afer-hours, ACT Health Client Services Security & Emergency have rostered on-call managers. These can be contacted via the SNP Security Team Leader, the switchboard operator or the Canberra Hospital Afer Hours Shif Manager.
1.
PHYSICAL ASSAULT – (Code Black)
If a physical assault or attempted physical assault occurs, the following must occur:
• Seek assistance wherever possible.
• At Canberra Hospital (CH) - Activate a duress alarm, if available (Code Black) or Dial ‘8’ – advise ‘Code Black and details of incident’. Dependent upon the location, this will initiate a response from ACT Health Security or Wards men (or combination) and/or the AFP
dependent upon the severity of the incident.
• At non-acute sites, activate a duress alarm, if available (Code Black) or Dial ‘0-000’ if the attendance of the police is required and provide details of the incident.
• Contact your immediate supervisor / manager and report the incident verbally and record the details in the Riskman Incident Reporting System.
• Injured employee / supervisor / manager or any witness to the assault must call the Australian Federal Police and report the matter.
• Witnesses and the injured party are encouraged to make a statement to the police and if required to attend Court.
All acts of physical assault are to be reported to the relevant supervisor and the Manager, Security Operations, using the reporting of security incidents FORM /RISKMAN.
Doc Number Version Issued Review Date Area Responsible Page
DGD15/010 1.0 Feb 2015 Feb 2016 B&1 CSSE 2 of 11
Do not refer to a paper based copy of this policy document. The most current version can be found on the ACT Health Policy Register
DGD15-010
In conjunction with this SOP and the referenced documents, the direct response and action to be taken resulting from a physical assault on ACT Health staff, patients or visitors, is to be determined by each service unit in a site-specific SOP. The site-specific SOP must point out the requirements of witnesses and the injured party to make statements to the police and if required to attend Court.
2.
ARMED HOLD-UP – (Code Black)
In the event of an armed hold up:• It is important to remain calm.
• Cooperate with the offender.
• Activate any ‘armed hold up alarms’ if installed, and if safe to do so.
• Do not take any action to excite the offender.
• ONLY when it is safe to do so, raise the alarm, through the use of a duress alarm, if available, Dial ‘8’ at the Canberra Hospital – advise “Code Black Armed Hold Up’ and call the Australian Federal Police on (0)000.
• If you witness the armed hold up, and it is safe to do so, and call the Australian Federal Police on (0)000 and provide as much information as possible.
• Witnesses and the victim/s of the armed hold up are required to make a statement to the police and if required to attend Court.
• Notify the Security Office on 6244 2141 to report the incident.
3.
SECURITY OF COMMUNICATION SYSTEMS
Shared Services- Information Computer Technology (SS-ICT) manages and administers access to ACT Health’s communications systems, networks and applications. SS-ICT ensures all common infrastructure equipment is housed in a physically secure environment to maintain the security and integrity of the ACT Health communication infrastructure.
SS-ICT provides ACT Health with security protection in the form of firewall services to ensure protection of the infrastructure:
Access to the ACT Health communications cabinets is restricted to authorised SS-ICT personnel only.
Access to the Early Warning Intercommunication System (EWIS) is to be restricted, to authorised emergency response personnel identified by ACT Health only, to ensure the integrity and security of the system.
All emergency and communication cabinets are securely locked at all times, and access is restricted to authorised persons from SS-ICT or ACT Health emergency responders only.
4.
DURESS / ALARM SYSTEMS
ACT Health will ensure that monitored alarm systems are installed in all ACT Health buildings, and duress alarms are installed in high-risk areas.
All duress and alarms systems will be installed by an approved security systems technician as authorised by the Manager Security Operations.
The direct response to the activation of the duress / alarm is to be determined by each division, branch, stream and unit in a site-specific SOP, which is to include, at a minimum, a twice yearly testing regime. Some areas such as mental health facilities may have separate protocols such as weekly and daily testing as part of their SOPs.
