Do no harm

January 28, 2019

What to consider and how to proceed when designing workplace violence prevention programs for healthcare facilities.

In the wake of the recent shootings at Chicago Mercy Hospital, there has been renewed attention to the irony that many of the facilities and institutions designed to treat the sick and injured have themselves become the site of potential violence.

Workplace violence is a potential threat in every organization, but it is particularly prevalent in healthcare. FBI statistics show that 45 percent of all workplace violence incidents occur in the healthcare industry. U.S. healthcare workers are three to four times as likely to experience workplace violence than workers in other industries, and up to 75 percent of healthcare workers have suffered physical or verbal abuse from a patient or someone connected to the patient. To put those numbers in context, consider that the Department of Labor reports that workplace violence in the healthcare industry accounts for almost as many serious injuries as all other industries combined

Growing awareness of workplace violence in healthcare is raising formal standards for security and workplace violence prevention measures. When the Centers for Medicaid and Medicare Services (CMS) passed the Emergency Preparedness Final Rule in 2016-formally requiring healthcare organizations participating in the Medicare or Medicaid programs to conduct annual, all-hazards security assessments and emergency preparedness/active shooter training and drills-it dramatically upped the regulatory ante and spurred additional progress in medical facilities across the country. And failure to comply results in becoming ineligible to receive Medicare and Medicaid reimbursements-which equates to up to 70 percent of the budget for some medical facilities. 

Given both the rapidly changing regulatory environment and the changing threats to medical facilities, what follows is a closer look at how decision-makers at medical facilities can identify and mitigate these risks to design a comprehensive workplace violence prevention program:

Key to compliance

According to OSHA guidelines, a thorough workplace violence prevention program should include the following five elements:

  • Management commitment and employee participation and engagement

  • Work site analysis and hazard identification-including an evaluation of current security posture

  • Hazard prevention and control

  • Safety and health training encompassing hazard recognition and response procedures and protocols

  • Record keeping and program evaluation, including incident tracking, training, assessments, etc.

It is critical that all five of these elements work together as part of a cohesive and interrelated whole. If any of these five pieces are missing, the facility’s ability to minimize and mitigate workplace violence could be compromised.

It is important to remember that the CMS Final Rule also has specific requirements organizations must meet. For instance, active shooter protocols and drills are required as part of the CMS Final Rule, but not under OSHA guidelines. 

Define and assess risks

The first step that administrators and decision-makers should take is an extensive risk assessment conducted by a trained security expert. Outside perspective is helpful to ensure that internal security/risk management personnel do not consciously or subconsciously underestimate risk mitigation liabilities in an effort to validate their own efforts.

A security professional with demonstrated experience in the healthcare space should conduct an exhaustive on-site assessment that includes both an independent perspective and a detailed series of interviews with facility personnel. Subsequently, he or she will be able to assign a risk level that accounts for site- and facility-specific impact potential and considers a wide range of factors, including schedule, security protocols and other operational realities (equipment, services, staffing levels, etc.), geographic threats like regional crime levels, and other internal and external data points.

Size, location, and focus impact risks

The size, location, and nature of the healthcare facility can significantly impact the nature of the risk factors at play and can increase vulnerability to certain types of threats. For instance, if the only urgent care facility in 50 miles can’t operate because of a threat or a violent incident, that could create a potentially dangerous situation. 

In general, the operational and logistical complexity of larger hospitals presents security challenges, as does the potential for a more widespread regional impact in the event of a disruption. Smaller clinics and other facilities may have fewer logistical elements to account for in their security planning, but they also have fewer resources to address them effectively.It is important to recognize, however, that regardless of the size and nature of the facility, the overall approachto the risk assessment process should remain the same.

A group effort

To ensure that all needs are met, all priorities are addressed, and all perspectives are heard, all interested parties must be involved in any type of risk assessment process and workplace violence prevention program design. Key stakeholders from the C-suite to operational personnel should have a voice in what should be a collaborative process. In addition to corporate, be sure to include representatives from legal, HR, security, risk management and facility management. This collaborative, inclusive ,and holistic approach is essential to breaking down corporate/operational silos, eliminating structural blind spots, and obtaining an accurate and comprehensive total risk profile.

Make it happen

Once you have a comprehensive risk profile assessment in hand, leverage the findings of to create a workplace violence prevention program built on effective risk mitigation strategies. 

The process cannot be haphazard-it needs to be strategic, thoughtful, connected, and comprehensive. Communication is essential throughout the process, and every detail of the program should be designed with consideration of the impact and implications on culture and chemistry. Change management and implementation expertise can complement the work of a security expert. And while the specific rollout strategies will vary from one facility to the next, the common ingredients for success include the ability to free up sufficient funding and the freedom and flexibility to create effective programs that address workplace violence vulnerabilities. Securing approvals and generating momentum needed to implement a robust security protocols and a strong workplace violence prevention program can be easier if the benefits, including reputation boost, competitive advantage, employee contract benefits, and improved regulatory compliance, are communicated successfully.

Don’t rest on your laurels

The job isn’t over when the new program, policies, and protocols are in place. In fact, in many ways it’s just beginning. Decision-makers should reassess and potentially update mitigation strategies on an ongoing basis. A formal enterprise-wide review/assessment should be conducted after every significant incident, any time goals and objectives shift or there are major operational changes, and on at least an annual basis. Informal reviews and evaluations with built-in mechanisms for reporting and self-analysis should be almost continuous.

Going forward

From acute care to freestanding facilities, effective security is rarely taken for granted and has aligned itself into everyday operations in facilities across the country. One of the most significant signs of progress in this area is the healthcare industry embracing security partners that specialize in risk mitigation. 

This essential public health and safety issue remains a hot topic of discussion, and the industry is responding. The result is growing numbers of healthcare facilities that can deliver on the promise of providing high-quality care in a comfortable, safe, and secure environment.

David Davari serves as managing director for Pinkerton, a global provider of corporate risk management services. Pinkerton traces its roots to 1850 when Allan Pinkerton founded Pinkerton's National Detective Agency. Today, Pinkerton utilizes an applied risk science approach using technology such as artificial intelligence to provide companies with a holistic perspective for risk management and forecasting. With employees and offices worldwide, Pinkerton maintains an unmatched reputation for protecting clients and their assets around the globe. Visit www.pinkerton.com to learn more.