Vous êtes sur la page 1sur 261

Document Number # QH-GDL-275-9-1:2012

Guideline for Security Risk Management and Asset Protection State-wide Distribution
Custodian/Review Officer: Director, Organisational Health Senior

1.

Purpose

Version no: 1.1

This Guideline provides recommendations regarding best practice for assistance in the protection of Queensland Health assets: People, Property, Information, Activities and Reputation.

Applicable To: all Queensland Health staff

Approval Date: 01/12/2012

2.

Scope

Effective Date: 01/12/2012

Next Review Date: 02/02/2015

Authority: Lyn Rowland, Chief Human Resources Officer, System Support Services Division

This Guideline provides information for all Queensland Health employees (permanent, temporary and casual) and all organisations and individuals acting as its agents (including Visiting Medical Officers and other partners, contractors, consultants and volunteers). This Guideline applies to all Queensland Health facilities, including employee housing.

Approving Officer

3.

Related documents

Policy and Standard/s:


Name Lyn Rowland, Chief Human Resources Officer, System Support Services Division

Occupational Health and Safety (OHS) Policy Implementation Standard for Security Risk Management and Asset Protection Protocol for Security Risk Management and Asset Protection Protocol for Closed Circuit Television Security Systems Protocol for Personal Protective Devices Safe Possession and Use of Protocol for Notebooks Possession and Use of

Procedures, Guidelines, Protocols


Supersedes: Guidelines 2-44-1#38 Security

Key Words: security, risk management, asset protection, SRMAP, plan, strategic, major works

Accreditation References: EQuIP and other criteria and standards

Version No.:1.1 Effective From: 01 Dec 2012

Page 1 of 7

Printed copies are uncontrolled

Queensland Health: Guideline for Security Risk Management and Asset Protection Forms and templates

Nil.

4.

Guideline for Security Risk Management and Asset Protection

This Guideline details actions and processes pursuant to providing protective security services across all Queensland Health facilities and services. This Guideline (also refer to Attachment Chapters 1-17) provides information on the following practices: Protective Security in the Healthcare Environment Protective Security Personnel Security Risk Management and Asset Protection Security Incident Management and Investigation Security and the Physical Environment Identification Badges Prevention of Crime and Unwanted Behaviour Occupational Violence Prevention and Management Patients with Protective Status Legislation Relevant to Healthcare Geographically Remote Locations Security for Staff Working within the Community Protective Security in Clinical Areas Pharmacy and Pharmaceutical Security Protective Security in Non-Clinical Areas Protective Security of Helicopter Landing Sites Protection of Information.

5.
Term

Definition of Terms
Definition / Explanation / Details Workplace operations, processes or functions for the safe and effective delivery of healthcare services. An item or process that an individual, community or Government values and is important to supporting the expectations of those peoples, organisations or Governments outcomes and objectives. Source Queensland Health

Definitions of key terms are provided below.


Activities

Assets

Security Risk Management Body of Knowledge

Queensland Health

Version No.:1.1 Effective From: 01 Dec 2012

Page 2 of 7

Printed copies are uncontrolled

Queensland Health: Guideline for Security Risk Management and Asset Protection
Assets are categorised as People, Property, Information, Activities and Reputation. Baton Any device (not being a toy or category M weapon under Weapons Categories Regulation 1997) constructed or designed as an expandable telescopic baton that, if used, is capable of causing bodily harm. Batons are a restricted item pursuant to the Weapons Act. The ability, experience and knowledge of a person, process or information to undertake the stated or claimed activity. This is commonly used in relation to the capability of a threat source Weapons Act Weapons Categories Regulations 1997

Capability

Queensland Health

Consequence

Outcome or impact of an event

Queensland Health

Control

Measure that is modifying risk. Controls may include process, policy, device, practice or other actions which modify risk. Any action that reduces the probability of a risk occurring or reduces its impact if it does occur or both. A control applicable to specified threats

Integrated Risk Management Policy (QH-POL-070:2011)

Counter Measure

Queensland Health

Covert Images and Data

Covert surveillance is where: the employees have not been notified before the intended surveillance is conducted cameras or evidence of their existence are not clearly visible at the workplace there are no clearly visible signs at the entrance to the workplace to notify people that they may be under CCTV surveillance.

Queensland Health

Critical Assets

Assets which if destroyed, degraded, or rendered unavailable for an extended period will impact on social or economic wellbeing, activities, information or reputation of individuals or organisations. The importance or dependence that an organisation has on a person, function, process, item or infrastructure or specific facility.

ISO 31000 HB 167 2006

Criticality

ISO 31000 HB 167 2006

Event Facility Frequency

An incident or situation, which occurs in a particular place during a particular time Any physical infrastructure A measure of the number of occurrences per

Queensland Health Queensland Health Queensland Health

Version No.:1.1 Effective From: 01 Dec 2012

Page 3 of 7

Printed copies are uncontrolled

Queensland Health: Guideline for Security Risk Management and Asset Protection
unit of time Harm Death, disease, injury or disability experienced by a person. Destruction, damage or threat to the organisation, loss of or damage to the environment, or a combination of these. A situation or thing that has the potential to harm a person. Hazards at work may include: noisy machinery, a moving forklift, chemicals, electricity, working at heights, a repetitive job, bullying and violence in the workplace. The outcome following the occurrence of an event The confidence to carry out the stated or postured claim and the desire to carry out the action or activities Is the person or persons designated, trained to have, direct responsibility for the implementation of the policies, purposes and methods of control of a CCTV system, as defined by the owner of the system. Refers to handcuffs or similar wrist-restraints, classified as restricted items pursuant to the Weapons Categories Regulation 1997, but does not include other forms of restraint. Refers to the use of clear sight lines, lighting, landscaping and fencing, and reduction of enclosed locations to facilitate observation. The purpose of natural surveillance is to deter crime through increasing the perception of risk for abnormal users, and increasing the perception of likely assistance for normal users. An official security notebook issued to a security officer or authorised person by Queensland Health. Is the person specifically designated and authorised by the owner of a CCTV system to carry out the physical operation of controlling that system. A company, corporation, firm, enterprise or institution or other legal entity or part thereof whether incorporated or not, public or private, that has its own function(s) and administration. Is the legal person or entity designated as having overall responsibility for the formulation and implementation of the policies, purpose and control of a CCTV system. A measure of the chance of the risk occurring. Also known as likelihood in this document Queensland Health

Hazard

How to Manage Work Health and Safety Risks, Code of Practice 2011, Workplace Health and Safety Queensland Queensland Health Queensland Health

Impact Intent

Manager (Security)

Queensland Health

Mechanical WristRestraint

Weapons Categories Regulation 1997,

Natural Surveillance

Crime Prevention through Environmental Design Part A & B Guidelines for Queensland

Notebook

Queensland Health

Operator (Security)

Queensland Health

Organisation

AS/NZS 4801

Owner (Security)

Queensland Health

Probability

Queensland Health

Version No.:1.1 Effective From: 01 Dec 2012

Page 4 of 7

Printed copies are uncontrolled

Queensland Health: Guideline for Security Risk Management and Asset Protection
Residual Risk Risk Analysis Risk The risk remaining after the implementation of risk treatments or controls Systematic process to understand the nature of and to deduce the level of risk Is the possibility that harm (death, injury or illness) might occur when exposed to a hazard. Queensland Health Queensland Health How to Manage Work Health and Safety Risks, Code of Practice 2011, Workplace Health and Safety Queensland Integrated Risk Management Policy (QH-POL-070:2011) Integrated Risk Management Policy (QH-POL-070:2011) Queensland Health

Risk Assessment Risk Management Security

Overall process of Risk Identification, Risk Analysis and Risk Evaluation. Coordinated activities to direct and control an organisation with regards to risk. The preparedness, protection and preservation of people, property and information, both tangible and intangible. Any action that reduces the probability of a risk occurring or reduces its impact if it does occur. An existing process, policy, devise, practice or other action that acts to minimise negative impacts or enhance positive opportunities. Any event or circumstance involving or affecting the individual or organisation that causes or is likely to cause a loss (physical or otherwise), disruption, or fear arising from the deliberate activities of other parties. Where impacts are, or could potentially be realised against people, property or information. The plan of action the organisation intends to use to address its security risks based on the context in which the organisation operates and a thorough risk review it is one of the means by which an organisation will demonstrate a commitment to general risk management. Risk Security risk management is the culture, processes and structures that are directed towards maximising benefits and minimising adverse effects associated with the intentional, unintentional or unwarranted action of others against assets. Utilises multiple layers of shock absorbing foam with an interlayer of flexible puncture resistant material to enhance the shields protection capabilities incorporating the specifications in Attachment A. Refers to the use of physical barriers, locks, safes, screens or reinforced materials to reduce the opportunity for illegal access or vandalism to a property.

Security Control

Queensland Health

Security Incident

Queensland Health

Security Plan

Queensland Health

Security Management

Queensland Health

Soft Shield

Queensland Health

Target Hardening

Queensland Health

Version No.:1.1 Effective From: 01 Dec 2012

Page 5 of 7

Printed copies are uncontrolled

Queensland Health: Guideline for Security Risk Management and Asset Protection
Technical Surveillance Refers to the use of electronic security equipment (closed circuit television or video monitoring) to monitor vulnerable areas. Are existing conditions, processes or systems that may interact with ongoing activities to instigate error. Threats can be expected, unexpected or latent. A source of risk or potential for harm to occur. A list of potential sources that could cause harm to an organisation. For example, vandal, criminal, terrorist Any weakness that can be exploited by an aggressor to make an asset susceptible to change. Queensland Health

Threat

Queensland Health

Threat Source

Queensland Health

Vulnerability

Queensland Health

6.

References and Suggested Reading


Hospital and Health Boards Act 2011 Work Health and Safety Act 2011 Criminal Code Act 1899 Mental Health Act 2000 ISO 31000:2009 Risk Management, Standards Australia handbook HB167 Security Risk Management Australian Standards 4485 1-1997 Security for health care facilities Part 1: General requirements Australian Standards 4485 2-1997 Security for health care facilities Part 2 Procedures Guide Security Risk Management Body of Knowledge (Julian Talbot, CPP and Dr Miles Jakeman) Risk Management Institution of Australasia Manual of Uniform Traffic Control Devices Emergency Preparedness and Continuity Management Policy Integrated Risk Management Policy and Standards Implementation Standard for Occupational Violence Prevention and Management Queensland Health Information Security Policy and associated Standards: o Standard 3 Information Security Classification and Control o Standard 4 Human Resources Security o Standard 5 Physical and Environmental Security o Standard 7 Access Control

Version No.:1.1 Effective From: 01 Dec 2012

Page 6 of 7

Printed copies are uncontrolled

Queensland Health: Guideline for Security Risk Management and Asset Protection

Emergency Preparedness and Continuity Management Guidelines Integrated Risk Management Guidelines Possession and Use of Notebooks training/resource document

7.

Consultation

Key stakeholders (position and business area) who reviewed this version are: Principal Occupational Health and Safety Consultant, Healthcare Security Principal Policy Officer, Policy and Performance

8.

Guideline Revision and Approval History


Modified by P Clarke - Principal OHS Consultant Security L ONeill Principal OHS Officer Safety and Wellbeing Amendments authorised by G Easterby, a/Director, Safety and Wellbeing, System Support Services Division Approved by Lyn Rowland, Chief Human Resources Officer, System Support Services Division

Version No. 1.0

1.1

Kyle Fogarty - Policy Planning and Communications Adviser, Organisational Health

Adam Williams - Senior Director, Organisational Health

Lyn Rowland, Chief Human Resources Officer, System Support Services Division

Version No.:1.1 Effective From: 01 Dec 2012

Page 7 of 7

Printed copies are uncontrolled

1. 2. 3.

PROTECTIVE SECURITY IN THE HEALTHCARE ENVIRONMENT PROTECTIVE SECURITY PERSONNEL SECURITY RISK MANAGEMENT AND ASSET PROTECTION APPENDIX 1: PROTECTIVE SECURITY SURVEY (PSS) APPENDIX 2: PROTECTIVE SECURITY RISK EVALUATION (PSRE) LIST OF ANNEXES: A-M

4. 5. 6. 7. 8. 9.

SECURITY INCIDENT MANAGEMENT AND INVESTIGATION SECURITY AND THE PHYSICAL ENVIRONMENT IDENTIFICATION CARDS PREVENTION OF CRIME AND UNWANTED BEHAVIOUR OCCUPATIONAL VIOLENCE PREVENTION AND MANAGEMENT PATIENTS WITH PROTECTIVE STATUS

10. LEGISLATION RELEVANT TO HEALTHCARE 11. GEOGRAPHICALLY REMOTE LOCATIONS 12. SECURITY FOR STAFF WORKING WITHIN THE COMMUNITY 13. PROTECTIVE SECURITY IN CLINICAL AREAS 14. PHARMACY AND PHARMACEUTICAL SECURITY 15. PROTECTIVE SECURITY IN NON-CLINICAL AREAS 16. PROTECTIVE SECURITY OF HELICOPTER OF LANDING SITES 17. PROTECTION OF INFORMATION

1. PROTECTIVE SECURITY IN THE HEALTHCARE ENVIRONMENT


1.1 Healthcare Protective Security Vision We will become leaders in healthcare protective security services through the development, implementation and continuous improvement of contemporary integrated security risk management and asset protection programs in consultation with internal and external Health Services. This vision supports Queensland Healths goal of Safety for ALL. 1.2 Principles and Framework Everyone has a right to be safe and secure at his or her place of work or within supplied staff accommodation. Queenslands Work Health and Safety legislation requires the employer to provide a safe environment for staff and for others who, for whatever reason, work at or visit the facility. Additionally, the Hospital and Health Services (HHS) are required by law to protect the personal and private information held about their employees and patients. It is necessary to protect other forms of information and valuable and/or attractive items for which Queensland Health is responsible. 1.3 Core Principles Underpinning the protective security planning framework is a set of core principles which serve as the primary driver for all healthcare security governance functions and activities. These principles are not intended to be prescriptive and are provided as a reference guide to build and enhance capabilities, manage security risk, provide an appropriate level of transparency, optimise performance and maximise accountability. 1.4 Healthcare Protective Security Values We recognise that Queenslanders trust us to act in their interest at all times. To fulfil our mission and sustain this trust our four core values are: 1. 2. 3. 4. Caring for people Leadership Respect Integrity.

1.5 Healthcare Protective Security Strategic Intents Queensland Health will be successful in the provision of quality healthcare protective security through five strategic intents: 1. People: Recruit, train and retain a highly skilled workforce Encourage and support staff to develop their knowledge, leadership and skills Be accountable and act ethically Promote healthcare protective security utilising sound risk management principles. 2. Information and Systems: Utilise integrated risk management processes to effectively manage healthcare protective security. 3. Environment:

Promote an organisational culture that supports healthcare protective security values including professionalism, teamwork, performance accountability, and quality and recognition Promote and implement situational crime prevention principles including Crime Prevention Through Environmental Design. 4. Activities: Be leaders in healthcare protective security through innovative practices and quality improvement Seek consultation with key stakeholders to achieve legislative compliance, create appropriate Queensland Health Policies, Implementation Standards and Protocols Meet or exceed minimum healthcare industry accreditation requirements Establish educational and awareness programs to support healthcare protective security. 5. Partnerships: Work collaboratively with our key stakeholders and others to integrate programs and activities which support and promote healthcare protective security. 1.6 Focus of Protective Security The provision of protective security services within healthcare is focused on four major objectives: 1. Prevention of unwanted activities and behaviours 2. Protection of persons, property and workplace activities 3. Response to security events 4. Recovery from security events. 1.7 Protective Security Awareness It is important that all staff are aware of their security obligations and of their facilitys protective security work practices, standards and procedures. Protective security awareness training should take place as part of induction with refresher sessions at regular intervals. Information fact sheets posted on notice boards and/or on web pages could also be utilised. It is imperative that staff also take responsibility for their own safety and security. Where security equipment is supplied (doors, locks, windows, barriers) it is imperative that employees use them effectively. The safety and security of others may depend on whether the door is locked, or window shut. Security and safety is everyones right and responsibility.

2. PROTECTIVE SECURITY PERSONNEL


2.1 Protective Security Coordinator (Coordinator) Dependent upon size or complexity of an HHS or facilities within the service, a person shall be appointed to fulfil the role of Protective Security Coordinator (coordinator) for the HHS or facility specific. This role may be specific to the tasks or as a part of a wider range of duties. The functions may include: Notify the Health Service Chief Executive / Executive Manager, through the HHS Work Health and Safety (WHS) Manager, about the overall state of protective security at HHS workplaces, including provision of advice to key stakeholders for achieving compliance with security legislation, accreditation standards, Queensland Health Policies and Implementation Standards; Coordinate or conduct, inspections at the workplace to identify and assess security risks or unsafe or unsatisfactory protective security systems, conditions and practices; Report to the Health Service Chief Executive / Executive Manager, through the HHS WHS Manager, any security risks, unsafe or unsatisfactory condition and/or practice identified during security inspections; Request escalation to the Queensland Healths Work Health and Safety Steering Committee on emergent protective security issues that may have regional or statewide impact; Establish and coordinate protective security awareness training or education; Investigate or assist the local OHS Units investigation of security related workplace incidents and assist authorised inspectors and officers or Queensland Police Officers as required; Align HHS protective security activity with Queensland Health Policies and Implementation Standards and work collaboratively with the local and statewide health and safety practitioners; and Establish and maintain HHS interagency networking for example, Queensland Police Service, to facilitate continual quality improvement for managing security risks or unsafe or unsatisfactory conditions and practices in the workplace. The coordinator will be responsible, through their relevant manager, for ensuring development of local Standard Operating Procedures (SOP) and systems for aligning HHS protective security activities with Queensland Health Policies, strategies and security elements of healthcare accreditation standards. Coordinators shall be appointed, in writing, as a protective security officer pursuant to Section 163 Hospital and Health Boards Act 2011. Coordinators shall not provide protective security advice to any person outside Queensland Health as doing so may exclude them from indemnity by Queensland Health and may require licensing as a security adviser pursuant to the Security Providers Act. 2.2 Protective Security Officers Protective security officers are an important service group within the facilitys structure and can provide assistance to patients, staff and others in routine or emergency situations. Protective security services may be provided by: facility employees performing, solely or in part, a healthcare industry security function private security firms employed under contract to the healthcare facility, or a combination of facility employees and private security personnel.

Use of contract security must be in compliance with relevant human resource and industrial relations instruments. Security officers, both employees and contractors, shall be appointed in writing as a security officer and/or authorised person pursuant to Section 163 Hospital and Health Boards Act 2011 (HHB Act). Whilst external security providers performing work for Hospital and Health Services shall hold the appropriate class of security license under the Security Providers Act 1993, QH Legal Unit confirms that employees undertaking security work in a Queensland Health Facility employed under the HHB Act are not security providers for the purpose of the Security Providers Act 1993; therefore there is no legislative requirement for these officers (employees) to be licensed. 2.3 Appointment of Security Officers and Authorised Persons All persons (employees or contractors) engaged at Queensland Health facilities to undertake a security role (or that of an authorised person) must be appointed in writing in accordance with the Hospital and Health Boards Act 2011. The HHB Act provides for the Health Service Chief Executive to appoint a security officer under s164 provided the appointer is satisfied the person is qualified because the person has the necessary expertise and experience. Contracted licensed providers (firms) of security must provide licensed security personnel (pursuant to the Security Providers Act 1993). In addition, the contract arrangements may require certain specialised competencies equivalent to Queensland Health employee training and education (for example, Aggressive Behaviour Management for Healthcare Workers and fire safety). These competencies or skills requirements must be clearly documented in the tender and contract documentation. 2.4 Selection of Staff Protective security officers in the healthcare industry require suitable personal qualities and behaviours to assist in the performance of their duties. Desirable personal attributes include good character, attitude and ability to interact with people in a positive and supportive manner, neat appearance and deportment, and a sound knowledge of the position role, duties and responsibilities. Where appropriate, healthcare protective security officers should be physically fit and be prepared to undergo further training. Self discipline, alertness and the ability to communicate orally and in writing are essential qualities in those considered for selection. It is important that attention is paid to the current minimum standards of competence and qualification of persons to be appointed as protective security officer or authorised persons. These standards will be set in response to legislative requirements and needs of the organisation. 2.5 Employment Screening Protective security staff shall be subject to a thorough investigation of their past employment history prior to their appointment in security positions. Screening will include relevant criminal history checks in accordance with Queensland Health Policy. 2.6 Tasks and Functions of Protective Security Staff Protective security staff are often the first contact person for patients, staff and others and may be required to: perform entry/exit control duties, for example identification and security pass checking monitor electronic surveillance and security alarm systems

perform security risk management tasks carry out inspections to verify the integrity of secure perimeters, security containers and areas controlled for reasons of security after hours, and lighting and security inspections patrol external areas and buildings patrol internal building areas to secure classified sensitive and valuable material (i.e. detection and reporting of breaches, including lockup procedures) escort patients, staff, visitors, cash in transit and tradespersons conduct staff protective security awareness campaigns and promotions manage small lost property items, deceased effects or valuables. Managing lost and found property in larger Health Services may be an administrative role undertaken by trustee or other person set up specifically to manage these effects provide assistance as directed during an emergency perform lockup and unlock duties of designated areas as required report security, fire and safety risks manage key and access controls check identification of persons respond to alarms and calls for assistance monitor and control traffic and parking on facility property keep a record of daily activities, including alarms and incidents assist in the location of missing patients assist and support the security coordinator as required.

2.7 Standard Operating Procedures and Work Instructions The duties of protective security officers should be clearly detailed in security work instructions or SOPs. SOPs should be available to all protective security officers however; work instructions should be stored in a secure area and should not be made available to unauthorised persons. More general documents about how Queensland Health employees sustain a secure workplace through processes such as key control, access control or notifying security departments of incidents should be readily available for all staff, for example, published on QHEPS. SOPs define the administration and security responses to topics including: access control, visitor procedures, after hours entry/exit procedures; guidance for checking doors, windows and other security features; the function and existence of security patrols; how to operate the security alarm system; response action concerning an incident or discovery of a security breach; documentation on relevant State or Commonwealth legislation, Queensland Health Policies, Implementation Standards and local procedures; protocols for managing occupational violence; and requirements for any special places or unwanted activities requiring additional awareness. 2.8 Staff Numbers The number of healthcare protective security officers employed by a facility will vary from site to site. A comprehensive security risk assessment (SRA) must be facilitated by the coordinator in accordance with Australia Standards Handbook HB167: Security risk management. Findings from the assessment will assist in determining correct staffing levels, resources and other forms of risk reduction as appropriate. 2.9 Employee or Contract Services Queensland Health will use employees rather than contract security where possible. Compliance with relevant industrial agreements must be maintained.

2.10 Training and Development It is essential that protective security officers undertake training commensurate with duties and responsibilities. Due to the diversity of the roles and responsibilities of protective security officers, each Hospital and Health Service will need to determine any additional training and competency needs. Training and induction must be provided to protective security staff prior to commencement of operational duties. AS4485: Security for Healthcare Facilities and AS4421: Guards and patrols provide detail for levels and competency required within general security and healthcare security. Security Risk Management and Asset Protection Protocol and relevant Australian Standards require that: effective training shall be delivered by suitably qualified or experienced staff; persons undergoing training shall be supernumerary to existing qualified staffing arrangements the performance of the person being trained must be assessed and where necessary, remedial training provided employee development training should be encouraged training records to be maintained for all job related training. All protective security staff are required to participate in specialised training appropriate to their role and responsibilities and may include: Aggressive Behaviour Management for Healthcare Workers fire safety and response emergency response local security systems and procedures. All protective security training must be: competency based recorded (including course content, assessment/competency standards, attendance and evaluation) and retained in employees personnel file maintained in a Training Register. Table 1: Brief synopsis of competency requirements under Australian standards
Australian Standard 4421: Guards and patrols a) Standing orders; b) Site orders; c) Administrative procedures; d) Communications; e) Field communications; f) Customer relations; g) First response fire safety; h) Occupational safety; and i) Legal rights and jurisdiction. Australian Standard 4485: Security for healthcare facilities Introduction to healthcare security: a) Healthcare facilities overview; b) Healthcare security: Organisation and structures; Roles, duties and responsibilities; and Public and community relations. c) Threat, vulnerabilities and risks overview; and d) Career and professional development. Protective security: a) Security overview; b) Physical security - defence in depth, locks, access control; c) Security technology - alarms, closed circuit television, detectors, duress alarms;

d) Emergency detection technologies (as appropriate); e) Fire indicators systems, EWIS, detectors, VESDA, fire suppression systems; f) Administrative and procedural security; g) Personnel security; h) Information security (See AS/NZS 4444); i) Identifying vulnerabilities; j) Traffic and vehicle management; k) Patrol techniques; l) Dealing with incidents; and m) Security officers equipment and personal protective equipment. Communications: a) Report writing; b) Records; c) Incident reports, records management; d) Notebooks; e) Methods and techniques telephone, fax, radio and public address; f) Media liaison (e.g. direction/control of unwanted media activities); and g) Verbal and non verbal communications. Security and the law: a) Law enforcement liaison; b) Preservation of the crime scene; c) Statements; d) Courtroom procedures and giving evidence; e) Power of arrests State legislation; f) Use of force (reasonable and necessary); g) Trespass; and h) Common and statute law, tacit consent. Emergency preparedness: a) Emergency responses for healthcare facilities (AS4083); and b) Emergency control organisation and procedures for buildings (AS3745). Computer skills: a) Word processing; spreadsheet and statistics. Interviews and investigations: a) Introduction; b) Interviewing techniques; c) Basic investigations; and d) Investigation reports and follow up. Presentation skills and techniques: a) Training presentation skills; and b) Adult learning. Dealing with disturbed patients, visitors and employees: a) Non violent crisis management; b) Management of aggressive behaviour; c) Psychiatric patients; d) Drug and alcohol facilities; and e) Accident and emergency patient restraint. Special security considerations: a) Narcotics and dangerous drugs; b) Currency and valuables; c) Confidentiality; d) Privacy; e) Patient and personnel records; and f) First aid (by facility or Registered Training Organisation).

3.

SECURITY RISK MANAGEMENT AND ASSET PROTECTION

Security Risk Management and Asset Protection Program (SRMAPP) has been implemented to improve hospital and health service capacity to undertake effective security risk assessments (SRA) as part of the Protective Security Survey (PSS) and meet the intent of AS4485 Security for healthcare facilities. The methodology and assessment matrices used within the Security Risk Management and Asset Protection program align to QHRisk. Refer to: Integrated Risk Management Policy (2011) (Effective January 2012). The Security Risk Management and Asset Protection Program includes: Security risk management (SRM) framework integrated with Queensland Healths: a) Integrated Risk Management framework; b) Emergency Management Business Continuity; and c) Occupational Health Safety Management System (OHSMS). Alignment with all asset protection strategies, systems and processes across Queensland Health; Capability building through delivery of nationally accredited SRM training; development and implementation of consistent security risk assessments (SRA) tools and templates; Establishment and resourcing of protective security consultancy team/s to provide: a) protective security advice and support; b) evaluation of local and statewide strategic security performance; c) development and delivery of effective training programs in protective security; and SRM. Establishment and maintenance of protective security practitioners network; and Implementation of a risk management approach to ensure security risks are minimised through effective design of major capital works. Hospital and Health Service Responsibility Queensland hospital and health service shall have in place a SRMAPP in accordance with Security Risk Management and Asset Protection Implementation Standard (Implementation Standard) and Security Risk Management and Asset Protection Protocol. The program, as detailed in the above documents, has been developed in consultation with stakeholders ensuring that: assets and resources requiring protection are identified and categorised for critical value where reasonably foreseeable, all threats to assets and resources, both human and non human, are identified and assessed where reasonably foreseeable, security risks to assets and resources, both human and non human are identified and assessed, and are eliminated where practicable security risks to assets and resources are mitigated or treated where they cannot be eliminated all stages of the program are documented each Hospital and Health Service has a Security Plan (SP) in place which addresses security risks a facility SP is regularly monitored and annually reviewed

Security Operating Procedures (SOP) and work instructions exist which support the SP.

3.1 Security Risk Management (SRM) Cycle Queensland Healths SRM program is a four year cycle (refer Diagram 1: Risk Management Cycle) which aligns with the Australian Council on Healthcare Standards (ACHS) requirements. The cycle is a continuous process. Each HHS shall determine where, in the continuum its SRM process currently sits and continue in the cycle from that point. The PSS processes detailed in this Guideline are presented in modular format. The Annexes (Annexes A-M) provide flexibility to conduct each stage of the security risk assessment process in a systematic manner and over time. Diagram 1: Security Risk Management Cycle
FOUR YEARLY CONTINUOUS CYCLE

OHS CHECKLIST

Protective Security Survey (PSS) Critical asset identification Threat vulnerability Vulnerability assessment Risk assessment Risk treatment plan Security plan

OHS CHECKLIST

Initially & Year 4

OHS CHECKLIST

Review Security Plan

Year 3

Year 1

Review Security Plan

Year 2

Protective Security Risk Evaluation (PSRE) Update previous PSS to ensure currency May include a security risk assessment on key area or function as required Review of security risk treatment plan and District Risk Register

OHS CHECKLIST

3.2 Protective Security Survey (PSS) A Protective Security Survey (PSS) is conducted initially and then on an ongoing four yearly cycle. The aim of the PSS is to: survey and validate security measures presently in force in a facility inform facility management of the present state of security and asset protection within the facility report on previous security surveys, security audits or security inspections including counter terrorism assess present security and asset protection strategies for suitability and cost effectiveness

identify vulnerabilities check current SRM arrangements are planned and executed.

Each stage of the PSS must be completed in full and in sequence. Refer: Appendix 1 Protective Security Survey (PSS). The PSS stages are summarised as follows: Stage 1: Preparation, Communication and Consultation Communication and consultation during SRM processes is essential for improving awareness and commitment to SRM activities being undertaken. The PSS team will establish the security, organisational and environmental context and validate the relevance of data and information collected. Stage 2: Asset and Resource Appreciation Identification of assets (people, property, information, activities and reputation) is a critical requirement to meet organisational objectives and outcomes. The PSS team and stakeholders will identify critical assets then assess and assign a value based on organisational importance and/or dependence upon the asset and respective support processes. Stage 3: Threat Assessment Identification of potential threats arising from the external and internal environments. An assessment is conducted of foreseeable threats (human and non human) which can cause loss of facilitys assets. Stage 4: Review Security Controls and Assess Vulnerabilities Identification of the current procedural, physical and technical security regimes is conducted and security system weaknesses evaluated. Stage 5: Risk Analysis A comprehensive assessment of threat, vulnerability and criticality in terms of likelihood and consequence is conducted to assess security risks to the facility. Stage 6: Develop and Recommend Risk Treatment Strategies In consultation with relevant stakeholders the PSS team identifies the risk owner. The risk owner with the assistance of the PSS team then develop and assess suitable security risk control options including elimination, avoidance, acceptance, sharing or reducing security risk. Stage 7: Present Findings, Monitor and Review The SRA report and developed recommendations for security risk control options addressing identified risks and risk owners are presented to the relevant authorised person as detailed in the PSS Terms of Reference. A security classification (e.g. Protected, Security in Confidence) must be assigned to the document. Ongoing monitoring and review shall be carried out at the local level to ensure: implemented security risk control measures are effective security risk control measures are being used correctly staff are aware of security measures and have received instruction and training as required no new hazards have been introduced into the workplace as a result of control measures being implemented. Security risks identified as very high must be recorded on the Hospital and Health Service Risk Register and escalated to Health Service Executive for appropriate response.

All risk management documentation must be retained in accordance with Queensland Health Records Management Policy. 3.3 Protective Security Risk Evaluation (PSRE) A Protective Security Risk Evaluation (PSRE) is to be undertaken two years after the PSS or in response to any significant change in the: environment facilitys role, responsibilities and function; construction or refurbishment of buildings or space occurrence of significant security incidents. In addition, a PSRE may be undertaken as a result of the ACHS accreditation process. The completed PSRE Report including all attachments shall be given a security classification and retained in accordance with the Queensland Health Records Management Policy. The working documents such as notes, emails and correspondence should also be secured as this may be required in the event of an investigation or enquiry. The PSRE was developed to minimise impacts upon HHS and facility resources whilst meeting the intent of AS4485 Security for healthcare facilities. The PSRE applies the same methodology as the PSS and consists of seven stages carried out in their entirety and in sequence. Refer: Appendix 2 Protective Security Risk Evaluation (PSRE). 3.4 Annual Review of Security Plan (SP) A SP is developed and implemented in response to the initial PSS and details actions to address the identified security risks. It is then reviewed annually during the remainder of the four year cycle when the SRM process recommences. Template: Annex J. 3.5 Security User Requirement (SUR) Prior to major capital works design, construction, refurbishment, acquisition, purchase or lease of buildings (including staff accommodation) being undertaken by, or on behalf of Queensland Health, it is a requirement that environmental design, and physical and technical security controls be considered. In accordance with the Implementation Standard, a risk management approach must be employed. This approach includes the establishment of a lead a security user group (SUG) consisting of relevant stakeholders (including end-users). The SUG will develop and document minimum security user requirements (SUR) based upon the assessed security risks, building classification and facilitys intended functions. The SUR forms part of the tender / planning documentation and prescribes minimum physical and technological security requirements. It is a requirement that persons who tender / plan for the major works shall, in writing, clearly demonstrate how the SUR will be addressed and provide a schedule of works to assist in coordinating inspections and evaluating SUR specific works. The SUG shall ensure inspections, reviews and evaluations of the works are undertaken in consultation with relevant contractors to ensure the SURs are being addressed in accordance with contractual terms and conditions. Upon practical completion of major works, the SUG in consultation with end-users, tendered and contractors will conduct a post occupancy evaluation (POE) to ensure: all security related requirements have been effectively met

defects are rectified opportunities for continuous quality improvement in design of healthcare facilities are captured.

A copy of the post occupancy evaluation report shall be provided to Health Planning Infrastructure Division to feedback relevant information and recommendations for continuous quality improvement in healthcare facility design and construction. 3.6 Strategic Security Review (SSR) A strategic security review (SSR) is an evaluation of an organisations current strategic security regime, for example, strategic protective security and technical security systems. Where a Health Service has been unable to undertake a comprehensive PSS during the two prior years, the hospital and health service chief executive officer may request the Principal Occupational Health and Safety Consultant, Security (Security Consultant) to conduct the SSR. Additionally an SSR may be initiated by the Director, Safety and Wellbeing Unit, having regard to changes to legislation, Queensland Health s health and safety requirements or work health and safety performance. The Security Consultant shall ensure the SSR is undertaken as soon as practicable. The SSR may include evaluation of: a) Strategic security regime incorporating: security incidents and reports current PSS (i.e.: undertaken within the previous 2 years) current SP and security SOP emergency management contingency planning security officer and authorised officer training compliant appointment of security officers and authorised persons security staffing / personnel security management management of contract security services (if applicable) security staff personal protective equipment staff security awareness and training other protective security issues. b) Strategic technical security systems incorporating: access control including electronic access control systems closed circuit television system security alarm system key control system duress alarm system identity card system. c) Capability building which can include: delivery of SRM awareness training mentoring the Health Service / Facility Security and Asset Protection Coordinator (or other relevant staff) ongoing security risk management and asset protection advice and support.