Doc Number Version Issued Review Date Area Responsible Page
DGD15/010 1.0 Feb 2015 Feb 2016 B&1 CSSE 3 of 11
Do not refer to a paper based copy of this policy document. The most current version can be found on the ACT Health Policy Register
Duress Alarms
Duress Alarms are devices used to assist in ensuring the safety of ACT Health staff, patients and visitors.
There are two types of Duress Alarms used within ACT Health:
Personal Duress Alarms - portable battery charged alarms and pendants, which are carried around by an individual in the course of their work in a particular work area.
Fixed Duress Alarms - located in areas of the agency which may be susceptible to incidents which place staff, patients and visitors at danger.
Duress Alarm Monitoring
Canberra Hospital - alarms are linked to the code paging system and will initiate a security guard response from ACT Health Security Services.
Other sites - alarms are linked to the building management alarm system/s and are monitored by the contract security monitoring company.
Duress Alarm activation
• Canberra Hospital All code pagers to respond. Code pagers are held by Security and Ward Services personnel.
• Other Sites Review your sites protocols to obtain more information. The security monitoring company will contact the individual site to ascertain if the alarm was deliberately or falsely activated. No response from the site will result in an AFP response being initiated.
• For all duress alarm activations, a Riskman report must be completed - Link to Riskman
What do I do if I accidently activate an alarm?
• Canberra Hospital - Notify the switchboard immediately on 6244 2222.
• Health Centres - Contact your Health Centre Manager.
• Other sites - Review site protocols.
Alarm Testing
Community Health Sites
• For community based health sites the testing of duress alarms will be coordinated by ACT Health Security Services on a bi-annual basis. The ACT Health Security Services office will maintain reports of the tests.
Canberra Hospital
• Duress alarm testing at the Canberra Hospital will be conducted bi-annually through an off-line testing regime carried out by an authorised vendor and reports will be provided to the ACT Health Security Services office.
Alarm Reporting
• For all duress alarm activations, a security incident report must be completed. See the Reporting of Security Incidents for further guidelines.
Contacts
(02) 6244 2141 Security Office
(02) 6244 7793 Security Operations Manager
0418 726 253 TCH Contract Security Senior Guard
5. KEY CONTROL
To ensure a standardised key control system for all ACT Health facilities and ensure a system is in place to minimise the risk of a security breach to high secure areas and buildings.
For small community facilities (not listed below), a key register must be maintained. The delegated authority for the key register will be determined, in writing, by each division, branch, stream and unit. An audit or spot check, of the key register and master keys is to occur at intervals not exceeding three months, and is to be undertaken by the delegated authority. The Manager Security Operations is to be provided with a report of the audit or spot check by the delegated authority.
To maintain key control, the following must be ensured:
• When a key is removed from the key register, it is in the possession of the authorised employee.
• Keys are not to be marked or labelled in any manner to verify their origin.
• At all times, the keys are to be either with the responsible employee or locked in the key register.
• Duplicate keys must be fully accounted for.
• Any loss of keys must be reported immediately to the Agency Security Officer (ASO) and a RISKMAN report generated.
• All keys must be signed in and out of the key register logbook.
• The ASO must hold the record of each delegation authority.
Canberra Hospital & Large Community Health Centres
The following instructions relate to the Canberra Hospital (TCH), Belconnen, Phillip, Civic, Tuggeranong and Gungahlin Community Health Centres.
All keys are managed by ACT Health Security Services. Keys are currently stored and distributed at the Security Services Office CH Requests for keys by any ACT Health employee must be undertaken through the key request form available on the intranet and authorised by the appropriate section manager. This form once completed is then sent to the Security Services office to be authorised by the ACT Health Security Operations Manager and to be processed. The issuance of all keys will be documented and records maintained by Security Services.
Contractors Keys
The determination of key access for contractors and / or maintenance staff must be governed by the ASO and the Facilities Management Maintenance Coordinator.
