From “Massachusetts Hospital Makes Security Changes After Nurse Stabbed 11 Times”
Campus Safety Magazine (09/27/2017) Brennan, Amy
Harrington HealthCare System’s Southbridge, Mass., hospital began implementing new security measures in September following the June stabbing of a nurse by a former patient. Elise Wilson was working as an emergency room nurse on June 14 when 24-year-old Conor O’Regan stabbed her 11 times. Doctors say Wilson almost died from tremendous blood loss. Investigators say O’Regan picked Wilson at random and was seeking revenge for what he considered to be unsatisfactory treatment at the hospital three weeks prior for a wrist injury. He told court physicians that he heard voices telling him to “be a warrior.” Hospital administrators say the new security measures include limitation of visitors in emergency departments and mandatory bag searches at Harrington’s Southbridge and Webster locations. Each patient in the emergency departments will be limited to two visitors. Added public safety officers will manage visitors as they arrive. Public safety officers will also now carry batons, pepper spray, and handcuffs. “There are very strict guidelines and circumstances under which these tools would be used, and that is being communicated during the training being taken by our Public Safety Department,” says Harrington vice president Harry Lemieux. Many hospital employees, including public safety staff, will participate in de-escalation training and defensive tactics. On-site training and drills will also be rolled out with department and building-specific protocols. Two walk-through metal detectors have also been placed at emergency room entrances and additional security cameras and panic buttons have been installed throughout the hospital.
From “Mitigating Active Shooter Risks”
PropertyCasualty360 (08/16/17). Posted by ASIS.
Security professionals should prepare their companies for the possibility of an active shooting, as the number of incidents involving active shooters has risen steadily over the last 15 years. Keith Plaisance of Global SHE Solutions says implementing an active shooter program is similar to preparing for a fire drill, and survival depends on having a plan with three specific options: run, hide or, fight. Preparing for an active shooter scenario involves the development of a workplace violence policy and plan, emergency response plans, training, and exercises. For the workplace violence policy, the employer should establish acceptable workplace behavior, affirm the company’s commitment to take action and provide a safe workplace for employees, and address physical violence as well as threats, bullying, harassment, and weapon possession. Plaisance says a reporting mechanism should be in place letting employees know who to approach with concerns. He also recommends creating a threat assessment team within the company. Companies should test plans to determine effectiveness and identify potential problems, presenting plans to employees in regular training. Companies should also conduct a detailed physical security assessment, with the goal of denying unauthorized access and protecting property, personnel, and operations.
From “Man Used Gurneys to Steal TVs, Laptops from Phoenix Hospital”
Campus Safety Magazine (08/04/2017) Brennan, Amy. Reposted by ASIS
A man was allegedly caught on camera stealing three laptops and five big screen televisions from Abrazo Central Campus Hospital in Phoenix. Brian Leroy Nichols, 35, was seen on surveillance video wandering the basement of the hospital for approximately three hours, going from room and room and changing his appearance along the way. Nichols allegedly took the computers from a classroom and hid them under a staircase, covering them with a gurney mattress. At one point, he reportedly left the hospital and sold two of the laptops. The third was found in his backpack when he was apprehended by police. Once in custody, police asked Nichols about how he was able to get three televisions out of the hospital unseen. Nichols said he put the stolen televisions on a gurney and covered them with sheets. Abrazo Central Hospital officials released a statement, stating, “We are reviewing campus security footage of this incident to assist the Phoenix police department with its investigation. We are also conducting a thorough review of our campus security measures.”
From “Fears of Hackers Targeting U.S. Hospitals, Medical Devices for Cyber Attacks”
ABC News (06/29/17) Harris, Dan; Kapetaneas, John; Zepeda, Robert; et al. Posted by ASIS.
