• No results found

Protecting your NHS Security Management Service. Secure

N/A
N/A
Protected

Academic year: 2021

Share "Protecting your NHS Security Management Service. Secure"

Copied!
8
0
0

Loading.... (view fulltext now)

Full text

(1)

Insight FAM special– Summer 2009

Secure

Secure

Security Management Service Insight FAM special– Summer 2009

Protecting your NHS

SAM 2010

How do we stop unauthorised access to secure areas in healthcare facilities? It’s a real

problem, as a spate of recent thefts from NHS premises by professional criminals has

proved.

Smartly dressed, confident and polite, the offenders don’t look like criminals as they follow staff into access-controlled areas, sometimes using a mobile phone to avoid being approached or questioned. But, once inside, they steal property such as wallets and credit cards.

Paul Gilderdale, one of the NHS Security Management Service’s four Area Security Management Specialists, knows as well as these thieves do that gaining access depends on two things: timing and confidence. Having previously worked for the Department for Work and Pensions (DWP) investigating criminal gangs targeting DWP claims and payment systems, Paul carried out

surveillance to gain important evidence using the ‘tailgating technique’. This means he can now look at the issue from the intruder’s as well as the security manager’s perspective.

“I was usually just looking to get information and intelligence about a person’s movement,

associations, finances and personal life but I could just as easily been a thief or fraudster,” he says.

www.nhsbsa.nhs.uk/security

Tailgating into

secure areas

Tailgating into

secure areas

(2)

“Just like someone trying to gain access to a ‘secure’ area to steal valuables, I made sure I didn’t get too close to the person opening the door – to avoid getting engaged in conversation with them – or too far away – to make sure I could catch the door before it closed.

“Once I was in, I might try to look busy, and like I knew where I was and where I was going. Locked doors and cupboards always had the potential to catch me out, but I found that if I looked people in the eye, had a ‘good morning’ and a smile ready (or a ‘thank you’ if they’d held the door open for me) and a cover story in case of challenge (on very rare occasions), I didn’t have many problems.

“I also dressed to fit in so I wouldn’t stand out in a crowd. I made sure I was ‘Mr Nobody’ who was ‘Mr Everybody’. Flats, offices, business premises, government buildings and healthcare facilities were all accessible using the ‘tailgating technique’.”

Now, of course, the tables are turned, and Paul has to stop unauthorised people from entering secure areas of NHS organisations. “It’s not an easy task,” he admits, “as we have huge ‘public access’ areas with large numbers of staff and members of the public sharing this space, and that’s no problem. The threat is to the generally smaller number of access-controlled areas – the ones we’d like to think are secure”.

Evidently, they’re not always as secure as we imagine. The question is what can be done to combat this issue.

“The most important point to remember is that if you think something’s not right – if you’re suspicious about someone’s presence in the building for any reason – you should always challenge them if it’s safe to do so,” advises Paul. “They may well look like a member of staff or a visitor, but if you’re not sure, always check”. “There are other actions you can take to prevent tailgating, and some examples are listed below. To ensure the security of your work area, discuss these options with your line manager or Local Security Management Specialist.”

Review security procedures around access to •

secure areas.

Talk about the tailgating issue with your •

staff. Tell them how criminals do it.

Ensure staff wear their ID badges, especially •

in secure areas.

Tell staff they have a right to be suspicious. •

Ask staff to take the time to secure doors •

behind them.

Encourage a challenge culture: challenge •

when safe to do so.

Tell staff that an NHS lanyard is not sufficient •

ID: it’s the badge that matters.

Make sure everyone knows that suspicious •

behaviour should be reported as soon as possible.

Put clear warning signs about tailgating on •

access-controlled doors.

Limit the ‘swing’ or ‘closure time’ of access •

doors.

For further information about preventing tailgating, contact your own Local or Area Security Management Specialist, or email

[email protected].

Tailgating into secure areas continued

continued from front

Security Incident Management System

providing the information to make your NHS safe and secure

”...we have huge ‘public access’

areas with large numbers of

staff and members of the public

sharing this space [...]. The threat

is to the generally smaller number

of access controlled areas – the

ones we’d like to think are

secure”.

(3)

Security Incident Management System

providing the information to make your NHS safe and secure

The NHS Security Management Service is

continuing to work with various providers

of risk management software to the NHS

to complete the roll-out of the Security

Incident Reporting System (SIRS), a new

security management tool for the NHS.

Developed to provide a clearer picture of security incidents across the health service in England, locally and nationally, SIRS is already contributing to the NHS SMS’s objective of ensuring a safe and secure NHS.