When issuing a key to a contractor, that contractor must sign the key register log book, including their name, company name, the time of key issue and when the key is returned at the end of each day, a signature is required.
In conjunction with this SOP, ACT Health service units must develop and implement a site-specific key control SOP, which is to include a key authorisation protocol.
6.
THEFT OF PROPERTY
To minimise the opportunity for ACT Health assets or the personal property of staff, patients, visitors and contractors to be stolen.
ACT Health Assets
All ACT Health assets, over $5,000, are to be registered on the Oracle asset register. ACT Health’s insurance policy covers any thef over the value of $10,000. Any loss or thef of an asset under that amount is the liability of the cost centre where the asset was assigned. Any incident of thef of an ACT Health asset must be reported on Riskman and to the Manager, Security Operations, and where appropriate report the incident to the Australian Federal Police.
ACT Health Employees Personal Property
ACT Health employees must recognise that any personal property brought to the work place is the responsibility of the owner.
All incidents of thef must be reported on Riskman and to the Manager, Security Operations, and where appropriate report the incident to the Australian Federal Police.
Patients Personal Property
Patients, visitors and contractors must recognise that any personal property brought to ACT Health facilities is the responsibility of the owner, and no responsibility will be accepted for any items lef on ACT Health premises.
To reduce the risk of a patient’s personal property being stolen, each applicable service unit must develop and implement site-specific procedures to manage the responsibility of patient’s personal property.
7.
PHARMACEUTICAL SECURITY
Establish and maintain security procedures across ACT Health to ensure pharmacy and drug security to minimise the risk of thef, diversion and inappropriate use of dangerous drugs, prescribed, requisitioned or dispensed drugs. The aim of pharmacy security is to ensure the integrity and safety of the pharmacy. This SOP applies to all applicable ACT Health service units where drugs are stored.
Drug Storage Security
All drugs located in ACT Health facilities are to be stored in lockable medication trolley / medication room/medication cupboards as defined by the ACT Medicines, Poisons and Therapeutic Goods Act 2008. The drugs storage area must be secured at all times, when not in use. Drug storage areas are usually secured by way of integration with the hospital/facility’s access control system (swipe cards), combination keypad locks or a restricted medication lock.
In locations where a combination keypad lock is utilised, the combination to this lock MUST be changed at least twice a year to maintain effective security. It is recommended that these
combinations are changed during the first week of January and July each year. These combinations can be changed by making a request to ACT Health Security Operations who will facilitate the code changes. In relation to keys for medication storage areas, the key to the drug storage area must not leave the ward.
In accordance with the ACT Medicines, Poisons and Therapeutic Goods Act 2008, Drugs of
Dependence (DOD) must be stored in a locked vault or ward safe that is affixed to a solid wall. DOD’s must not be removed from the safe or vault until they are to be administered.
Drugs will be distributed throughout the hospital by courier. DOD must be able to be tracked and must be received by Registered professionals.
Pharmacy security
All ACT Health pharmacies must be manned by a registered pharmacist when open. All ACT Health pharmacy doors, internal and external, are to be closed at all times and access is to be controlled by proximity card. ACT Health pharmacies have reception areas with buzzers at the door. Entry to the pharmacy will only be gained afer stating your name and the nature of your business to the receptionist. A registered pharmacist must activate the internal security system (Intruder alarm system) at the end of business hours.
Canberra Hospital Pharmacy
In the event of a security alarm activation afer hours, security staff must NOT enter the pharmacy.
Security staff must immediately notify the Hospital Afer-hours Manager who will in turn contact the on-call Pharmacist. Security staff will then proceed to the pharmacy and conduct an external
perimeter check. Once the on-call pharmacist arrives, security staff can then accompany him/her into the pharmacy and conduct a security check. Any identified security issues will be immediately
reported to the Security Operations Manager/ On-call CSSE Manager and the AFP, if applicable.
All suspicious dispensing of DOD or any discrepancy in drug counts must be reported to the Pharmacy Director, The Chief Pharmacist and the Senior Manager Protective Security. Serious incidents should be reported to the Australian Federal Police. All security incidents must be reported, using the Reporting of Security Incident SOP or RISKMAN.
Note: The Director of ACT Health Pharmacies has authorised that in the case of an emergency i.e.:
fire, staff safety issue etc, Security staff may enter a pharmacy afer-hours unescorted, for the purpose of making safe.
8. CAR PARK SECURITY
To ensure a system of security in ACT Health car parks to manage the potential security incidents of vehicle thef and physical assault to ACT Health employees, patients and visitors. This SOP relates directly to ACT Health-owned car parks.
In several ACT Health community centres, secure car parks are provisioned with access control systems administered by ACT Health Security Services to ensure that only authorised
personnel/vehicles gain access.
At Canberra Hospital, help points/duress alarms and appropriate lighting are installed in car parks located on the hospital campus. The multi-story car park on the Canberra Hospital campus has good external lighting, duress alarms and emergency intercom system installed. Any activation of the duress system will be responded to by hospital security staff in accordance with protocols outlined in this SOP (Duress alarms).
9.
PATIENTS IN CUSTODY
This procedure outlines the protocols for ACT Health in regard to all inpatients and outpatients in custody. This applies to all ACT Health service units.
When a patient in custody is escorted to an ACT Health facility, the ACT Health Security Operations Manager is to be informed, preferably prior to the arrival of the patient, by the appropriate custodial
organisation. All Custodial patients will be treated with respect and confidentiality of their episode of care maintained at all times.
Australian Federal Police (AFP) officers escorting patients in custody into an ACT Health facility must be in full uniform, and are to retain possession of their firearm. The only exception to AFP officers retaining possession of their firearm is in the AMHU. The Memorandum of Understanding between Australian Federal Police and Mental Health ACT regulates this protocol.
ACT Corrections officers escorting a patient in custody into an ACT Health facility are to be in full uniform, and will be carrying appointments as deemed necessary by ACT Corrections.
When presenting at the Emergency Department (ED) a segregated room has been identified in ED whereby, wherever possible, clinical staff will direct the escorting officers to hold their custody detainee in that room for clinical treatment.
If the custodial patient is to be admitted as an inpatient, a single room should be allocated by Bed Services wherever possible. AFP Police, ACT Corrections or ACT Juvenile Justice, will maintain the appropriate level of security escorts (minimum of two officers) determined by the risk assessment of the custodial patient.
Bed Services will advise the ACT Health Security Operations Manager of the custodial inpatient.
10.
EMERGENCY DEPARTMENT SECURITY
This procedure establishes security protocols for emergency departments that meet Australian Standards. This SOP relates directly to the emergency departments (ED) in ACT Health facilities.
All ACT Health emergency departments (ED) must have the following security precautions:
• Restricted access to the treatment area of the ED
• Duress alarms
• A dedicated on-site security officer (ACT Health Security Services) between the hours of 21:00 hours to 06:00 hours seven days per week
• A response to an activation of a duress alarm
• Protocols for the number of people accompanying a patient All security incidents must be reported using the Riskman reporting tool.
11.
MAIL SECURITY
To ensure the security of ACT Health mail and a safe working environment for the mailroom staff.
This applies to all ACT Health service units.
ACT Records Centre and Australia Post x-ray and screen comprehensively all ACT Health mail distributed through the Australia Post system, prior to distribution.
Canberra Hospital mailroom staff must undertake mandatory training on mail handling precautions.
Mailroom staff must report all suspicious items by Dialling ‘8’ – advise ‘Code Purple Suspicious Parcel/Letter’.
12.
PAEDIATRIC, NEONATAL, AND MATERNITY SECURITY
To ensure the security of newborn, paediatric and maternity patients in ACT Health facilities and to eliminate or minimise as far as possible the risk of abductions of a newborn or paediatric patient from an ACT Health facility. This SOP relates directly to the paediatrics wards, neonatal nurseries as well as the maternity wards in ACT Health facilities and indirectly to all ACT Health service units.
• Ensure ACT Health staff within the paediatrics and neonatal nurseries as well as the maternity wards are wearing their clearly visible, colour-coded ACT Health photographic identification badge.
• Access to the CHW&C nursery and wards must be secured according to local protocols and monitored at all times.
• Duress alarms must be installed and tested in accordance with duress alarm test protocols.
• In the event of a security incident involving patients, parents or visitors a duress button should be immediately activated for a security response.
All security incidents involving a newborn or paediatric patient must be reported immediately to the relevant manager and the Manager, Security Operations, including entered onto Riskman and to the AFP.
Evaluation
ACT Health Security services will maintain complete and comprehensive records of all security incidents/breaches pertaining to all sites with a view to achieving the following outcome measures:
Outcome Measures Method
Appropriate management and documentation of all security incidents throughout ACT Health facilities.
Review security reports from security incident database.
Review security breaches reported to
Review and analyse data/comments AFP.
from security database & RISKMAN
Feedback from AFP on the management of security related incidents.
Compliance with security SOPs and guidelines. Review security reports from security incident database.
Review and analyse data/comments from the Security database & RISKMAN.
The ACT Health Agency Security Advisor will be responsible for the evaluation of relevant data to ensure compliance with this SOP.
The evaluation and reviews of security data and compliance will be reported to the ACT Health Security committee.
Compliance with all security SOPs will be documented in the annual security compliance report to the ACT Health Director General as stipulated in the ACT GOV PSPF.
Related Legislation, Policies and Standards
Legislation
• Crimes Act 1900
• Public Health Act 1997
• Medicines, Poisons and Therapeutic Goods Act 2008
• Drugs of Dependence Act 1989 Policies
ACT Protective Security Policy and Guidelines.
Acceptable Access and use of Information Technology (IT) Policy.
Shared Services ICT Security Policy V2.3 2014.
Doc Number Issued Dec 2014
Review Date Dec 2015
Area Responsible B& I. CSSE
Page 10 of 10
Standards
• AS 4485.1-1997 – Security for Health Care Facilities – General Requirements.
• AS 4485.2-1997 – Security for Health Care Facilities – Security Guide.
• AS 4083-1997 – Planning for Emergencies – Health Care Facilities.
• Australian Standard HB328-2009 Mail Room Security.
• Australian Standard AS/NZS 4360, Risk Management.
• Australian Standard AS 3745, Emergency Control organisation s for buildings, structures and workplaces.
• Australian Standard HB 167, Security risk management.
• SA0021-Security issues-suspect mail (chemical, biological, radiological contaminants).
MOUs Memorandum of Understanding between the Australian Federal Police and Mental Health
Service Level Agreement between ACT Health - The Canberra Hospital and Department of ACT.
Justice and Community Safety – ACT Corrections.
Definition of Terms
ASA ACT Health Agency Security Advisor. Designated senior security position to oversee security operations and compliance with the PSPF. This position is the Senior Manager
Protective Security. PSPF ACT Government Protective Security policy Framework.
Security for the purpose of this policy, security is defined as minimising or managing risks by implementing measures to protect staff, patients, visitors and contractors and prevent the loss of or damage to person, property and equipment.
Security Committee Committee established with key personnel from ACT Health business units who review and advise on key security issues that impact on ACT Health.
Additionally it is a mandatory requirement of the ACT Government PSPF.
Staf All employees of the ACT Health Directorate.
SS-ICT Shared Services – Information Computer Technology.
DOD Drugs of Dependence.
Attachments
This SOP should be read in conjunction with the ACT Health Security Policy.
Disclaimer: This document has been developed by ACT Health, CSSE, Business & Infrastructure specifically for the use by ACT Health. Use of this document and any reliance on the information contained therein by any third party is at his or her own risk and ACT Health assumes no responsibility whatsoever.