3.7 Integrated Systems The SRMAPP is an essential supporting element of the Queensland Health Occupational Health and Safety Management System, the emergency management business continuity programs and ACHS accreditation process. The PSS, PSRE, SP and review documentation contain highly sensitive information and must be given an appropriate security classification. Documents are to be retained in accordance with Queensland Health Records Management Policy.

APPENDIX 1: PROTECTIVE SECURITY SURVEY (PSS)


STAGE ONE: Preparation, Communication and Consultation For the Protective Security Survey (PSS) to be effective, detailed preparation, communication and consultation is required. This is essential for improving awareness of, and commitment to the range of security risk management (SRM) activities being undertaken. Step One: Establish the Terms of Reference (TOR) It is critical to establish a clear and written Terms of Reference (TOR) which will include: 1. Establishing the authority for the PSS. There must be clear authority in writing, to undertake the PSS and to access information relevant to the assessment such as incident reports and previous assessments. Preferably, the authority should be given at the highest level of the organisation / facility. The written authorisation may need to be produced by the assessment team members to substantiate PSS activities, particularly after hours. 2. Scope / Nature of the PSS. The aim and objectives of the PSS must be established and documented (refer to Annex A Example Terms of Reference) and may include: timeframes for conducting the PSS areas or activities to be assessed establishment of PSS Team. 3. Limitations, inclusions and exclusions for the PSS. The PSS may include all buildings on site or just target specific areas or activities such as an Emergency Department (ED), Psychiatric Unit or community healthcare facility. For example, The TOR text may be: Included in the PSS are aspects of physical, personnel, information and administrative security, but specifically excluded are Emergency Preparedness Continuity Management (Counter Terrorism component) and aspects of Information Technology (IT) security other than physical security of computer hardware and software on the premises. This is a very important part of the preparation stage as it will impact on time, costs and resources needed to undertake the PSS. It may also indicate what level of expertise will be required to conduct the PSS. For example, a facility with a large holding of dangerous goods may require expert hazardous materials advice be available to the PSS team. It is at this point that the PSS team members are identified. Ideally, the team members should consist of three persons, some or all of whom have: a working knowledge of SRM a sound working knowledge of the workplace, facility or process undergoing the survey. Assessments in technical areas may require the expertise of subject matter expert/s. 4. Other parties. A list of stakeholders needs to be developed outlining who and what other organisations need to be consulted as part of the process. Examples may include: Internal stakeholders: a) Nursing, medical, administrative, engineering and protective security staff b) Contractor / Consultant.

External Stakeholders / Organisations: a) Emergency Services or other Government Departments and Agencys b) Police Intelligence for criminal threat assessment c) Neighbours d) State Emergency Service e) Other healthcare facilities which have recently undergone a review. Step Two: Documentation, building and floor plans Accessing and reviewing documentation and plans is a very important part of the PSS process. Previous security reports, Standard Operating Procedures (SOP), protective security work instructions, dangerous goods manifests, building and floor plans aid in understanding operations and facility layout. The documents also assist the PSS team (see Stage Four) to identify: critical asset locations underground tunnel systems hazardous materials storage locations utility supply lines including water, power, sewerage and/or gas buildings fabric and structure closed circuit television (CCTV) camera locations and coverage security alarm systems, both duress and intruder. A tool to assist with gathering information detailed in Stages One to Four of the PSS is at Annex B. The tool is not a definitive and all inclusive document and will require modification to suit the specific needs of the facility. Any information gathered should be treated as sensitive in nature and a security classification may need to be assigned.

Stage one is now complete.

Stage Two: Asset and Resource Appreciation In the protective security context an asset is a resource item or process that supports and allows an organisation to continue its day to day operations unhindered. It is not merely a list of physical property located at a facility. It includes an organisations people, property (tangible and intangible), information and activities. Assets may also include an organisations or an individuals reputation which is intangible and should not be overlooked. Property may be tangible (i.e. physical property) or intangible (i.e. knowledge or intellectual property) and is important when undertaking risk assessments in areas such as research facilities where the most valuable asset is often knowledge or research data. The PSS team should consider what an organisation or facility owns, operates, leases, controls, buys, sells, services, designs, produces, manufactures, tests, analyses, maintains or has custody or responsibility for its use. An individual within an organisation can list critical assets however the list may not fully cover what is actually critical to the organisation. Individuals view assets based on their particular knowledge, role or position and the activities which are their prescribed duties Asset owners and operators are generally the most important source of information about assets in need of protection. Wherever practicable the PSS team in consultation with asset owners and operators, who have a working knowledge of the particular area or function, should identify and assign a criticality value to the asset. Creating an Asset/Resource Register Using the template provided (Annex C: Asset / Resource Register) the PSS Team and appropriate stakeholders should list the critical assets within each category (i.e.: column) on the page. For example: Category Critical Asset People - Clinical /Admin/ Operational staff; patients; visitors. Property - Building; Medical equipment; Research knowledge. Information - Medical records; IT Information. Activities - Triage; Patient transport. Reputation - Local Health Services reputation; Individuals reputation. Assigning a Criticality Rating Once the critical assets have been listed by the PSS Team and stakeholders, a Criticality Rating is assigned. Table 1: Asset Criticality Value will aid in this process. Additionally, assigning a criticality value to assets will assist in determining the allocation of finite resources (financial, human and technical) needed for protection or remedial action. I.e.: what targets most require protection. The asset criticality value number (1-5) is based on the level of importance or dependence that the organisation or facility has on that particular asset.

TABLE 1: ASSET CRITICALITY VALUE


CRITICALITY MAJOR IMPORTANT SENSITIVE SUPPORT ROUTINE CRITICALITY VALUE 5 4 3 2 1 DESCRIPTION Loss or compromise because of its high cost, replacement lead time, impact on operational capability or function of the organisation or facility would be a major concern to the organisation. The loss or compromise, while not significantly impairing the overall capability of the organisation or facility, would have a serious impact on the functioning of an element within. The loss or compromise would heighten danger and cause embarrassment to the organisation or facility. The overall loss or compromise would have little significance on the overall capability of the organisation or facility but would impair the efficiency of the day to day administration of operations. The loss or compromise would have no impact to an organisation or facilities mission, other than a minor administrative impact.

Example of completed Asset / Resource Register of an ED :


Critical asset categories (People, Property, Information, Activities and Reputation)

Asset Number (Consecutive number in order of appearance)

Assigned Criticality Value

Critical Asset

Stage two is now complete.

STAGE THREE: Threat Assessment Threat, in the protective security context, is an event that has the potential to cause harm, disruption or fear. Threat is the source of risk. If there is no threat there is no risk. It is important therefore, to understand the difference between a threat source; a threat and a risk. Threat Source: Potential sources that could cause harm to an organisation. Threat: Are existing conditions, processes or systems that may interact with ongoing activities to instigate error. Threats can be expected, unexpected or latent. Risk: Is the risk of death, injury, illness or damage to property and/or environment occurring as a result of a hazard or event. Security Risk: The chance of something happening that will impact on objectives. Examples of threat source, threats and risks:
Threat Source: Disgruntled staff Threat: Sabotage Risk: Loss of activity / function Threat Source: Violent patient Threat: Assault Risk: Serious injury to staff Threat Source: External criminal Threat: Bomb Threat Risk: Cessation of activities Threat Source: External criminal Threat: Break in Risk: Damage to critical equipment Threat Source: Earthquake Threat: Damage Risk: Cessation of activities Threat Source: Flood Threat: damage to critical equipment Risk: Loss of function Threat Source: External criminal Threat: Robbery Risk: Injury to persons Threat Source: Politically motivated group Threat: Release of laboratory animals Risk: Loss of research function Threat Source: Foreign intelligence Threat: Espionage Risk: Loss of corporate intellectual property Threat Source: External criminal Threat: Fraud Risk: Loss of financial assets Threat Source: External criminal Threat: Damage to property Risk: Loss of asset Threat Source: Issue motivated person Threat: Arson Risk: Loss of life

Conducting a Threat Assessment (TA) involves firstly identifying possible types and sources of threat that could harm the individual, organisation or facility. Security threats spring primarily from deliberate intentions rather than from accidental, natural or systemic causes. Hence people are the primary source of security threats (as opposed to acts of God, hazards, mechanical failures or management systems). This does not however discount the need to assess non deliberate threats such as natural events, hazards, acts of God and equipment failure which impact on an individuals, organisations or a facilitys ability to function. Threat sources are grouped into thee categories: 1. Internal Threat Sources 2. External Threats Sources 3. Non Human Threats

Completing a Threat Assessment (TA) A TA is prepared from information sourced from a wide variety of areas such as crime data, security incident reports, work health and safety incident reports, media articles and staff liaison. The frequency component of a TA is developed from actual incidents that have occurred either directly at the facility or in the geographic location. A systemic problem with frequency data is under reporting. A contributing factor to under reporting is how security and security related incidents are identified or perceived by individuals. Where data is lacking, consideration should be given to using staff surveys, patient surveys and so forth. This may also indicate persons perceptions of how safe or unsafe an environment is. Step One: List threat sources Using the Threat Identification Register, the PSS team in consultation with appropriate stakeholders list all reasonably foreseeable threat sources (internal, external and non human) that could cause harm. Security threats can be classified according to the source of origin: Criminals including visitors / patients (e.g. arson, robbery, violent acts against the person, intrusion , hostage, vandalism, murder, theft , destruction of property); Terrorists acts perpetrated by issue motivated group (e.g. bombings, sabotage, kidnapping, bio / chemical attacks) Foreign / Commercial / Industrial (e.g. commercial / industrial espionage, industrial action) Media (e.g. adverse publicity) Insider (e.g. arson, malicious acts by disgruntled employees, theft, espionage of classified material for others, sabotage, unauthorised disclosure of classified material, inadvertent loss of classified material) Natural (e.g. flood, tempest, earthquake) Other (e.g. loss of power, loss of water, fire, chemical spill). Example of an ED Threat Identification Register:

A template of a Threat Identification Register is at Annex D.

Step Two: Grade the threat source The listed threat sources now require grading using Table 2: Threat Assessment Matrix. This is used to rate how likely or how often a risk is expected to occur i.e.: Likelihood. TABLE 2: THREAT ASSESSMENT MATRIX Ref - Grade Descriptor
A - Almost Certain B - Very High C - High D - Medium E - Low Very likely; the event will occur in most circumstances Probable; the event will probably occur at least once Potential; the event might occur at some time Improbable; the event is not expected to occur Very unlikely; the event may only occur in exceptional circumstances

In grading the human threat sources (internal and external), it is necessary to ascertain relevant data such as incident reports; previous assessment and reviews; and Police crime statistics and calls for service data. This will provide a strong indication of the likelihood of the threat. Oft times, incidents are under reported making the grading of likelihood difficult. Undertaking a survey or interviewing staff, patients or others may illicit relevant information about the likelihood of events. Historical data and recollections of staff should be used to assess potential threat levels. For example, loss of power or water is often not reported in an incident database. Relying solely on incident report data, would fail to indicate the likelihood for loss of power or water. However local trades-persons may be able to provide evidence of similar events occurring over time. Where possible, the grading should not be made by one person but by the PSS Team and relevant stakeholders. This will provide a more balanced approach with less chance of criticism. Human Threat sources may also be graded by establishing intent and capability to determine the overall threat potential to the organisation / facility however, this requires gathering intelligence, some of which may or may not be outside the capability of the PSS Team. In conjunction with the threat definitions below, Threat Matrix at Tables 2 and 2A may assist in grading each human and non human threat. Capability Extensive: There is a very high probability that a group or individual is known to have the ability to defeat current security measures which pose a direct threat to compromise the confidentiality, or integrity, or the availability of a critical asset or capability. Moderate: There is a reasonable expectation that a group or individual with limited ability may pose a threat to compromise the confidentiality, or the integrity, or the availability of a critical asset or capability. Low: While a potential threat may arise, there is no information to show, or believe a current threat exists.

Intent Determined: There is a high probability that a motivated group or individual currently exists with the intent to conduct activities which pose a direct threat to the confidentiality, or integrity, or the availability of a critical asset or capability. Expressed: There is a reasonable expectation that a group or individual will attempt to conduct activities that may pose a threat to the confidentiality, or integrity, or the availability of a critical asset or capability. Little: There is little basis to assess that a group or individual has the intent to conduct activities that pose a threat to the confidentiality, or integrity, or the availability of a critical asset or capability. TABLE 2 A: THREAT ASSESSMENT MATRIX
Extensive CAPABILITY Moderate Low Little MEDIUM LOW LOW Expressed VERY HIGH HIGH MEDIUM INTENT Determined ALMOST CERTAIN VERY HIGH HIGH

Below is an example of a completed Threat Identification Register:


THREAT IDENTIFICATION REGISTER Unit Facility Name: Johnson Hospital Human Threats Internal Threat Source L AC M M AC Disgruntled Staff Violent Patient Wandering Patient Confused Patient Internal Criminals External Threat Source L E L L L Arsonist External Criminal Issue Motivated Groups Computer system Hacker Terrorist AC L L M M Loss of Power Loss of Water Supply Flood Storm/Cyclone Vermin Location: Emergency Department Non Human Threats

Stage three is now complete.

STAGE FOUR: Review Security Controls and Assess Vulnerabilities PSS team undertakes a field inspection, by day and night, to carry out an assessment of the effectiveness of current security controls. Implemented security controls should employ the Protection-in-Depth principles that will DETER, DETECT, DELAY or RESPOND to an attack and RECOVER from an attack. The assessment will also aid in identifying vulnerabilities presently existing within the facility. Vulnerability: Is any weakness that can be exploited by an aggressor to make an asset susceptible to change. Vulnerabilities can include elements in design and construction of a facility, technological systems and the way the facility is operated. A vulnerability assessment (VA) identifies specific weakness with respect to how they may invite and permit a threat to be accomplished. The Vulnerability Identification List (Template Annex E) is used by the PSS team to document the identified vulnerability by location, describe the problem the vulnerability causes, what recommendations could be used to counter them and any general comments considered pertinent. A VA Guide (Annex I) provides guidance to the PSS team in assessing vulnerabilities. It outlines example security risk control elements and what they achieve. For example, physical controls (signage, fencing, lighting), people controls (security awareness programs, staff training), policy and process controls (inventory control, housekeeping), and technology controls (intrusion detection systems, mail screening, duress alarms). Diagram 2: Illustration of Protection in Depth

Examples of vulnerabilities are: Emergency Department administrative offices: There is no door which can seal off the administrative offices after hours and adversaries can wander in this area undetected. This could lead to a compromise of medical records and equipment. Nurse stations: There are no duress alarms to notify of an incident or potential incident in the area. There is no response capability in an emergent situation. Carpark: There are four lights not functioning at the southern end of the car park. This could lead to adversaries in the car park not being detected by staff and security patrols. Security procedures: Building 3 was not locked after hours. There is no deterrent or delay to adversaries entering the building. This could lead to vandalism, theft and damage to property.

Stage four is now complete.

STAGE FIVE: Risk Analysis Protective security risk analysis can be summarised as the systematic use of observations and data about asset protection to determine the likelihood of adverse events taking place and the magnitude of their consequences (impact or harm) in the event that the security threat actually takes place and risks are realised. There are three components in the risk analysis process which are summarised below: 1. Consequences Analysis This is an assessment of the consequence to the organisation or facility if a particular asset is lost, compromised or restricted. The relevant information that is needed to make an objective assessment by the PSS team will have been obtained during stages two to four of the survey. An important factor in making this analysis is critical lead time for replacement. This is defined as the period of time that an organisation will be without the use of the asset if that asset was to be lost, compromised, or otherwise restricted. It can be critical if it is an integral part of a businesses process. To aid in this process see Table 3 Consequence Table.

Table 3A: Example Consequence Table for Security and Work Health & Safety
TYPE OF CONSEQUENCE S Security (May include fraud/theft, unauthorised access and areas of suspected official misconduct) Work Health & H Safety 1 - MINOR Monitored by local Staff, some effect on routine operations DEGREE OF SEVERITY 2 - MODERATE 3 - MAJOR A security event that may threaten a program / service. An event requiring internal investigation. Major event that threatens a program / service across the wider organisation. Events requiring referral to Police / CMC 4 - EXTREME Extreme event affecting a program / service areas ability to continue its operation resulting in total shut-down

Permanent loss of A loss of life No lost time injury. Lost time injury First aid or medical involving a function treatment temporary loss of or disability function required or a notifiable event

2. Risk Likelihood Analysis This is the potential or probability for a threat to be realised against the critical assets. Table 4 Likelihood (Probability) Table provides definitions to assist in assessing likelihood. Analysis considerations include: If there are no threats to an asset there is no risk Vulnerabilities allow a threat source to exploit weaknesses and increase the likelihood of risks being realised Present security controls must be understood as they may actually reduce the opportunity for the threat to be realised and, with it, risks to critical assets. Suggested questions for the PSS team before analysing risk likelihood are: What are the current security controls that may prevent, control, detect and intervene to deter harm occurring to a critical asset? How effective have they been? What are vulnerabilities (weaknesses) in the security controls that can be exploited by a threat source and increase the likelihood of a risk being realised? What is the critical assets level of exposure? What is the threat assessment? How determined are the threat sources? How competent are the threat sources? I.e.: Do they have the capability and intent? What is the incident history of events occurring? TABLE 4: LIKELIHOOD (PROBABILITY) TABLE This table defines the likelihood or probability of the risk occurring, based on the information available at the time of assessment. Very unlikely; the event may occur in exceptional circumstances E - Rare Improbable; the event is not expected to occur D - Unlikely Potential; the event might occur at some time C - Possible Probable; the event will probably occur at least once B - Likely A - Almost certain Very likely; the event will occur in most circumstances

3. Risk Evaluation This is the process of evaluating a risks consequence and likelihood to achieve a risk rating and give guidance on what risks require risk treatment action. Table 5 Risk Matrix Legend provides level of risk determination for the risk register. TABLE 5: RISK EVALUATION MATRIX
Consequence Likelihood RareE UnlikelyD PossibleC LikelyB AlmostCertainA 1 Minor Low(1) Low(2) Medium(4) Medium(5) High(11) 2 Moderate Low(3) Medium(6) Medium(7) High(12) High(13) 3 Major Medium(8) Medium(9) High(14) High(15) VeryHigh(18) 4 Extreme Medium(10) High(16) High(17) VeryHigh(19) VeryHigh(20)

4. Completing the Risk Register PSS team now complete the Risk Register ( Annex F Template) Step 1. In column 1 - Record each identified threat source capable of causing harm to the asset. E.g. violent patient; Issue motivated group. Step 2. In column 2 - Record each threat and risk that is reasonably foreseeable (What can happen, how it can happen?) from the threat source. E.g. assault on other patient/ hospital staff; Damage to hospital equipment. Hint: Do not include risks that are not foreseeable (e.g. being struck by aircraft may not be foreseeable at most facilities. However if the facility is adjacent to an airfield, the risk may be real). Step 3. In column 3 - Document the adequacy of existing controls and identify vulnerabilities to assist in the likelihood analysis. Remember the higher the threat level and vulnerability the higher the likelihood of risk. Step 4. In column 4 - Record the consequences of the event occurring. E.g. minor injuries to staff requiring first aid assistance; little impact on operational capability. Step 5. In column 5 - Rate the consequence of each risk being realised using Table 3: Consequence Table. Remember the higher the criticality grading of an asset the higher the consequences will be from an impact event occurring on the asset. Step 6. In column 6 - Record evidence to support the likelihood rating. E.g. there have been two incidents of a similar nature in the past four weeks.

Step 7. In column 7 - Rate the likelihood of each risk being realised using Table 4: Likelihood (Probability) Table. E.g. B - LIKELY - Probable; the event will probably occur at least once. Step 8. In column 8 - Using Table 5 Risk Matrix, evaluate the risk. E.g. violent patient causing injury to visitor: CONSEQUENCE Minor (Work Health and Safety Consequence) LIKELIHOOD Unlikely RISK LEVEL Low (2). Step 9. In column 9 - Once all the risks have been identified and are graded, prioritise the risk for treatment from VERY HIGH (20) to LOW (1). Using the rating (and number in brackets) list the risks in priority of treatment. Where areas have the same level of risk, such as HIGH, the priority is given to the risk with the highest number on the Risk Evaluation Matrix. Table 6: Risk Matrix Level TABLE 6: RISK MATRIX LEGEND

TABLE 7: EXAMPLE RISK TREATMENT PRIORITY Threat / Risk Likelihood + Consequence


Theft - of clinical equipment Break and Enter - resulting in damage to critical equipment and loss of function Assault - on staff walking to carpark after hours - resulting in severe injury or disability Vandalism / graffiti of buildings B1 D3 D4 D1

Level of threat / risk


M (5) M (9) H (16) L (2)

Priority for Treatment


3 2 1 4

Note: The higher the threat / risk level number, the higher the priority for treatment.

Examples of a completed Risk Registers:

Stage five is now complete.

STAGE SIX: Develop and Recommend Risk Treatment Strategies Risk treatment involves the selection of one or more options for addressing the risks. At this stage it is essential to identify and involve the Risk Owner for each identified risk so that they are aware of the identified risks and may contribute to the development and monitoring of risk controls. Risk Owner is the person with the accountability and authority to approve any necessary controls to manage the identified risk. The risk owner should be identified in the risk treatment plan by position (not name). Developing risk controls: The Risk Owner, in consultation with the PSS team and stakeholders shall determine what, if any, risk treatment is to be instigated. Specialist advice may need to be sought regarding technical and structural issues etc. In determining risk treatment actions, the following may assist: Likelihood can be reduced through security controls and procedures that reduce an assets exposure to harm (creating a more physically secure environment that limits access to them or by promoting a workplace security awareness culture that reports suspicious activity, objects or activities). Consequences can be lessened by having contingency and continuity plans in place. If an event exceeds the level of protection afforded e.g. CODE BLACK emergency, the facility should have plans that allow it to reduce the immediate impact of the event and continue to operate at an acceptable level, or resume operations within acceptable timeframes. Minimum standards. Determining minimum standards requires researching legislation, regulations, organisational policies, standards, codes to ensure any mandatory or good current practice applies. Re-examine current security controls. Many of the risks will likely have been already identified and various security controls already applied. It is very important to look at these when developing treatment options to determine whether they are effective or require some strengthening (refer to the vulnerability assessment undertaken as part of the PSS). Determine workable treatment options. Once the particular risk treatment options have been decided, conduct a second analysis to again quantify the level of risk. The aim is to reduce the risk to As Low as Reasonably Practicable (ALARP). ALARP is not about eliminating every risk, but about reducing them to a level that is tolerable. Treatment options may include: a) Avoid. Avoid the risk by making an informed decision not to continue the activities that give rise to the risk event. In most cases this is not feasible. Consideration should be given to alternative activities that could produce the same result with less risk. b) Elimination. The most effective form of risk control is to eliminate the risk (threat, hazard, vulnerability) altogether, particularly at the design stage. c) Accept and Monitor. In some cases it might not be possible to employ the above options or they may not be cost effective to the risk event occurring. d) New Security Controls. This may include: Substitution. This involves replacing a hazardous risk with a non hazardous one such as replace normal glass in an ED with toughened safety glass.

Isolation. Use barriers, stand off distances and dispersed assets to isolate assets from a threat. Engineering Controls. In a security context this would include installation of barriers, access controls, alarms, lighting, locks etc. Administrative Controls. Includes development of policy, procedures and practices that reduce risk. Others include training programs, planning committees and Emergency Control Organisations. Personal Protective Equipment (PPE). It may be necessary for persons to be equipped with PPE. The scope of PPE in a security environment may include flashlights, restraints, batons etc. e) Business Continuity. Business continuity plans should consider alternative supply chains, alternate facilities, restoration, and repair of lost or damaged assets and the welfare of personnel. f) Share. Share the management responsibility with another party. Identify stakeholders that might be better placed and resourced to manage the risk. This is important in co-tenanted facilities. g) Retaining residual risk. It is not ethically acceptable to intentionally decide not to control risks to a persons health, safety and welfare. It should be noted that when risks are reduced to ALARP there is usually some residual risk retained. Emergency response and recovery. An example of retained risk is the risk of a catastrophic event which may occur as a result of a terrorist attack or natural disaster which could not be prevented or foreseen. When a crisis or disaster occurs, management must respond to minimise the consequences. This involves the detection of the event as early as possible, immediate containment, emergency response, longer term response and business continuity management. In order to manage this effectively, detailed recovery plans are required. Selecting appropriate treatments. The acceptability and likely success of treatment strategies will be dependant on a number of factors not the least of which is their likely impact on the activities of stakeholders. Potential treatment options must be reviewed with stakeholders. This is the ideal opportunity to gain stakeholder buy-in before specific strategies are developed. Stakeholder input to the development of specific treatments will increase the likelihood of these strategies being successful. A suggested way of selecting risk treatment options is to choose a mix of the following strategies - Must do; Should do and Could do.

In determining the most appropriate risk treatments, the PSS team needs to have regard to the layered approach to asset protection being the protection-in-depth principle, ensuring the protection of any target asset is not just reliant on one control measure. Ensure that the controls: 1. DETER an attack 2. DELAY an attack 3. DETECT an attack 4. RESPOND to an attack 5. RECOVER from an attack. Comparative and Cost Benefit Analysis (CBA) When recommending risk treatment strategies it is important to ensure that they are cost effective. A cost benefit analysis (CBA) is conducted to determine the feasibility and desirability of each of the risk management options. It allows options to be prioritised if required. A CBA can be conducted either as a formal or informal process

and should consider as wide a range of issues as possible, not just be restricted to financial considerations. The CBA should consider:

direct issues, such as benefits, arising from reduction in the likelihood or harmful consequences of the security risk; and costs, of implementing the proposed treatment and/or that could arise if the risk eventuates (e.g. loss of an asset); and indirect issues, such financial benefits arising from collateral effects of the treatment such as reduced insurance premiums, improved management and staff confidence, enhanced reputation and costs, arising from the loss of productivity, business disruption, diversion of management attention, loss of reputation or brand value.

Effectiveness versus Affordability It is recognised that eliminating all security risk is impossible. The aim however will be to reduce risk to an acceptable level - i.e. as low as reasonably practicable. ALARP is not about eliminating every risk, but about reducing them to a level that is tolerable. This ALARP principle considers: whether further risk reduction is impractical if the costs of further risk reduction would exceed the improvements gained instances where no suitable controls are available.

Effectiveness, affordability and acceptability are difficult tradeoffs and occasionally a seemingly ineffective solution to critical asset protection is chosen because of a lack of funding. Most major changes to the protective security regime, including the introduction of technologies are often brought on as a response to an undesirable incident. After analysing all the information above, the PSS team develops the Risk Treatment Schedule and Plan. .

Annex G Example Risk Treatment Schedule and Plan of an ED

Actions required in response to the level of risk after treatment: Risks with a residual risk rating of Very High (18-20) must be reported to QH Risk; Executive must consider the need for legal advice or guidance. If legal advice or guidance is required it must be reported to Corporate Counsel (or delegate); All notifiable events (as per the local policy or procedure) must be reported as directed; All incidents including near misses must be reported; and The risk assessment process is applicable to all processes and levels within the Department.

Stage six is now complete

STAGE SEVEN: Present Findings, Monitor and Review There are a number of ways a PSS can be presented to the person/s authorising the completion of the survey. Initially at the completion of a site visit, it may be beneficial to provide an oral briefing that summarises the findings. This is particularly important if the team has identified any serious weaknesses or identified issues that could be subject to litigation against the facility or its members. The oral report must always be followed up by a detailed narrative report. The report should be forwarded directly to the person/s detailed within the Terms of Reference (TOR) only. A narrative report must be structured to allow detailed comments after the completion of the PSS. A PSS Report template is available at Annex H PSS Report Template. Information Security Classification The PSS Report and supporting documentary evidence must be given a security classification in accordance with Queensland Health Information Enterprise Information Policy, QHEPS document Identifier: 3485 and associated standards. On most occasions it will be classified as Security-In-Confidence or Protected. Refer: Information Security Classification Procedure: http://qheps.health.qld.gov.au/infosecurityandrisk/docs/standard_phase_3/class2595 8.pdf Information Security Classification and Control Standard: http://qheps.health.qld.gov.au/infosecurityandrisk/docs/standard_phase_3/std_3.pdf Monitor and Review Risk Control Measures Monitor and review the effectiveness of security risk controls to ensure: security risk control measures have been implemented and are effective security risk control measures are being used correctly staff are aware of security measures and have received instruction and training as required no new hazards have been introduced into the workplace as a result of implementation of control measures. Security risks identified as very high must be recorded on the Health Service Risk Register and escalated to Health Service Executive for appropriate management. All risk management documentation must be retained for a period not less than seven years. Any controls that are put in place to manage the identified risks should be regularly evaluated to ensure their effectiveness.

Stage seven is now complete. The Protective Security Survey is now concluded.

APPENDIX 2 PROTECTIVE SECURITY RISK EVALUATION


A Protective Security Risk Evaluation (PSRE) is undertaken two years after the PSS or in response to any significant change in the: environment facilitys role, responsibilities and functions construction or refurbishment of buildings or space occurrence of significant security incidents. The completed PSRE Report including all attachments shall be given a security classification and retained in accordance with the Queensland Health Records Management Policy. The working documents such as notes, emails and correspondence should also be secured as this may be required in the event of an investigation or enquiry. The PSRE was developed to minimise impacts upon Health Service and facility resources whilst meeting the intent of AS4485 Security for healthcare facilities. I.e.: Rather than undertaking a full Protective Security Survey (PSS) on the facility, the PSRE reviews the previous PSS Report to determine what, if anything, has changed. Additionally, the PSRE can be used to undertake a security risk assessment of specific target areas. For example: The PSRE may review the initial PSS report and also conduct a security risk assessment upon the Emergency Department. The PSRE applies the same methodology as the PSS and consists of seven stages carried out in their entirety and in sequence. STAGE ONE: Preparation Communication and Consultation For the PSRE to be effective the following is required: Step One: Establish the Authority for the PSRE The aim and objectives of the PSRE must be clearly established and documented at the initial meeting with management. These include: 1. What are the aims, objectives and timeframes of the PSRE? 2. What are the inclusions and exclusions of the PSRE? 3. Is the PSRE to include target specific security risk assessments such as an Emergency Department (ED); Psychiatric Unit; Maternity; working in the community? Scoping the activities is very important as it will impact on the time, cost and resources required to successfully conduct the PSRE. Furthermore, it may also indicate the level of expertise required (e.g. a facility with a large holding of dangerous goods may require expert advice. Similarly, a research facility may need expert advice from a scientist). The PSRE team members are identified and should consist of three persons. Where possible, at least one member of the team should: have been involved in the previous PSS have a sound working knowledge of security risk management have a sound working knowledge of the area / workplace / facility under going the PSRE. Clear authority must be given in writing authorising the conduct of the PSRE as it may need to be produced to substantiate PSRE activities. The authority should be given at

the highest level of the organisation and should clearly state, to whom the final PSRE report is to be presented (Annex A Terms of Reference Example). Step Two: Scope and Nature of the PSRE. The PSRE was designed to provide a simple but effective process to complement the PSS whilst meeting the intent of AS 4485 Security for healthcare facilities. Rather than undertaking a full security risk assessment (SRA) of the entire facility, the PSRE is used to: review the previous PSS conducted within the security risk management cycle may also be used to conduct a SRA on specific workplace activities (e.g. working in the community; Security patrols) or high risk area (e.g. ED; Mental Health). Step Three: Other parties. Once Step Two is complete a list of stakeholders is developed. Examples may include: a) Persons Nursing staff Medical Staff Administrative staff Engineering staff Security staff Neighbours Contractor / consultants b) Organisations Queensland Police Emergency Services (including State Emergency Service) Other Government Departments Other healthcare facilities Step 4 Review the last PSS. The PSRE team should review the previous PSS Report and evaluate the facilities protective security, regime paying particular attention to: legislative requirements mandatory Queensland Health requirements the recommendations of the previous PSS Report the Security Risk Treatment Schedule and Plan the Security Plan Standard Operating Procedures for the effective delivery of protective security services any other security risk management documentation such as inspections, reports or audits that have been conducted since the last review. PSRE Tool Template: Annex K. PSRE Tool Example: Annex L

Stage One is now complete.

Stage Two: Asset and Resource Appreciation and Review During this stage the PSRE Team should follow the same procedure as outlined in Stage Two of the PSS process to reassess the current asset register. Should the PSRE team identify new assets or determine that the CRITICALITY VALUE of any asset needs to be changed, the register must be amended. The amended Asset Register should now be attached as an Annex of the PSRE report and a copy of the register placed in the facilitys Security Plan. Stage Two is now complete.

Stage Three: Threat Assessment and Review During this stage the PSRE Team follows the same procedure outlined in Stage 3 of the PSS process to reassess the Threat Identification Register. The Threat Identification Register must be amended should the PSRE team identify new threat sources or assess that changes to the threat levels are required. The amended register should now be attached as Annex of the PSRE report and a copy of the register placed in the Security Plan. Stage Three is now complete.

Stage Four: Evaluation of Security Controls and Vulnerability Assessment Review Vulnerability can be described as any weakness that can be exploited by a threat source to make an asset susceptible to change. This includes vulnerabilities in the facilitys design and construction, its technological systems and the way the facility is operated. A vulnerability assessment identifies specific weakness with respect to how they may invite or permit a threat to be accomplished. The process outlined in Stage 4 of the PSS will aid the PSRE Team, in consultation with the risk owner in: identifying any additional vulnerability within the facility; and assessing the effectiveness of the current security regime. Security controls that have been or will be implemented should employ the principles of Protection-in-Depth which consists of mutually supporting layers of security risk controls intended to DETER, DETECT or DELAY an attack or facilitate RESPONSE and RECOVERY from an attack.

Diagram 2: Illustration of Protection in Depth

A Vulnerability Identification List template is at Annex E of this document and allows the PSRE team to: document the identified vulnerability by location to describe the impact to the facility should the vulnerability be exploited. A Vulnerability Assessment Guide is provided at Annex I and outlines security risk control element and the purpose for which they are intended. The PSS Vulnerability Identification List should be used by the Team in assessment and review. The amended Vulnerability Identification List should be attached as Annex to the PSRE report and a copy placed in the Security Plan. Stage Four is now complete. Stage Five: Risk Analysis and Review Security Risk Analysis can be summarised as the systematic use of observations and data about asset protection to determine the likelihood of an adverse event and the magnitude of their consequence, impact or harm in the event that the security threat is realised. There are three steps of the risk analysis and review: consequence analysis; likelihood analysis; and the risk evaluation. The PSRE Team should refer to, and apply the process detailed in Stage 5 of the PSS (Appendix 1). The newly identified and assessed security risks form part of the PSRE Report. The information detailed in the security risk analysis and review is used to inform the Health Services Security Risk Register. Risks assessed as very high shall be elevated to the Health Service Executive for appropriate management. Stage Five is now complete.

