Security Systems: Real Risks, Effective Solutions

By Anastasios Douvikas

Safety, protection from theft and potential litigation costs are primary factors driving the design of security systems for healthcare facilities. Remediation technologies span a range of functionalities from perimeter surveillance and intrusion detection to employee card readers, and from strategically located panic buttons to RFID wrist tags for patients. Today, many healthcare facilities urgently need security systems upgraded. If the security system is more than five years old, sophisticated criminals will already know how to breach it. For that reason, systems need to be upgraded every 3-5 years to be effective.

By conducting an independent assessment, healthcare leaders ensure the most cost-effective equipment combined under a single platform. Here are insights into the real risks, and insights on implementing the right solutions.


Perimeter/site vulnerabilities. Many hospitals delay implementation of critical surveillance systems because it is expensive to put infrastructure on the perimeter. Within the building, devices such as card readers are powered from a central panel and require no more than a 300-foot cable connected to a network switch. Perimeter camera and alarm systems must also be powered and networked from the building over distances that can range up to a half mile. Going underground outside requires substantial external work, including excavation and the laying of conduit. At tropical latitudes in other countries, standalone solar-powered devices have worked for some institutions, but they are not a robust solution for U.S. sites in general.

Wandering patients/abduction. If a patient, typically one suffering from dementia, manages to leave the hospital unaccompanied, that patient’s safety is at risk.  Such cases inevitably lead to litigation from the patient’s family.

Abduction risk typically derives from disputed child custody situations, but it may also involve the involuntary relocation of aging relatives. In either case, the risk faced by the hospital is that a patient may be removed from the facility without the consent of the physician, staff or certified family contact. For such situations, a patient monitoring system is an absolute necessity.

Theft of hospital assets, supplies and medications. Theft deterrence is the most important reason to install monitoring systems. Supplies or equipment may be stolen by “visitors” or by hospital staff. If the security operator sees people wandering in areas where they aren’t supposed to be, the operator can send out a guard. Electronic monitoring systems deter criminal activity because the thieves will notice them when casing the site.


Planning for security. Security planning must occur at the early stages of design. Design leaders can provide adequate clearance for emergency services to provide help. To do this, determine paths of egress for the providers and include clear signage.
Experienced security experts plan ample time to learn the operations of the facility in order to do a proper assessment and design the right solution. Key aspects of an assessment include:

  • Where do patients enter?
  • Where do employees park and enter?
  • Where does staff change into their uniforms?
  • What is the protocol for outside contractors doing maintenance or working in the facility?

These patterns help form an information base on which to develop a security plan that is responsive to the specific environment.

In the case of an existing facility assessment, site visits are essential to complete an adequate assessment. How easy is it to get in? If a person wants to visit a relative on the third floor, should the visitor also have access to other floors? What kind of theft has been experienced during the last 3-5 years? Were the perpetrators apprehended? How did they gain access to hospital property?

Conducting thoughtful planning, as well as thorough assessments, offers the basis for system selection and implementation.

Perimeter surveillance places cameras around the building so that an operations center can monitor outside activity. When accompanied by perimeter intrusion technology, the system can activate an alarm when a person enters a prohibited area. Photo courtesy of Ghafari Associates.

Perimeter surveillance places cameras around the building so that an operations center can monitor outside activity. When accompanied by perimeter intrusion technology, the system can activate an alarm when a person enters a prohibited area. Photo courtesy of Ghafari Associates.

Intrusion detection systems. Perimeter surveillance places cameras around the building so that an operations center can monitor outside activity. When accompanied by perimeter intrusion technology, the system can activate an alarm when a person enters a prohibited area. The security operator can switch to the appropriate camera to view the intrusion area. Outdoor systems use closed-circuit television and hyper sensing cables. A periphery system can also monitor the unloading of supplies from delivery vehicles, and later when supplies are placed in hospital storage. Both locations are opportunities for in-house theft. Even if a violation was not committed or intended, it may be necessary to phone the department whose employees have entered the area. They should always notify the security center when needing to enter such an area.

Patient management tools. In newer hospitals every patient is issued a radio-frequency identification wrist tag. All procedures and prescriptions are keyed to the wrist tag. To give a pill or shot, the doctor or nurse slides the tag, which updates the software platform. Through wrist tag tracking, the hospital knows where all patients are and what procedures and medications were administered to them. This enhances patient safety as all medication drugs are tracked as administered; at the same time, patients and employees are also easily located at any time. Naturally, these systems require staff training.  Healthcare leaders can verify training in their vendor contract.

Consider other scenarios: A patient in a drug detoxification program should not have access to pharmacy or medication storage. Patients well enough to be ambulatory should not be able to walk around and change floors. A security system can grant access to people approved to go to various places. It is insightful to compare the cost of maintaining tight security over medications with the cost of potential lawsuits resulting from lax security.

Theft deterrents. To protect access to all areas of the hospital, use a card reader system plus video surveillance. Cards should be issued to all personnel, but not all personnel should be able to access all areas. Access privileges are granted on a central database to certain employees for certain areas. For example, an orderly does not need access to the pharmacy. If a stolen card is used to access an off-limits area, the intrusion can be documented by the camera pointing at the card reader.

Panic alarms/active shooter scenario system. If a security emergency arises at a hospital, there should be enough panic buttons for staff to quickly notify the operations center and the police. Panic buttons should be widely dispersed across the facility, but in locations where they can be easily accessed by personnel, not by patients. Locate them near egress paths such as stairwells and elevators. With proper control of locks, the security operator can isolate an active shooter in an area such as a floor or a room.

Visitor management protocols. With the patient management tool, the administration can define a protocol that will apply to all visitors. To limit a visitor to the area of the person he is visiting, issue a temporary card to the specific room number. The visitor can only enter the floor on which the room is located and must arrive and swipe the card within a specified period, such as 10 minutes. On departure, the visitor re-swipes the card and arrives back in the lobby within the specified time. If not, the security staff seeks to locate the visitor.

Emergency communication. On every floor, employees must have voice access to the operations center in order to alert the center of any emergency. The system should be separate from the regular telephone service, which could be rendered inoperable during an emergency. The employee should be able to pick up the emergency phone—without entering a number—and be in immediate voice contact with the security monitor.

Unified platform. Hospital operation centers are like airport control towers because of their responsibility to monitor emerging situations simultaneously on several fronts. But unlike a team of flight controllers, the security operator in a hospital must watch multiple systems by himself or herself, and the operations center rarely has more than one person covering a shift during the week. For that reason, hospitals are favoring a unified platform in which all messages and images are displayed in the same interface. It is more costly to have one platform on the perimeter and another one inside the building to monitor access control. All systems should be integrated under one software platform.

The demands of healthcare security are growing more urgent and more complex every year. Urgent care is needed for healthcare security systems as they need to be planned and implemented carefully with appropriate training at all levels of hospital staff.

Author: Anastasios Douvikas
Anastasios Douvikas is ‎security, data, telecom group manager at Ghafari Associates. He can be reached at

Tags: ,

Posted July 13, 2016

More Articles: