Let the right one in

In 1992, a man was admitted to a hospital for a minor operation, however, he had fallen out with his business partners and while he was waiting to be taken into theatre, an assassin murdered him. The assassin fled the country but was extradited and convicted to a life sentence. The murder was unexpected because for years, hospitals had assumed that they were isolated from the ills of society and access control into parts of the hospital was weak. The assassin knew that the victim would be in the hospital at a particular time and therefore an opportunity was presented. The rhetorical question is why when we carefully lock up our houses, rooms and flats when we go to work, and indeed restrict access to parts of the property when we are at home, do NHS managers at work not apply the same principles?

A series of barriers
Control of access can be defined as a series of real, imagined (to the outsider), mutually supporting and interdependent barriers arranged in depth designed to:

• Slow down penetration with each barrier a risk or obstacle to consider and to be negotiated before moving on. Barriers include perimeters, reception, an alarm system and ID badges.
• Buy time to allow a reaction or response to be organised. The reaction might come from security officers. 
• Highlight weaknesses in the control of access strategy.

Defence in depth is an ancient concept that we practice every day and is a strategy used to defend against crime and unauthorised access. It can also make a contribution enhancing health and safety and limiting cross infection.
    
It is sometimes known as the onion peel, in which each skin is pealed until the core in the middle is reached. Take a car, defences include – door keys, ignition locks, window etching, the vehicle registration number, insurance and tax disc as a minimum. The addition of a wheel or gear lock buys more time. While each defence require different lengths of time to negotiate, the accumulated protection and nuisance value of the defences can be significant in deflecting unauthorised access. The more defences the better, however, on rare occasions a few can suffice. The posting of the Smartwater property marking logo on an office window is often sufficiently effective to divert thieves because they know that the Smartwater invisible solution is effective as DNA in proving ownership. On seeing the logo, the thief will ask: “Is it a trick or is the property inside marked? Not sure. I’ll move on to an easier target.”

Legislative procedures
An element of defence in depth is legislation. Had the assassination of the roofer taken place in 2009, the possibility exists that those who had failed to ensure his safety could have been prosecuted under the 2007 Corporate Manslaughter and Corporate Homicide Act. This far-reaching legislation recognises that fatalities consequent to lapses in health and safety procedures and practices are not always accidental and misadventure. Briefly, the Act states that an organisation is guilty of an offence if the methods organised by the senior management lead to a gross breach of duty of care resulting in death. Schedule 1 of the Act lists the Department of Health and, therefore by implication NHS Trusts, as bodies at risk. Some definitions:

• ‘Gross’ – breach of the duty of care well below that which what can reasonably be expected of an organisation in the circumstances.
• ‘Senior management’ – those in significant decision making roles that affect the management of all or part of the organisation and its activities.  
• ‘Duty of care’ applies to its employees, other persons performing services for it, such as maintenance staff, building contractors, an occupier of premises – i.e. a patient, and a contracted or voluntary supplier of goods and services.

As with any health and safety practice, the employee has a duty to follow procedures. Allowing someone without the appropriate authority to tailgate through controlled access cannot usually be held against senior management.

Four principles
Irrespective of the size of the area to be protected, for instance a small locket kept in a matchbox or an aircraft hangar the size of two rugby pitches, four fundamental principles govern the control of access in the defence in depth strategy.
    
Access: The fewer control points, the easier the access control to, from and throughout the facility. Controls might include the physical presence of reception staff, the simplicity of keys, electronic access systems, security notices and staff security awareness. Increasing use is being made of biometric security technology. Essentially, biometrics is the application of electronics to measure selected unique features of an individual, such as fingerprint patterns, variations in structure of hands and eyes and even our gait, to confirm identity.
    
Advantages of such systems are:

• dispenses with identity cards, although it is interesting the comfort drawn by staff from an ID badge.
• unlike microchips in cards and reliance upon personal identification number, biometrics cannot be stolen, in spite of amputated fingers in films and drama. 
• cannot be stolen or copied.

Fingerprint biometrics can be bypassed with gloves, including surgical gloves. This would be a consideration in parts of the hospital. There are also likely to be data protection issues surrounding the retention of the unique profiles of those on the system. Witness the debate on DNA libraries.
    
Movement: Some general hospitals have almost uncontrolled access into sensitive parts of the hospital and it is still possible to arrive alongside a bed in a ward without going through any doors protecting the patients. So why do the NHS managers, at all levels, continue to expose patients and staff to risk by not ensuring the security, safety and protection from crime and cross-infection that control of access brings?
    
The perception, surely, is that there is a long held belief that since hospitals sees themselves as caring places, which they are, the perception remains that they are immune from the ills of society. The facts rather prove the opposite.
    
Exclusion: Hospitals are, however, gradually realising that while they are caring institutions, part of the healthcare security philosophy now requires improved target hardening, by exclusion, of some parts, such as theatres, stores, pharmacies, some offices for all except for those with authority to enter. Exclusion prevents theft, unauthorised access and deliberate damage to medical equipment.
    
Containment: Containment promotes the necessity to corrall people into areas where some control over their activity can be exercised. We all experience containment in hotels where guests are confined to public areas and in airports where passengers are contained in departure zones. Typical containment areas in hospitals are waiting rooms and the wards themselves.

Lockdown
Lockdown is the current ‘buzz word’ being circulated by Department of Health emergency contingency planners.
    
Lockdown is not new to the NHS. Most hospitals have the ability to isolate all or part of its function, particularly relating to infant abduction and paediatric wards. Not quite so well protected are the equally vulnerable elderly patients in general hospitals, who are at far higher risk of going missing than an infant or young person. Only in the mental health sector is prevention exercised using effective controls of access. But few maternity wards exercise an abduction risk, although one South West trust regularly did and could prevent access to and from a hospital within 90 seconds.
    
The Department of Health defines Lockdown as: “The process of controlling the movement and access – both entry and exit – of people (NHS staff, patients and visitors) around a trust site or other specific trust building/area in response to an identified risk, threat or hazard that might impact upon the security of patients, staff and assets or, indeed, the capacity of that facility to continue to operate. A lockdown is achieved through a combination of physical security measures and the deployment of security personnel.”
    
Full lockdown requires full control of access to a hospital, perhaps in response to civil disturbance. It follows that the fewer existing controls of access, the better lockdown. Hospitals with demarcated perimeters eases control of access by pedestrians and vehicles with defined control points and access granted by the presentation of an ID badge for staff or an appointment letter by patients.
    
Partial lockdown requires control of access to a specific part of a site or a building. Examples are cordons erected around a crime scene so that evidence can be collected and HM Prison Service escorting high-risk prisoners to and from treatment centres. Partial lockdowns can be either static or the equivalent of rolling roadblocks on motorways in which the control of the lockdown moves with the problem. These are sometimes known as ‘portable’ lockdowns.
    
Progressive lockdown is a phased response to an escalating scenario and can lead to full or partial controlled access. Several years ago, a hospital that had isolated part of its grounds during a hostage situation in a clinical setting was then forced to widen the cordon as the situation developed. Such escalation needs to be flexible and systematic so that logjams are easily negotiated.
    
Control of access is disruptive and can be annoying, however, it is a vital element of effective security management. Measures must be effective and counter measures exercised to prevent serious incidents. ‘Secured by Design – Hospitals’, which was written as part of the Secured by Design initiative, gives good advice on developing a safe and secure hospital environment, including lockdown. In the end, security is rarely as expensive as insecurity.