Stage Six: Develop and Recommend Security Risk Treatment Strategies Risk treatment involves the selection of one or more options for addressing the identified security risks. The Risk Owner and PSRE Team may wish to seek specialist advice on technical and structural issues. Reference should be made to Stage 6 of the PSS (Appendix 1) however a brief synopsis is detailed below. The following must be considered when developing security risk control options: a) Likelihood can be reduced through security controls and procedures that reduce an assets exposure to harm b) Consequences can be lessened by having in place contingency and continuity plans. When considering options for selection it is important to evaluate the following: Minimum standards Re-examine current security controls. Determine workable treatment options. The aim is to reduce the risk to As Low As Reasonably Practical (ALARP): Options included: a) Avoid the risk by making an informed decision not to continue the activities that give rise to the risk event. Consideration should be given to alternative activities that could produce the same result with less risk. b) Eliminate the risk (threat, hazard, vulnerability) altogether, particularly at the design stage. c) Accept and monitor the risks. In some cases it might not be possible to employ the above options or they may not be cost effective to the risk event occurring. d) Implement new security controls. This may include: Substitution. This involves replacing a hazardous risk with a non hazardous one eg. replace normal glass in a ED with toughened safety glass. Isolation. Use barriers, stand off distances and dispersed assets to isolate assets from a threat. Engineering Controls. In a security context this would include installation of barriers, access control systems, alarms, lighting locks etc. Administrative Controls. Includes development of policy, procedures and practices, training programmes, planning committees and Emergency Control Organisations. Personal Protective Equipment. It may be necessary for persons to be equipped with PPE. The scope of PPE in a security environment may include flashlights, restraints, and batons. e) Business Continuity. Business continuity plans should consider alternative supply chains alternate facilities, restoration, and repair of lost or damaged assets and the welfare of personnel. f) Share. Share the management responsibility with another party. Identify stakeholders that might be better placed and resourced to manage the risk. This is important in co-tenanted facilities. Retaining residual risk. It is not ethically acceptable to intentionally decide not to control risks to a persons health, safety and welfare, however it should be noted, even when risks are reduced to as low as reasonably practical, there is usually some residual risk retained. Emergency response and recovery. The risk of a catastrophic event, such as a terrorist attack or natural disaster may not be foreseeable or preventable.

Selecting appropriate treatment strategies The acceptability and likely success of treatment strategies will be dependant on a number of factors not the least of which is their likely impact on the activities of stakeholders. Potential treatment options must be reviewed with stakeholders. This is the ideal opportunity to gain stakeholder buy-in before specific strategies are developed. Stakeholder input to the development of specific treatments will increase the likelihood of these strategies being successful. In determining the most appropriate treatments the risk owner and PSRE team needs to have regard to the layered approach to asset protection (protection-in-depth principle) ensuring the protection of any target asset is not just reliant on one control measure. Ensure the controls DETER, DELAY or DETECT an attack, or facilitate RESPONSE to, or RECOVERY from an attack. Comparative and Cost Benefit Analysis. A cost benefit analysis is conducted to determine the feasibility and desirability of each of the risk management options. It allows options to be prioritised if required. A cost benefit analysis can be conducted either as a formal or informal process and should consider as wide a range of issues as possible, not just be restricted to financial considerations. The analysis should consider: Direct issues, such as benefits, arising from reduction in the likelihood or harmful consequences of the security risk; and costs, of implementing the proposed treatment and/or that could arise if the risk eventuates (e.g. loss of an asset); and Indirect issues, such as benefits, arising from collateral effects of the treatment such as reduced insurance premiums, improved management and staff confidence, enhanced reputation; and costs, arising from the loss of productivity, business disruption, diversion of management attention, loss of reputation or brand value.

Effectiveness V Affordability. After analysing all the information collated, the PSS team should develop the Risk Treatment Schedule and Plan. This lays out how the preferred options for the security risks are to be treated, risk rating after treatment, persons responsible to implement the treatments, the timetable for their implementation and how the treatment will be monitored.

Completing the Security Risk Treatment Schedule and Plan One page is to be used per identified threat / risk for treatment. Annex G The page is to be filled out as follows: 1. Priority: Place in the threat / risk priority for treatment from Stage 5 e.g. 1. Assault on after hours staff going to car park resulting in serious injury or disability. 2. Threat / Risk: Place in the Threat / Risk from Stage 5 e.g. HIGH, senior management attention needed and management responsibility specified to control the risk. 3. Likelihood of Occurrence: Place in the likelihood of the threat / risk occurring e.g. RARE - May occur in exceptional circumstances / may occur at least once in a period of five years or more from Stage 5. 4. Consequence of Occurrence: Place in consequence of the threat / risk occurring from Stage 5 e.g. MAJOR Permanent loss of function or disability. 5. Likely cost to the organisation: Place in a summary of dollar costs to the organization. 6. Recommended Treatment Strategies: Recommend treatment strategies to address the threat / risk including costs to do same e.g. install a duress alarm in Ward 6B cost = $ 650 7. Actions required in response to the level of risk after treatment: Risks with a residual risk rating of Very High (18-20) must be reported to QH Risk. The management must consider the need for legal advice or guidance. If legal advice or guidance is required it must be reported to Corporate Counsel (or delegate). All notifiable events (as per the local policy or procedure) must be reported as directed. All incidents including near misses must be reported. The risk assessment process is applicable to all processes and levels within the Department. The Security Risk Treatment Schedule and Plans should now be placed into the Security Plan.

Example Risk Treatment Schedule and Plan of an ED:

Stage Six is now complete.

Stage Seven: Present Findings, Monitor and Review There are a number of ways in which findings of a PRSE can be presented. Initially at the completion of a site visit it may be beneficial to provide management with an oral briefing that summarises the findings. This is particularly important if the team has identified any serious weaknesses or identified issues that could be subject to litigation against the facility or its members. The oral report must always be followed up by a detailed narrative report. It should be forwarded directly to the person nominated in writing on the Terms of Reference document. Annex M PSRE Report Template provides a structured format for the narrative report. Information Security Classification The PSRE Report and supporting documentary evidence must be given a security classification in accordance with Queensland Health Information Enterprise Information Policy, QHEPS document Identifier: 3485 and associated standards. On most occasions the PSRE Report will be classified, handled and stored as Security-InConfidence or Protected. Refer to: Information Security Classification Procedure: http://qheps.health.qld.gov.au/infosecurityandrisk/docs/standard_phase_3/class2595 8.pdf Information Security Classification and Control Standard: http://qheps.health.qld.gov.au/infosecurityandrisk/docs/standard_phase_3/std_3.pdf

Stage Seven is now complete. Protective Security Risk Survey is now concluded.

LIST OF ANNEXES ANNEX A. Terms of Reference Example ANNEX B. PSS Tool (Template) ANNEX C. Asset / Resource Register (Example) ANNEX C. Asset / Resource Register (Template) ANNEX D. Threat Identification Register (Example) ANNEX D. Threat Identification Register (Template) ANNEX E. Vulnerability Identification List (Template) ANNEX F. Security Risk Register (Template) ANNEX G. Risk Treatment Schedule and Plan (Template) ANNEX H. Protective Security Survey Report (Template) ANNEX I. Vulnerability Assessment Guide of Security Control Elements (Training Aid Only) ANNEX J. General Security Plan (Template) ANNEX K. Protective Security Risk Evaluation Tool (Template) ANNEX L. Protective Security Risk Evaluation Tool Example ANNEX M. Protective Security Risk Evaluation Report (Template)

ANNEX A
EXAMPLE - TERMS OF REFERENCE From: Ms Jenny Doe Director Corporate Services Johnson Hospital Rochedale South QLD 4123 To: Mr Henry Bloggs Security Manager Johnson Hospital Rochedale South QLD 4123

For Information: DR Joe Blood Director Emergency Department Johnson Hospital Rochedale South QLD 4123 Terms of Reference - Protective Security Survey (PSS) - Johnson Hospital Emergency Department References: A. Security Risk Management and Asset Protection Implementation Standard; B. Security Risk Management and Asset Protection Protocol; C. Security Risk Management and Asset Protection Guidelines; D. Occupational Health and Safety Incident Management Implementation Standard E. Occupational Violence Prevention Management Implementation Standard; and F. Johnson Hospital Security Procedure (insert details) The Health Service Chief Executive Officer, Johnson Hospital is committed to managing protective security risks. In accordance with References A - F, you are required to conduct a Protective Security Survey (PSS) of Johnson Hospital Emergency Department. The security risk assessment team (Team) will be facilitated by (Detail name) and consist of (Detail names). You are hereby authorised to have access to all areas of the facility and resources to complete the PSS. Key stakeholders have been identified and will be available to assist the Team in conducting the assessment. Specific details are: a. The PSS is to commence on (12 Feb 2010) and be completed by (30 Mar 2010);

b. Preliminary PSS findings are to be provided to the Health Service Chief Executive by (insert as applicable e.g. 30 Mar 2010) and will inform management of the present status of security and asset protection strategies, their suitability and cost effectiveness; and c. The PSS is to include the following: Review previous incident data, PSS, security surveys, audits or inspections and local crime statistics; Asset and resource appreciation; Threat assessment; Evaluation of current protective security controls and vulnerability assessment; and Protective security risk analysis.

The PSS does not include: a. (insert as applicable e.g. contents of medical records or personnel files); and b. (Insert as applicable e.g. a detailed assessment of fire safety systems). The completed PSS Report will be provided to (Executive Director People and Culture) so that the Risk Treatment Schedule and Plan and the General Security Plan can be developed and implemented at the local level. Queensland Healths Security Consultants will be available to provide additional advice, assistance and support. Assurance is given by (Dr I Gotcha, Johnson Hospital and Health Service Chief Executive Officer) that security risks assessed as being MEDIUM or greater are to be detailed in the Hospital and Health Service Risk Register and security risk treatment strategies implemented. Dr I GOTCHA Health Service Chief Executive Johnson Hospital Rochedale South QLD 4123 10 January 2010 I acknowledge the above Mr Henry Bloggs Security Manager Johnson Hospital

10 January 2010

Protective Security Survey Checklist


NAME OF HEALTH SERVICE HOSPITAL AND HEALTH SERVICE NAME OF FACILITY ASSESSED LOCATION / AREA ASSESSED DATE OF PSS STAGE 1 PREPARATION ( Develop and agree upon the Terms of Reference for PSS Example Terms of Reference
R:\OHS Consultants\ Security\12. Forms &

PSS Team Name 1. 2. 3. 4. 5. PSS Facilitator PSS Team Leader PSS Team Member PSS Team Member PSS Team Member Position details Signature Contact Details - Email / Phone

Role / Function of Unit / Facility

Details available from Hospital and Health Service Profiles on QHEPS

Identification of key personnel Name Position Hospital and Health Service Chief Executive Officer Executive Director People and Culture Services Director Corporate Services Hospital and Health Service Security Coordinator Security Manager External Security Provider/s Physical Security Security Monitoring Hospital and Health Service Occupational Health and Safety Manager Building Engineering and Maintenance Manager Other key personnel (detail) Contact Details

Issues that may affect the PSS outcome or recommendations Are there shared facilities / tenancy which may contribute to security risks Are there known structural changes planned (Refurbishments, redevelopments) Are there any plans for the introduction of new technologies Are there known organisational changes (Changes to services, Org structure) Are there any other issues which may affect security risks General Information Number of staff within facility / area Number of beds within facility / area Number of ED presentations within a defined period (eg: Monthly) Is the facility / area designated as an authorised mental health service Number of Emergency Examination Orders (EEO) Number of EEO presentations admitted (number and as a percentage) Number of Involuntary Treatment Orders (ITO) Does facility have effective resources for safe care/control of mental health patient? Protective Security Governance Yes / No Yes / No Yes / No Yes / No Yes / No

Yes / No (If Yes Detail)

Yes / No. (If No Detail what actions are taken? Eg: MH Patients transferred by aircraft to XYZ Authorised Mental Health Service)

Are roles and responsibilities of Security clearly documented Are security Standard Operating Procedures or work instructions: Documented Do they cover all relevant / foreseeable security tasks Are SOP available to relevant staff

Yes / No

Yes / No Yes / No Yes / No

Security Risk Management Incident Reporting Sight or obtain copies of previous: Security Risk Assessment reports Has Security Risk Assessment been completed within the last 2 years. Security audits Security reviews Is there evidence to support that relevant security incidents reported in the Security Incident database are uploaded to IMS and / or Prime so that data is captured Review and analyse security incident data Sight / obtain copy and review Security Plan Sight / obtain copy of Occupational Violence Risk Assessment Reports

Yes / No

Yes / No

Queensland Police Service Data

Obtain police crime data relevant to healthcare facility Obtain Computer Aided Despatch (CAD) data (Eg: Calls for Service) What services can QPS offer the Health Service? What joint projects (Health/QPS) are or can be delivered to the community? Comment on Health QPS relationship and how to strengthen the relationships? OHS & Fire Safety Has the facility / unit completed its annual WHS Checklist Tool What is the date(s) of the last QFRS fire safety inspection report(s) covering all buildings? Fire Safety Implementation Standard. What is the date of the last QFRS Clearance Letter confirming the building is legislatively compliant? What is the date(s) of the Annual Occupiers Statement for the maintenance of fire safety installations covering all buildings - Fire Safety Implementation Standard Unit / Organisational Security Specifics Does an Emergency Preparedness and Continuity Management Plan exist? Yes / No Yes / No

Last report must be no later than 4 years old

Last statement must be no later than 12 months old

Comments Sight Does the plan include Threat Level Escalation General Security Plan.

Specifics Is there compliance with Information Security Policy (classification guidelines) Does Hospital and Health Service / Facility have security officers (proprietary or contract) ? Are they authorised in writing by DCEO (Security and Asset Protection Implementation Standard) ? Is there a current Job Description for Security Officers Does the training or current competencies of Security Staff meet the task requirements detailed in the Job Description? Does Hospital and Health Service / Facility have Authorised Persons Are they authorised in writing by DCEO (Security and Asset Protection Implementation Standard) Is security training and awareness of general Staff appropriate? What training and what delivery methods used?

Yes / No

Comments Are sensitive documents secured in appropriate container or room?

Yes / No Yes / No

Are documents marked with appropriate security classification marks ? Sight. Authorisation / register?

Yes / No

Yes / No Yes / No

Are there current JD / PD for security officers that clearly details roles and responsibilities of position and function. Records? Training matrices; Training needs analysis? Type and level of training, currency, frequency, appropriateness, provider (internal / external)

Yes / No

Sight. Authorisation / register?

Yes / No

Security training for all staff (Induction; in-service etc); Posters, education materials

STAGE 2 CRITICAL ASSET / RESOURCE APPRECIATION (i.e.: What assets need to be protected?) Assets Undertake an appreciation of the assets and assess their criticality against organisational objectives. Note: The process of assigning a criticality rating is to determine the effect the loss of that asset would have upon the organisations ability to provide services or functions. Hint: Use facility and building plan maps to mark the locations of these assets where possible. The colour code should be used as it will give visual recognition of their location e.g. RED = MAJOR, ORANGE = IMPORTANT
R:\OHS Consultants\ Security\12. Forms &

Obtain site plan / building plan and mark location of critical assets. Examples include: Car parks Helipad Underground tunnels Utilities (Mains water; Power; Communications; Sewerage; Storm water) Hazardous materials storage Radiation sources Security - Location of CCTV, Intruder alarm systems, access control systems Pharmacy / S 8 Drug cabinets Paediatrics / Newborn Morgue ICU Radio active materials storage

CSD ED Radiology Pathology Wards Psychiatric Executive Patient Records Mail Room Electrical switch rooms IT communications and Switch Security rooms, vaults, PC rooms, security containers Other

Note: Plan may also indicate building classifications (Refer to Building Code of Australia)
R:\OHS Consultants\ Security\07. Security

STAGE 3 THREAT ASSESSMENT DATA Threat source identification Identify human and non-human threat sources and determine how foreseeable or likely the threat from the source may be. The process of assigning a rating is determined by historical data (incidents, events) and other evidence. E.g. If the area is regularly hit by cyclone foreseeability will be greater.

R:\OHS Consultants\ Security\12. Forms &

To assist in identifying threat sources (and potential vulnerabilities) obtain site plan / building plans and mark location the following. Major transport hubs: Road Rail Bus-way Aviation Watercraft Carparks Local or adjoining business / residences Dwellings Hazardous materials storage Flammable materials storage Public venues (schools, sports) Education facilities Correctional facilities Local physical environment Water course (river, sea, storm water drains) Parklands / reserves Steep water catchment areas

CCTV cameras and coverage (noting black-spots and correlation to critical assets; access points and so forth); Security systems (intruder detection; duress/staff assistance call points) Walkways / Roadways Areas where lighting is ineffective or not suitable for use (E.g: Where lighting is unsuitable for CCTV coverage) Perimeter / Perimeter barriers and areas of weakness Entrances / exits and areas of weakness including air intakes; air-conditioning ducts; communications pits etc DG Storage areas (including potential areas of damage / destruction in the event of damage, fire or attack Radiation Sources Underground tunnels

Threats by category The threat sources have now been identified the threats (i.e. what the threat sources can do) need to be recognized and communicated. The following list provides some examples of known or perceived threats. Historical data, local knowledge and security intelligence will assist in determining whether the threats are real or potential. Threat Occurrences Abduction / kidnap Alarm activations Armed robbery Assaults Bomb threats Burglaries Computer viruses / attack Denial of service Disorderly conduct Domestic violence Drug abuse incidents Extortion Explosions Hostage Harassment Homicides Intoxicated employees Loss compromise of information Intrusions Loss / compromise of material assets ( drugs, Equipment etc) Police called to site Police requesting execution of arrest Product contamination Reports of employee involved with child Robbery involving employee Security breaches Threat Occurrences Threat Occurrences Stabbings Threats to employees Traffic accidents Vehicle thefts Thefts other Trespassing Unauthorised use of resources Vandalism Weapon incidents Lack of management will Fail to comply with financial accountability requirements Fail to follow instructions / protocols. Fraudulent acts

Threat Occurrences Fights Fires Graffiti Failure of supply chain Floods Heat Failure of services (power, water, communications)

Threat Occurrences Sexual assault Shootings Serious injury / death of employee / visitor on site Cyclone Fire (Arson / bushfire / smoke; etc) Equipment failure Litigation

Threat Occurrences Bullying / harassment Industrial action / unrest Damage / Destruction (deliberate / accidental) Storm Environmental disaster Pandemic Terrorism

STAGE 4 IDENTIFICATION OF CURRENT ASSET PROTECTION CONTROLS AND ASSESSMENT OF THEIR EFFECTIVENESS (IE: VULNERABILITY ASSESSMENT)) PSS Data Needs Accessibility to healthcare facility Being able to locate and access the healthcare facility, especially in emergent situations is essential not only in relation to the delivery of healthcare but in relation to supply of essential services and regarding emergency response. Identification and Accessibility Is location of, and directions to the Healthcare facility clearly signed from road, rail, water terminal or airport facility Is access (road, rail, public transport) effective during normal operations and during crisis situation Yes / No / N/A Yes / No / N/A Comments Directional and advisory signage on arterial roadways, local streets etc.?

Yes / No / N/A

Are access roads affected during peak traffic or special events?

Is healthcare facility clearly signed for day and night-time identification

Yes / No / N/A

Is access to healthcare facility possible during natural events such as floods, king tides etc

Yes / No / N/A

Is there effective access for emergency vehicle to access or egress the healthcare facility?

General and specific checklist Typical area checklist Check Item Is the facility staffed 24/7? Are access controls installed at all key access points? What types of access controls are utilsed at the facility? Consider the following access control systems / functions for entry to the facility area ( not buildings) Comments Yes / No Yes / No If No is there security presence, monitoring, patrols etc?

Are they appropriate to needs/ Whats their condition?; Appropriate fitting (Eg Strongly mounted ; anti tamper fittings)?

Vehicular entrance

Is vehicular access control effective? Are staff placed in danger by having to alight vehicles in high risk area (eg> Can gates be opened by remote control or do staff have to unlock gate by hand?)

Personnel entrance Doorways Windows Other (Grilles, grates, shutters) Are existing access controls utilised (doors locked, gates closed etc) Are access control systems managed effectively Yes / No Are access controls effectively utilised (ie do staff lock door, windows etc)? Does Access control allow for audit of system and interrogation of users etc

Yes / No

Eg: Key / Prox cards controlled, Administrative controls; Preventative Maintenance, Systems maintenance

Typical area checklist Check Item Are there effective procedures for authorising facility entry? Does the facility have an endorsed limited access policy? Does the facility boundary and entrances have clearly displayed signage and entry provisions?

Consider the following access control systems / functions for entry to the facility area ( not buildings) Comments Yes / No Yes / No

Yes / No

Is positive identification required for entry to be gained? Are staff, visitors, contractors and vendors required to wear ID in the facility? Is there a facility procedure to provide staff escort for contractors, vendors, maintenance personnel, and visitors? Are there procedures permitting facility access for emergency personnel in case of fire, power failure, or any other emergency?

Yes / No

Yes / No

Yes / No

Yes / No

Typical area checklist Check Item

Consider the following access control systems / functions for entry to the facility area ( not buildings) Comments

Is facility entry patrolled / controlled by security officers or other person?

Yes / No

Are there security alarm systems (SAS) in place

Yes / No / N/A

Type / Model / Maintenance contract / Are the systems tested

Are access controls and procedures for contractors appropriate?

Yes / No / N/A

Cleaners, Maintenance, others?

Walk around inspection Check Item Perimeter Barrier Construction Footings Design Height Purpose Condition Lighting Faults Signage Location Design Purpose Condition Faults

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments

Detail observations and identified vulnerabilities

Detail observations and identified vulnerabilities

Walk around inspection Check Item Gating Systems Type Construction Purpose Hinges Operational system if electronic Locking system Faults Monitoring of perimeter Types Effectiveness Cost Requirement Faults

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments

Detail observations and identified vulnerabilities

Detail observations and identified vulnerabilities

Walk around inspection Check Item Grounds Does vegetation Provide cover for offenders Provide access to building entry points (e.g. climbing tee to access window) Obscure doors, windows, CCTV etc. Impact on walkways Lighting Is vegetation appropriate to needs (e.g.: plants with thorns to restrict access; low plants where clear visibility required; etc.) Walk ways Is lighting sufficient Is directional signage is appropriate

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments Detail observations and identified vulnerabilities

Yes / No / N/A Yes / No / N/A

Yes / No / N/A

Yes / No / N/A Yes / No / N/A Yes / No / N/A

Yes / No / N/A Yes / No / N/A

Walk around inspection Check Item Are there entrapment points? Is clear visibility and lines of sight available to users Are there any duress / call points Are these call points tested Is signage clear Landscaping Does landscaping materials provide access to building entry points Provide cover for offenders Restrict visibility for users Adversely affect lighting

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments Yes / No / N/A Yes / No / N/A

Yes / No / N/A Yes / No / N/A Yes / No / N/A

Yes / No / N/A Yes / No / N/A

Yes / No / N/A Yes / No / N/A

Outbuildings and structures Do structures provide cover for offenders Yes / No / N/A

Walk around inspection Check Item Do structures provide access

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments Yes / No / N/A

CCTV Is there CCTV coverage Is coverage adequate Is there appropriate signage for deterrence Duress Points Faults Yes / No / N/A Yes / No / N/A Yes / No / N/A

Yes / No / N/A Yes / No / N/A

Lighting Is lighting available Is it appropriate to needs (e.g. suitable for CCTV, or to reduce graffiti) Is preventative maintenance conducted Yes / No / N/A Yes / No / N/A

Yes / No / N/A

Walk around inspection Check Item Are lights working Are directions of lights correct

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments Yes / No / N/A Yes / No / N/A

Car parks, Is access control effective Structure (outdoor, undercover, multi storey, basement) Distance from buildings Is lighting appropriate and sufficient Is there preventative maintenance programs in place Yes / No / N/A Yes / No / N/A

Detail observations and identified vulnerabilities

Yes / No / N/A Yes / No / N/A

Yes / No / N/A

Walk around inspection Check Item Are lights working Does vegetation in proximity limit clear lines of sight Are Duress Points available? What are the response times (Test) Is there a testing and maintenance regime Is car park patrolled by security/other Is car park covered by CCTV Are CCTV images monitored or recorded. Are escorts provided to staff / others

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments Yes / No / N/A Yes / No / N/A

Yes / No / N/A Yes / No / N/A

Yes / No / N/A Yes / No / N/A

Yes / No / N/A Yes / No / N/A Yes / No / N/A

External hazardous material storage - Security against unauthorised access

Detail observations and identified vulnerabilities

Walk around inspection Check Item Fenced Security signage Security lighting Alarm systems Coverage by CCTV Lighting Gates Locks Access to control valves Maintenance inspections (Fence etc.)

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments Yes / No Yes / No Yes / No Yes / No Yes / No Yes / No Yes / No Yes / No Yes / No Yes / No

External Swimming Pool; Spa; Water-tanks; or bodies of water/liquid List locations and answer for each:

Detail observations and identified vulnerabilities

Walk around inspection Check Item Fenced Security / safety signage Secured Gates Lighting Access control Patrolled Monitored CCTV Maintenance inspections (fence etc.) Safety / floatation devices Resuscitation posters?

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments Yes / No Yes / No Yes / No Yes / No Yes / No Yes / No Yes / No Yes / No

Yes / No Yes / No

Lighting General Appropriately positioned and directed Suitable type and installation Yes / No

Detail observations and identified vulnerabilities

Yes / No

Walk around inspection Check Item Serviceable Provide safe transit Maintenance program (Detail faults from observations and communicate to relevant person for corrective actions)

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments Yes / No Yes / No Yes / No

Service tunnels Detail locations, entry / exit points etc What services does tunnels provide (i.e. access, electrical, gases, steam) What is stored within tunnel Does it provide access to sensitive areas? Access controls to entry points Are there intruder detection / Yes / No Yes / No Yes / No

Detail observations and identified vulnerabilities

Walk around inspection Check Item CCTV Are they patrolled Are there emergency lights / communications Are there emergency procedures (including confined spaces rescue)

The following is a typical aid memoir for conducting a walk inspection of a site / facility (less building)? Comments

Yes / No Yes / No

Yes / No

Building Security General considerations for Buildings (internal and external) Construction (type, appropriateness and condition) Walls Floors Roof including access points Ceiling (Condition) Doors / hinges / frames Windows / frames Screens / Grilles Locks and locking devices Access control External lighting (general) External lighting (security) Service ducts (openings; accessibility) Air conditioning inlets (openings; accessibility) Using checklist make notes where relevant Detail observations and identified vulnerabilities

Building Security General considerations for Buildings (internal and external) Laundry chutes (openings; accessibility) Alarms (intruder detection) Duress alarms Fire alarms Supply docks Electrical Switchboards / switch rooms Waste management storage areas (Including clinical waste, Cytotoxic etc.) Plant / Lift motor rooms Burglar resistant area AS STD 4485 2, (5.10,2) Intruder resistant area AS STD 4485 .2 ( 5.10.3) Controlled area AS STD 4485.2 (5.10.4) Building SOPs Open up and lockup procedures Security containers (safes; storage containers) Using checklist make notes where relevant

Unit / Ward / Service Assessment Check Item Aircraft / helipads / hangers Access control / key control Aircraft parking and access Fire precaution Flammable substances Medical supplies including drugs Onboard equipment Separation from other aircraft SOPs Open up and lockup procedures

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item General Administration areas ( PR, Payroll, finance Trust Offices) Access control / key control Accounting records security Cleaning and maintenance staff access Equipment business, computing security Duress alarms Personnel record security Storage of sensitive records, media Storage patients accounts and details Storage of cash Tenders and contract information SOPs Open up and Lock up procedures

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item CSSD Access Control / key control Cleaning and maintenance staff access Equipment and supply security Security of chemicals SOPs Open up and Lock up procedure Emergency Department Access control beyond public areas Key control Security of cash Security of drugs Security of stores and equipment Security of endangered patients ( victims of prior / potential crime / prisoners, forensic patients) Security of visitors, patients

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Security of patients property Security of medical records SOPs Security of equipment disaster stores Food Services Access control key control Security of food, disposables, equipment, stores in and out of workplace SOPs Open up and lock up procedures Foyer and other public areas Access control by day and night Key control Security of telephones, coin donation boxes, Security of vending machines Security of vendors ( florist, kiosks)

Observations / vulnerabilities Comments

Detail observations and identified vulnerabilities

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item during and after-hours Security of art, relics etc SOPs Open up and lock up procedures Laboratories and research facilities Access control / key control Cleaning and maintenance staff access Security of drugs / stores / Security of equipment and hazardous substances Security of records and information , data Security of research and development information Security of specific laboratory hazards e.g. radiation material etc. SOPs, Open up and lockup procedure

Observations / vulnerabilities Comments

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Laundries and linen storage Access control / key control Security of supplies and deliveries Security of found property SOPs Open up and lock up procedures

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

Maintenance Services Access control / key control Security of equipment and tools Security of stocks Security of loading docks Security of equipment awaiting repair and collection / dispatch SOPs Open up and lockup procedures

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Facility Motor vehicles Location Fenced compound Lighting Access control key control Alarms Cleaning and maintenance after - hours Security special vehicle services ( drugs, stores, patient property) SOPs Open up and lockup procedures

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

OT and ICU Access control / key control Cleaning and maintenance staff access Security of drugs

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Security of cash Security of stores Security of equipment Security of medical records Security of patients property Security of endangered patients Security management of Visitors SOPs Psychiatric Assessments Access control Key control Security controls in interview room Duress Alarms SOPs Open up and lock up procedures

Observations / vulnerabilities Comments

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Psychiatric Units / Wards Access control / Key control Cleaning and maintenance staff - access Duress alarms Security of drugs Security of equipment and furnishings Security of stocks Security of endangered patients Security of medical records Security of visitors Security for wandering patients Security for general patients Security of patient effects/ lost property Security of patient cash SOPs Is facility free of ligature (hanging) points

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Pharmacy Access control Key control Security of cashiers Security of drugs Alarms Duress alarms SOPs Open up and lock up procedures Plant Rooms Access control Key control Contractor / maintenance access Fire equipment controls SOPs Open up and lock up procedures

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Staff Accommodation Access control Key control Physical security ( see building security) Fire systems Communication systems Security of personnel belongings SOPs Open up and lock up procedures Store Rooms Access control Physical security Training Rooms Access control Cleaning and maintenance staff access Key control

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

Detail observations and identified vulnerabilities

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Security of equipment Security of training records SOPs Open up and Lock up Wards General Access control / Key control Cleaning and maintenance staff - access Duress alarms Security of drugs Security of equipment and furnishings Security of stocks Security of endangered patients Security of medical records Security of visitors Security for wandering patients Security for general patients

Observations / vulnerabilities Comments

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Security of patient effects / lost property Security of patient cash SOPs Open up and lock up procedures Ward - Maternity / Nursery / Paediatric As above CCTV Intrusion alarms Special ID provisions for staff and visitors Abduction and seizure SOPs Visitor, newborn / child removal SOPs Wards with Forensic patients As per Wards-General (above) plus Corrective services plan Police response plan Security other patients

Observations / vulnerabilities Comments

Detail observations and identified vulnerabilities

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item X - Ray / Radiology Access control Security of visitors Security of equipment Alarms Duress alarms SOPs Open up and lock up Morgue Access control Security of visitors on viewing Key control Alarms Duress alarms SOPs Open up and lock up procedures

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

Detail observations and identified vulnerabilities

Unit / Ward / Service Assessment Check Item Other

Observations / vulnerabilities Comments Detail observations and identified vulnerabilities

Strategic Technical Security Controls Access Control System ( Electronic Access Control System ) Is a centralised (EACS) used and what type of system is it? Proximity Swipe Biometric Yes / No Yes / No Comments

Is the system centrally controlled and maintained? Is there a nominated administrator?

Yes / No

Is the system used to its full capability? i.e. control access timings for users

Yes / No

Access Control System ( Electronic Access Control System ) Are there SOPs to support its use? Are there preventative maintenance programs in place Is there an SLA for the upgrade and maintenance of EACS software What redundancy / Contingency plans are in place (i.e.: in event of total EACS failure, how will access control be achieved) Yes / No Yes / No Yes / No Yes / No

CCTV System Is a centralised CCTV system used and what type of system is it? Is the system centrally controlled, maintained monitored and if, by whom? Is there a nominated administrator? Is there a CCTV coverage plan (location of cameras covering assets?) Are there SOPs to support the ethical use of CCTV? Is there a clear, written purpose statement for CCTV usage? (What is the purpose of Yes / No Comments

Yes / No Yes / No Yes / No Yes / No Yes / No

CCTV System CCTV images Constant monitoring / Review post incident / collection of evidence) Are there appropriate signs advising staff and public those CCTV systems may be in use? Is there appropriate restricted access to CCTV images and storage? Are there written procedures which clearly indicate who may use CCTV, Who may view CCTV images, Who may copy / handle / access images; Yes / No

Yes / No Yes / No

Security Alarm System (SAS) Is a centralised SAS system used and what type of system is it? SCEC (ASIO Approved) Commercial Yes / No Yes / No Comments

Is the system centrally controlled, monitored and maintained, if by whom? Is there a nominated administrator? Is there a SAS coverage plan (location of alarms covering assets? Are there SOPs to support its use?

Yes / No Yes / No Yes / No

Key Control System Check Item Is a centralised key management system used and what type of system is it? SCEC (ASIO Approved) or Commercially available Is the system centrally controlled, managed and audited and if so, by whom? Yes/No Yes / No Yes / No Yes / No Yes / No Comments Comments Comments

Key Control System Check Item Is there a nominated administrator? Yes/No Yes / No Comments Comments

Is there written key cutting procedures to restrict duplication / copying of keys?

Yes / No

Comments

Are there SOPs to support its use?

Yes / No

Comments

Duress Alarm System Check Item Is a centralised duress management system used and what type of system is it? Is the system centrally controlled and managed and if, by whom? Is the system tested regularly? Are staff aware of the system? Are there SOPs to support its use? Yes/No Yes / No Yes / No Yes / No Yes / No Yes / No Comments Comments

Personnel Security Check Item Do all new staff undergo a criminal history check? Yes/No Yes / No Comments

Are contract staff subject to pre employment screening?

Yes / No

Do staff that have access to National Security Classified Material have a national security clearance?

Yes / No

Is there a register of all staff pre employment checks?

Yes / No

Does the facility employ foreign nationals on temporary work visas?

Yes / No

If complex is tertiary / research facility, do students have access to confidential material or research data?

Yes / No

Information Security Check Item Does the facility produce and store security classified material (files, research papers, CDs etc.)? How does the facility register its security classified material? How does the facility store its security classified material? How does the facility transport its security classified material? How does the facility destroy its confidential material? When Multi-function devices (photocopier/Fax/Printer/Scanner) are sold /returned after lease, are the internal Hard Disk Drives removed, deleted, destroyed? (Note: all jobs handled by the MFD are retained within HDD and is accessible.) Yes/No Yes / No Comments Comments: See QLD Health Security Classification and Control V 3.0 JUN 2008

Yes / No

Yes / No Yes / No Yes / No

Yes / No

Is there a written process in place?

Yes / No

IT Security Check Item Are IT system servers secured to a minimum in a Burglar Resistant Area or Intruder Resistant Area with Controlled Area features?

Yes/No Yes / No

Comments Comments

Are IT servers secured within a locked cabinet within a Controlled Area?

Yes / No

Are all IT communication cabinets secured?

Yes / No

Does the facility have IT SOPs

Yes / No

Video Conferencing Security Check Item Does the facility have video conferencing?

Yes/No Yes / No

Comments Comments

Is the video conferencing system secured to a minimum in a Burglar Resistant Area or Intruder Resistant Area with Controlled Area

Yes / No

Check Item features?