Of the four NHS software suppliers, two have completed work to ensure the compatibility of their risk management systems with the SIRS portal. This means that users can use SIRS to capture data from reports that are uploaded from these systems, ensuring maximum local benefit with minimal additional effort on the part of NHS bodies.

The advantages of an up-to-date, integrated risk management and reporting system will therefore help to offset the staff training and data entry required in the short term to complete SIRS implementation. It will also deliver greater efficiencies over standalone systems for larger health bodies.

The remaining two suppliers are in the final stages of this important integration work and preparing to release fully SIRS-compatible systems soon. All four are liaising with security, IT and

communications staff from the NHS Security Management Service to ensure the availability of SIRS user guides and FAQs to all staff who will be involved in data input using SIRS – as well as Local Security Management Specialists, these will include risk and administrative staff.

SIRS has been available since April 2010 to coincide with the extended requirements for reporting to the NHS Security Management Service. The following types of security incident must be reported using SIRS:

any security incident involving physical assault •

of NHS staff

non-physical assault of NHS staff (including •

verbal abuse, attempted assaults and harassment)

theft of or criminal damage (including •

burglary, arson, and vandalism) to NHS property or equipment (including equipment issued to staff)

theft of or criminal damage to staff or patient •

personal property arising from these types of security incident.

For more information on implementing SIRS, email [email protected] or visit

(4)

On 30 November 2009, two sections of

the Criminal Justice and Immigration Act

2008 (CJIA) created a new criminal offence

of causing nuisance or disturbance on

hospital premises and introduced new

powers for NHS appropriate staff to

remove a person suspected to commit the

offence.

The specific aim of this legislation was to tackle low-level antisocial behaviour on NHS premises. A year on, we ask Ivana Bartoletti, the NHS Security Management Service (NHS SMS)’s CJIA Project Manager, how the new provisions are being received in the health service and how staff are being prepared to use them to best effect.

Q: What is classed as ‘low-level antisocial behaviour’?

Ivana Bartoletti (IB):“Examples are using foul language or intimidating gestures towards NHS

staff, patients and visitors, creating excessive noise in waiting areas or wards, and obstructing corridors.”

Q:Who can commit the offence?

IB:“Only visitors to hospital premises can commit the offence; this legislation doesn’t apply to patients or those seeking medical advice.”

Q:What are ‘authorised officers’ and ‘appropriate staff’ and do hospitals have to have them?

IB:“Authorised officers are those staff who make the assessment and decide whether the person can or cannot be removed from the premises. Those who actually do the removing, such as security officers, are the appropriate staff. Hospitals are using these roles in a number of ways: one inner-city London hospital has trained all its security guards as authorised officers. However, the appointment of authorised officers and NHS appropriate staff is voluntary and other trusts have decided to rely on the police to do the removing.”

Q:Are there any safeguards to prevent the powers being inappropriately used?

IB:“The offender cannot be removed if there is a ‘reasonable excuse’ for their behaviour – for example, a mental health condition or a learning difficulty. Because it’s so important for anyone who might be involved in using the CJIA powers – whether in a security or a clinical capacity – to fully understand when they can or cannot be used, the NHS SMS is running free CJIA training courses for authorised officers and for appropriate staff.

Ivana Bartoletti

Tackling antisocial behaviour on NHS

premises: are we making progress?

(5)

“It’s crucial for these staff to understand the concept of ‘reasonable excuse’ and the mental health issues that might be involved. That’s why our training includes a mental health awareness module delivered by the Mental Health

Foundation.

“There are also important training prerequisites: it is expected that all delegates will have

undertaken appropriate training in conflict resolution or physical intervention techniques. “We do acknowledge that there often isn’t a right or wrong answer in terms of whether to remove someone or not – sometimes you just have to go with what you feel is right. You wouldn’t use the power of removal if, for example, it would mean removing a parent and leaving a child on their own.”

Q:What kinds of staff are being trained to make these decisions?

IB:“There’s a huge range. So far, staff trained to be authorised officers have included site managers, Local Security Management Specialists,

reception managers, security managers and ward sisters.”

Q:What’s wrong with continuing to use common law powers to eject individuals who cause a nuisance or disturbance?

IB:“The new legislation puts things on a firmer legal footing. The use of the law relating to the civil wrong of trespass is not only difficult to apply but also legally arguable in a healthcare setting, which is arguably a public place. The NHS is ‘open’ 365 days a week and 24 hours a day, which makes it really difficult to understand when someone is trespassing.”

Q:How widely are the new powers being used in the NHS?