Hospital computers and medical devices are potentially vulnerable to hacking, according to cybersecurity experts. Among the U.S. computers affected in the Petya ransomware attack that quickly spread to countries around the world Tuesday were hospital computers. Last month, the WannaCry ransomware shut down 65 hospitals in the United Kingdom, affecting not just computers but storage refrigerators and MRI machines, and last January, Hollywood Presbyterian Hospital in Los Angeles paid out $17,000 after hackers took control of its computers. To combat this problem, doctors, security experts and government employees recently converged at the University of Arizona Medical School in Phoenix to witness the first-ever simulated hack of a hospital. “Anything that is plugged in,” whether it has a Wi-Fi connection or not, can be vulnerable to hacking, and lots of medical devices, such as pacemakers and ventilators, are connected to the Internet for the benefit of the patients, says Dr. Jeff Tully, a pediatrician and self-proclaimed hacker who organized the event and staged the cyberattack with Dr. Christian Dameff, an emergency medicine physician. Cybersecurity expert Josh Corman, who recently served on a congressional task force for the U.S. Health and Human Services Department to investigate health care systems, said these systems are easy to hack because often the computers are running “on very old, unsupported systems.” Also, hospitals need to invest more in qualified cybersecurity personnel. Corman’s team conducted a yearlong investigation and found that at least 85 percent of hospitals do not have a single qualified [cyber]security person on staff.
From “Violence Against Health Care Workers Captures Regulators’ Attention”
Business Insurance (04/26/17) Gonzalez, Gloria. Reprinted by ASIS.
The U.S. Occupational Safety and Health Administration (OSHA) is “paying close attention” to workplace violence against health care workers, according to Safety National Casualty Corp.’s Mark Walls. In 2015, there were more than 11,000 violent incidents against employees in the health care and social assistance sector — a number that is nearly as high as all other industries combined. The California Division of Occupational Safety and Health Administration Standards Board unanimously adopted the first workplace violence prevention standard for health care workers in the United States last year, with the standard taking effect April 1. General acute care hospitals, acute psychiatric hospitals, and special hospitals must report incidents of workplace violence at their facilities to Cal/OSHA. The safety regulators are then required under Senate Bill 1299 to post a report each January on the total number of incidents reported, the names of the hospital facilities, the outcomes of inspections or investigations, the citations levied against a hospital based on a violent incident, and recommendations for the prevention of violent incidents in hospitals.
From “Homeland Security’s Terror Warning for NJ Hospitals and Hotels”
New Jersey 101.5 (03/27/2017) Matthau, David. Reprinted by ASIS.
As authorities continue to investigate last week’s terror attack outside the British Parliament, homeland security officials in the United States are advising the public to be vigilant. The New Jersey Office of Homeland Security and Preparedness is calling on hospitals, hotels, and motels to keep an eye out for anything out of the ordinary. Eric Tysarczyk, the director of policy and planning for the New Jersey Office of Homeland Security and Preparedness, stressed no specific, credible threat has been made against any of these areas in New Jersey. However, hospitals are considered potential terror targets because they have open access and they are mass gathering sites. Tysarczyk notes some hospitals have chemicals and devices that could interest terrorist attackers, and hospitals play a prominent role in prevention and protection, which might also catch the attention of those planning an attack. He says the public should remain vigilant and report anomalies such as people wearing bulky coats inappropriately and congregating around delivery docks when they are not making deliveries. He says the first point of information should be either the security guard or the local police, adding that it is better to report a situation that does not pose a threat than to fail to report an actual threat.
From “A Hospital’s Safety Lessons”
Security Management (10/16) Abdulaziz Al Essa, Ibrahim. Printed by ASIS.
A deadly fire that broke out at Jazan General Hospital in Saudi Arabia last December has been attributed to negligence by hospital and Ministry of Health officials as well as poor design and implementation of the building. The fire, which killed 25 people and injured 124, was caused by an electrical short circuit on the first floor of the hospital. Hospital staff members were able to evacuate all patients on the first floor, but the resulting smoke density and escalation to the hospital’s upper floors caused deaths due to asphyxiation. Defects in the building’s fire isolation and alarm system and faulty oxygen extension pipes also facilitated the fire’s spread. The Ministry indicated that the hospital staff’s lack of security and safety training led to an increase in deaths and injuries during the evacuation process. The hospital did not have an incident command team, mechanisms to control emergency exits, or fire extinguishing systems. The evacuation process was further hampered by cars and bystanders congesting the area outside the hospital. Hospital officials ignored the warnings of the Saudi Arabia Civil Defense Agency prior to the facility’s opening in 2009, including concerns that the contractor hired to construct the building committed several engineering errors.