Yes/No

Comments

Is the facility used for other purposes?

Yes / No

Do high level confidential discussions occur?

Yes / No

Does the facility have VC SOPs?

Yes / No

ANNEX C (TEMPLATE)

ASSET / RESOURCE REGISTER TEMPLATE


ORGANISATION /FACILITY NAME: LOCATION:

People 1 2 3 4 5 6 7 8 9 10

Property 11 12 13 14 15 16 17 18 19 20

Information 21 22 23 24 25 26 27 28 29 30

Reputation 31 32 33 34 35 36 37 38 39 40

Operations/Activities 41 42 43 44 45 46 47 48 49 50

CRITICALITY MAJOR IMPORTANT SENSITIVE SUPPORT ROUTINE

CRITICALITY VALUE 5 4 3 2 1

DESCRIPTION Loss or compromise because of its high cost, replacement lead time, impact on operational capability or function of the organisation or facility would be a major concern to the organisation. The loss or compromise, while not significantly impairing the overall capability of the organisation or facility, would have a serious impact on the functioning of an element within. The loss or compromise would heighten danger and cause embarrassment to the organisation or facility. The overall loss or compromise would have little significance on the overall capability of the organisation or facility but would impair the efficiency of the day to day administration of operations. The loss or compromise would have no impact to an organisation or facilities mission, other than a minor administrative impact.

EXAMPLE: ASSET / RESOURCE REGISTER UNIT/FACILITY NAME: Johnson Hospital

LOCATION:

Emergency Department (Existing and New)

People 1 2 3 4 5 6 7 8 9 Medical Staff Nursing Staff Allied Health Operational Staff Administrative Staff Security Staff Emergency Services Patients Visitors 5 5 4 5 5 4 3 5 3 14 15 16 17 18 19 20 21 22

Property Medical Equipment S4 and S8 Drugs Disaster Response Stores XRay / Radiology equipment Patient Effects Supply and consumables Main and Emergency Power Staff effects Buildings 5 4 3 5 1 2 5 1 5 24 25 26 27 28 29 30 31 32

Information Medical Records Clinical Information Systems (HBCIS) Staff Personnel Records Drug Inventory Systems IT Systems Emergency Management Records Patient Information Systems Policy and Procedures Patient Monitoring Systems 3 3 1 3 5 3 3 2 5 34 35 36 37 38 39 40

Reputation Departmental Hospital Health Service Queensland Health Individual Staff Public Perception Political

Operations/Activities 41 Triage 42 Resuscitation 43 General Assessment 44 Mental Health Assessment 5 45 Disaster Response 5 46 Visitor Waiting 47 Patient Waiting 48 Short Stay 49 Security 4 3 3 3 3 2 3 2 4

People 10 Internal Hospital Service Staff (Pathology, Blood Bank, Medical Imaging) Volunteers Police External Service Providers (Contractors plumbers /electricians etc) CRITICALITY MAJOR IMPORTANT SENSITIVE SUPPORT ROUTINE 5 23

Property IT Hardware 5 33

Information Signage 3

Reputation

Operations/Activities 50 X Ray 4

11 12 13

3 2 3

51 Patient Transfer 52 Patient Flow 53 Paediatrics

5 4 2

54 Morgue CRITICALITY VALUE 5 4 3 2 1 DESCRIPTION Loss or compromise because of its high cost, replacement lead time, impact on operational capability or function of the organisation or facility would be a major concern to the organisation. The loss or compromise, while not significantly impairing the overall capability of the organisation or facility, would have a serious impact on the functioning of an element within. The loss or compromise would heighten danger and cause embarrassment to the organisation or facility. The overall loss or compromise would have little significance on the overall capability of the organisation or facility but would impair the efficiency of the day to day administration of operations. The loss or compromise would have no impact to an organisation or facilities mission, other than a minor administrative impact.

ANNEX D (TEMPLATE)

THREAT IDENTIFICATION REGISTER TEMPLATE


UNIT/FACILITY NAME: Human Threat Source / Threats Internal Threat Source / Threats External Threat Source / Threats LOCATION: Non Human Threat

Legend: E - Rare D - Unlikely C - Possible B - Likely A - Almost certain

Very unlikely; the event may occur in exceptional circumstances Improbable; the event is not expected to occur Potential; the event might occur at some time Probable; the event will probably occur at least once Very likely; the event will occur in most circumstances

ANNEX D (EXAMPLE)

THREAT IDENTIFICATION REGISTER EXAMPLE UNIT/FACILITY NAME: LOCATION: Johnson Hospital


Human Threat Source / Threats Internal Threat Source / Threats
A A C A A C C B B Disgruntled Staff Violent Patient Wandering / Absconding Patient Psychotic / Drug affected Patient Intoxicated Patient Confused Patient Failure to stay patient Relatives /carers of patient Internal criminals C E E E E E E

Emergency Department (Existing and New)


Non Human Threat
E E C C E E E B Fire (see also arsonist) Gas Leak Loss of Power Storms Vital Equipment Failure IT system failure Pandemic Loss of Water

External Threat Source / Threats


External Criminal Arsonist (see also fire) Issue Motivated Groups Terrorist Hoax bomb threat Computer system hackers Media

Legend: E - Rare D - Unlikely C - Possible B - Likely A - Almost certain

Very unlikely; the event may occur in exceptional circumstances Improbable; the event is not expected to occur Potential; the event might occur at some time Probable; the event will probably occur at least once Very likely; the event will occur in most circumstances

ANNEX E VULNERABILITY IDENTIFICATION LIST (To be read in conjunction with the Risk Treatment Plan and Schedule) LOCATION / SITUATION PROBLEM CONTROL OPTIONS FOR CONSIDERATION COMMENTS

Example: VULNERABILITY IDENTIFICATION LIST (To be read in conjunction with the Risk Treatment Plan and Schedule) LOCATION / SITUATION
Entry to PHCC

PROBLEM
At time of inspection, security doors and main entry door was found to be open and unsecure providing unrestricted access of people, animals and vermin to PHCC Whilst the community is generally quiet and law abiding, there are incidents of alcohol abuse, domestic violence and so forth that may spill over into the healthcare environment.

CONTROL OPTIONS FOR CONSIDERATION


1.1 Improve security culture through training and awareness 1.2 Utilise access control equipment provided (doors and screens) 1.3 Install door closers to ensure doors are not left open 1.4 Undertake regular preventative maintenance to ensure doors and locks work effectively

COMMENTS

Security intruder detection system located at PHCC reception area

Security system (intruder detection) not operational for considerable time. The Security System provides no protection of assets. (Surveyors advised that the system repeatedly failed and there was no customer service by provider) Staff indicate that there is, on average, 1 break and enter at the facility annually.

Replace or repair security alarm systems provided items below have been considered and actioned as appropriate. Ensure: regular preventative maintenance undertaken systems are adequately backed by service provider monitoring firm undertakes regular testing of systems. staff are provided training and security awareness in use of systems and personal safety/security. response procedures and actions are available and appropriate to needs

ANNEX F SECURITY RISK REGISTER


Name of Site / Unit / facility: Threat Source: Assessment Date: Security Risk Ie: What can happen Adequacy of controls (To be read in conjunction with Vulnerability Identification List) Consequence Statement Rating Likelihood Statement Rating Risk Level Priority

LIKELIHOOD TABLE Very unlikely; the event may occur in exceptional circumstances E - Rare Improbable; the event is not expected to occur D - Unlikely Potential; the event might occur at some time C - Possible Probable; the event will probably occur at least once B - Likely A - Almost certain Very likely; the event will occur in most circumstances RISK EVALUATION TABLE

LEGEND

ANNEX G

RISK TREATMENT SCHEDULE AND PLAN


NAME OF SITE / UNIT / FACILITY:

Function / Activity:
Risks in priority order (Refer to risk register) Possible Treatment Options Considered Preferred Treatment Option and Reason for Selection Risk rating after treatment Risk Owner: Person/s responsible for implementation of risk treatment Timetable for implementation How will risk and the treatment be monitored

ANNEX H

PROTECTIVE SECURITY SURVEY REPORT TEMPLATE

PROTECTIVE SECURITY SURVEY REPORT (INSERT UNIT / FACILITY) EXECUTIVE SUMMARY Aim The aim of the Protective Security Survey (PSS) was to validate the current security compliance with Queensland Healths Implementation Standards. In addition the PSS aims to categorise assets by criticality to the unit / facility, assess threats to the assets, assess current security measures in place, identify security risks and vulnerabilities and recommend security treatment strategies to reduce security risks. Authority The PSS was conducted the authority of . Scope The PSS of the was conducted by . in accordance with the requirements of and with

Included in the PSS are aspects of physical, personnel, information and administrative security, but specifically excluded are Methodology The following methodologies were used in planning, developing and conducting the PSS: Obtaining authorisation. Establishing the scope and nature. Identifying and meeting key stakeholders. Carrying out a critical Asset identification. Conducting a Threat Assessment. Conducting a physical reconnaissance of the by day and night to assess the present security regime control measures and to conduct a vulnerability assessment. g. Conducting a Security Risk Analysis from information obtained at d f. h. Developing the Security Risk Treatment Strategies, and i. Producing and presenting the PSS report. Unit / Facility Description a. b. c. d. e. f.

The

is located in

. The unit / facility provides

Key Issues The PSS highlighted the following: a. The unit / facility is a Asset. b. The assets identified for the time of the survey within it were: (1.)Major: (2.)Important: (3.)Sensitive: (4.)Support: (5.)Routine: c. Threat Sources that could impact on assets range from . Specific details are in the report at paragraph d. Deficiencies exist within the present security regime. These are specifically detailed in the report. They are by paragraph number: e. Security Risks range from to . Specific details are in the report at paragraph f. Some (insert details eg. 10 ) security vulnerabilities were identified. Specific details are in the report at paragraph Conclusion The PSS conducted on established that the present security regime meet minimum security standards required by Queensland Health and there are security risks that require treatment. Efforts should be made to ensure that Queensland Healths assets at risk are protected accordingly. Mandatory Standards / Recommendations It is recommended that the mandatory security standards and recommendations in the report at be actioned.

File Number: Health Service Chief Executive Officer For Information:

PROTECTIVE SECURITY SURVEY REPORT References: 1. Queensland Health Occupational Health and Safety Management System Implementation Standard 2. Queensland Health Emergency, Preparedness and Business Continuity Guidelines (as applicable) 3. AS STD 4485 Part 1 Security in Healthcare Facilities 4. 5. Introduction On Queensland Health staff conducted a PSS of the carried out the PSS with assistance from .

Authority The PSS was conducted in accordance with the requirements of Ref A D ( as applicable) and with the authority of . Aim / Scope The aim of the PSS was to provide executive management with an appraisal of security, as so detailed in the agreed Terms of Reference, to ensure minimum standards have been met and also to identify, threats, vulnerabilities and security risks to unit / facility assets. The Terms of Reference is at Annex . Excluded from the PSS was Information Technology (IT) security, other than physical security of computer hardware and software, and Emergency Preparedness and Continuity Management (as applicable). This report outlines the organisation of the unit / facility and provides a summary of existing security measures and deficiencies found. The report states if the minimum security standards of Queensland Health are being met at the time the PSS was conducted and also makes recommendations to mitigate security risks.

Organisation Location is located at .

. It consists of

. A location and site map is at Annex

Role The role of the unit / facility is Unit / Facility Description The Unit / facility is . The unit / facility consists of personnel employed within the unit / facility. Management Structure The unit / facility is managed by Unit / Facility Categorisation The is itself a . Asset Identification and Categorisation are its people, property / infrastructure information, functions and reputation. Assets identified at the time of the PSS by category were: Major: Important: Sensitive : Support: Routine: It should be noted that does / does not maintain an critical assets register. A copy of the Asset Register is at Existing Security Regime and is part of . There are some

Protective Security Policy and Implementation Standards Security Responsibilities Security Plan Security Operating Procedures Previous PSS, Security Risk Assessments, Inspections or Reviews Security Incidents Annual Occupiers Statement for the Maintenance of Fire Safety Installations and QFRS external reports Physical Security Perimeter, Security Fencing and Gating Systems External and Internal Facility Security Signage Grounds Car Parks Security Lighting

Security Alarm Systems Building Security Classification Control of Facility Entry . Access Control Systems Identity Passes CCTV Systems Duress Alarm Systems Key Control Systems Drug Control and Management Security Rooms, Vaults, PC Rooms, Containers and Locks Security patrols normal hours Security Patrols after hours Video conferencing networks Personnel Security Criminal History Checks / Pre employment screening

Security Training and Awareness Information Security Information Systems Information Systems Security Responsibilities Control and Management of Classified Information and media Risk Management Threat Source Assessment A Threat Source Assessment was conducted. Threat sources range from . Annex X also includes the threat assessment matrix used to assess threats sources to QFSS assets. Vulnerability Assessment ( insert quantity eg. Ten ) security vulnerabilities have been identified that could allow a threat source to exploit a weakness in the present security regime control measures and increase the likelihood of security risk being realised. A Vulnerability Identification List is at Annex . Security Risk Analysis / Security Risk Treatment Schedule and Plan The unit / facility conducted a Security Risk Analysis facilitated by . Security Risks range from to A copy is at Annex . Annex X also includes consequence, likelihood and risk evaluation tables used in the risk assessment process A Security Risk Treatment Schedule and Plan is at Annex . Security Risks are analysed from the evaluation of the total protection provided to the unit / facility and its assets. The assessment considers threats, vulnerabilities, consequences and the likelihood of such occurrences being realised. The assessment also takes into account the current security regime (control measures) to mitigate the consequences of the risk occurring and / or to reduce the likelihood of such occurrence.

Conclusion The purpose of the PSS was to validate the current compliance with, or otherwise, with Queensland Health Security minimum standards and to assess the appropriateness and effectiveness of security safeguards in place for the protection of Queensland Health Assets. From the PSS the following is concluded: (EXAMPLE ONLY BELOW.) a) The unit / facility is a Asset. b) The assets identified at the time of the survey within it were: Major: Important: Sensitive: Support: Routine: c) Threat Sources that could impact on assets range from . d) Deficiencies exist within the present security regime. They are: There is no hospital or ED Security Plan. There are no hospitals SOPs and the ED SOPs are ad hoc and were last reviewed some12 months ago. There has been no SRA conducted for the ED. No security register is maintained for the facility. e) Security Risks range from to . f) (Insert number eg. Ten ) security vulnerabilities were identified that can increase the chance of a threat being realised. Mandatory Security Standards / Recommendations (EXAMPLE ONLY BELOW.) Mandatory Security Standards To meet Queensland Healths minimum security standards management must: a) Develop and maintain a Security Plan . b) Develop and maintain hospital and ED SOPs . c) Conduct an ED SRA every two years . d) All staff must have a criminal history check . e) All staff must undergo ABM team restrictive practices training every 12 18 months . f) Develop and maintain a Security Incident Register ).

Recommendations To further mitigate security risks and to increase protection in depth it is strongly recommended that management: a) Implement the Security Risk Treatment Plan recommendations at Annex . b) Implement the Vulnerability recommendations at Annex , Serials . c) Upgrade the following to support the security regime:

I concur / not concur

Annexes: (example only. Others as required) A. Terms of Reference B. Site Map C. Diagrammatic Layout of ED D. Asset / Resources Register E. Threat Source Identification Register F. Building / Buildings Security Classification Register ( see example at Attachment1) G. Vulnerability Identification List H. Security Risk Register I. Risk Treatment Schedule and Plan Attachment/s 1. Building Security Classification Register template 2. Example Building Security Classification Johnson Hospital ED Disclaimer The SRA and risk ratings are advisory information for management decision. Management should consider the report findings and recommendations in context to the overall security and asset risk to the Health Service / Division.

ANNEX I TRAINING AID ONLY

VULNERABILITY ASSESSMENT GUIDE OF SECURITY CONTROL ELEMENTS


The security of a facility or building requires the use of concentric levels of control and protection to provide progressively enhanced levels of security. This is known as the Security-in-Depth Principle. The key elements of security controls using the Securityin-Depth Principle are those components that contribute to the management of risk through their ability to: Deter an attack; Delay an attack; Detect an attack; Respond to an attack and its effects; Recover from an attack and its effects. A guide to manage vulnerabilities is listed below: 1. Physical Controls 1.1 Signage Crime prevention signage can provide a psychological deterrent. Examples of suitable signage include: WARNING These premises are protected by a Security Alarm System. WARNING Guards patrol these premises WARNING 24 Hour CCTV Monitoring WARNING Guard Dog On Premises STAFF ACCESS ONLY BEYOND THIS POINT TRESPASSERS will be prosecuted, etc
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

No

No

No

No

1.2 Perimeter Barriers 1.2.1 First Point of Control: Site Perimeter Fencing Fencing is normally used to designate property boundaries. Physical and symbolic barriers can be used to attract, channel or restrict the movement of people. They minimise opportunities for crime and increase the effort required to commit crime. By making it clear where people are permitted to go or not go, it becomes difficult for potential offenders to reach and victimise people and their property. Illegible boundary markers and confusing spatial definition make it easy for criminals to make excuses for being in restricted areas. However, care needs to be taken to ensure that the barriers are not tall or hostile as to create the effect of a compound1. Fencing can also be used to enclose security areas or protect hazardous materials (e.g. LPG supply containers). However, where fencing for a facility is installed as a security control it must also be supplemented
1 A site perimeter fence is a psychological barrier only, as it does not hinder or stop an event if the adversary decides to attack. The fence line will help confirm a trespasser, but it will not physically prevent anyone from crossing it the moment the decision is made to do so. This control is only effective for general public and low level criminal elements. It will not deter highly motivated threat sources or persons under the influence of substance abuse (alcohol or drugs).

with regular patrolling, continuous observation, or an intruder-detection system supported by an assessment capability. To be effective, fencing must be checked and repaired on a regular basis. Frequently, the fence fabric is not properly attached to the support poles and the bottom wire is not secure. Erosion of the ground under the fence often results in gaps or washouts that may permit someone to crawl under the fence providing cover to potential adversaries or a possible platform for climbing over the fence. 1.2.2 Second Point of Control: Buildings and Structures Outer Perimeters Buildings of various types represent the most common barrier used to protect Queensland Healths security interests. It is important that doors offer resistance to forced entry and, when necessary, reinforcement is required for door-jams, louvers, and baffle plates. Windows, when relied on as physical barriers, must be constructed of shatter resistant, laminated glass of a minimum thickness, and installed in fixed frames so that the panes are not removable from the outside. It is essential that window frames are securely anchored in the walls; and that windows can be secured from the inside with either a lock or latch. Unattended openings, under certain conditions, should be alarmed or equipped with steel wire mesh, which are checked for integrity during patrols. Heating, ventilation, and air conditioning (HVAC) intakes and returns must be located to minimise contamination by outside agents entering mechanical systems. Central system fresh air intakes should be located above grade at a sufficient height to prevent contamination and tampering. The level of security built into the building should be appropriate to the level of threat, and value or criticality of the assets protected within (e.g. people, property, information). The Class2 of building needs to be considered to ensure that the perimeter barriers comply with necessary emergency egress and safe movement. 1.2.3 Third Point of Control: Security Rated Areas/Saferooms The aim of this barrier point is to restrict access into Secure or Intruder Resistant areas contained within buildings or structures. Secure Areas are specifically designated areas which require special security precautions, equipment or structural reinforcement. They may include areas that store valuable and attractive items, sensitive information, drugs, medicines or other accountable medical and clinical items. Intruder Resistant areas could include Safe-rooms specifically designed or designated for refuge.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

No

No

No

2 As specified in the Building Code of Australia

1.3 Uniformed Security Patrols Uniformed security patrols can provide surveillance of assets, escorts for staff safety, and a response force to security and duress alarms, lock-up and open-up of facilities, and monitor and report hazards (e.g. poor housekeeping, electrical equipment left on, unserviceable lighting, etc., or be able to ensure that all sensitive medical-in-confidence information and materials are appropriately secured, and hence, not left vulnerable to compromise. Uniformed security guards are normally employed under contract and accordingly, should have a well drafted Statement of requirements detailing exactly what their role and functions are, the scope of their service, and specific skills and competency requirements. In concert with the client, the security service provider should produce a detailed set of Assignment Instructions agreed to by both the client and service provider. In the event of heightened threat levels, the service provider should have the capacity to provide additional uniformed security patrols when necessary.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

YES

YES

No

1.4 Covert Security Patrols The use of covert security patrols should be limited to the management of specific threats (e.g. internal threats - theft/pilfering of drugs, disclosure of sensitive and privacy information, etc.).
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

Partial

YES

YES

YES

No

1.5 Projectile Shield The installation of security screens and security doors have the capacity to add an additional layer of protection over these said portals providing they are correctly installed. They are also useful for maintaining a security barrier between a buildings occupants and the external environment when the primary door and window barriers need to be left open for ventilation.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

PARTIAL

YES

No

1.6 Proximity to local traffic (pedestrian and vehicle) How close is the facility or buildings proximity to local traffic? This control relies on a Crime Prevention Through Environmental Design (CPTED) concept known as Natural Surveillance. It is a principle control in the protection of a defensible space. Criminals are least likely to act when there is substantial risk of their actions being witnessed. Hence, environments in which legitimate occupants can exercise a high degree of visual control have the greatest likelihood of criminal activity being observed and reported. The level of traffic and community environment will obviously impact on the level of control that this measure can provide.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

PARTIAL

PARTIAL

PARTIAL

No

1.7 Open Lines of Sight (absence of building or terrain cover) Does the facility or building have open lines of sight? This control is also a CPTED concept (See Figure C1). Obstructions such as overgrown vegetation or large fences that block sight lines provide a cover for criminal activity.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

No

YES

No

No

FIGURE 1

1.8 Area Lighting Conditions Lighting is of primary importance in the operation of an effective external detection system. Effective lighting provides a deterrent to adversary intrusion, assists a protective force (Guards or Police) in locating and assessing intruders and foreign objects (suspicious items), and provides for effective use of CCTV as a surveillance and assessment tool. Lighting for roadways, pedestrians and car-park areas is also required to meet minimum specified luminescence at ground level. Failure to comply with the minimum standards could be in breach of OHS legislation and leave an organisation vulnerable to litigation. AS 1158.3 Lighting For Roads and Public Spaces (Pedestrians) and AS 2890.1 Parking Facilities, specify minimum acceptable standards of illumination.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

No

YES

No

No

1.9 Gating Systems Perimeter gates serve as the entry and exit points in and out of the propertys boundary. The integrity of gates installed on a property perimeter should be the same as, or better than, that of the fence in which they are installed. In residential applications, gates can be fitted with bells as a simple way of alerting residents that the fence is being opened. In facility security applications, where gates are used as access control points, they should be kept to the minimum number necessary. The weak link in a gate is usually the hardware hinge and locks.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

PARTIAL

No

No

1.10 Building Materials Construction features vary throughout Queensland Health facilities and buildings; however, there are a number of basic requirements to consider when evaluating walls, ceilings and floors. In general it is important that building materials be solid and offer penetration resistance to, and evidence of, unauthorised entry. Shatterresistant, laminated glass of a minimum thickness may be used if visual access is required. Standards Australia provides guidelines for a variety of construction elements and hardware3. From both a safety and security perspective, the selection of appropriate materials is an essential element of protection control. For example, as a duty of care requirement, the following information regarding the use of normal (monolithic annealed) glass is provided: Buildings fitted with glass panels made of monolithic annealed glass, which was normal industry practice prior to the BCA highlights a number of vulnerabilities. Windows provide only minimal penetration delay to adversaries and require enhancement to provide significant penetration resistance. Windows should follow the balanced design principle so that they will not be the weak link in a physical security barrier system. Normal annealed glass does not offer any penetration delay as it is easily broken with very little effort. The location of the window also affects the upgrading required. Standard glass materials are highly frangible. Penetration by hand tools generally requires only a few seconds. There are also OHS considerations, as described in AS 1288-2006 Glass in Buildings. Glass panels considered subject to human impact are those situated within 2000mm of the ground level. As some glass in buildings is in more vulnerable areas, the current Standard breaks this up into four main groups, high risk, medium risk, low risk, and no risk. The major factor governing each panel classification is the likelihood of a person impacting with it, which could result in injuries caused by broken glass. Hence, the installation of glass panels to the high risk windows (i.e. ground level) on a Queensland Health owned facility or building presents a duty-of-care requirement to make the building safe. Because a person who is in charge of premises has the capacity to make those premises safe, or unsafe for that matter, then the occupier will be prima facie responsible if injury occurs to persons who come on to the premises. It is also important to highlight that a case law example indicates that the duty of care extends also to a trespasser. In Papatonakis v Telecommunications Commission4 the High Court referred to the duty in the following terms: An occupier of land is under a general duty of care to a person entering on the land, whether as invitee, licensee or trespasser, independent of any special duty, where there are circumstances giving rise to the general duty. That is now the settled law of this country5. Due to the increasing incidence of injuries caused by ordinary glass, most buildings today need to comply with current standards that require safety glass to be installed in high risk areas (i.e. those windows that may be subject to human impact eg. ground level windows). There are three main types of safety glass: 1. Wired reinforced 2. Toughened float 3. Laminated glass. The most important characteristic of these products is that if they are broken (either by accident or deliberate with implements or use of explosive materials), the glass does not break into large dangerous pieces that can cause serious injury to

3 Refer HB:167 Appendix C. 4 (1984-85) 156 CLR 7 5 Per Dawson and Brennan JJ at p 50

people. The various forms of glazing to consider include: a) Bullet Resistant Glazing. With respect to Bullet Resistant Glazing, Amtac recommends Australian Standard (AS) 2343 Parts 1 and 2, Bullet-Resistant Panels for Interior Use, be used as the minimum standard. b) Impact Resistant Glazing. Amtac recommends Australian Standard (AS) 3555, Building Elements Testing and Rating for Intruder Resistance as the minimum standard to be used where impact resistant glazing is required. c) Security Glazing. Glass on its own (monolithic glass) is generally not used as a means of providing a protective security barrier unless treated or combined with other materials to achieve an adequate barrier against various forms and levels of attack. Glazing panels are available in a number of different forms and care should be exercised to choose a type which is suitable for the intended purpose. d) Monolithic Glass annealed, thermally toughened, heat strengthened, and chemically toughened glass, generally provides almost no physical attack resistance. e) Wired Glass provides marginally more physical attack resistance than monolithic glass. f) Laminated Glass made up of layers of glass of the various basic types bonded together with layers of various forms of polymer materials. Laminated glass generally provides some physical attack resistance. The attack resistance varies with the thickness of the glass and/or the interlayer and the physical/chemical properties of the same. g) Polycarbonate polyvinyl butyral, urethane and other polymer type materials are typical of materials used as either the main layer or as a bonding layer in security glazing currently available in Australia. Some security glazing is configured in the form of glass clad polymers to provide abrasion resistance and otherwise protect and improve on other properties of the panel such as clarity, rigidity and resistance to attack by hot implements. h) Fire Resistant Glazing provides resistance to heat and fire. i) Shielding Glass used for reducing radio frequency interference or where electronic eavesdropping may be of concern. j) Alarmed Glass any damage to the integrity of the glass activates an electrical circuit embedded into the glazing panel. k) Sound Attenuation Glazing provides sound insulation.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

PARTIAL

YES

No

No

No

Note: The use of sub-standard glass can increase the consequences of both a security incident and safety accident. For example, an explosion initiated by a fire, system failure or bombing has the potential to project glass great distances increasing the risks of injury to personnel. Sub-standard glass is also easily penetrable and does not meet acceptable levels of Intruder Resistance, for security or crime prevention purposes. High winds and adverse weather can break glass into buildings that increase the risks of injury to the building occupants. However, to comply with duty-of-care requirements, all external glass panels located within

2000mm of the ground should be fitted with safety glass that complies with AS 1288 as a minimum safety requirement. Where a security rating of Intruder Resistance is also required, AS 2343 and AS 3555 should be referred. 1.11 Vehicle Control Points (VCPs) VCPs provide access control to staff-car parks or other restricted areas as necessary. Where the risk to personnel is unacceptable, VCPs should be considered. VCPs can be operated by an electronic access card, intercom to a security point monitoring the VCP with CCTV, or a posted security guard.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

YES

No

No

1.12 Buffer Zones Buffer zones are a control measure with the aim of creating distance between an asset and a threat source. This is also known as stand-off distance. There is no ideal stand-off distance, as it is determined by the type and level of threat, the type of construction, and desired level of protection.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

PARTIAL

YES

No

No

No

1.13 Construction Codes Security planning and design are multidisciplinary, relying on a combination of established national codes, standards, best practices and operational activities. Collectively, these benchmarks create a baseline for design professionals, building owners, and facility managers to use when enhancing building security. Understanding the types and available standards and how they best apply to each building type and owner is an important first step for developing a comprehensive security plan and an effective emergency response. Construction codes typically include: Building Code of Australia Local Government requirements Relevant Australian Standards Work Health, Safety and Welfare Legislation Fire Safety and Fire Protection requirements Self imposed corporate requirements. Codes, industry standards, and guidelines typically address performance criteria, quality of materials and construction methods, and life safety issues. Conflicting interdisciplinary requirements must be coordinated. For example, security systems that control or restrict access may conflict with life safety requirements. Security design should conform to relevant industry standards whenever possible.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

PARTIAL

YES

No

No

No

1.14 Personnel Screening Pre-employment screening aims to ensure that Queensland Healths resources are placed in the care of people who are honest, trustworthy, mature, tolerant, loyal and willing to safeguard those resources against misuse. This is a corporate wide control. AS 4811 Employment Screening and Standards Australia HB:323 Employment Screening Handbook provide guidance on this subject. Employees, inclusive of contractors remain the greatest threat due to their access and knowledge. Hence, notwithstanding the importance of the initial screening process, after-care is also critical. After-care however, is very much reliant on good supervision of staff, inclusive with decisive management action in the event of incidents or events that warrant follow-up and monitoring to mitigate potential vulnerabilities. Throughout the duration of employment, every employee should have a supervisor who understands that they are not only responsible for the persons performance, but also for the persons lack of compliance. Therefore, supervisors must be aware of the expectations of their staff, follow up and ensure expectations are met, be told if an employee contributes to an incident and know how to deal with incidents properly. When dealing with governance and compliance, it is of utmost importance that senior and mid-level management understand these topics even more so than the employees, because theyll be the enforcers.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

PARTIAL

No

YES

No

No

2. People Controls 2.1 Employee Awareness Program Ongoing Awareness Training is needed to ensure the maintenance of a security aware culture. Motivating people to care about security is a tough job, but it is one of the most critical responsibilities of all staff in the workplace. Security in the workplace truly is everyones business. Security issues and procedures may be obvious to experienced security personnel; however they may not nearly be as clear to an employee. While the workforce may know it has specific objectives of their respective positions, a mindset that incorporates Security Awareness is also required. A security-minded workforce understands the objectives of a security program and realise that everyone has a role to play in protecting the organisations assets and reputation.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

No

YES

No

No

2.2 Entry Searches Under specific circumstances entry and search controls may need to be established to prevent the introduction of contraband (i.e. weapons, drugs). Search systems range from physical and visual search procedures to the use of specialized detection equipment, such as metal and explosive detectors, and X-Ray machines. Since these types of equipment are heavily dependent on personnel actions, the operators must also be competent in the use of the equipment. Furthermore, the equipment must be properly installed, calibrated and maintained. The legal framework in the use of search controls must also be clearly understood by both the operators and management to ensure the procedures are performed IAW the law.

ELEMENT OF CONTROL

Deter

Delay

Detect

Respond

Recover

CONTROL COMPONENT AIM

No

No

YES

No

No

2.3 Employee Termination Procedure When an employee leaves, whether voluntarily or involuntarily, there is always a degree of risk involved. Therefore, it is vital that the process be as fluid as possible. Holding an exit interview reduces this risk as it is a good time to remind employees that they are legally bound to comply with the organisations security policies, as dictated by the non-disclosure and confidentiality agreements they signed. Additionally, it is important to retrieve physical items like keys, identity cards, disable IT system accounts, and deactivate the employee's access to areas and services that were once privilege. This will prevent them from remotely accessing services and information they should no longer have access to. One of the greatest vulnerabilities to all organizations is the people that work for the organization (internal threat). The most important thing to remember about a termination procedure is that without it, an organization may find security gaps and other security vulnerabilities that someone, the disgruntled employee per say, can take advantage of. Employee termination is inevitable; therefore, consistent procedures should be a control for managing this process.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

No

No

YES

No

2.4 Staff Training In contemporary life, security should and must now consider and encompass issues such as strategy, governance, ethical conduct, safety and organisational performance. For security risk management to be successfully integrated into the fabric of organisations and society it must become a fundamental part of the leaders tool-bag along with all the other required management functions. The development, maintenance and sustainment of a robust security risk management program now requires fundamentally that the person or persons responsible for undertaking the responsibilities have a thorough understanding of the principles and practices of risk management first and foremost. This must be accompanied by a thorough understanding of security and asset protection. Hence, those responsible for the day-to-day management of security risk management functions must be appropriately skilled, and maintain currency of those skills, in order to thoroughly understand the security management systems that they are responsible for, and the importance of maintaining best practice.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

YES

YES

YES

YES

2.5 Personnel Movement Controlling the movement of personnel in and around a healthcare facility greatly enhances security. Compartmentalization will isolate and minimise compromising conditions. For example: Separating the emergency department (ED), physically and environmentally, enables the rest of a healthcare facility to remain operational if the ED is contaminated. Planning for progressive building failure must consider the location and functional relationships between essential patient care facility components and support functions. Physical isolation of building and HVAC systems can maintain healthcare facility operations if the security or physical integrity of the facility is breached. Minimising exits and entries limits unauthorised access and allows the option of a lock-down in an emergency. Providing adequate security and staff supervision reduces opportunities for crime directed at and within the facility. Public circulation routes should be logical and well marked, especially to elevators, the admissions department, coffee and gift shops, and public functions. Clear circulation addresses the need for an environment of care and security concerns, allowing a clear distinction between public circulation, staff, and support zones, and facilitating identification of unauthorised persons in secure areas. Security areas should be established when the nature or importance of sensitive matter or security interests is such that access to them cannot be effectively controlled by other internal measures. Access to security areas should be limited to persons who possess an appropriate clearance and who require access on a needto-know basis. Personnel movement is normally controlled by access and search controls, personal identification systems, positive verification of identity, a visitor log, and signs indicating that unauthorised entry or trespassing is prohibited. Balancing the need for security and openness is an ongoing challenge for all public health facilities.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

YES

PARTIAL

No

2.6 Ethical Frameworks and Monitoring Good supervision of staff can identify personnel problems prior to them developing into security issues. There is a growing focus on the ethics of organisations and Queensland Health is not immune. Ethics is not just about fraud and this misuse of resources, it is something that pervades every part of our lives and it is not as simple as right or wrong actions. Organisations worldwide appear to be grappling with the more diverse range of ethical considerations and Queensland Health is no different. Ethical conduct is important to security, as the greatest threat is the internal threat.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

PARTIAL

YES

No

No

2.7 Identity Cards An identity card system is implemented to identify staff, contractors and visitors. Identify cards may also serve as access control passes to ensure that only authorised personnel enter, occupy, or leave security controlled areas. Identity cards should be managed within the healthcare facilitys security department. Records documenting the disposition of all identity cards require the date of issue, description and serial number of ID, department, and name of holder. Blanks should also be protected against loss, theft and unauthorised use. They should be promptly recovered from terminated employees, long term visitors, student workers, and contractors before their departure from the site. Long term employee ID photos need to be updated as personal appearances change. When IDs are reported lost, the matter should be managed as a security incident, and all personnel responsible for controlling access must be informed so that they are able to prevent unauthorised personnel from using the lost ID.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

PARTIAL

No

YES

No

No

2.8 Law Enforcement Response Law enforcement is important for managing behaviour which in turn contributes to the overall security of a healthcare facility. Police are the primary source of law enforcement in our community, hence, it is important that managers of healthcare facilities maintain a close relationship with local Police and use their resources for evaluating the security risk landscape that the healthcare facility and its employees operate and live in. The Hospital and Health Boards Act 2011also provides for the appointment by instrument of Authorised Persons and Security Officers. Under the Act, these appointments have law enforcement powers relating to the control and regulation of traffic on a healthcare facility property.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

PARTIAL

No

No

YES

No

2.9 Management Supervision Managers and supervisors are the most important link in the chain as far as security is concerned. It is imperative that managers and supervisors are seen to be thoroughly security conscious, insisting on the highest standards of security. Managers and supervisors are responsible for ensuring that: a Security Plan is developed and maintained security training and awareness is provided as part of the induction process and is ongoing to continually reinforce the program all employees understand and fulfil their security responsibilities appropriate security training and awareness records are maintained actions are taken to prevent incidents from recurring.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

YES

No

No

3. Policy and Process Controls 3.1 Risk Management Risk management deals with those aspects of decision making that are uncertain, the nature of that uncertainty, and how it may be treated. Risk management helps decision makers make informed choices. Ultimately, risk management can help with decisions on whether risk is unacceptable and whether risk controls will be adequate and effective. The inputs to the process of managing risk should be based on information sources such as experience, feedback, observation, forecasts and expert judgment. However, decision makers should be informed of and may need to take into account any limitations of the data or modelling used or the possibility of divergence among experts. Risk management must also be responsive to change. The identification, assessment and treatment of security risk assist in the overall management of organisational risk. The current best practice approach to security risk management is describes in the Standards Australia Handbook 167:2006 Security Risk Management. The processes described in HB:167 can be applied at different levels of the organisation, from individual projects or security improvement initiatives, up to whole of organisation security.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

PARTIAL

PARTIAL

PARTIAL

PARTIAL

PARTIAL

3.2 Inventory Control System When establishing the context for a Security Risk Assessment, a vital element of this activity is the identification of critical resources and processes that if compromised (by unauthorised disclosure, loss, damage), would impact upon the ability of the healthcare system to capability. Another perspective of inventory control that contributes to the security risk management function is the management of preventative and reactive maintenance of security systems (i.e. locks, ECAS, CCTV, SAS, Fencing, gates, lighting, etc.). For this function, Queensland Health employs a software system known as the Computer Maintenance Management System (CMMS). The aims of CMMS, is to support business processes used by Queensland Health in the delivery of comprehensive maintenance and facility operations programs.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

YES

No

No

3.3 Internal Audit and other Assurance Practices Audit and assurance practices are a method of establishing performance measurements against defined criteria. They also provide a framework for accountability. The ISO 9000 and ISO 14000 series of International Standards emphasize the importance of audits as a management tool for monitoring and verifying the effective implementation of an organisations quality and/or environmental policy.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

PARTIAL

PARTIAL

PARTIAL

PARTIAL

PARTIAL

3.4 Lock-key Practices Key control is a critical element of any physical security program. Several steps should be followed when establishing and managing a mechanical key system. Inventory the facility to identify the number and types of locks in the building; Determine the operational needs of employee; and Establish policy; and procedures for key distribution.
Deter Delay Detect Respond Recover

ELEMENT OF CONTROL

CONTROL COMPONENT AIM

No

YES

No

No

No

3.5 Housekeeping The maintenance of good housekeeping contributes to the detection of compromises in security. Failure to implement a clear-desk policy along with a disorganised workplace introduces vulnerabilities that increase the consequences in the event of an incident (e.g. rubbish to fuel a fire) or prevent the detection and elimination of introduced other threats (hazardous substances).
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

YES

No

No

No

3.6 Process Design A well designed protection system should address a total systems approach that integrates all elements of asset protection, such as OHS, emergency management, and business continuity as well as security. It should be organised in depth and contain mutually supporting elements and be coordinated to prevent gaps or overlap in responsibilities and performance.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

YES

YES

YES

Note: Safety, Security, Emergency Management and Business Continuity system should not be designed and developed in isolation. Each of these critical systems is a vital component of a total systems approach to asset protection. Traditionally, protective principles have been based on a physical security program. However, Asset Protection is much broader than Security. The term security does not adequately describe the full range of functions required to protect an organisation against pure risk losses. Asset protection strategies will only be effective if they are integrated into all other business activities, and integrated with the activities of the

external stakeholders. Internally, the development of an asset protection culture that permeates throughout Queensland Healthcare facilities is required. Effective and efficient management of the asset protection system depends on effective partnerships between all stakeholders. All parties must understand each others issues. Externally, a partnership with the civil emergency services, local council, and community enabling all partners to mutually support the other is needed. As new technologies emerge and threats become increasingly complex and unpredictable, the need to merge asset protection functions is necessary. This process is known as Convergence. 3.7 Authorisation and Delegation Governance Governance is a guiding force that provides direction yet permits organisations and individuals to apply risk management practices and activities in a manner which benefits the relevant environment. However, governance alone will not be sufficient to ensure that duty of care obligations is met. Those personnel that management delegates authority to undertake functions, providing they have been adequately trained, can be held accountable for the outcomes of their actions and inactions. The diagram below illustrates the authorisation and delegation components of governance relevant to Queensland Health
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

YES

No

No

3.8 Policy Framework Policy forms the broader organisational environment. This enabler is used as key strategic shaper of the operational environment. Policy provides the fundamental building blocks for the application of security risk management. A policy statement for an asset protection program should ensure that within the defined scope of the framework it: is appropriate to the nature and scale of potential threats, hazards, risks, and impacts to the organisations activities, functions, products, and services (including stakeholders and the environment) includes a commitment to employees and community life safety as the first priority includes a commitment to continual improvement includes a commitment to continual improvement includes a commitment to enhanced organisational sustainability and resilience includes a commitment to risk prevention, reduction, and mitigation includes a commitment to comply with applicable legal requirements and with other requirements to which the organisation subscribes provides a framework for setting or reviewing asset protection objectives and targets is documented, implemented, and maintained makes reference to limitations and exclusions determines and documents the risk tolerance in relation to the scope of the management system is communicated to all appropriate persons working for or on behalf of the organisation is available to relevant stakeholders includes a designated policy ownership and/or responsible point of contact is reviewed at planned intervals and when significant changes occur is signed by top management.
Deter Delay Detect Respond Recover

ELEMENT OF CONTROL

CONTROL COMPONENT AIM

PARTIAL

PARTIAL

PARTIAL

PARTIAL

PARTIAL

3.9 Emergency Management Emergency management is a vital component of an overall asset protection strategy. It involves the development of a range of measures designed to manage risks from disasters and emergencies. It involves developing and maintaining arrangements to prevent or mitigate, prepare for, respond to, and recover from a range of emergency incidents. Best practice adopts an All Hazards approach to emergency management. AS 3745 Emergency Procedures for Building, Structures and Workplaces, and AS 4083 Planning for Emergencies Healthcare Facilities should be referred for guidance. Healthcare facilities with Helicopter landing pads should also consider Aircraft Emergency Plans that meet ICAO requirements.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

No

No

YES

PARTIAL

3.10 Business Continuity Management BCM is an important component of an overall asset protection risk management strategy also. A BCM plan should consider firstly what, in fact, the organisation is doing; and secondly, what is the public perception of what the organisation is expected to be doing. From these two questions, the organisation can then further identify those critical processes that support the delivery of what it is required to do, and what may need to be recovered as the result of an incident, for the continuity of operations. In doing so, effective BCM seeks to: manage the combined time critical elements of response and recovery manage any issues or implications arising by fact or perception protect the reputation and ongoing viability of the business recover critical primary functions in a timely and cost effective manner.
Deter Delay Detect Respond Recover

ELEMENT OF CONTROL

CONTROL COMPONENT AIM

No

No

No

YES

YES

3.11 Corporate Governance Essentially corporate governance is a guidance system composed of standard management practices operating within a governance framework designed to suit the organisation. The Practices are essentially common management tools drawn together into a logical, interrelated system focused on achieving results. They can be universally applied to any organisation irrespective of their size, or statutory and regulatory environments. Governance frameworks provide the structure within which the management practices operate. Parts of this structure are mandatory and set by legislation, regulation or listing rules in different jurisdictions, or by policy directives. Others are discretionary and set by Boards and senior management to address the management practices and can vary from department to department even within the same statutory environment. Standard management practices introduce control activities for ensuring: corporate and operational objectives are developed and integrated throughout the organisation; competencies match objectives; clarity of roles and responsibilities; authority matches assigned responsibilities; high standards of ethical behaviour; effective monitoring and reporting systems; and effective and timely information flow throughout the organisation.
Deter Delay Detect Respond Recover

ELEMENT OF CONTROL

CONTROL COMPONENT AIM

YES

YES

YES

PARTIAL

PARTIAL

3.12 Document Control Procedures that provide clear guidelines for drafting (i.e. standard conventions), classifying, storing and transmission of documents should be developed and readily available. All documents that contain procedures and policy should have an amendment/version status so that readers can be confident that they are following the current information.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

YES

PARTIAL

PARTIAL

No

3.13 Communications and Public Affairs Policies and Practices Administrators should develop a media policy well in advance of any incident and inform all staff of its content to ensure that the organisation speaks with one voice and conveys accurate information. Parking areas for media and vehicles should be designated, to ensure that they do not impede emergency vehicular traffic.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

No

PARTIAL

No

No

3.14 Prior Publicised Responses to Security Incidents The maintenance of an incident management system enables the reporting, recording, inquiry and investigation of security incidents. It is a healthcare facility responsibility to ensure that the all security and security related incidents occurring within their facilities or related to their personnel are registered, no matter how trivial they may seem at the time. All security incidents require a level of enquiry to determine the elements of what, where, when, why, who and how; followed by assessment and rectification to prevent a reoccurrence. Serious incidents require a thorough and formal investigation. The collated data can then be used to provide case examples for staff as part of an employee security awareness program.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

No

No

No

No

3.15 Security Access Systems Security access management is a set of policies, plans, procedures, personnel, and physical components that provide control and awareness of assets and activities in and around facilities, buildings or restricted areas. Security access systems control who should be permitted access to facilities, buildings or restricted areas, where they can access (building, room, storage area or container, etc.) and when they can access those areas (work hours only, shifts, etc.). In addition to controlling passage in and out of facilities, buildings or areas, security access systems include the ability to observe and track movement in and out of controlled areas. Organisations grant access for various combinations or persons, depending on the needs and restrictions established. Basic principles of security access systems management include: Limiting the number of access points. Identifying and dedicating secure / restricted areas. Providing transition areas between secure / restricted and non secure / restricted areas. Minimising interference with fire protection and life safety systems.

Conforming to building code requirements for the mobility of persons with disabilities (e.g. wheelchair access). Layering of security systems. Providing an audit trail. Security access systems are generally employed with a barrier system and may comprise of: Lock and key system Combination locks Turnstiles and revolving doors Electronic Access Control Systems (ECAS) that employ a swipe or proximity card to activate ID/Card systems that a guard must recognised before allowing entry Biometrics The type of system used will depend on the level of control and audit required.
Deter Delay Detect Respond Recover

ELEMENT OF CONTROL

CONTROL COMPONENT AIM

YES

YES

PARTIAL

No

No

4. Technology Controls 4.1 Intrusion Detection and Alarms Intrusion-detection systems consist of both an alarm and an assessment system, and are usually layered for both interior and exterior applications. Exterior systems are designed to provide the earliest possible detection of an unauthorised intrusion, as far away from the security interests as possible. The interior intrusion detection system may be even further divided into layers according to the configuration of secure / restricted areas and the required level of protection. Since alarms and detection systems require a power source for operation, it is necessary that an auxiliary power source consisting of batteries and/or generators be available. And that switchover is immediate and automatic if the primary power source fails. Furthermore, to ensure effective operation of alarms and detection devices, the system must be tested regularly and be subject of a preventative maintenance program.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

No

YES

No

No

4.2 Password and Encryption Keys Computer based information systems have provided a means of storing large capacities of information. Where that information is deemed to be sensitive, the use of passwords and encryption keys is a control for protecting the information. Users, who are provided with a password or encryption key for protecting sensitive information stored on a computer, must in turn protect the knowledge of the password or encryption key, so that they cannot be used by another person to gain unauthorised access to the computer system.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

No

No

No

4.3 Firewalls Firewalls are another form of control for the protection of computer based information system connected to a network. Firewalls enable a computer to filter incoming and outgoing communications in order to prevent an external attack (i.e. unauthorised access from another computer).
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

YES

PARTIAL

No

No

4.4 Mail Screening A mail room is a vulnerable point for introducing security threats and safety hazards into any facility. Accordingly, security of the mail room is critical to the safety of a Healthcare facilitys day-to-day operations. Where a healthcare facility has a mail room, it should be located in a remote area and have some form of access control. Staff employed in mail rooms should be training in the screening of mail and all emergency procedures associated with the identification of suspicious mail and packages
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

No

YES

No

No

4.5 Surveillance Capability The attractiveness of assets as security/crime targets can be reduced by providing opportunities for effective surveillance, both natural and technical. Good surveillance means that people can see what others are doing. People feel safe in areas when they can easily see and interact with others. Would-be offenders are often deterred from committing crime in areas with high levels of surveillance. From a design perspective, deterrence can be achieved by: clear sight-lines between public and private places; effective lighting of space under surveillance; landscaping that makes places attractive, but does not provide offenders with a place to hide or entrap victims. By deploying CCTV surveillance systems, Healthcare facilities can expand the areas in and around their premises being monitored. CCTV surveillance systems may include fixed cameras or pan/tilt/zoom cameras that can be used by security personnel for conducting active security patrols from a remote location.

The ability of a CCTV system to aid crime detection is also the evidentiary value of the recorded image. The usefulness of the recorded CCTV imagery will be determined by the quality of the equipment, the skill of the operator, the period for which the imagery is retained, lighting, distance from subject or incident, weather conditions, and the extent to which the system and its equipment are maintained. Control room operations where the CCTV is monitored from, and imagery recorded and stored MUST for evidentiary purposes be strictly controlled to prevent unauthorised access while in use, during changes in shift and in the event that the building is evacuated. All visitors and contractors entering a control room should sign a visitors log, and should display identifying Cards/passes. Furthermore, the control rooms should be designed in accordance with good ergonomic practice.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

YES

No

YES

No

No

4.6 Systems Penetration Testing Systems penetration testing is a useful method for determining the suitability of current security controls. It can be conducted with the use of both overt and covert manpower to penetrate both active and passive physical security systems, or by attempting a technical attack to a computer system. The outcomes of system penetration tests can be used to make improvements to identified vulnerabilities.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

YES

YES

YES

No

4.7 Panic alarms Panic Alarms (also known as Duress Alarms) provide a means of sending a signal to a monitoring point in order to initiate a response. Like any alarm system, panic alarms must be regularly tested and subject to preventative maintenance.
ELEMENT OF CONTROL Deter Delay Detect Respond Recover

CONTROL COMPONENT AIM

No

No

No

YES

No

ANNEX J

GENERAL SECURITY PLAN TEMPLATE


General Security Plan A Security Plan is defined as the plan of action the organisation intends to use to address its security risks based on the context in which the organisation operates and a thorough risk review it is one of the means by which an organisation will demonstrate a commitment to general risk management. To do this it must contain: The up to date Security Risk Register (detect) and Security Risk Treatment Schedule and Plan (deter delay) on how it addresses its security risks. The Emergency Procedures to respond to security risks, and The Business Continuity Plan (BCP) on how it recovers from security risks when they are realised. Health Service Organisation / Facility Enter the name of the organisation / facility for which the plan is being developed. (e.g. Johnson Hospital) Health Service Organisation / Facility Contact Who is the officer / position responsible for developing and reviewing this security plan. (e.g. Director Corporate Services Johnson Hospital 07 3240 4321) Security Coordinator The name and contact details of the security co-ordinator / position (e.g. Mr Joe Bloggs Security Manager Johnson Hospital 07 3240 1234). Assistant Security Coordinator Who is the assistant security co-ordinator / position responsible for developing and reviewing this security plan? (E.g. Ms Memphis Bell WH&S Officer Johnson Hospital 07 3240 1234). Clinical Units / Department Contacts Contact Officer Contact Details

Assets / Resource Register Identify all assets to the organisation / facility and categorise them for criticality. Assets are defined as an item or process that an individual, community or Government values and is important to supporting the expectations of these peoples, organisations or Governments outcomes and objectives. It consists of an organisation PEOPLE, PROPERTY, INFORMATION, ACTIVITIES / FUNCTIONS and REPUTATION. This will come from the Security Risk Management and Asset Protection Program (SRMAPP). (e.g. Johnson Hospitals assets by listed criticality are detailed in Annex A.)

Threat Source Assessment Document internal, external and non human threat sources that could cause harm to the organisation / facility assets. This will come from the Security Risk Management and Asset Protection Program (SRMAPP) (e.g. Johnson Hospitals threat source assessment is detailed in Annex B) Vulnerability Assessment Document all identified security vulnerabilities which could be exploited by a threat source. This will come from the Security Risk Management and Asset Protection Program (SRMAPP). (e.g. Johnson Hospitals identified security vulnerabilities are detailed in Annex C) Security Risk Register Document all identified security risks which would impact on the organisation / facility. This will come from the Security Risk Management and Asset Protection Program (SRMAPP). (e.g. Johnson Hospitals identified security risks are detailed in Annex D) Security Risk Treatment Schedule And Plan Document in priority order for treatment all security risks. This will come from the Security Risk Management and Asset Protection Program (SRMAPP). (e.g. Johnson Hospitals security treatment schedule and plan is detailed in Annex E) Security Plan Review Period Details of Review: What elements of the security plan will be reviewed. Who will conduct the review. (e.g.1. The Security Plan is to be reviewed prior the annual submission of the WH&S tool requirements to Q Health Review Date: Date the review will be performed (10 NOV 10) Official Endorsement Position: Name: Signature: Date: Annexes: A. B. C. D. E. F. G. Assets / Resource Register Threat Source Assessment Vulnerability Assessment Security Risk Register Security Risk Treatment Schedule and Plan Organisation / Facility Emergency Procedures Organisation Business Continuity Plan (BCP)

ANNEX K

PROTECTIVE SECURITY RISK EVALUATION (PSRE) TOOL TEMPLATE


Stage 1 Preparation and review of the last PSS PSRE Team Name: Name: Name: Position: Position: Position:

Asset / facility / organisation under review comments:

Last PSS date: Mandatory Requirements comments:

Recommendations comments:

Security Risk Treatment Schedule and Plans comments: Stage 2 Asset / Resource Appreciation Review Asset / Resource Appreciation Review Comments:

Stage 3 Threat Assessment Review

Threat Identification Register Review Comments:

Stage 4 Vulnerability Identification List Review Comments: Identification of the effectiveness of current security controls in place and vulnerability assessment review

Stage 5 - Risk Analysis Likelihood (Probability) Table This table defines the likelihood or probability of the risk occurring, based on the information available at the time of assessment.
E - Rare D - Unlikely C - Possible B - Likely A - Almost certain Very unlikely; the event may occur in exceptional circumstances Improbable; the event is not expected to occur Potential; the event might occur at some time Probable; the event will probably occur at least once Very likely; the event will occur in most circumstances

Step 1 Threat Source / Threat / Risk Identification and Likelihood Assessment


Threat Source /Threat / Risks A B C D E Comment / Identified Vulnerabilities

Step 2 - Consequence or Impact of Threat Source / Threat / Risk Occurrence


Threat Source / Threat / Risks 1 2 3 4 Comments

Risk Evaluation Matrix

Risk Legend

Consequence Legend

Step 3 - Threat / Risk and Priority for Treatment - EXAMPLE Threat / Risk Likelihood + Consequence Level of Threat / Risk Priority for Treatment

Stage 6 - Develop risk treatment strategies and recommendations Cost Benefit Analysis Threat / Risk Total Cost

Legend N.B. All events are measured in $ terms (CP + CT + CR + CI) [I (E + P)] CP = Costs of permanent replacement CT = Cost of temporary substitute CR = Total or related costs CI Lost income Note 1 I = Available insurance amount Note 2 E= Excess payable P = Proportion of insurance premium Note1. This includes workers compensation, superannuation, Sick leave, civil action claims, training, damage to plant % equipment, down time i.e. investigation costs, counselling, production days lost, material damage etc. Note2. Queensland Health is its own self insurer for other areas than Workers Compensation and Motor Vehicles Does not include such things as loss of morale, drop off in productivity of individuals which can impact dramatically on a units operational effectiveness and efficiency.

SECURITY RISK TREATMENT SCHEDULE AND PLAN

RISK TREATMENT SCHEDULE AND PLAN


NAME OF SITE / UNIT / FACILITY:

Function / Activity:
Risks in priority order (Refer to risk register) Possible Treatment Options Considered Preferred Treatment Option and Reason for Selection Risk rating after treatment Person/s responsible for implementation of option Timetable for implementation How will risk and the treatment be monitored

ANNEX L

PROTECTIVE SECURITY RISK EVALUATION TOOL - EXAMPLE


Stage 1 Preparation and review of the last PSS PSRE Team Name: Henry Bloggs Name: Memphis Bell Name: Henry James Position: Security Manager Position: CNC ED Position: Manager BMS

Asset/facility / organisation under review comments: Emergency Department Johnson Hospital. Last PSS dated 14 APR 2008. Mandatory Requirements comments: These have been completed. Recommendations comments: Paragraph 50 sub para d, upgrade SOPs for internal security of store rooms for the ED is still outstanding. Security Risk Treatment Schedule and Plan Comments: Risk priorities 1, 2, 3 and 4 have been partially actioned as follows: Priority 1 less option 1 (additional seclusion room) due to funding. Priority 2 less option 2 (CCTV) due to funding. Priority 3 less CCTV Priority 4 - less CCTV Stage 2 Asset / Resource Appreciation Review Asset / Resource Appreciation Review Comments: The current asset / resource register was reviewed by the PRSE Team and the following amendment was made: PEOPLE: Serial 3 Allied Health Staff upgraded to a criticality value of 5 MAJOR. PROPERTY: Serial 16 Disaster Response Stores upgraded to a criticality value of 5 MAJOR. OPERATIONAL / FUNCTIONAL: Serial 47 Morgue downgraded to a criticality value of 3 SENSITIVE. Stage 3 Threat Threat Identification Register Review Comments: The

Assessment (TA) Review

current threat identification register was reviewed by the PSRE Team and the following amendment was made: INTERNAL THREAT SOURCE: Disgruntled staff upgraded to MEDIUM. This is due to a number of threats increasing from this source.

Stage 4 Identification of the effectiveness of current security controls in place and vulnerability assessment review

Vulnerability Identification List Review Comments: The vulnerability identified list was reviewed by the PSRE Team. An updated Vulnerability Identification List is at Annex XXX of PSRE report.

Stage 5 Risk Analysis Step 1 Threat Source / Threat / Risk Identification and Likelihood Assessment
THREAT SOURCE /THREAT / RISKS External criminal Level L Arson attack outside ED impacting on ED functions. Intrusion into ED and theft of staff personnel effects. A B C D E COMMENT / IDENTIFIED VULNERABILITIES POSSIBLE: There have been 2 attacks in the last 12 months on the cardboard storage area outside the rear exit of ED. LIKELY: There have been 2 cases in the last two months. The rear entry door has regularly been found wedged open. This leads to the staff room. ALMOST CERTAIN: Recorded security incidents have increased in ED. Through put numbers in ED have risen since last PSS. Is expected to occur at least once per week. UNLIKELY: As above. No second seclusion room provided.

Violent patient/drug affected patient/intoxicated patient Level VH Injury to staff in ED from occupational violence Damage to critical equipment needed in ED from occupational violence

Loss of power Level L Major power outage impacting on ED causing re direction (by pass) to other hospitals after failure of emergency generators to provide emergency power Loss of internal telephone communications Level L Collapse of internal communication system across hospital causing communication failure with stakeholders Likelihood (Probability) Table This table defines the likelihood or probability of the risk occurring, based on the information available at the time of assessment. May occur in exceptional circumstances only / May occur at least E - Rare once in a period of 5 years or more D - Unlikely C - Possible B - Likely A - Almost certain Might occur sometime but not expected / Might occur at least once during a period of five years or less Could occur, capable of happening, foreseeable / Could occur at least once in 12 Months Is expected to occur occasionally / Is expected occur at least once per month Is expected to occur frequently, in most circumstances / Is expected occur at least once per week UNLIKELY: There have been 2 cases in the last 2 years and numerous brown outs (reduced electrical supply) within the facility. Emergency generators have cut in and are regularly maintained.

UNLIKELY: There have been two cases in the last 4 years.

Step 2 - Consequence or Impact of Threat Source / Threat / Risk Occurrence THREAT SOURCE /THREAT / RISKS External criminal Level L Arson attack outside ED impacting on ED functions. 1 2 3 4 COMMENTS MINOR: The last attack on 12 MAR 10 forced a staged evacuation of the area into the ED smoke compartment and QFRS intervention. Minimum harm caused. NEGLIGIBLE: Staff dissatisfaction within local unit. No effect on services or programs

Intrusion into ED and theft of staff personnel effects. Violent patient/drug affected patient/intoxicated patient Level VH Injury to staff in ED from occupational violence Damage to critical equipment needed in ED from occupational violence Loss of power Level L Major power outage impacting on ED causing re direction (by pass) to other hospitals after failure of emergency generators to provide emergency power

NEGLIGIBLE: No injury / illness - no time lost, minor adjustment to operational routine.

MODERATE: Loss of function, major harm caused

MODERATE: Loss of function, major harm caused

Loss of internal telephone communications Level L Collapse of internal communication system across hospital causing communication failure with stakeholders

MODERATE: Loss of function, major harm caused

Consequence Legend

Step 3 - Threat / Risk and Priority for Treatment Threat / Risk


Arson attack outside ED impacting on ED functions. Intrusion into ED and theft of staff personnel effects. Injury to staff in ED from occupational violence Damage to critical equipment needed in ED from occupational violence Major power outage impacting on ED causing re direction (by pass) to other hospitals after failure of emergency generators to provide emergency power Collapse of internal communication system across hospital causing communication failure with stakeholders

Likelihood + Consequence
C+2 B+1 A+1 C+3 D+2

Level of Priority for Threat / Risk Treatment


MEDIUM (7) MEDIUM (5) HIGH (11) HIGH (14) MEDIUM (6) 4 6 2 1 5

D+3

MEDIUM (9)

Risk Evaluation Matrix


Consequence Likelihood RareE UnlikelyD PossibleC LikelyB AlmostCertainA 1 Minor Low(1) Low(2) Medium(4) Medium(5) High(11) 2 Moderate Low(3) Medium(6) Medium(7) High(12) High(13) 3 Major Medium(8) Medium(9) High(14) High(15) VeryHigh(18) 4 Extreme Medium(10) High(16) High(17) VeryHigh(19) VeryHigh(20)

Risk Legend

Stage Six- Develop risk treatment strategies and recommendations Cost Benefit Analysis THREAT / RISK Arson attack outside ED impacting on ED functions. Intrusion into ED and theft of staff personnel effects. Injury to staff in ED from occupational violence Damage to critical equipment needed in ED from occupational violence Major power outage impacting on ED causing re direction (by pass) to other hospitals after failure of emergency generators to provide emergency power Collapse of internal communication system across hospital causing communication failure with stakeholders TOTAL COST $ 2000 $120 $1200 $12000 $14000

$12000

Legend N.B. All events are measured in $ terms ( CP + CT + CR + CI) [I (E + P)] CP = Costs of permanent replacement CT = Cost of temporary substitute CR = Total or related costs I = Available insurance amount Note 2 P = Proportion of insurance premium Note1. This includes workers compensation, superannuation, Sick leave, civil action claims, training, damage to plant % equipment, down time i.e. investigation costs, counselling, production days lost, material damage etc. Note2. Queensland Health is its own self insurer for other areas than Workers Compensation and motor vehicles Does not include such things as loss of morale, drop off in productivity of individuals which can impact dramatically on a units operational effectiveness and efficiency. CI Lost income Note 1 E= Excess payable

SECURITY RISK TREATMENT SCHEDULE AND PLAN EXAMPLE Priority: Priority 1: Collapse of internal communication system across hospital causing communication failure with stakeholders. Threat / Risk: Medium: Manage by specific monitoring or response procedures locally. Likelihood of occurrence: Unlikely: Might occur sometime but not expected / Might occur at least once during a period of five years or less. Consequence of occurrence: Moderate: Disruption to a number of areas within a location or Health Service, possible flow on to other locations. Likely cost to the organisation / facility of the threat / risk occurring: There have been two cases in the last four years which have disrupted hospital operations for two-three hours until the telephone system has been repaired. Costs have been estimated to be some $12000 per event in lost productivity. Recommended treatment strategies: Develop a CODE YELLOW plan using the Fire Wardens structure and Early Warning Information System (EWIS)within the main hospital building to maintain central communications with the Emergency Management Team (EMT) in the Emergency Control Centre (ECC). Purchase an additional 10 VHF radios to provide back up communications in high risk areas, patient care areas, BMS response officers and EMT. Cost outlay $ 6500. Reduces the risk from MEDIUM to LOW by reducing the likelihood to Rare. Person responsible for timetable implementation and monitoring function: Person responsible DR Lisa Dale - EMT Assessors Details: Position and Name Henry Bloggs Memphis Bell Henry James Security Manager CNC ED Manager BMS Timetable for implementation Immediate Monitoring function QA Unit / EMT

Signature Henry Bloggs Mephis Bell Henry James

Date: 30 June 2010 Stage Six is now complete.

ANNEX M

PROTECTIVE SECURITY RISK EVALUATION REPORT TEMPLATE


PROTECTIVE SECURITY RISK EVALUATION REPORT ( INSERT LOCATION E.G. JOHNSON HOSPITAL EMERGENCY DEPARTMENT ) EXECUTIVE SUMMARY Terms of Reference The aim of the PSRE was to (insert details from the Terms of Reference TOR). A copy of the TOR is at Annex A. Authority The PSRE was conducted The PSRE of the with the authority of . .

was conducted by

Methodology The following methodologies were used in planning, developing and carrying out the PSRE: Obtaining authorisation. a) Establishing the aim and objectives. b) Identifying and meeting key stakeholders. c) Reviewing the mandatory requirements, recommendations, Security Risk Treatment Schedule and Plan from the last PSS ( insert date eg. 14 APR 08 ) d) Reviewing the current Asset / Resource Register. e) Reviewing the current Threat Identification Register. f) Conducting a physical reconnaissance of the by day and night to conduct a vulnerability assessment to update the Vulnerability Identification List. g) Conducting a Security Risk from information obtained at d g above. h) Developing Security Risk Treatment Strategies to counter identified security risks; and i) Producing and presenting the PSS report. Unit / Facility Description The is located in . The unit / facility provides

Key Issues The PSRE highlighted the following: a) Recommendations and Security Risk Treatments from the last PSS remain outstanding. Specific details are at Annex B, Stage 1. b) The unit / facility is a Asset. c) The PSRE Team amended ( if applicable ) the Asset Register by criticality value as follows: Major: (insert amended changes eg. PEOPLE: Serial 3 Allied Health Staff upgraded to a criticality value of 5 MAJOR) Important: ( insert amendments as applicable) Sensitive: ( insert amendments as applicable ) Support: ( insert amendments as applicable) Routine: ( insert amendments as applicable )

d) e) f) g) h)

Specific details are at Annex B, Stage 2. An updated copy of the Asset Register is at Annex C. Threats to assets range from . The PSRE Team amended (if applicable) the Threat Identification Register as follows (insert amended details e.g. INTERNAL THREAT SOURCE: Disgruntled staff upgraded to MEDIUM). Specific details are at Annex B, Stage 3. An updated Threat Identification Register is at Annex D. The PSRE Team identified (if applicable) some (insert quantity) vulnerabilities that could be exploited by a threat source to cause harm. Specific details are at the updated Vulnerability Identification List at Annex E. Security Risks range from (insert levels eg. MEDIUM) to . Specific details are at Annex B, Stage 5. There are a number of security risks that were identified that require treatment. These are detailed at Annex B, Security Risk Treatment Schedule and Plan (insert as applicable eg. Priorities 1 - 10)

Conclusion The PSRE conducted on established that some recommendations and Risk Treatment Strategies were still outstanding from PSS (insert date eg. of 14 APR 08 ), and that additional security risks have been identified that require treatment. Recommendation It is recommended that the recommendations, Risk Treatment Schedule and Plan from the PSS of (insert date eg. 14 APR 08 ) and the recommendations of PSRE Risk Treatment Schedule and Plans be actioned. Should management elect not to treat these risks details should be entered in the Security Plan to that effect.

I concur / not concur

Annexes: A. Terms of Reference B. PSRE Tool C. Asset Register D. Threat identification Register E. Vulnerability Identification List Disclaimer The SRA and risk ratings are advisory information for management decision. Management should consider the report findings and recommendations in context to the overall security and asset risk to the Hospital and Health Service / agency. GLOSSARY OF TERMS An item or process that an individual, community or Government Assets values and is important to supporting the expectations of those peoples, organisations or Governments outcomes and objectives. Assets are categorised as People, Property, Information, Activities and Reputation Asset protection The protection of assets people, property, information, activities and reputation Outcome of ane event affecting objectives Consequence The importance or dependence that an organisation has on a Criticality person, function, process, item or infrastructure or specific facility (source HB167) Assets which if destroyed, degraded, or rendered unavailable for Critical assets an extended period will impact on social or economic wellbeing, activities, information or reputation of individuals or organisations A source of potential harm (source AS4360) Hazard Integrated Risk Management Framework (QHRisk) Likelihood Policy and associated standards which outline Queensland Healths intent, roles and responsibilities and implementation requirements in the systematic application of the risk management process in all activities undertaken at all levels of the organisation Chance of something happening (whether defined, measured or determined objectively or subjectively, qualitatively or quantitatively, and described using general terms or mathematically) AS/NZS ISO 31000.2009 Used as a general description of probability or frequency (source AS4360) That part of the overall management and governance structures that includes organisational structure, planning activities, responsibilities and accountabilities, procedures, processes and resources for developing, implementing, achieving, reviewing and maintaining Occupational Health and Safety policy and governance and thereby managing the risks associated with the organisation conducting its business activities (adapted from AS1801) Effect of uncertainty on objectives An effect is a deviation from the expected positive and / or negative

Occupational Health Safety Management System

Risk

Objectives can have different aspects such as financial, health and safety, and environmental) and can apply at different levels (such as strategic, organisation-wide, project, product and process). AS/NZS ISO 31000.2009 The chance of something happening that will impact on objectives (source AS4360) Process to determine the Level of Risk expressed in terms of the combination of consequence(s) and Likelihood. Refer to Risk Analysis Matrix. The overall process of risk identification, risk analysis and evaluation (source AS4360)

Risk analysis Risk assessment Risk management

The culture, processes and structures that are directed towards realising potential opportunities whilst managing adverse effects (source AS4360) The preparedness, protection and preservation of people, Security property and information, both tangible and intangible. (source HB167) Security Incident Any event or circumstance involving or affecting the individual or organisation that causes or is likely to cause a loss (physical or otherwise), disruption, or fear arising from the deliberate activities of other parties. Where impacts are, or could potentially be realised against people, property or information Security Control Any action that reduces the probability of a risk occurring or reduces its impact if it does occur. An existing process, policy, devise, practice or other action that acts to minimise negative impacts or enhance positive opportunities (source AS4360) Security risk management is the culture, processes and Security Risk structures that are directed towards maximising benefits and Management minimising adverse effects associated with the intentional, unintentional or unwarranted action of others against assets The plan of action the organisation intends to use to address its Security Plan security risks based on the context in which the organisation operates and a thorough risk review it is one of the means by which an organisation will demonstrate a commitment to general risk management Anything that has the potential to prevent or hinder the Threat achievement of objectives or disrupt the processes that support them. A source of or potential for harm to occur. A threat can be a source of risk (source HB167) Any weakness that can be exploited by an aggressor to make an Vulnerability asset susceptible to change (source HB167)

Reference documents: 1. NSW Health Policy and Guidelines for Security Risk Management in Healthcare Facilities 2003 2. AS STD 4485.1 and 4485.2 Security for Healthcare Facilities Parts 1 and 2 1997 3. Security Risk Management Australia and Edith Cowan University Training Notes Mark Golsby 4. AMTAC Electronic Security Risk Management Guide Notes Rick Draper and Keith Wilson 5. Department of Defence DSM V 2 2006 (UNCLAS ) 6. QLD Health Risk Management Tool 20 April 1999 7. Griffith University Centre of Crime and Public safety Document Developing and Implementing a Security Management Plan Mark Golsby and Rick Draper 8. Department of Defence, Defence Security Branch Protective Security Practitioners Manual, 25 October 2001 Keith Wilson 9. Standards Australia HB 167: 2006 Security Risk Management 10. Queensland Health Emergency Preparedness & Continuity Management Guidance Document 11. QH Integrated Risk Management Policy and Supporting Implementation Standards Integrated Risk Management Policy (13355) 2008 Implementation Standards: Standard 1 - Roles and Responsibilities Standard 2 - Reporting Standard 3 - Risk Analysis Matrix Standard 4 - Integrated Risk Management Information System (QHRisk) Standard 5 - Preventative Law (Legal Risk)

4.

SECURITY INCIDENT MANAGEMENT AND INVESTIGATION

4.1 Procedures for Management of Security Incidents Each Hospital and Health Service (and agency) shall nominate a Protective Security Coordinator (coordinator). This position may be part of a wider range of duties but includes the development and implementation of local procedures and systems for aligning Hospital and Health Service / agency protective security activities with Queensland Health Policies, strategies and healthcare security accreditation standards. The development and implementation of a general Security Plan (SP) and security procedures is a requirement of Security Risk Management and Asset Protection Implementation Standard. Procedures to be developed will include the management and investigation of security incidents. Additional information regarding incident management, investigation, reporting and control is found Occupational Health and Safety Incident Reporting, Investigation and Recording Implementation Standard; Occupational Health and Safety Incident Investigation Severity Assessment Codes Protocol; and Workplace Incident Reporting Guideline. 4.2 Principles of Incident Management A security incident is defined as any event or circumstance involving or affecting the individual or organisation that causes or is likely to cause a loss (physical or otherwise), disruption, or fear arising from the deliberate activities of other parties where impacts are, or could potentially be realised against people, property or information. Principles which underpin the management of incidents within Queensland Health are: Fairness - Staff, patients and visitors involved in incidents will be entitled to be treated fairly by Queensland Health; Accountability Queensland Health and its staff have a duty to take reasonable care to avoid causing harm to patients, visitors, employees, contractors, volunteers, and themselves. Accountability for incident management will be clearly articulated; Transparency Full and open communication should occur as part of incident management. Staff and patients reporting incidents should receive feedback on the results of investigations when preventive actions are taken or recommended; Improvement focus Analysis of incidents should focus on addressing three questions: What happened?, Why did it happen? and How could it be prevented? Implementation and evaluation of corrective actions is an essential component of incident management; Focus on systems, not individuals - Analysis and investigations should focus on identifying and correcting underlying system problems rather than focusing on an individual. (It is acknowledged that allegations of official misconduct or criminal behaviour will require an individual focus and will be addressed through separate disciplinary systems); Obligation to act The obligation to take action to remedy problems is clearly accepted and the allocation of this responsibility is unambiguous and explicit; and Prioritisations of action - Resources are directed to those areas where the greatest improvements are possible.

4.3 Incident Reporting Queensland Health employees appointed as a security officer shall be issued with an official security notebook to record factual information regarding security incidents and events. All Work health and safety incidents and near misses (including security incidents) must be reported using Queensland Health Incident Management System (IMS). It is the system mandated for use throughout Queensland Health. The incident however, may need to be reported in more than one system. For example, PRIME (Patient Safety Incident Recording System), IMS and the networks security occurrence log All staff should immediately report security incidents to facilitate prompt incident investigation and appropriate response. The coordinator shall monitor and maintain records of all security incidents and breaches to provide valuable evidence for evaluating the effectiveness of the Health Services security risk management (SRM) processes. Records may include: source of greatest threat potential target areas vulnerabilities. Maintenance and retention of records shall be in accordance with Queensland Health Records Management Policy. 4.4 Security Incident Investigation Incident investigation will determine the nature of the incident and its impact on the organisation. Investigation procedures should be developed with the following considerations: Incident investigations are carried out promptly Investigations are conducted in a supportive and non-judgmental way Inclusion of any evidence (photographic, audio, physical) Focus on identifying the underlying root cause/s and contributing factors Not apportion blame Focus on system breakdowns and identifying control measures to prevent recurrence Investigations undertaken in consultation with appropriate stakeholders such as local Work health and safety unit and subject matter experts Canvas all sources of relevant information such as witnesses, incident reports, relevant work procedures, the working environment, equipment used, level of supervision at the time, relevant training provided and expert advice Inclusion of an operational review if relevant Investigation outcomes result in clear recommendations to senior management to address the causes and where possible, prevent a recurrence. A successful security investigation process results in clearly articulated recommendations to prevent recurrence, identifies resource implications (if any), identifies responsibility for implementation of the recommendations and outlines appropriate time frames. Responsibility for investigation should be placed on a particular individual who may consult with appropriate persons, such as subject matter experts. If the incident is serious in nature, the investigating staff member will advise senior management, who must consider whether specialised internal or external Agencies for example Audit and Operational Review Branch, Division of Work Health and

Safety are to be involved. Senior management are responsible for determining ongoing progress. If at any point during the investigation there is any indication of a criminal offence, Police must be informed without delay. Police may assist with advice or undertake specialised inquiries. Where the investigation involves the questioning of individuals, this should be done promptly whilst memories are fresh. Investigating officers must be cognisant of any potential legal implications of their inquiries and of the rights of those persons being questioned or investigated. An incident should not be considered in isolation. It may be possible to draw conclusions from an examination of incidents that have occurred over a period of time. The most effective way to prevent a recurrence of a security incident is to determine why it happened (i.e. identify the contributing risk factors) and take steps to prevent its recurrence (i.e. eliminate the risk or develop and implement control strategies). 4.5 Controlling and Preserving an Incident Scene The staff member controlling an incident scene must: assess the area and maintain personal safety and the safety of others at all times commence immediate evacuation of persons from the affected area if deemed unsafe not touch anything unless it is necessary to aid injured persons or to prevent further injury or harm remain calm and provide assistance to injured persons, only if safe to do so call for appropriate assistance to deal with the situation take steps to secure the area from non-essential personnel where possible, take photographic evidence of the scene remain on the scene and delegate others to undertake specific tasks make accurate notations (time and description of events as they occur) protect evidence where possible. Preserving a workplace incident scene is essential in securing evidence which may assist in: determining events which preceded an incident establishing the cause of the incident identifying relevant events which followed the occurrence of the incident. The security and integrity of an incident scene must be maintained to prevent evidence from being contaminated, destroyed, lost or altered. If the incident scene must be disturbed, such as to provide first aid or resuscitation to a victim, a record of the disturbance must be made and the investigating officer advised as soon as possible The following methods assist in effectively preserving the scene: Allocation of security or control staff Isolation of areas of interest by utilising or erecting physical barriers Evacuation of all non essential personnel. Maintain records of the movement of people and do not allow removal of evidence or unauthorised entry into the area. 4.5.1 First Aid First aid or assistance should be provided to injured persons until the arrival of emergency services or a clinician. Further information contained in Additional Risk Categories Implementation Standard.

4.5.2 Hand Over To Investigating Officer Depending upon the type and magnitude of the security incident, Queensland Police Service may take charge of the scene. They should be provided with all relevant information and be given appropriate assistance in dealing with the matter. For other significant incidents not requiring Police attendance the local OHS Unit and the security coordinator should attend the scene to evaluate further investigation requirements. 4.5.3 Documentation and Records A record of events should be maintained with information establishing: the facts prior to the incident, during the incident and post incident. Facts include time, location, who, what, when, where, how and why who was present at the scene from the time of the incident, including those persons who arrive or depart, when this occurred and where they have gone what people have done or what they have touched what persons involved in or witnesses to the incident say observations such as location and description of visible evidence such as blood spills, footprints, and/or weapons. 4.6 Preserving Evidence Every effort must be made to protect evidence until an investigation can be conducted. Consideration must be given to the manner in which evidence is handled which may include: using latex or safety gloves placing and sealing the evidence in a suitable receptacle labelling evidence appropriately with date, time, nature of contents/evidence, location where found, and name of investigating person maintaining and recording the continuity of possession which is that evidence must be clearly labelled and marked showing the name of the person who first takes possession and any subsequent possession of the evidence including, date, time and location possession took place. 4.7 Safe Handling of Illicit Drugs or Hazardous Substances Unnecessary handling of illicit drugs or hazardous substances must be avoided. The area should be made safe by restricting unauthorised personnel. Where possible, the item should be left in situ and assistance obtained from the relevant expert or Agency such as Police, Queensland Fire and Rescue Services. If no other option exists and it is deemed safe to move or handle the illicit or hazardous substance, the investigating officer should place the whole item including the original packaging into a sealable plastic bag or receptacle which is appropriately labeled. Adequate safety precautions must be taken. 4.7.1 Syringes Liquid still present in a syringe must not be expelled. The syringe must be carefully placed in an approved sharps/syringe container and labeled. If an approved sharps container is not available, each syringe or sharp may be placed in a hard sided container such as a cardboard box, tin, bottle or plastic container. A warning should be placed on the container to indicate that the syringe and its contents are within the container. Staff must practice extreme caution when placing, removing or handling a syringe or sharps container. Individual syringes should be placed in different sharps containers to avoid cross contamination and make handling safer.

4.7.2 Documents Documents may include anonymous letters, extortion notes and indecent or threatening letters. These may or may not be anonymous. Suspicious items must be handled with care. Security staff should: avoid touching or applying pressure and therefore making indentations not attempt to repair damaged documents package each item in a separate plastic envelope or large paper envelope. 4.7.3 Firearms The first priority is to ensure the safety of all persons. In the first instance, Police should be contacted and the incident area protected. This may require a responsible person being positioned near the weapon to prevent unlawful access or tampering. Police will, upon arrival control the environment. No attempt should be made to remove cartridges, dry fire or unload the weapon under any circumstance. 4.7.4 Biological Evidence Biological evidence such as blood stained clothing, seminal fluids, etc. should be protected from the elements and should not be handled. Where it is necessary to move the evidence, each item must be packaged separately. If the item is wet it must be handled in such a way that any possible spatter patterns are not destroyed. The item must be placed in a plastic bag, clearly labeled and stored in a refrigerator. If the item is dry, it must be packaged in paper. 4.7.5 Fingerprints and Footprint Impressions Special care must be taken to avoid walking on or touching any article, item or thing that may hold a latent fingerprint, footprint or impression. If necessary, additional barriers or protection may be placed over or around the evidence to protect from accidental or purposeful contamination. 4.8 Injury Management Loss or disruption when a workplace incident occurs can be significant, not only in terms of human suffering but also from a financial and operational perspective. The two key factors that interact to reduce the effects of a workplace injury for the injured staff member and the employer is early intervention and early return to work. Persons suffering physical or psychological injury should be referred to the Health Services Work Health and Safety Unit, Rehabilitation in accordance with Workplace Rehabilitation and Return to Work Policy. 4.9 Post-Incident Management Post-incident management strategies include: procedures for reporting the incident investigation of the incident to identify when it occurred, who was involved, and what could be done to prevent recurrence procedures for providing support to any person/s involved in or affected by the incident. For example, Employee Assistance Programs and Victims of Crime. The severity and outcome of an incident will determine the type and level of postincident management. Appropriate actions could include: providing medical treatment providing relief staff to allow individuals exposed to the incident time to recover and regain composure incident debriefing

critical incident debriefing counselling (individual or group sessions) rehabilitation and return to work .

4.10 Roles The healthcare facility should identify people who are suitably qualified to carry out the following roles and functions: Coordination of the post-incident response Conducting debriefings Providing counselling. 4.10.1 Supervisors Role Supervisors should be aware of the signs and symptoms of post-incident psychological behaviour or ill health through observation of staff actions and work patterns. Supervisors will support affected persons and ensure support mechanisms are available by advising the Health Service Work Health and Safety Unit of the incident and its effects as soon as practicable following the incident. 4.10.2 Post-Incident Debriefing Health Services shall develop procedures for post-incident debriefing which should occur as soon as possible after the incident and include the involvement of clinical and security staff and others involved in the incident. Persons involved in or having knowledge of contributing factors to the incident should be encouraged to participate. Incidents vary in severity and varying emotions may exist and these should be appropriately dealt with to reduce any stress response and/or ongoing difficulties. The debriefing should be offered so people affected can discuss the event, their thoughts, emotions and feelings in a no blame atmosphere. Peer debriefings provide those affected by the incident with validation of their feelings and support from within their own peer group. The debriefing also offers opportunities to reinforce with the group that an individuals response is normal and acceptable and that counselling is available if needed. 4.10.3 Counselling Counselling provides assistance and support to those people who are psychologically affected by an incident. Participation in counselling is voluntary. Refer to the Employee Assistance Program on QHEPS http://qheps.health.qld.gov.au/eap/. 4.11 Possession and Use of Notebooks The purpose of this section of the Guidelines is to ensure the use of official security notebooks across Queensland Health is consistent and in accordance with the requirements of legislation, judicial precedent and best practice standards. The corporately approved Notebook must be supplied by Queensland Health and not an individual. Each Notebook will contain a unique sequential reference number. Each page of the Notebook will be sequentially numbered. Adequate stocks of Notebooks will be maintained at all Queensland Health facilities. Official notebooks will be stored in a secure location. Notebooks will be corporately supplied in the first instance. Hospital and Health Services may self-publish upon depletion of the initial supply of notebooks provided that they meet all the requirements. The purpose of making notes is to record details which might otherwise escape the memory and it is therefore essential that notes are made legible, written in ink, and are in sufficient detail.

4.11.1 When to Use a Notebook Notebook records will be made in the following circumstances: a) attendance at an incident that involves physical interaction with any person; b) attendance at any event where a security officer has utilised a power afforded to them by the Hospital and Health Boards Act 2011 or any other legislation relevant to their position as a security officer; c) any incident where an offence has been or is alleged to have been committed; d) any event that would constitute a report on the Hospital and Health Service security reporting system; e) any event where a security officer receives or acts upon the direction of a person in authority (E.g: clinician, supervisor); f) any event which results in damage to an asset belonging to the health service Hospital and Health Service; and g) incidents where the officer thinks a complaint will be made (bring to a supervisors notice as soon as possible). Contents of the Notebook shall provide factual account of events which when used in evidence constitutes protection against false or mistaken attack upon the character of a security officer. Security Managers and Security Officers shall carry, use and maintain a notebook when on duty. Each security officers notebook (Notebook) is a public document and is subject to Right to Information legislation. Whilst not in use the notebook shall be secured in a personal locker or other secure receptacle or returned to the supervisor at the end of the allocated shift. A Notebook entry will be made on every shift, however it is not a minute by minute diary. The minimum entry will be day and date, rostered duty and allocation of duty. At the end of the shift the full width of the page must be ruled off immediately. The information, which should be recorded at any scene, will vary. The following is a guide to the minimum information required: a) Time b) Exact location c) Occurrence or offence d) Name, age (DOB), occupation, address, telephone number of person involved or witness the events; e) Details of action by security officers and others. Dialogue should be recorded in the first person in the Notebook. No erasures, liquid paper, or other obliteration should be made and any incorrect entry should be neatly struck out by black or blue pen and initialled. When a new Notebook is required, it will be issued by a supervisory officer/line manager. A new notebook will not be issued until the old notebook has been completed and examined by a supervisory officer, who will certify this by endorsing the rear inside cover of the old notebook. The supervisory officer will then complete the register and complete and sign the inside front cover of the new notebook.

It is the responsibility of all officers to update their Notebooks. Supervisors are to ensure compliance by inspecting official notebooks on a monthly basis, and endorsing accordingly. On completion of an official notebook it is to be handed to a supervisor who will ensure it is signed off and archived in accordance with Queensland Governments General Retention and Disposal Schedule for Administrative Records. In the event of cessation of employment, security officers shall ensure that all official notebooks issued to them are returned to Queensland Health. Notebooks which have been lost or stolen shall be reported to the supervisor immediately. The supervisor shall issue a replacement notebook and ensure a security incident report is raised in Queensland Healths Incident Management System and an annotation is made in the Notebook Register.

5.

SECURITY AND THE PHYSICAL ENVIRONMENT

Physical security is an important element of the total security program. It comprises the physical measures taken to: protect staff, clients and others from deliberate harm prevent loss or damage to assets unauthorised disclosure or loss of information. Such measures include the: o effective access control o utilisation of physical and electronic security control measures o monitoring and response arrangements to manage security risks. As some measures and actions are mandatory under legislative requirement, Queensland Health Policies, Implementation Standards and Protocols, decisions regarding whether or not to implement optional security measures or actions shall be based on the outcomes of an effective security risk assessment (SRA) conducted in accordance with the methodologies provided in AS Handbook HB 167 Security risk management. In all cases, security actions shall be supported by staff training and documented procedures including contingencies for staff to follow. 5.1 Australian Standards Health service chief executive officers and other managers responsible for health service employees shall establish security management systems which adopt AS 4485 Security for healthcare facilities, as follows: a) Part 1: Represents the minimum requirements for security within Queensland Healths healthcare facilities b) Part 2: May be used as a primary reference document for security, with reasonable measures being implemented proportionate to the security risks identified. Where possible, elements of Part 2 should be met or exceeded. 5.2 Design and Construction Every effort should be made to eliminate security risks through effective design of facilities and the built environment. Situational crime prevention and in particular Crime Prevention Through Environmental Design (CPTED) focuses on preventing opportunity for crime or unwanted behaviours rather than the characteristics of the perpetrator. 5.2.1 Security areas Security areas may be a building or part of a building or a room that has security measures in place for the protection of an organisations asset. Final design and construction of these areas will depend on the nature of the asset requiring protection and the findings of a comprehensive SRA. Security areas are classified as: burglar resistant areas intruder resistant areas controlled areas unsecured areas (i.e. those areas that do not meet the above). 5.2.2 Burglar resistant area (BRA) BRA is an area which is secured in a suitable manner for handling currency, drugs, storage of classified information in appropriate security containers and other assets. A BRA may also be a controlled area.

The physical security feature of a BRA should include: Tamper evident barriers, highly resistant to unauthorised entry, with no unsecured openings. This includes: ensuring that a floor to ceiling perimeter barrier is established to prevent any intrusion over wall structures; any windows in the construction fabric are: o reinforced with shatter proof film o internally security grilled o made of attack resistant glazing roller shutters used for after hours security have the capability of being locked internally and have no external locking devices on them; utilisation of an approved Australian Security Intelligence Organisation (ASIO) or high grade security alarm system with whole-of-area electronic detection coverage, including ceiling space, entry / exit doors and roller shutters, with reliable communications link to an effective response force providing after hours coverage of the area; or after hours internal security patrols that physically check all key points at random intervals not exceeding two hours provided there are sufficient security officers to respond effectively to security related incidents; doors which are: o minimum of 45mm thickness and comply with AS 2689: for timber doors; o when outward opening with external hinges exposed, fitted with door hinge bolts and detection devices linked to the alarm system; o when heavy duty, fitted with automatic door closers; and o fire rated when required; use of roller shutters, when used for after hours security, have internal locking capability and have no external locking devices on them; door locks and cylinders are ASIO approved for secure area applications with strike shields on any exposed lock latches and bolts on outward opening doors. Stand alone after hours security deadlocks are to be used for after hours security in an area also classified as a controlled area; and customer service window/s are made of attack resistant glazing or are fitted with shatter proof film. Opening/s within the window/s should enable staff to carry out transfer operations with safety, whilst maintaining communication with staff and patients. 5.2.3 Intruder resistant area (IRA) IRA are those areas which are secured in a manner suitable for the use, handling, storage of classified information in appropriate security containers and assets which are value to the facility including hazardous materials. The physical security feature of an IRA should include the following: Tamper evident barriers, resistant to unauthorised entry, with no unsecured opening. This includes ensuring that a floor to ceiling perimeter barrier is established around the perimeter to prevent any intrusion over wall structures. Any windows in the construction fabric are re-enforced with shatter proof film, internally security grilled or are made of attack resistant glazing. Roller shutters used for after hours security should have the capability of being locked internally and have no external locking devices on them. Doors are a minimum of 38 mm in thickness and comply with AS 2689: for timber doors. Outward opening doors, where external hinges are exposed are to be fitted with door hinge bolts. Heavy duty automatic door closers are to be fitted to all doors. Fire rated doors will be used where required.

Roller shutters used for after hours security should have the capability of being locked internally and have no external locking devices on them. All door locks and cylinders are to be ASIO approved for INTRUDER RESISTANT AREA applications with strike shields on any exposed lock latches and bolts on outward opening doors. Customer service window/s are made of attack resistant glazing or are fitted with shatter proof film. Opening/s within the window/s should enable staff to carry out transfer operations with safety, whilst maintaining communication with staff and patients.

An IRA may also be a controlled area. 5.2.4 Controlled area (CA) The physical security feature of a CA should include the following: A means of denying entry to unauthorised persons through the use of an electronic access control system (EACS). The EACS will also have the capability of logging entry of authorised persons. All doors are fitted with door open too long alarms (DOTL). TABLE 1: MINIMUM SECURITY AREA CLASSIFICATIONS FOR DESIGN AND CONSTRUCTION Area / Unit Aircraft hangars Administration general Administration cash handling Areas with Security In Confidence/ Restricted Information Areas with Protected Information Areas with Highly Protected Information CSSD Child minding BRA IRA CA Minimum after hours security requirement 1. See Table 2: Selection of security container requirements 2. Includes Medical Records Comments

As above

As above

Minimum after hours security requirement

Area / Unit Emergency Department Flammable goods store Food services Laboratories and research facilities Laundries and linen storage Maintenance services general Motor vehicle storage Operating theatres and ICU Outpatient Departments and clinics Pharmacy Plant rooms / high voltage rooms Accommodation - staff - visitor /other Store rooms Training facilities Wards general

BRA

IRA

CA

Comments

Doors sets and other combustible material replaced with non flammable ones Minimum after hours security requirement A SRA may determine that as a minimum the area should be a BRA due to the nature of the assets held within it Minimum after hours security requirement Minimum after hours security requirement Dependant on SRA however should normally be held in fenced compound.

IRA minimum after hours security requirement IRA minimum after hours security requirement

Should also meet AS 2067 requirements

External security mesh doors should be fitted with ASIO approved locks and cylinders for IRA applications and a door closer

Minimum after hours security requirement

Area / Unit Aged Children Hospice Mental Health Nursery Prisoner

BRA

IRA

CA 24/7 staffing 24/7 staffing 24/7 staffing

Comments

24/7 staffing. A SRA will determine other physical security requirements for the area. 24/7 staffing Design specifications as per Queensland Corrective Services requirements

5.2.5 Security containers / safes Security containers / safes shall be provided for the safe custody of drugs, small and attractive assets and classified material. Class B and C security containers shall be designed in accordance with Commonwealth Government design parameters for security containers. Details of security containers for the storage of classified material are contained within the ASIO Security Equipment Catalogue (SEC). Table 2 lists standards for the selection of security containers and safes to protect assets in a range of security areas within healthcare facilities. TABLE 2: SELECTION OF SECURITY CONTAINERS * TDR = Torch and drill resistant. Number indicates minutes resistant. Type of asset or classified Controlled BRA Controlled matter Area within Area BRA within IRA Highly Protected Protected In Confidence Class C Class C Lockable steel container None TDR 15 Safe Class B Class C Lockable steel container None TDR 15 Safe TDR 30 Safe Class B Class B Lockable steel container None TDR 15 Safe TDR 30 Safe

IRA

Class B Class B Lockable steel container None TDR 30 Safe TDR 30 Safe

Low value assets and general dispensary items Small amounts of money, medium value assets and drugs of addiction Medium amounts of money, high value assets and dangerous drugs of addiction

TDR 15 Safe

5.3 Security Equipment Security equipment and technologies constitute the physical security element of protective security. They provide much of the security in depth needed for the protection of Queensland Healths assets of people, property, information and operations and activities. Security equipment and technologies cover a wide range of security applications such as access control systems (both manual and electronic), security alarm and detection systems, safes / vaults, locks and cylinders to perimeter fencing and glazing. The Security Equipment Catalogue (SEC present edition 2010), produced by the Australian Governments Security Construction and Equipment Committee (SCEC), lists security equipment and technologies that have been tested by Australian Security Intelligence Organisation Protective Security Section, T4 (ASIO) and have been rated as acceptable for the protection of government assets. The SEC is produced as a recommended guide to assist persons in determining items of equipment available to them for security applications. Staff and/or other services, ie contractors procuring or providing new security equipment and technologies to or on behalf of Queensland Health, must in the first instance use SCEC recommended security equipment and technologies. Should there be no SCEC recommended security equipment or technology available or it is not compatible with existing security equipment or technology in place, a SRA is to be conducted. Following the completion of a SRA, commercial grade security equipment and technologies may be procured or provisioned in accordance with SRA outcomes. Where an electronic security system is warranted, installation and maintenance must be undertaken by a suitably qualified person in accordance with legislative provisions. Testing of technical security systems for example duress alarms and access controls, shall be conducted and recorded in accordance with legislative requirements and relevant Australian Standards. Arrangements should be made to identify a work area where the testing results are maintained. Security equipment should be obtained from reputable suppliers only. Health Services must establish whether or not a standing offer arrangement is in place prior to purchasing security equipment. Electrical and electronic equipment used near flammable or explosive materials must be intrinsically safe. A facility should consider the following criteria in selecting a reputable supplier and/or security installer: Evidence of compliance with industry licensing requirements. Evidence of corporate or individual membership of industry or professional associations. The companys trading history. The opinions of the companys past and current clients. Evidence of compliance with requirements of quality assurance standards; and The companys willingness to use only quality security equipment which is fit for the purpose to which it is to be used and meets appropriate industry and Australian Standards.

5.4 Integrated Security Systems The coordinator is responsible for ensuring the implementation; maintenance and support of integrated security systems. These may consist of: a) Electronic security technologies: CCTV; Access control; Duress alarms; Intruder detection; Perimeter protection; Boom-gates and barriers; Tracking devices (patient wanderer systems, paediatric tracking, property tracking); or Metal detectors. b) Physical security controls: Mechanical access controls (key locks, cipher locks, safes); Gates, barriers, bollards; Property marking (asset identification, engraving, bar coding); or Property tie-down devices. c) Security data and record keeping: Security activities software/register (task allocation, Incident Management Systems); CCTV recording (digital video recording, videocassette recording); Risk Management Reporting (SRA, security audits, security breach reports, protective security notebooks); or Infringement notices and records. d) Communications systems: Intercoms; Help points; Twoway radio communication; Mobile telephones, DECT phones, pagers; or GPS duress. e) Administrative security procedures: Security risk management; Security Plans; Work instructions; Emergency Preparedness and Business Continuity Plans; or Security training and awareness. 5.5 Lighting The primary purpose of lighting is to provide clear visibility, however there are many considerations which need to be taken into account: Glare. Ability to see beyond the light source. Colour for purpose; and Location of light source for purpose. Glare affects the ability for effective natural or technical surveillance (eg. CCTV) often making it difficult to clearly see detail. Appropriate positioning of CCTV, pathways, windows, doors and so forth, can minimise the adverse effects of glare.

Ability to see beyond a strong light source is difficult. Persons wishing to avoid detection often use this effect to advantage. Unable to see potential attackers, unsuspecting victims may be caught unprepared. It is important to select lighting which is appropriate for a required purpose. Brightness, position, glare, direction, flicker and colour affect the way we see. Colour can influence what and how we see it. The use of yellow lighting, for example, in areas targeted by graffiti vandals make colour definition difficult to see. Therefore graffiti vandals gain little pleasure from their work. Alternately, CCTV images are enhanced in strong white light. Colours appear true and images are clearer making identification of people and objects easier. The choice of light colour must be appropriate to the purpose to which it is intended. Correct positioning of lights can provide significant advantage (or disadvantage) in specific instances. For example, incorrectly positioned lights can cast shadows which could make facial recognition difficult. By positioning the lights more appropriately, shadows can be minimised. 5.5.1 Minimum lighting requirements Healthcare facilities are to establish and maintain both internal and external security and safety lighting systems as follows: Illumination to all areas of access/egress, parking and any other service or activities provided by facilities in their normal business; Lighting that has a deterrent effect on potential intruders and enhances the possibility of detection; Concealment areas for guards or security personnel performing their roles; High efficiency with low energy consumption: and Lighting shall conform to and meet the requirements of AS 1680 Interior lighting and AS 1158 Public lighting. 5.6 Closed Circuit Television (CCTV) Installation of surveillance cameras in healthcare facilities is covered in AS 4485.2 Security for healthcare facilities and Closed Circuit Television Systems Protocol. Health Services must determine, and clearly articulate the purpose of CCTV equipment. A SRA undertaken in consultation with all stakeholders will provide evidence in establishing the need for CCTV, the purpose to which they will be put, and the location for installation. CCTV systems may be used to provide surveillance of various areas including, but not restricted to: a) Entrances; b) Car parks; c) Passageways; d) Pharmacy department counter; e) Emergency department; f) Paediatric areas; and g) Perimeter of High/Medium/Low Forensic Mental Health Facilities. They may also be used in conjunction with alarm systems and access control systems to assist personnel in assessing alarm activation or identifying personnels entry/exit activities. For the safety of personnel and for maximum effectiveness the CCTV systems must be suitable for purpose. Where it is determined that monitoring of CCTV systems is the most appropriate and effective use of resources, competent and qualified security staff may monitor CCTV.

5.7 Security Signage Security signs designed to direct staff or warn of restriction or danger shall use printed characters of sufficient size to allow the message to be read at a distance of ten metres. Further information regarding way-finding can be obtained through the Health Planning Infrastructure Division. Refer to Wayfinding Design Guidelines of QHEPS. 5.8 Security Alarm Systems Security alarm systems (intruder alarms, duress alarms) shall comply with the relevant parts of AS 2201 Intruder alarm systems. The alarm system, including detection devices connected to it, should be protected against tampering and be highly resistant to nuisance alarms. Testing, maintenance and procedures will ensure the system and response is effective and reliable. Competency based training in the use of the alarm systems and response actions shall be provided and training records maintained. 5.8.1 Duress alarm systems Duress alarms need to be reliable both in terms of operation and expected response. An effective SRA will determine the need for the installation and location of duress alarm systems. Regardless, duress alarms are only as effective as the response to any activation. Persons nominated to respond to actuation of duress alarms must be appropriately trained in Queensland Healths aggressive behaviour management. The monitoring and response shall be such that the responding persons/team will be alerted and attend the alarm scene promptly. Written work instructions must be developed, implemented and tested on a regular basis. Staff must be made aware of the location and operations of the duress alarms in their work areas. Duress alarms should form part of an integrated security management system which may include closed circuit television cameras surveillance systems. In determining the type and location of duress alarms, consideration must be given to accessibility, discreetness, whether the alarm is silent or audible and the method of actuation. 5.8.2 Duress alarm testing All duress alarms should be tested monthly and results recorded and audited. Any faults must be reported immediately to the appropriate authority for immediate rectification. In developing a program of scheduled preventative maintenance for all security alarms and duress alarms the coordinator must consider: battery testing and replacement; battery charger testing; audible and visual indicators and/or paging functions; communications line testing; emergency remote system access; repairs/replacement/upgrade; records kept and audits to evaluate the effectiveness of the system and response; and budget responsibilities for service level agreements. It is imperative that the descriptors for the alarm response match the response locations. 5.9 Access Control Health Services will ensure all reasonably foreseeable security risks are identified assessed and where reasonably practicable, eliminated or effectively controlled. To

achieve this, an effective security risk management process will be undertaken in consultation with staff and key stakeholders. Based on the findings of the facilitys SRA, the coordinator must develop and implement access control strategies and work instructions for establishing and maintaining access control. Factors that may impact on the risk of unauthorised entry include the nature of items stored on the premises (e.g. sensitive or highly confidential information; presence and type drugs on site, cash held, valuable or desirable property) and services provided (e.g. methadone dispensing; emergency departments and mental health services). Consideration should also be given to lock down capability in the event of emergent situations or change in the National Alert Level. Access control will be enhanced when complimented by effective way-finding (e.g. regulatory / advisory / instructional signage; lighting; pathways) which will improve movement of people across the facility. Access control systems may utilise key/lock, mechanical cipher PIN/key locks or numerous methods of electronic card or key devices to facilitate security access to authorised persons only. Examples of electronic access include: proximity card; swipe card; keypad pin entry; bar code card; magnetic card; electric key; and biometrics. 5.9.1 Loss or damage of access control device Should a key or an electronic access control device be lost or damaged or if a PIN is compromised, supervisor must advise the coordinator or person appointed to manage access control. 5.9.2 Termination of employment A staff separation or termination process should be implemented to ensure the security keys, proximity cards, ID cards are returned. For example, workers electronic access card must be deactivated from CA and information in staff databases amended, keys signed in and pin codes changed. 5.9.3 Audits Security access control systems allow electronic entry/exit and various other movements within a facility. Audits can be carried out on any particular controlled area. The purpose of the audit is to keep names, departments, locations, addresses, phone numbers, vehicle registration etc up to date and help prevent fraud and theft or unauthorised access to certain or restricted areas within a facility. To maintain the integrity of the access control systems security staff need to audit the systems regularly. The coordinator is the person responsible for the administration of any security access control system. The coordinator can appoint a person/s who has the necessary skills and experience to administrate the security electronic access control systems. Managers would normally authorise person/s working in their areas. 5.9.4 Remote unlocking facility Security controlled access doors may be fitted (in some circumstance) with a remote

door lock/unlock capability. This capability can be used to remotely unlock a door to provide authorised access to persons to within an access controlled area. The work unit manager for the area where the remote door lock/unlock facility is installed is responsible to ensure that all personnel who operate remote door lock/unlock devices are trained in the protocol for establishing the identity of persons who are requesting access to within an access controlled area. CCTV, intercom systems, one-way mirrors etc, may be a useful resource. 5.9.5 Keypads Cipher PIN key locks (push button keypad locks) provides manual security measures to areas of a lower security risk (eg. staff change rooms and non clinical store rooms, such as cleaners rooms etc). Electronic access via keypads provides a higher level of security and each authorised individual will have a separate PIN. Personnel are not to disclose the PIN to other persons. Cipher PIN key locks should have a key override capability which is keyed to the facility master key. The coordinator is to be advised of any security breach of the PIN and coordinate PIN change as required. Managers who have Cipher pin key locks or electronic keypad facilities fitted within their areas are to provide training to personnel covering PIN security, use and operating procedures, and are to maintain a list of names of personnel to which the PIN has been provided. Note: Cipher PIN codes should be changed regularly to prevent obvious wear on individual keys. A register of all PIN codes should be maintained in the coordinators files. 5.9.6 Alternative entries In an area with restricted entry/exit controls it is essential that all other entries/exits (eg. other doors, windows, fire escapes, ceiling space and under floor areas) are properly secured. It may be necessary to fit intrusion detection devices such as door reed switches or passive infrared equipment. 5.9.7 Locks Locks to all BRAs and CAs should comply with the requirements of AS 4145.2 (Durability D3, Physical Security S3 and Keying K6) level 3. Locks to intruder resistant areas should comply with the requirements of AS 4145.2 (Durability D1, Physical Security S1 and Keying K3) level 1. 5.9.8 Doors and windows SRAs may, in some cases, identify the need to replace timber doorframes with a more suitable material. Timber doorframes are easily breached. For the security and safety of personnel and/or assets within, consideration may be given to having these timber frames replaced with either metal frames, or by mounting a metal strip securely to the frame from the top to the bottom of the lock side. Hinge pins that resist easy removal for example, fixed pins, security butt hinges or dog bolts could also be installed to prevent removal of pins. Main entrance doors and doors to restricted access areas may have a protected view panel to allow vetting of people seeking admission. Any panel installed should also allow a view of immediate door surrounds. Security doors can be used as auxiliary protection and to allow additional ventilation in warm weather. Where perimeter doors are locked for security reasons during hours of darkness, consideration could be given to providing an intercom device to allow staff to be alerted by people seeking entry. It may be necessary to provide CCTV coverage of such doors and allow the caller to be recognised before being allowed entry.

Depending on the SRA, it may be necessary to have windows reinforced. Where light but not ventilation is needed, windows could be replaced with heavy gauge glass bricks or glass panels secured within a metal frame. Windows not used for ventilation should be fixed to prevent them being opened. Conversely, windows used for ventilation should be fitted with keyed window locks. Where the SRA identifies that additional resistance is required, consideration could also be given to applying shatter resistant film to glass, having glass replaced with laminated glass or installing security grilles. Shatter resistant film applied to the inner surface of all glazing, is a safety measure against an attack on a facility using explosives. To be effective however, the shatter resistant film must extend to the outer edges of the glass rather than to the edge of the frame. It is recommended that safety glass, laminated glass or impact resistant transparent panels (i.e. plastics) be used to glaze all windows and glass panel doors in high pedestrian traffic areas. Where float glass is installed, shatter resistant film should be applied to at least one surface (i.e. the surface facing the occupied side of the glass barrier). A range of vandal resistant and bullet resistant materials is available to counter various threat scenarios. Expert advice would need to be sought when such threats are identified. References AS 5039:2003 Security screen doors and security window grilles; AS 5040:2003 Installation of security screen doors sand window grilles; AS 5041:2003 Methods of test security screen doors and window grilles; and Building Code of Australia 5.10 Keys Keys to all areas of the healthcare facility form an integral part of the total security system. An uncoordinated approach will soon become cumbersome and will create problems for the coordinator. Healthcare facilities should endeavour to limit the number of keys issued by keying alike (within departments) and consider using a master key system, for example Maison Keying System. Coordinators, as part of the SP will develop appropriate work instructions for access/key control. The work instruction will take the following into consideration: Physical control of access/key control and codes; Preventative maintenance and testing of locking mechanisms; Access/Key and code registers; Auditing of the access/key control process; Auditing of keys; Written authorisation process for the issue of access control devices such as codes, keys and proximity cards. Keys to pharmacies and other drug storage areas should not be part of the master key system. They should be managed by Director, Pharmacy in consultation with the coordinator. A register must be maintained of the issuing of all keys, combination and cipher lock codes. The register must contain the following: a) Date of issue and date of return; b) Key/Code description;

c) d) e) f)

Details of person to whom key/code description has been issued; Details of person returning the key; Signature of person receiving the key/code; and Authorisation or confirmation of Department Head for the issue of the key/code to the relevant person.

The register will be used when auditing access controls and as a database of persons with authorised access to a particular area. If key locks or access codes are changed, the register will provide details of the persons who are required to be notified. Keys should be on sealed rings and numbered but with no other means of identification. The departmental custodian should hold a master key index list in a safe and secure location. Duplicate keys should be held by security under secure conditions. Master keys must not be duplicated without appropriate written authority. 5.10.1 Key registers Keys are issued to authorised persons only. A register of all key issues is to be maintained by the coordinator. Requests for keys are to be signed by the Head of Department of the person requesting the key. In some cases, keys are required for short periods of time (eg. by authorised contractors); the return of the keys in these instances is to be closely monitored by the protective security officers on duty. 5.10.2 Departmental internal keys Keys to all lockable internal and external doors, drawers, and receptacles within a department, must be secured in an approved key cabinet. The departments duplicate keys, including the key cabinet itself should be held in an approved key cabinet by the coordinator. In consultation with the departmental head, the coordinator may appoint a nominated person as key/code control officer for that department. This office holder acts on behalf of the departmental head and has the responsibility for ensuring adherence to key/code control and auditing. 5.10.3 Keys for cleaning and maintenance staff Where cleaning and maintenance staff requires access to a controlled area, they should draw the keys from security, Departmental Head or the Domestic Services Manager. Staff should not have uncontrolled access to departmental keys. 5.10.4 Key issue long term In most cases it is appropriate to issue keys to certain staff on a long term basis. Such staff would include Executive staff, maintenance/engineering managers, Heads of Departments etc. This should be controlled as follows: a) Record receipt and return; b) Regular audits to be carried out by security coordinator/department or nominated persons; c) Procedures for reporting lost/stolen keys; d) Procedures for keeping key issues appropriate and current; and e) Satisfactory security for the keys. 5.10.5 Controlling of duplicate keys Facilities should have a single point of control for the registering, ordering and storing of duplicate keys. This may also involve the cutting of duplicate keys within a secure environment (eg. maintenance/engineering/protective security). 5.11 Property Security 5.11.1 Valuable, collectables and assets Many healthcare facilities have valuable assets, paintings, religious paraphernalia, stained glass windows or other objects of artistic or historic significance, which

should not be overlooked when preparing the health security program. These items must be recorded in a register including photographs and identifying marks. 5.11.2 Deceased effects security The security of the effects and valuables of the deceased is a sensitive and emotive issue. Care should be taken in ensuring this procedure is dealt with in a responsible manner. In most cases the facility has an obligation to safeguard the property of deceased persons. These valuables and effects should be safeguarded until such times as the next of in collect the property or until disposed of legally. Each facility must have procedures addressing this issue and must include a record of continuity of custody and an itemised account of the property. Disposal of effects not collected by next of kin must comply with financial and legal requirements. Refer 5.12.4 Property and effects. 5.11.3 Property on loan or in transit Property on loan or transit is generally considered the responsibility of the organisation that last signed documentation relating to responsibility and/or ownership. Many facilities take possession of equipment from suppliers on a test or evaluation basis. Due care should be taken with the property and the legal issues of possession and responsibility should be detailed within a written agreement between the supplier and the facility. Sound property movement procedures should be included in the security and administrative manuals. Property movement documentation should be maintained and movement authorisation should be signed by the department manager from where the property is being removed. A register of property movement must be maintained by the appropriate persons or work unit. 5.11.4 Property and effects Safeguarding of property is a primary focus. Failure to effectively handle property may result in adverse criticism and/or criminal charges. Queensland Health requires that unclaimed property be dealt with by the Hospital Trust in accordance with the Public Trustee Act 1978. The guidelines apply when the hospital has in its possession or under its control lost or unclaimed money or valuables belonging to a patient and other persons. The Public Trustee Act 1978 does not require any distinction as to whether the owner is deceased or living, nor does the property owner need be a patient. The section must be applied in respect of all unclaimed property. 5.11.5 Seized, confiscated or surrendered property Property coming into possession of all staff must be safeguarded. Property seized under legislation provisions such as the Mental Health Ac must be dealt with in accordance with that legislation. Other items or evidence (eg. illicit substances, weapons) should be immediately reported to Police. The property must be carefully and appropriately handled. Health services must develop procedures in consultation with the Police. 5.12 Equipment Security and Asset Control Proper asset control measures and security procedures in areas where goods and equipment are received, stored and distributed will minimise loss and reduce associated costs. All areas should have fraud control measures in place 5.12.1 Supply departments Supply departments should have access control measures in place. Staff must meticulously check all goods received before signing receipt document. Storage areas should be burglar resistant and be subject to regular stocktakes. Stores distributed to each department should be carefully checked against issue list and signed for by an authorised recipient. Pallet control documentation must be properly completed to ensure any costs associated with the use of the pallets are

appropriate. 5.12.2 Asset control Attractive/valuable equipment must have Health Service asset identification. This may be in the form of bar coding, micro-dots, heavy metal spots or UV-fluorescent active marking. All such equipment will be subject to annual stock-take audits. Asset control registers should be maintained at a single point of control and may include photographs of the equipment. 5.13 Control Elements Security of facilities and buildings require concentric levels of control and protection known as the Security-in-Depth Principle. The key elements to provide progressively enhanced levels of security are those components that contribute to risk management through their ability to: a. Deter an attack; b. Delay an attack; c. Detect an attack; d. Respond to an attack and its effects; e. Recover from an attack and its effects.

6.

IDENTIFICATION CARDS

All Health Service employees are to be issued with an Identification Card (ID Card) to ensure that patients/clients and staff can ascertain the identity and professional status of individuals entering or located on Heal Service Land or facilities. Detailed information is contained in Security and Asset Protection Implementation Standard. All employees must conspicuously wear their ID Card at all time whilst on Health Service Land and whilst representing Health Services during home, external or community visits. This will assist in: positive identification of employees; raising security consciousness amongst employees; effective identification of persons entering or on health service land property; more effective identification of persons entering a restricted area within health services land and facilities; and more effective identification of unauthorised persons. Non-employees will be identified by the absence of an ID Card or by the wearing of a specially issued ID Card such as Visitors Card or Contractors Card. Depending on local procedures, patients may be identified by a wrist band or other form of identification. 6.1 Configuration of Identification Cards Each ID Card shall, as a minimum display the following information: employee payroll number; photograph; initial or first name and full surname of employee; official position; and expiry date. In addition, where an employee is appointed as Security Officer or Authorised Person pursuant to the Hospital and Health Boards Act, the ID Card must be signed by the employee. Where the employee is appointed as an inspector pursuant to the Hospital and Health Boards Act, the ID Card must display: a recent photo of the inspector; inspectors signature; expiration date for the Card; and identify the person as an inspector under the Act.

Example of Queensland Health ID Card Health and Hospital Health Service

Name: Title: Photo Here Employee No.: Expiry Date

6.1.1 Exceptions At the discretion of the Health service chief executive officer, where a significant risk to personal safety is identified, surnames may be exempted from display on the front of the identification card. This will occur in high risk situations and only after a security risk assessment (SRA) is completed and no other viable options are available. In these cases the ID Card will clearly display the first name, employee payroll number and official position. 6.2 Responsibilities Each employee, in the presence of the issuing officer, must sign a register acknowledging receipt of the ID Card. The issuing officer must ensure the employee is aware of their responsibilities to: safeguard the ID Card including a direction not to provide their Card to another person or provide unlawful access to other persons; report the loss of an ID Card to the issuing officer immediately; wear the ID Card in a conspicuous location; ensure the ID Card is not defaced or obscured; return the ID Card on cessation of employment; and ensure no stickers or additional markings are to be placed on any ID Card. 6.3 Identification of Contractors and Visitors Health services must implement a process for the identification of contractors and official visitors. ID Cards should be conspicuously worn by the visitor or contractor at all times whilst on Queensland Health property. Issuing of ID Cards must be recorded in a register and any security requirements or restrictions provided to the recipient particularly where control of access to sensitive areas is necessary. The register should be reconciled to ensure the ID Cards have been accounted for and are not misused. 6.3.1 Register To be effective, measures for the control of visitors movements should include a register which must be signed by all visitors and the officers or representatives authorising such visits. The register must show: name and signature of the visitor;

facility or firm the visitor represents or, in the case of private individuals, their private address and contact details; name of the officer; area to be visited; and date and times of the visitors arrival and departure. 6.3.2 Supervision of Contractors or Visitors Care is to be taken to prevent visitors from gaining access to classified information or sensitive areas. Staff must ensure that confidential, sensitive or valuable information or items are protected from view, and that visitors are not left unsupervised. Consideration should be given to providing a meeting room for visitors within the controlled area to minimise the possibility of security compromise. 6.3.3 Accountability At the end of each designated day/period, all visitor and contractor Cards are to be checked and action taken to recover or cancel any which are not returned. The Security Coordinator of each facility should have a contingency plan to deal with possible security compromise originating from the misuse of unreturned Cards. 6.3.4 Media Visitors If permission is granted for a media representative visit, the following principles apply: A responsible officer should always accompany the media representative; Classified material must be protected from access by members of the media; and The facilitys media liaison person or executive officer should approve script and photographs prior t release to the media. Further information is available on QHEPS (refer Queensland Health Media Policy). 6.4 Authorised Representatives Identity Card Under the repealed Workplace Health and Safety Act, the industrial registrar was able to appoint a person as an authorised representative for an employee organisation such as a Union. This authorisation is preserved and is taken to be issued with a Work Health and Safety entry permit under Section 134 of the Work Health and Safety Act 2011. A union may apply to the industrial registrar for a Work Health and Safety entry permit pursuant to Sections 131 of the Work Health and Safety Act 2011.

7.

PREVENTION OF CRIME AND UNWANTED BEHAVIOUR

7.1 Understanding Crime and Unwanted Behaviour Crime reporting in the media can be sensationalised and may raise awareness of specific crimes or targets which distort public perception and result in unrealistic fears of crime for some individuals. For example, elderly people may fear the risk of home invasion or violence toward the elderly as a result of sensationalised media reporting of such crimes. Fear of these crimes may lead to individuals staying indoors with all doors and windows locked and barred. Actual statistics for home invasion and violence against the elderly indicate that these persons are far less likely to be the victim of these types of violent crime. To address the fear of crime it is important to develop strategies to target this emotion as well as targeting actual crime. Strategies which may assist to reduce the fear of crime to realistic perspectives and reduce actual crime can include: regular liaison with local Police to ascertain local crime rates and trends; attendance at security awareness programs such as personal safety strategies and neighbourhood watch; development of assertiveness skills; development of physical skills; attendance at community forums; development of safety plan/s for environment, personal and work situations; and seeking advice regarding personal, home and property security to determine the most effective security strategies to suit individual needs. Consider contacting Queensland Police Service to discuss crime prevention. The Health Service chief executive officer must appoint a Health Service Protective Security Coordinator (coordinator). See section 2 Protective Security Personnel for further information. Coordinators should establish communication channels and create networking opportunities with local Police, Government Agencies, community groups and emergency response services to assist with wider awareness of crime and crime prevention strategies. 7.2 Crime Prevention All persons should be security conscious and effectively use all security controls provided and report suspicious activities or security events as soon as practicable. Crime prevention initiatives and strategies should be incorporated into as many Health Service, facility, staff accommodation and asset areas as practicable. When developing strategies and initiatives, consideration should be given to the following: History of crimes such as vandalism, physical violence, verbal intimidation and threatening behaviour. Environmental features. These activity generators are features that tend to create local activity, for example playgrounds, seating and congregation areas and kiosks. Activity generators can both attract unwanted behaviours and be used to reduce opportunity for crime. Edge effects which are actual or perceived borders of different environment usage areas that can generate unwanted behaviours within these overlapping areas. Displacement of crime which occurs when crime is moved away or drawn into a new environment. Consideration needs to be given to the way in which one environment may affect adjoining environments.

Movement predictors are predictable or unchangeable routes or paths that offer few movement alternatives. These routes or paths could be potential areas of entrapment. Examples of movement predictors are pedestrian underpasses, narrow passageways, stairwells and pedestrian bridges Conflicting user groups relating to areas designated for single or specific users or groups of users that may conflict with another type of user or group in a nearby location; and Hotspots which are those areas that have existing high crime and unwanted activity.

Health Services and facilities may operate 24 hours a day however many areas within a Health Service or facility are not staffed for this entire time. After hours security protocols should be developed and implemented for these areas. 7.3 Situational Crime Prevention (SCP) 1 SCP considers five factors which may affect a persons perceptions and their behaviour subsequently leading to an increase or decrease in the likelihood of committing a crime or displaying unwanted behaviour. Crime can result from an opportunity which has presented itself. Generally speaking, an offender is less likely to behave in an unwanted manner or commit a crime if there is little reward, a higher risk of failure, increased effort required, absence of provocation or they are unable to provide an excuse for being in the area and behaving in such a way. Offenders may undertake an assessment in deciding whether their potential reward is worth the risk or effort. The greater the reward and / or softer the target, the more likely crime or unwanted behaviour will occur. Understanding SCP factors, corrective or preventative actions can be taken to influence a persons ability and motivation for carry out the crime or unwanted behaviour. SCP factors are summarised below: 1. Reward Perceived benefit of committing the unwanted act such as: property (eg. money, valuables); emotional power over victim/s; and perceived increase of status (eg. gang membership, peer pressure). 2. Excuse If confronted, what excuse is available to the offender to explain their: presence; possession of items/tools/proceeds; or actions. 3. Risk Perceived risk to offender being the: probability of being caught; possibility of being identified; and possibility of injury. 4. Provocation What stimulus is present that will provoke a criminal act or unwanted response such as: perceived aggression by others; long waiting times; or perceived threat, insult or disparagement. 5. Effort Examples where increased effort is required include: property held in a safe box or locked storage area; security screens on home windows; and guard dogs.
1

Ronald V. Clarke and Marcus Felson. 2004. Routine Activity and Rational Choice

Diagram 2: Situational Crime Prevention Factors

Unwanted Behaviours
Often, an offender will perform a mental risk assessmentassessment-

D AR W RE

EX CU SE

Offenders perceptions and behaviour


RIS K
PROVOCATION

7.3.1 Suspicious behaviour Recognising that individual privacy of persons is important, Protective Security Officers and Health Service staff can ask questions of any person who is acting suspiciously. It is permitted for any staff member to ask to see identification or ask for the reason that a particular person is in an area. If the person questioned fails to provide details or the staff member is unsatisfied with the answers, further action to ensure the security of persons and property may be necessary. In these circumstances, it may be necessary to call security, supervisors or Police. Protective Security Officers must remain alert, checking and rechecking patrolled areas as the periodic appearance of uniformed officer/s is an active crime deterrent. 7.4 Crime Prevention Through Environmental Design (CPTED) Whilst the built environment does not cause criminal or unwanted behaviour, it has the propensity to increase or decrease the likelihood of such behaviour. The purpose of this section is to provide the reader with an awareness of the existence of and understanding of CPTED principles. Further information can be obtained from Queensland Police or through Queensland Healths Occupational Health and Workplace Safety Unit. The use of the words crime prevention in the CPTED title may suggest that CPTED principals only reduce criminal activity (eg. assault, robbery and theft), however this is incorrect. Applying CPTED principles within a particular space promotes behaviours which are desirable and also can reduce unwanted behaviours such as rowdy gatherings and unwanted congregation. CPTED principles are based on design and effective use of built environments to: achieve a reduction in instances of unwanted behaviour and fear of unwanted behaviour; and improve quality of life by fostering positive social interaction among legitimate users. CPTED strategies focus on building design, natural and technical surveillance, supervision, lighting, landscape design, territorial reinforcement, environmental

ORT EFF

maintenance, activity planning, space management and access control. Employing the strategies can: raise perceptions of risks including detection, challenge and apprehension; increase the effort (time, energy and required resources) required to commit an unwanted behaviour or criminal act; and reduce actual and perceived rewards by minimising, removing or concealing the rewards. 7.4.1 Key CPTED principles 1. Surveillance: Passive or casual surveillance is considered as having people in the area and referred to as direct presence, whilst being able to see the area is referred to as indirect presence; and Active surveillance is that which is provided by security guards, closed circuit television, or electronic monitoring devices. 2. Access control strategies direct and control individual or groups of people and their movement within defined areas; 3. Territorial reinforcement strategies provide clear boundaries for persons defining where a person can and cannot go; and 4. Quality environments consider that good quality, well maintained and managed environments attract people and support passive and active surveillance. 7.5 Personal Safety Strategies Personal safety strategies are an initiative of the Queensland Police Service. Delivered as a presentation, the principles can be used at home, work or any other environment. There are no all-purpose strategies to preserve your personal safety in all situations however individuals should recognise personal strengths and weaknesses, consider their environment and possible motivations of potential or actual offenders to determine safest actions when necessary. 7.5.1 Core concepts of personal safety strategies 1. Right to safety We all have the right to be safe and feel safe. People are encouraged to be aware of and maintain this right and not allow it to be taken away. 2. Keep violence in perspective It is important to understand the source of our fears and gain an understanding of the real risks to our personal safety so that strategies to minimise the real risks can be implemented. 3. Commitment Many people indicate they would face a higher risk more protecting a child than protecting themselves. Acknowledging this indication, it is essential to be committed to ones own safety as this is fundamental to maintaining personal security. 4. Confidence Confidence is reflected in a persons body language and is a source of personal power. A less confident or weak target is more likely to attract unwanted behaviours. Personal confidence can be enhanced by: utilising ones strengths; using clear and definite language; and not accepting others limitations such as that of gender restrictions, otherwise referred to as gender conditioning.

5. Trusting and acting on instinct Instincts have been learned over a long time. It is important to act on those feelings and use them in a positive way. This will assist in dramatically reducing the risk of attack. 6. Body language The use of confident body language displays to a potential offender that the person is less likely to be a weak target. Suggested body language to enhance personal safety includes: standing and walking upright with head up and shoulders back; making eye contact being mindful not to stare down another person; and walking purposefully. 7. Awareness of surroundings Awareness of surroundings allows a person to avoid potential threats and danger by taking preventative actions where necessary. Being aware can minimise the opportunity for someone to surprise another person. Knowledge and awareness of a persons surroundings enhances personal confidence. 8. Appropriate communication There are three communication styles when considering personal safety. These are passive, aggressive and assertive. Each style has a purpose and the appropriate style should be used for specific situations. 9. Health Services Support from trusted persons can be invaluable in maintaining personal safety and safety of others. Peer and social networking provides opportunities and environments to: share personal safety ideas; provide or receive support either as an individual or group (eg. support victims of crimes or participate in incident debrief); utilise the safety in numbers principle such as travelling in groups; and support safe passage communications such as making telephone calls to confirm location. 10. Personal safety plan Establishing a personal safety plan involves thinking about and acting on: putting risk of crime into perspective; committing to ones one personal safety; taking reasonable steps to maintain personal safety; developing confidence; using confident body language; trusting your instincts ; developing peer and social networks and employing suitable strategies in these environments and situations; considering and using appropriate safety equipment such as torches and mobile telephones; concealing valuables and highly desirable items to deter potential offenders; and considering and plan a response should an unwanted act occur. being well informed about those things that affect ones own personal safety; and where desired, develop personal safety skills. Requests for personal safety strategy presentations should be made through local Police or via local Health Service Occupational Violence Prevention Officer.

8.

OCCUPATIONAL VIOLENCE PREVENTION AND MANAGEMENT

Queensland Health is committed to ensuring a systematic approach to occupational health and safety risk management for occupational violence and aggressive behaviour. Comprehensive information and resources are available via the intranet. Occupational Violence Prevention and Management Implementation Standard provides a mandatory framework for early identification, prevention and protection from occupational violence and aggressive behaviour within all Queensland Health workplaces. More detailed information and guidance is contained in: Security and Asset Protection Implementation Standard Personal Protective Devices Safe Possession and Use Of Protocol Occupational Violence Risk Assessment Tool (OVRAT) Occupational Violence Prevention Staff Survey Occupational Violence Training Closed Circuit Television Security Systems Occupational Violence Guidelines

9.

PATIENTS WITH PROTECTIVE STATUS

Health Service or facilities within the Health Service must appoint a Health Service or facility Protective Security Coordinator (coordinator). See section 2 Protective Security Personnel for further information. One of the tasks assigned to the coordinator is the development of the Health Service or facility general Security Plan (SP). The SP is developed and implemented in response to the initial Protective Security Survey (section 3 appendix 1) and details actions to address the identified security risks. 9.1 Considerations For Patients (Other Than Prisoners) When developing the SP, the coordinator should include plans for the protection of patients with protective status such as victims of crime and children under protection orders. These provisions are in addition to general protective security practices and response procedures for the Health Service or facility. A facility may designate a room or rooms for patients with protective status. The design, appearance, furniture and fittings of the room/s should not draw attention to the status of the patient or respective security arrangements. Appropriate communications and resources must be available for use by Protective Security Officers or Police and be located within or adjacent to the designated room/s. The patient/s location should be clearly identifiable to Protective Security Officers, clinical staff and if required Police. This location must have clearly visible and effectively controlled access points. 9.2 Considerations For Prisoner Security The coordinator must liaise with appropriate stakeholders when developing the SP to discuss the necessary security arrangements required for the safety and security of juvenile justice patients, forensic patients and patients from correctional institutions. The determined provisions are in addition to general protective security practices and response procedures for the Health Service or facility. Healthcare Protective Security Officers are not to accept the responsibility for the safety and security of juvenile justice patients, forensic patients and patients from correctional institutions. Accompanying officials are to be consulted regarding the level and type of protection and supervision required. A facility may designate a suitable room or rooms for patients with prisoner status. The accommodation, building/room design, layout, furniture and fittings must be considered. Suitable resources for accompanying officials such as correctional officers and Police should be available within the room/s. Relief arrangements should be stated within the SP. It is essential for Protective Security Officers to clearly communicate with responsible and / or accompanying officials regarding prisoner security requirements.

10. LEGISLATION RELEVANT TO HEALTHCARE


All Queensland Health protective security procedures and work practices must comply with relevant legislation. Legislation is regularly amended. Therefore, it is the responsibility of each person to ensure the accuracy and currency of legislation prior to acting on it. This section aims to identify relevant legislation (boxed text) and explain legal principles in plain language. Commentary has been presented however is not intended to provide detailed opinion or legal advice. Further guidance can be obtained via SecureHealth@health.qld.gov.au. 10.1 Appointment of Authorised Persons and Security Officers The Hospital and Health Boards Act 2011 (HHBA) provides certain powers and protections for protective security officers and authorised persons. Following are some administrative and legislative requirements under the HHBA. The Health Service chief executive may appoint, in writing, a person to be a security officer or authorised person (or both) provided the Health Service chief executive is satisfied that the person being appointed is qualified because they have the necessary expertise or experience to undertake the functions of that position. It should be noted that there is no legal requirement for a Queensland Health employee appointed as a security officer for Queensland Health to hold or maintain a security licence under the Security Providers Act 1993. It is however a requirement for an external security provider performing work for Queensland Health to hold a current security licence of the appropriate class. Due diligence should be taken when employing or appointing a person as a Security Officer. In response to an adverse event, the Health Service or agency chief executive officer may be required to show evidence which demonstrates how the chief executive was satisfied that the person appointed was qualified for appointment through expertise or experience. For example, the chief executive officer may be satisfied if the person being appointed has previous experience as a security officer within a healthcare environment or has competency based qualifications commensurate with the specific responsibilities of the position (example: Certificate in Government Security or Security Operations). The employees may also require a demonstrated ability to undertake additional competency based qualification specific to their duties within the healthcare environment (example Queensland Healths Aggressive Behaviour Management). Training requirements should be determined using a risk management approach. Any enquires regarding security officer / authorised person training may be referred to the Principal Occupational Health and Safety Consultant, Security on
SecureHealth@health.qld.gov.au

Hospital and Health Boards Act 2011 Section - 163 Appointment of authorised persons (1) A Health Service chief executive (the appointer) may, in writing, appoint a person to be an authorised person under this Act for health services land under the control of the Health Service. (2) However, the appointer may appoint a person as an authorised person only if the appointer is satisfied the person is qualified for appointment because the person has the necessary expertise or experience. Section - 164 Appointment of security officers (1) A Health Service chief executive (the appointer) may, in writing, appoint a person to be a security officer under this Act for health services land under the control of the Health Service. (2) However, the appointer may appoint a person as a security officer only if the appointer is satisfied the person is qualified for appointment because the person has the necessary expertise or experience. Section - 165 Person may be appointed as authorised person and security officer A person may be appointed both an authorised person and a security officer.

10.1.1 Appointment conditions and limit on powers Any conditions and limitation of powers of an authorised person or security officer may be stated in the written instrument of appointment; in a notice given to the authorised person or security officer; or regulation. Examples: the instrument of appointment may stipulate that the person is appointed as a security officer for a particular building within a facility and not the entire facility; or A notice signed by the Health Service chief executive officer may be given to the authorised person withdrawing the power to issue infringement notices; or A regulation may be made by the Governor in Council (refer to Section 282 HHBA) which alters the powers or conditions of an authorised person or security officer.
Section - 166 Appointment conditions and limit on powers (1) An authorised person or security officer holds office on any conditions stated in (a) the authorised persons or security officers instrument of appointment; or (b) a signed notice given to the authorised person or security officer; or (c) a regulation. (2) The instrument of appointment, a signed notice given to the authorised person or security officer or a regulation may limit the authorised persons or security officers powers. (3) In this section signed notice means a notice signed by the appointer.

Section - 167 When office ends (1) The office of a person as authorised person or security officer ends if any of the following happens (a) the term of office stated in a condition of office ends; (b) under another condition of office, the office ends; (c) the authorised persons or security officers resignation under section 168 takes effect. (2) Subsection (1) does not limit the ways the office of a person as an authorised person or security officer ends. (3) In this section condition of office means a condition under which the authorised person or security officer holds office.

10.1.2 Resignation When an authorised person or security officer wishes to resign, they must provide a signed notice to the Health Service chief executive officer. If however, the holding of a current office is contingent upon their appointment as a security officer or authorised person, they must resign from both. For example, if holding the position of inspector was contingent upon appointment as an authorised person, an employee could not resign as an authorised person and retain office as an inspector. The employee would be required to resign from both offices.
Section - 168 Resignation (1) An authorised person or security officer may resign by signed notice given to the appointer. (2) However, if holding office as an authorised person or security officer is a condition of the authorised person or security officer holding another office, the authorised person or security officer may not resign as an authorised person or security officer without resigning from the other office.

10.1.2 Identity cards for security officers and authorised persons Signed identity cards must be in the appropriate form and must be conspicuously displayed. Identity cards shall: a) display a recent photographic image of the holder; b) include the holders signature; c) identify the person as a security officer and/or authorised person; and d) include an expiry date for the card. When issuing the identity card to the authorised person or security officer, it would be appropriate to advise them that the card must be returned within 21 days of cessation of appointment as a security officer or authorised person. (See 10.1.4 Return of identity card).

Section - 169 Identity cards (1) The appointer must issue an identity card to each authorised person and security officer. (2) The identity card must (a) contain a recent photo of the authorised person or security officer; and (b) contain a copy of the authorised persons or security officers signature; and (c) identify the person as an authorised person or security officer under this Act; and (d) state an expiry date for the card. (3) This section does not prevent the issue of a single identity card to a person for this Act and other purposes.

10.1.3 Production or display of identity card Prior to the security officer or authorised person exercising powers under the HHBA, they should identify themselves and their position or authority to others. This may be accomplished by producing their identification card or clearly displaying their identification card. If this is not possible to produce or display an identity card at the time, the officer must produce the identity card to the person as soon as reasonably practicable. For example, a security officer may be called to urgently assist I with the restraint of a patient. Objects which may injure the patient during restraint may be removed by the officer. In this instance, it would be impractical to produce an identity card at the time. However, the identity card should be produced for inspection at the first available opportunity.
Section - 170 Production or display of identity card (1) In exercising a power in relation to a person in the persons presence, an authorised person or security officer must (a) produce the authorised persons or security officers identity card for the persons inspection before exercising the power; or (b) have the identity card displayed so it is clearly visible to the person when exercising the power. (2) However, if it is not practicable to comply with subsection (1), the authorised person or security officer must produce the identity card for the persons inspection at the first reasonable opportunity.

10.1.4 Return of Identity Card Should the employee cease appointment as an authorised person or security officer (e.g. resignation, withdrawal of appointment, transfer) they must cease performing the functions of that appointment immediately and return their identity card within 21 days. If the person fails to return the identity card within 21 days without a reasonable excuse, they shall be liable to prosecution. Note: Some identity cards are printed on devices which operate electronic access controls or card readers. In this situation, it is important that access control systems or other electronic devices to which the identity card relates are immediately amended to reflect the change to the persons status.

Additionally, upon cessation of a persons authority (employee or contractor) as an authorised person or security officer, the written document of appointment should be withdrawn and marked accordingly.
Section - 171 Return of identity card If the office of a person as an authorised person or security officer ends, the person must return the persons identity card to the appointer within 21 days after the office ends unless the person has a reasonable excuse.

10.2 Management and Control of People and Traffic In addition to the above, Part 8 the Hospital and Health Boards Act deals with the control of conduct and management traffic on health services land. Definitions for this Part include: offence warning, for a direction or requirement by an authorised person or security officer, means a warning that, without a reasonable excuse, it is an offence for the person to whom the direction is given or of whom the requirement is made not to comply with it. official traffic sign see the Transport Operations (Road Use Management) Act 1995, schedule 4. owner, of a vehicle, includes the person registered as the owner of the vehicle under the Transport Operations (Road Use Management) Act 1995, or the corresponding law of another State or a Territory. personal details requirement see section 185(5). regulatory notice see section 175. vehicle, see the Transport Operations (Road Use Management) Act 1995, schedule 4. 10.2.1 Traffic Control Only a duly appointed authorised person for that health service land may control traffic and give directions to a person on that land. The person must comply unless they have a reasonable excuse for not complying. Where an authorised person intends to give a direction to the driver of a vehicle (Eg: direct the driver to remove their vehicle from a no parking zone) it would be advisable to provide the driver with an offence warning. An example of an offence warning may be:My name is (XYZ) and I am an authorised person for this health service. Your vehicle is parked (explain circumstances contrary or regulatory sign). I now direct you to remove your vehicle. Failure to do so may result in (explain consequences - the issue of a traffic infringement; prosecution; seizure of your vehicle). Do you understand?