IB:“To date, 105 authorised officers and 13

appropriate staff have been trained, from trusts in Hampshire and Hertfordshire in the south to Cheshire and Lancashire in the north. The NHS SMS has also provided 21 familiarisation seminars, enabling qualified members of NHS staff to be trained as CJIA trainers themselves. This ‘train-the-trainer’ approach will be

constantly monitored to make sure that all training is delivered to a national standard.”

Q:When did the NHS SMS’s CJIA training start?

IB:“The first CJIA training was a pilot course that took place in early December 2009, when the act had first come into force.”

Q:How long will the training be provided for?

IB:“We will continue to offer this free training until March 2012.”

Q:What is the main purpose of the training courses?

IB:“Essentially, we want to enable those involved in the CJIA provisions to be fully equipped in the use of the new powers. This means ensuring that they understand when they can and cannot be used and how this legislation interacts with other pieces of legislation. The aim of our training is to give NHS staff the confidence to make best use of the new roles and responsibilities introduced by the CJIA, including liaison between the person authorising the removal and the person using the powers. It also ensures they are familiar with the assessment process and the concept of ‘reasonable excuse’.”

Q:How is the training delivered?

IB:“The training can be delivered at a trust’s premises, at regional venues, or at the NHS SMS’s training centres in Coventry or Reading. We’re aware that it’s not always easy for

managers to release staff, so we discuss training requirements with each trust and identify the best solution.

“Trusts can also decide to identify their own in-house CJIA trainer who, once s/he attends the familiarisation seminar, can cascade the training to staff members.

“All courses include an interactive DVD scenario-based training session and a formal assessment by way of skills development exercises and multiple-choice questions.”

Q:How has the training been received?

IB:“The feedback from all the courses has been really encouraging. Average responses to questions asking delegates to rate, on a scale of 1 to 4, factors such as professionalism of the trainer, group interaction and the delegate’s own understanding of the legislation were almost all between 3.5 and 4 and none below 3.”

Q:How can I get more information about the training?

IB:“You can email [email protected].

gov.uk to discuss specific training requirements

and related issues about CJIA implementation in your trust, or [email protected] to book the courses.”

(6)

Security management

policy updates in 2010

The following policies, developed to assist

Local Security Management Specialists

(LSMSs), have been updated during 2010:

Procedures for placing a risk of violence

marker on electronic and paper records

This guidance is designed to help NHS providers develop or review their policies and procedures for placing a marker on the electronic and/or paper care records of those individuals who pose a risk of violence to NHS staff. It will assist NHS providers communicate the risks of violence to NHS staff and ensure that appropriate and proportionate measures are implemented to reduce and mitigate any risks of violence and aggression.

Policy template for management of

violence and aggression

This policy template, available on the NHS SMS secure website (extranet), is designed to ensure that NHS providers have in place up-to-date violence and aggression policies and procedures, in line with the requirements of the NHS SMS and health and safety legislation. It is designed to facilitate the development of departmental policies and procedures to meet the local needs of staff.

Oil paintings in public ownership

guidance note

This guidance note, also available on the secure extranet, has been produced as a result of NHS bodies being approached by the Public Catalogue Foundation about access to their premises to catalogue publicly owned oil and acrylic paintings. The NHS SMS met with the Public Catalogue Foundation to verify the details of the project, the work of the organisation and the implications

for the NHS. While the decision to participate in the project remains with NHS bodies, it is hoped that this guidance note will help them to make an informed decision. The note makes recommendations to those NHS bodies that do choose to participate and provides contact details of the Public Catalogue Foundation, should LSMSs wish to contact them directly.

Security of prescription forms

This chapter of the NHS Security Management Manual has been updated and is available on the secure extranet. It should be read in conjunction with the guidance on the security of prescription forms available on the NHS SMS’s public website:

http://www.nhsbsa.nhs.uk/SecurityManagement/ Documents/SecurityManagement/Security_of_ prescription_forms_October_2009.pdf

The chapter in the manual is aimed specifically at LSMSs, while the guidance on the public website has the broader aim of providing a framework for NHS health bodies for the development of local policies, procedures and systems to ensure the security of prescription forms against theft and abuse in the NHS.

Guidance to LSMSs on controlled drugs,

accountable officers and local intelligence

networks

This guidance, available to LSMSs on the secure extranet, has been updated. It includes information on the role of the Accountable Officer (AO) for Controlled Drugs and the local intelligence network, as well as outlining how LSMSs should work with them and providing advice on information sharing.

(7)

Reducing the risks for NHS lone workers

The NHS Framework Agreement for Lone Worker Services was signed in April 2009. Under this agreement, the Department of Health provided partial funding for 30,000 lone worker devices. These 30,000 devices have now been allocated to over 210 trusts in NHS England and more than 26,000 NHS lone workers have now been trained and are in receipt of an active device.

Benefits and take-up to date

The framework agreement has the benefit of a fixed low monthly fee for an all-inclusive service, with various devices to choose from. This has encouraged further take-up beyond the 30,000 funded devices, with another 50 NHS and public bodies signing up to the service, along with the Welsh Assembly Government which has chosen to use the NHS agreement for its NHS lone workers in Wales.

Implementing the project has been demanding but the service is running to an extremely high standard and continues to meet demanding monthly service levels. The service is closely monitored by the NHS Security Management Service, which is already pleased to see the benefits it can offer lone workers.

To date, there have been more than 200 genuine alerts activated using the devices in situations where a user has felt threatened or vulnerable. The majority of these have been incidents involving verbal abuse or threats that have deescalated, but approximately 10% of these alerts have required escalation to the emergency services. Two of these incidents have also resulted in police prosecution being sought.

User feedback

In September 2010, a user survey was conducted in order to gauge user satisfaction levels, impact on feeling safe at work, and areas for improvement. Feedback was received from over 1,120 users of the device and shows some excellent results. Sixty-four per cent of respondents are either ‘very satisfied’ or ‘quite satisfied’ with the overall service. Of those users who have had to use the genuine alert function, 84% are ‘very satisfied’ with the response they received and a further 9% were ‘quite satisfied’.

Tim White, a risk manager from NHS Newcastle and North Tyneside, said: “The system has been well received by those community staff using the devices, with some extremely positive feedback. Staff have taken to its use and like the fact the device is discreet, simple to use and are confident that the device will be effective if a situation develops where they need assistance. These

aspects meet our needs perfectly whilst giving staff peace of mind.”

Working to add value

The benefits of the service are clear but there are some concerns with the overall concept of the lone worker device and whether it adds value to roles. Both the NHS Security Management Service and the supplier are working to abate these concerns and are hoping to publish feedback from a recent survey of users involved in incidents where they have activated genuine alarms. Having been in a situation where they have needed the device, all of these users are now strong advocates for its use and believe that the benefits it offers clearly outweigh the concerns.

More information

If you would like further information on the NHS Framework Agreement, please email

[email protected] or call the

NHS SMS contract manager on 0191 2035427.

WE WANT TO HELP.

DON’T ABUSE US.

Our staff carry devices that can monitor and record abusive behaviour. They can summon support services

and the recordings may be used in court proceedings.

STOP ABUSE OF NHS STAFF

Verbal or physical abuse of our staff could result in prosecution

Security Management Service

(8)

CoNTACT

SECURE

NEwSlETTER

Please contact the NHS Security

Management Service if you would like to contribute to Secure by promoting your area of work, or if you have any comments about the newsletter generally.

You can email alexandra.limia_

[email protected]

or call 020 7895 4533.

Alternatively, you can email the Communications and Business Development Unit:

[email protected].

NHS Security Awareness Month 2010

This is a special edition of Secure newsletter developed for NHS Security Awareness Month 2010. Other issues of Secure are available to view on the NHS Security Management Service’s website: www.nhsbsa. nhs.uk/security (under ‘Security management publications’).

NHS Security Awareness Month takes place in November each year, in order to publicise the role of the Local Security Management Specialist in NHS trusts, raise awareness of the work of the NHS Security Management Service and encourage staff to report incidents of violence and abuse.

References

Related documents

Service Design Service Design IT Service Continuity Security Management Availability Management Service Level Management Capacity Management Service Catalogue Incident

If after the second meeting to re-evaluate the IPRC decision you still disagree, then you have 15 calendar days to appeal the decision in writing to the Director of Education,

Service Catalogue Management Service Level Management Capacity Management Availability Management IT Service Continuity Management Information Security Management Supplier

NHS terms and conditions of service handbook The NHS Staff Council Pay circular (AforC) 2/2013: amendment number 28.. extended

Protecting staff with high social contact (Security, Nursing Staff and management staff) Page 26... Summary of risk

• Customer data shall be loaded on to the secure storage Service by the Supplier’s accredited and security cleared staff who shall be responsible for all on-boarding

• Customer data shall be loaded on to the secure storage Service by the Supplier’s accredited and security cleared staff who shall be responsible for all on-boarding

In the victim subscale, four (4) respondents or twenty-three percent (23%) were not involved, seven (7) or forty-one percent (41%) were mild victims, three (3) or eighteen percent