Section - 172 Health services land for which authorised person may exercise powers (1) Subsection (2) applies to a reference in this division to an authorised person exercising a power or doing a thing. (2) The reference is taken to be a reference to the authorised person exercising the power or doing the thing for the health services land for which the authorised person is appointed. Section - 174 Authorised persons to control traffic on health services land (1) An authorised person may control traffic on health services land and, for this purpose, may give directions to a person on the land. (2) The person given a direction must comply with the direction unless the person has a reasonable excuse for not complying with it.

10.2.2 Regulatory Notice Traffic control may be enhanced through the installation of clear and visible traffic control devices such as road markings, regulatory signs, and access control devices. Section 175 of the HHBA details: (1) The Health Service chief executive may erect or display a regulator notice (i.e. a sign) at on near any vehicular entry to the health service land. The sign may regulate driving, parking or standing of vehicles on the land. For example, setting speed limits; no parking or no standing areas; no entry; one way; pedestrian crossings and so forth. (2) Persons on health service land must comply with the regulatory notice unless they have a reasonable excuse. (Example of reasonable excuse driver of vehicle transports seriously injured person to the Emergency Department and parks in a no standing area). (3) The regulatory notice must state the limits of the area to which the notice relates (e.g. within the boundaries of Johnson Hospital) and may state that failure to comply with the regulatory notice is an offence and the penalty for the offence. (4) A Health Service chief executive officer may erect or display official traffic signs on health service land. Official traffic signs and road markings should comply with the Transport Operations (Road Use Management) Act 1995, schedule 4 and the Manual of Uniform Traffic Control Devices available on: www.tmr.qld.gov.au. (5) If a regulatory notice is erected or displayed, it is deemed to have been erected or displayed by the Health Service chief executive officer. (6) Regulatory notices must be clearly visible

Section - 175 Regulatory notice (1) A Health Service chief executive may erect or display on, or at or near any vehicular entrance to, health services land, a notice (a regulatory notice) regulating the driving, parking or standing of vehicles on the land, including, for example (a) fixing a maximum speed limit; or (b) indicating a pedestrian crossing; or (c) indicating a place where the driving, parking or standing of a vehicle is restricted or prohibited. (2) A person on health services land must comply with a regulatory notice, unless the person has a reasonable excuse for not complying with it. (3) A regulatory notice (a) must state the limits of the area to which the notice applies; and (b) may state that a contravention of the notice is an offence against this Act and the penalty for the offence. (4) Without limiting subsection (1), a Health Service chief executive may erect or display regulatory notices in the form of official traffic signs. (5) Evidence that a regulatory notice was erected or displayed at a place mentioned in subsection (1) is evidence that the notice was erected or displayed by the Health Service chief executive. (6) A regulatory notice erected or displayed under this section must be easily visible to passersby.

If the regulatory notice (Eg: speed limit sign; parking restriction sign) does not state that contravention of the notice is an offence against the HHBA together with the penalty for the offence, then the Health Service chief executive must clearly display, at or near each vehicular entrance to the health services land, notices stating that contravention of a regulatory notice is an offence and the penalty for the offence.
Section - 176 Notices that contravention of regulatory notice an offence (1) This section applies if a regulatory notice does not state that a contravention of the notice is an offence against this Act and the penalty for the offence. (2) A Health Service chief executive must erect or display at or near each vehicular entrance to health services land to which the regulatory notice relates, and other places the Health Service chief executive considers appropriate, notices stating that a contravention of a regulatory notice is an offence and the penalty for the offence. (3) The notice may contain any other information the Health Service chief executive considers appropriate. (4) The notice erected or displayed under this section must be easily visible to passers-by.

10.2.3 Removal and Detention of Illegally Parked or Abandoned Vehicles Availability of parking on health service land is often limited. Persons attending the facility may be distressed or ill and park where they should not, impeding access or creating unacceptable risk.

Whilst Section 177 of the HHBA provides the power for an authorised person to remove or detain illegally parked or abandoned vehicles, careful consideration should be given prior to acting on those powers. Health Service chief executives would be advised to implement clear guidelines regarding traffic control (including removal and detention of illegally parked or abandoned vehicles) so as to minimise personal, financial and reputational harm to all concerned. Sect 177 (1) provides that an authorised person may size and remove, to a safe place, a vehicle which they believe on reasonable grounds is parked in contravention of a regulatory notice (e.g. no parking) or is abandoned. However, this power only exists if they believe on reasonable grounds that it is necessary or desirable to seize and remove the vehicle having regard to the safety and convenience of traffic on health services land; and they can not immediately locate the driver of the vehicle; or they believe on reasonable grounds that the driver of the vehicle is not willing or able to remove the vehicle immediately. As soon as practicable but no later than 14 days after seizure of this vehicle, the Health Service chief executive must give the owner of the vehicle a notice stating how they may recover the vehicle. If the owner cannot be ascertained or located within 14 days after the vehicle was seized, the notice may be published in a newspaper circulating generally in the State of Queensland. If the vehicle was seized because it was parked in contravention to a regulatory notice, the owned is liable for all costs associated with seizure, removal, holding, storage and return of the vehicle. For the purposes of this section, the vehicle includes any part of the vehicle, anything attached to the vehicle or contained within the vehicle.
Section - 177 Removal and detention of illegally parked or abandoned vehicles (1) An authorised person may seize and remove a vehicle that the authorised person believes on reasonable grounds (a) is parked in contravention of a regulatory notice; or (b) is abandoned. (2) The vehicle must be held at a safe place. (3) An authorised person may exercise the powers on the grounds mentioned in subsection (1)(a) only if (a) the authorised person believes on reasonable grounds that it is necessary or desirable to seize and remove the vehicle having regard to the safety and convenience of traffic on health services land; and (b) the authorised person (i) can not immediately locate the driver of the vehicle; or (ii) believes on reasonable grounds that the driver of the vehicle is not willing or able to remove the vehicle immediately. (4) As soon as is practicable and no later than 14 days after the vehicle is seized, a Health Service chief executive must give to the owner of the vehicle a written notice stating how the owner may recover the vehicle.

(5) If the owner can not be ascertained or located within 14 days after the vehicle is seized, the notice may be given by publishing it in a newspaper circulating generally in the State. (6) If the vehicle was parked in contravention of a regulatory notice, the owner of the vehicle must pay to the relevant Health Service the cost of seizing, removing, holding and returning the vehicle. (7) In this section vehicle includes a part of the vehicle and anything attached to, or contained in, the vehicle.

10.2.4 Disposal of Unclaimed Vehicles and Application of Proceeds of Sale Section 178 and 179 relates to the disposal of a seized vehicle if the owner does not recover it within two months.
Section - 178 Disposal of unclaimed vehicles (1) This section applies if the owner of a seized vehicle does not recover the vehicle within 2 months after notice is given to the owner under section 177(4) or (5). (2) After publishing a notice in a newspaper circulating generally in the State, a Health Service chief executive may sell the vehicle by public auction. (3) The notice must (a) identify the vehicle; and (b) state that the vehicle is to be sold by auction; and (c) state how the owner may recover the vehicle before the auction; and (d) state the time and place of the auction. (4) Compensation is not recoverable against a Health Service or the Health Service chief executive for the sale of a vehicle under this section. (5) In this section vehicle includes a part of the vehicle and anything attached to, or contained in, the vehicle Section - 179 Application of proceeds of sale (1) The proceeds of the sale must be applied in the following order (a) in payment of the reasonable expenses incurred in the sale; (b) in payment of the reasonable cost of seizing, removing and holding the vehicle; (c) in payment of any balance to the owner. (2) Compensation is not recoverable against a Health Service or the Health Service chief executive for a payment under this section.

10.3 Conduct on Health Services Land Section 180 gives certain powers and responsibilities to authorised persons and security officers on the health service land for which they have been appointed. 10.3.1 Conduct Causing a Public Nuisance It is an offence for a person to be disorderly or create a disturbance on health services land.
Section - 182 Conduct causing a public nuisance A person must not be disorderly or create a disturbance on health services land.

10.3.2 Power to Deal with Persons causing a Public Nuisance A security officer may direct any person to leave the health services land or a part of the health services land where the security officer (not authorised person): (a) finds a person acting disorderly or creating a disturbance on health services land, or (b) finds a person in circumstances that leads the security officer to suspect on reasonable grounds that the person has just been acting disorderly or creating a disturbance on health services land, or (c) has information that leads the security officer to suspect on reasonable grounds that a person has just been acting disorderly or creating a disturbance on health services land, (d) reasonably believes, having regard to the way a person is behaving, that the persons presence may pose a threat to the safety of anyone else on or leaving health services land; or (e) has information that leads the security officer to believe, on reasonable grounds, a persons presence may pose a threat to the safety of anyone else on or leaving health services land; or (f) reasonably believes a person is on health services land without lawful justification or excuse. The person must comply with the direction unless the person has a reasonable excuse for not complying with it.
183 Power to deal with persons causing a public nuisance (1) This section applies if a security officer (a) finds a person contravening section 182; or (b) finds a person in circumstances that leads the security officer to suspect on reasonable grounds that the person has just contravened section 182; or (c) has information that leads the security officer to suspect on reasonable grounds that a person has just contravened section 182; or (d) reasonably believes, having regard to the way a person is behaving, that the persons presence may pose a threat to the safety of anyone else on or leaving health services land; or (e) has information that leads the security officer to believe, on reasonable grounds, a persons presence may pose a threat to the safety of anyone else on or leaving health services land; or (f) reasonably believes a person is on health services land without lawful justification or excuse. (2) The security officer may direct the person to leave the health services land or a part of the health services land. (3) The person must comply with the direction unless the person has a reasonable excuse for not complying with it.

10.4 Smoking on Health Service Land The two Acts of legislation deal with smoking on health services land. These are: 1. Tobacco and Other Smoking Products Act 1998; and 2. Hospital and Health Boards Act 2011. In addition to this legislation, Queensland Healths Smoking Management Policy (Smoking Policy) applies to all Queensland Health facilities, buildings and motor vehicles. Detailed information is available at: http://qheps.health.qld.gov.au/qhsmp. 10.4.1 Prohibition of Smoking A person must not smoke on health services land except within a nominated smoking place. If an authorised person or security officer finds a person smoking on health services land (other than at a nominated smoking place) the authorised person or security officer may direct the person to stop or refrain from smoking; or to leave the land; or to smoke only in a nominated smoking place. Failure of the person to comply with the direction is an offence unless the person has a reasonable excuse for not complying with it. A Health Service chief executive must not nominate a prohibited place as a smoking place. nominated smoking place means a place nominated as a smoking place by a Health Service chief executive, and designated as such by signs erected by the Health Service chief executive. prohibited place means a place in which a person must not smoke under the Tobacco and Other Smoking Products Act 1998.
Section - 184 Prohibition of smoking (1) A person must not smoke on health services land other than in a nominated smoking place. (2) If an authorised person or security officer finds a person smoking on health services land in contravention of subsection (1), the authorised person or security officer may direct the person (a) to stop or refrain from smoking; or (b) to leave the land or, if the person wishes to smoke, to smoke only in a nominated smoking place. (3) The person must comply with the direction unless the person has a reasonable excuse for not complying with it (4) A Health Service chief executive must not nominate a prohibited place as a smoking place. (5) In this section nominated smoking place means a place nominated as a smoking place by a Health Service chief executive, and designated as such by signs erected by the Health Service chief executive. prohibited place means a place in which a person must not smoke under the Tobacco and Other Smoking Products Act 1998.

10.5 Requirement to Give Name and Address and Other Matters An important difference between the Health Services Act 1991 (repealed) and the Hospitals and health Boards Act is the power on security officers and authorised persons to require the name and address of persons contravening or reasonably suspected of contravening certain specific sections of the act. 10.5.1 Power to Require name and Address A duly appointed security officer or authorised person may require the name and residential address (and evidence of correctness of the name and address) of a person if they: (a) find a person committing an offence against Part 8 of the act; or (b) find a person in circumstances that leads the authorised person or security officer to reasonably suspect the person has just committed an offence against Part 8 of the act; or (c) have information that leads the authorised person or security officer to reasonably suspect a person has just committed an offence against Part 8 of the act. It important to note that this power to require the name and address refers only to those offences detailed in Part 8 of the act, namely offences within: Section 171 - Return of identity card; Section 172 - Authorised persons to control traffic on health services land; Section 175 - Regulatory notices; Section 182 - Conduct causing a public nuisance; Section 183 - Power to deal with persons causing a public nuisance; Section 184 - Prohibition of smoking; Section 186 - Offence to contravene personal details requirement; Section 187 - Obstructing an authorised person of security officer; or Section 188 - Impersonating authorised person or security officer. The authorised person or security officer may require the person to state their name and residential address and may also require the person to give evidence of the correctness of the stated name or address if, in the circumstances, it would be reasonable to expect the person to be in possession of evidence of the correctness of the stated name or address; or otherwise be able to give the evidence. A requirement under this section is a personal details requirement. When making a personal details requirement, the authorised person or security officer must give the person an offence warning for the requirement. Failure to comply with a personals details requirement is an offence. An example of a personal details requirement followed by an offence warning would be: Authorised person: My name is, state name and I am an authorised person and / or security officer for the health service land. You are parked contrary to the No Parking regulatory notice. I require you to provide me with your full and correct name and your residential address. Do you understand? Person: Im not giving you any details.

Authorised person: I warn you that it is an offence to contravene a requirement to provide your full and correct name and address when they are required. Do you understand?
Division 5 - Requirements to give name and address and other matters Section - 185 Power to require name and address (1) This section applies if an authorised person or security officer (a) finds a person committing an offence against this part; or (b) finds a person in circumstances that lead the authorised person or security officer to reasonably suspect the person has just committed an offence against this part; or (c) has information that leads the authorised person or security officer to reasonably suspect a person has just committed an offence against this part. (2) The authorised person or security officer may require the person to state the persons name and residential address. (3) The authorised person or security officer may also require the person to give evidence of the correctness of the stated name or address if, in the circumstances, it would be reasonable to expect the person to (a) be in possession of evidence of the correctness of the stated name or address; or (b) otherwise be able to give the evidence. (4) When making a personal details requirement, the authorised person or security officer must give the person an offence warning for the requirement. (5) A requirement under this section is a personal details requirement. 186 Offence to contravene personal details requirement (1) A person of whom a personal details requirement has been made must comply with the requirement unless the person has a reasonable excuse. (2) A person may not be convicted of an offence under subsection (1) unless the person is found guilty of the offence in relation to which the personal details requirement was made.

10.5.2 Obstructing an authorised person or security officer It is an offence for a person, without reasonable excuse, to obstruct an authorised person or security officer in the execution of any powers. The term obstruct includes assault, hinder, resist, attempt to obstruct and threaten to obstruct. Example: an authorised person seizing a vehicle parked contrary to a regulatory sign is obstructed by another person standing in front of the tow truck. If the authorised person or security officer wishes to exercise the power (e.g. seize the vehicle) they must warn the person that it is an offence to cause an obstruction without reasonable excuse; and the persons actions are considered by the authorised person or security officer to be an obstruction.

Section - 187 Obstructing an authorised person or security officer (1) A person must not obstruct an authorised person or security officer in the exercise of a power, unless the person has a reasonable excuse. (2) If a person has obstructed an authorised person or security officer and the authorised person or security officer decides to proceed with the exercise of the power, the authorised person or security officer must warn the person that (a) it is an offence to cause an obstruction unless the person has a reasonable excuse; and (b) the authorised person or security officer considers the persons conduct an obstruction. (3) In this section Obstruct includes assault, hinder, resist, attempt to obstruct and threaten to obstruct.

10.5.3 Impersonating authorised person or security officer It is an offence to impersonate an authorised person or security officer.
Section - 188 Impersonating authorised person or security officer A person must not impersonate an authorised person or security officer.

10.6 Laws Relating to Peace and Good Behaviour Provisions for addressing instances of public nuisance, breach of the peace, trespass and other offences relating to peace and good behaviour are contained in the Hospital and Health Boards Act 2011; Criminal Code Act 1899 and Peace and Good Behaviour Act 1982. a) Conduct causing a public nuisance The offence of causing a public nuisance is created under Section 182 of the Hospital and Health Boards Act (HHBA) is detailed above. b) Power to deal with persons causing a public nuisance Section 183 HHBA provides powers to direct persons causing a public nuisance or disturbance to leave the health service land. There are no provisions permitting a protective security officer to physically restrain or eject a suspect person. If the suspect person fails to comply with a security officers direction, Police should be contacted. Forcible removal should only be undertaken by Police. If the suspect person physically threatens or actually assaults the protective security officer the staff member may use reasonable force in self-defence. The staff member may also come to the aid of someone else that is threatened or actually assaulted. In these circumstances Police should be called immediately. c) Preventing a breach of the peace For the purposes of the common law powers of arrest without warrant, a breach of the peace arises where there is an actual assault, or where public alarm and excitement are caused by a persons wrongful act. Mere annoyance and disturbance or insult to a person or abusive language or great heat and fury without personal violence are not generally sufficient. The courts have extended the concept of breach of the peace to situations where harm is actually done or is likely to be done to a person, or, in his presence, to his property, or a person is in fear of being so harmed through an assault, an affray, a riot, unlawful assembly or other disturbance. (B.T.DUNPHY, Crown Solicitor 19 March 1998) Sections 260 and 277 of the Criminal Code deal with events involving disruptive behaviour. It is important that all reasonable steps taken to determine whether it is appropriate that the disorderly person be directed to leave the facility. Queensland Health owes a duty of care to patients who present for treatment, and also to visitors, employees and contractors. Failure or refusal to provide healthcare to a prospective patient may mean that Queensland Health will be in breach its duty of care, and legally liable for consequences to the patient. Additionally, such actions may result in media attention and damage to the reputation of staff, the facility and Queensland Health. The decision that a disorderly person be removed from Queensland Health premises must be made on the basis that it is both necessary and reasonable. Note: Police Powers and Responsibility After a person has been detained for the purposes of preventing a breach of the peace they must be handed over to Police. Police may deal with the detainee under the Police Powers and Responsibility Act 1997.

Criminal Code 1899 Section 260 - Preventing a breach of the peace It is lawful for any person who witnesses a breach of the peace to interfere to prevent the continuance or renewal of it, and to use such force as is reasonably necessary for such prevention and is reasonably proportioned to the danger to be apprehended from such continuance or renewal, and to detain any person who is committing or who is about to join in or to renew the breach of the peace for such time as may be reasonably necessary in order to give the person into the custody of a Police officer. Section 277 - Defence of premises against trespassersremoval of disorderly persons 1) It is lawful for a person who is in peaceable possession of any land, structure, vessel, or place, or who is entitled to the control or management of any land, structure, vessel, or place, and for any person lawfully assisting him or her or acting by his or her authority, to use such force as is reasonably necessary in order to prevent any person from wrongfully entering upon such land, structure, vessel, or place, or in order to remove therefrom a person who wrongfully remains therein, provided that he or she does not do grievous bodily harm to such person. It is lawful for a person who is in peaceable possession of any land, structure, vessel, or place, or who is entitled to the control or management of any land, structure, vessel, or place, and for any person acting by his or her authority, to use the force that is reasonably necessary in order to remove therefrom any person who conducts himself or herself in a disorderly manner therein, provided that he or she does not do the person grievous bodily harm. 2) In this section place includes any part of an enclosure or structure, whether separated from the rest of the enclosure or structure by a partition, fence, rope, or any other means, or not.

d) Prevention of repetition of insult


Criminal Code 1899 Section 270 - Prevention of repetition of insult It is lawful for any person to use such force as is reasonably necessary to prevent the repetition of an act or insult of such a nature as to be provocation to the person for an assault, if the force used is not intended, and is not such as is likely, to cause death or grievous bodily harm.

e) Peace and good behaviour Under the Peace and Good Behaviour Act 1982, it is possible to summons before a Magistrate a person who has committed a breach of the peace. The Magistrate may then make an order that the defendant shall keep the peace and be of good order for a specified time and impose certain conditions. A person who contravenes or fails to comply with an order is guilty of an offence against the Act.
Peace and Good Behaviour Act 1982 Section 4 - Complaint in respect of breach of the peace 1) A person (the complainant) may make a complaint to a justice of the peace that a person has threatened: To assault or to do any bodily injury to the complainant or to any person under the care or charge of the complainant; To procure any other person to assault or to do any bodily injury to the complainant or to any person under the care or charge of the complainant; To destroy or damage any property of the complainant; or

To procure any other person to destroy or damage any property of the complainant; and that the complainant is in fear of the person complained against (the defendant).

2) A person (also the complainant) may make a complaint to a justice of the peace that the intentional conduct of a person (also the defendant) directed at the complainant has caused the complainant to fear that the defendant will destroy or damage any property of the complainant. 3) If the matter of a complaint under subsection (1) or (2) is substantiated to the justices satisfaction, and the justice considers it is reasonable in the circumstances for the complainant to have the fear mentioned in the subsection, the justice may issue: A summons directed to the defendant requiring the defendant to appear at a stated time and place before a Magistrates Court; or A warrant to apprehend the defendant and to cause the defendant to be brought before a Magistrates Court; to answer the complaint and to be further dealt with according to law.

4) If the justice before whom the complaint mentioned in subsection (1) or (2) is made considers that the matter would be better resolved by mediation than by proceedings before a Magistrates Court, the justice may, with the complainants consent, order the complainant to submit the matter to mediation under the Dispute Resolution Centres Act 1990. In this section complaint means a written complaint made on oath.

10.7 Laws Relating to the Arrest of Persons Queensland Health protective security officers and authorised persons have no more power than any other member of public to arrest persons for any offence under any Act. The purpose of the information is to provide information regarding current legislation for educational purposes. Question: Response: What is an arrest? To arrest a person is to deprive them of their liberty.

The action of arresting someone should be taken by a protective security officer only as an absolute last resort and must only be considered where the officer is satisfied that the action is authorised, justified or excused by law. It is essential that the action is lawful. Unlawful arrest or false imprisonment is actionable as a civil wrong. Under criminal law, unlawful arrest may also be the offence of deprivation of liberty. All healthcare workers, including protective security officers should be aware that section 355 of the Criminal Code makes it an offence to unlawfully confine or detain another in any place against the other persons will, or otherwise unlawfully deprive another of the others persons liberty. The use of any restraint may fall within this category unless it is authorised, justified or excused by law. At common law, false imprisonment is the intentional confinement of a person without just cause or excuse. The person does not have to be physically restrained or advised that they are under arrest. It is enough that the person submits to being detained under a reasonable belief that they are not free to leave, or that if they do leave, that Police will be called. For example, a protective security officer suspects property has been stolen by a person. The officer invites the person into an office to resolve the matter and the

person agrees. In the office the person is requested to empty their pockets revealing the suspected stolen property. Police are called and the officer stands in the doorway and waits for Police to arrive. It may be argued that the person was under arrest based on the following: a) The person believed they were being detained because the protective security officer was barring the only exit and would prevent the person leaving (even if there was no attempt to leave); b) The person believed the uniformed security officer was a person in authority. c) The person believed that the search was conducted as the result of being under arrest. The test is: Would a reasonable person believe they are not free to leave? 10.7.1 Arrest without warrant generally
The Criminal Code Section 546 - Arrest without warrant generally When an offence is such that the offender may be arrested without warrant generally: 1) It is lawful for any person who is called upon to assist a Police officer in the arrest of a person suspected of having committed the offence, and who knows that the person calling upon the person to assist is a Police officer, to assist the officer, unless the person knows that there is no reasonable ground for the suspicion; 2) It is lawful for any person who finds another committing the offence to arrest the other person without warrant;

3) If the offence has been actually committed it is lawful for any person who believes on
reasonable ground that another person has committed the offence to arrest that person without warrant, whether that other person has committed the offence or not;

4) It is lawful for any person who finds another by night, under such circumstances as to
afford reasonable grounds for believing that the other person is committing the offence, and who does in fact so believe, to arrest the other person without warrant.

There is a body of case law around section 546, and arrest without warrant. Offences are classified under section 3 of the Criminal Code. The distinction between a crime and a misdemeanour is important to deciding whether a person may be arrested without warrant. Section 5 of the Criminal Code provides that unless otherwise stated, an offender may be arrested without warrant for an offence defined as a crime. Ordinarily, a warrant is required in the case of a misdemeanour. 10.7.2 Arrest of offender committing indictable offences by night
The Criminal Code Section 549 - Arrest of offender committing indictable offences by night It is lawful for any person who finds another person by night committing any indictable offence to arrest the other person without warrant.

The term night is the period between 9:00pm and 6:00am (see section 1 of the Criminal Code). Indictable offences consist of crimes and misdemeanours (see section 3 of the Criminal Code). 10.7.3 Duty of persons making the arrest
The Criminal Code Section 552 - Duty of persons arresting It is the duty of a person who has arrested another upon a charge of an offence to take the other person forthwith before a justice to be dealt with according to law.

A person, who is engaged in the lawful arrest (and any person lawfully assisting) may use such force as may be reasonably necessary to overcome any force used in

resisting such arrest. When making an arrest, it is necessary to advise the person being arrested the reason they are being taken into custody.
The Criminal Code Section 255 - Duty of persons arresting 1) It is the duty of a person executing any process or warrant to have it with him or her, if reasonably practicable, and to produce it if required. 2) It is the duty of a person arresting another, whether with or without warrant, to give notice, if practicable, of the process or warrant under which the person is acting or of the cause of the arrest. process or warrant or the arrest unlawful, but is relevant to the inquiry whether the process or warrant might not have been executed or the arrest made by reasonable means in a less forcible manner.

3) A failure to fulfil either of the aforesaid duties does not of itself make the execution of the

10.7.4 Defence of moveable property against trespassers Queensland Health staff members should challenge anyone not known to them who attempts to remove Queensland Health property. If the staff member has any doubts about the person, or concerns for their own or anothers safety, they should contact their supervisor or a Queensland Health security officer immediately. The Criminal Code Section 274 - Defence of moveable property against trespassers It is lawful for any person who is in peaceable possession of any moveable property, and for any person lawfully assisting him or her or acting by his or her authority, to use such force as is reasonably necessary in order to resist the taking of such property by a trespasser, or in order to retake it from a trespasser, provided that the person does not do grievous bodily harm to the trespasser. 10.7.5 Prevention of crimes and offences There are circumstances which may arise within a healthcare facility which may require the use of force against another person. Section 266 of the Criminal Code authorises the use of force in certain circumstances. It must be noted that section 266 only authorises the use of such force that is reasonably necessary. Further, there are requirements that the beliefs be held on reasonable grounds by the person using the reasonable force, before the force can be used.
The Criminal Code Section 266 - Prevention of crimes and offences for which an offender may be arrested without warrant - prevention of violence by patients under Mental Health Act 2000 It is lawful for any person to use such force as is reasonably necessary in order to prevent the commission of an offence which is such that the offender may be arrested without warrant; or in order to prevent any act from being done as to which the person believes, on reasonable grounds, that it would, if done, amount to any such offence; or in order to prevent a person whom the person believes, on reasonable grounds, to be an involuntary patient under the Mental Health Act 2000 from doing violence to any person or property.

In relation to the first authority, it would be necessary for the person to know that the offence, which the other person is attempting to commit, is one where a general power of arrest without warrant applies. A person may use reasonable force to prevent an involuntary patient under the Mental Health Act 2000 (MHA) from doing violence to another or from damaging

property. It is advisable that the staff member acts under clinical direction and is satisfied that the MHA patient is involuntary. (Refer to section on Mental Health legislation for definition of patient and involuntary admission). Some protection may exist under section 260 of the Criminal Code (Preventing a breach of the peace).
The Criminal Code Section - 260 Preventing a breach of the peace It is lawful for any person who witnesses a breach of the peace to interfere to prevent the continuance or renewal of it, and to use such force as is reasonably necessary for such prevention and is reasonably proportioned to the danger to be apprehended from such continuance or renewal, and to detain any person who is committing or who is about to join in or to renew the breach of the peace for such time as may be reasonably necessary in order to give the person into the custody of a Police officer.

10.8 Laws Relating to Assault and Self-Defence This section provides information about the laws relating to self defence, provocation or assault. It is also important understand terminology. For example, tapping someone on the shoulder or brushing against someone in a crowd, may constitute assault, but depending on the circumstances, may not be unlawful. 10.8.1 Definition of assault An assault is an offence unless it is authorised, justified or excused by law.
The Criminal Code Section 245 - Definition of assault A person who strikes, touches, or moves, or otherwise applies force of any kind to, the person of another, either directly or indirectly, without the other persons consent, or with the other persons consent if the consent is obtained by fraud, or who by any bodily act or gesture attempts or threatens to apply force of any kind to the person of another without the other persons consent, under such circumstances that the person making the attempt or threat has actually or apparently a present ability to effect the persons purpose, is said to assault that other person, and the act is called an assault. In this section, applies force includes the case of applying heat, light, electrical force, gas, odour, or any other substance or thing whatever if applied in such a degree as to cause injury or personal discomfort. Criminal Code 1899 Section 246 - Assaults unlawful 1) An assault is unlawful and constitutes an offence unless it is authorised or justified or excused by law. The application of force by one person to the person of another may be unlawful, although it is done with the consent of that other person.

Section 340 provides a greater penalty for persons who assault a health service employee in the execution of their duty.
Criminal Code 1899 340 Serious assaults (1) Any person who (a) assaults another with intent to commit a crime, or with intent to resist or prevent the lawful arrest or detention of himself or herself or of any other person; or (b) assaults, resists, or wilfully obstructs, a Police officer while acting in the execution of the officers duty, or any person acting in aid of a Police officer while so acting; or (c) unlawfully assaults any person while the person is performing a duty imposed on the

person by law; or (d) assaults any person because the person has performed a duty imposed on the person by law; or (f) assaults any person in pursuance of any unlawful conspiracy respecting any manufacture, trade, business, or occupation, or respecting any person or persons concerned or employed in any manufacture, trade, business, or occupation, or the wages of any such person or persons; or (g) unlawfully assaults any person who is 60 years or more; or (h) unlawfully assaults any person who relies on a guide dog, wheelchair or other remedial device; is guilty of a crime, and is liable to imprisonment for 7 years. Examples of remedial device for paragraph (h) walking frame, caliper, walking stick and artificial limb (2) A prisoner who unlawfully assaults a working corrective services officer is guilty of a crime, and is liable to imprisonment for 7 years. (2AA) A person who (a) unlawfully assaults, or resists or wilfully obstructs, a public officer while the officer is performing a function of the officers office; or Example A person unlawfully assaults an authorised officer under the Child Protection Act 1999 while the officer is investigating an allegation of harm to a child under that Act. (b) assaults a public officer because the officer has performed a function of the officers office; commits a crime. Maximum penalty7 years imprisonment. (2A) For subsection (1)(b), the circumstances in which a person assaults a Police officer include, but are not limited to, circumstances in which the person bites, spits on or throws a bodily fluid or faeces at a Police officer. (3) In this section corrective services facility see the Corrective Services Act 2006, schedule 4. corrective services officer see the Corrective Services Act 2006, schedule 4. office includes appointment and employment. prisoner see the Corrective Services Act 2006, schedule 4. public officer includes (a) a member, officer or employee of a service established for a public purpose under an Act; and Example of a service Queensland Ambulance Service established under the Ambulance Service Act 1991 (b) a health service employee under the Hospital and Health Boards Act 2011; and (c) an authorised officer under the Child Protection Act 1999.

The following Criminal Code sections relate to self defence provisions. Further information: http://qheps.health.qld.gov.au/safety/occup_violence/home.htm
Criminal Code 1899 Section 271 - Self-defence against unprovoked assault 1) When a person is unlawfully assaulted, and has not provoked the assault, it is lawful for the person to use such force to the assailant as is reasonably necessary to make effectual defence against the assault, if the force used is not intended, and is not such as is likely, to cause death or grievous bodily harm. 2) If the nature of the assault is such as to cause reasonable apprehension of death or grievous bodily harm, and the person using force by way of defence believes, on reasonable grounds, that the person can not otherwise preserve the person defended from death or grievous bodily harm, it is lawful for the person to use any such force to the assailant as is necessary for defence, even though such force may cause death or grievous bodily harm.

Section 272 - Self-defence against provoked assault 1) When a person has unlawfully assaulted another or has provoked an assault from another, and that other assaults the person with such violence as to cause reasonable apprehension of death or grievous bodily harm, and to induce the person to believe, on reasonable grounds, that it is necessary for the persons preservation from death or grievous bodily harm to use force in self-defence, the person is not criminally responsible for using any such force as is reasonably necessary for such preservation, although such force may cause death or grievous bodily harm. 2) This protection does not extend to a case in which the person using force which causes death or grievous bodily harm first begun the assault with intent to kill or to do grievous bodily harm to some person; nor to a case in which the person using force which causes death or grievous bodily harm endeavoured to kill or to do grievous bodily harm to some person before the necessity of so preserving himself or herself arose; nor, in either case, unless, before such necessity arose, the person using such force declined further conflict, and quitted it or retreated from it as far as was practicable. Section 273 - Aiding in self-defence In any case in which it is lawful for any person to use force of any degree for the purpose of defending himself or herself against an assault, it is lawful for any other person acting in good faith in the first persons aid to use a like degree of force for the purpose of defending the first person.

10.9 Mental Health Act The purpose of the MHA is to provide for the involuntary assessment and treatment, and the protection, of persons (whether adults or minors) who have mental illnesses while at the same time safeguarding their rights and freedoms, and balancing their rights and freedoms with the rights and freedoms of other persons. Protective Security Officers should acquire a detailed understanding of relevant sections of the Mental Health Act 2000 (MHA). Additional information can be found in The Annual Report of the Director Mental Health which provides: Details outlining the areas within a health service facility which are deemed authorised mental health service; and Details of the gazetted high security units 10.9.1 Definitions

Patient (for the purposes of Part 3) in an authorised mental health service means any person admitted to or assessed, examined, detained or treated for a mental illness in the health service. Involuntary patient means a person: Who is, or is liable to be, detained, under chapter 2, part 4, in an authorised mental health service for assessment; For whom an involuntary treatment order is in force; or Who is a classified or forensic patient. Authorised mental health service: An authorised mental health service, other than a high security unit; or A public hospital if there is no authorised mental health service readily accessible for a persons examination or assessment. For example, if there is no authorised mental health service in a remote or rural area of the State, the person may be assessed at a public hospital in the area.

High security unit means: A public sector mental health service, or part of a public sector mental health service, declared under section 496 to be a high security unit. 10.9.2 Emergency Examination Orders A police officer or ambulance officer may bring a person to an authorised mental health service for examination to determine whether the person requires treatment as a mental health patient. This applies if a police officer or an ambulance officer reasonably believes that a person has a mental illness and because of the persons illness there is an imminent risk of significant physical harm being sustained by the person or someone else. A memorandum of Understanding exists between Queensland Health and Queensland Police. Refer to the Memorandum of Understanding.
Division 3 Emergency examination orders Subdivision 1 Emergency examination orders by police officers and ambulance Officers Section - 33 Application of subdivision 1 This subdivision applies if a police officer or an ambulance officer reasonably believes (a) a person has a mental illness; and (b) because of the persons illness there is an imminent risk of significant physical harm being sustained by the person or someone else; and (c) proceeding under division 2 would cause dangerous delay and significantly increase the risk of harm to the person or someone else; and (d) the person should be taken to an authorised mental health service for examination to decide whether a request and recommendation for assessment should be made for the person. Section - 34 Taking person to authorised mental health service The police officer or ambulance officer must take the person to an authorised mental health service for examination to decide whether assessment documents for the person should be made. Section - 35 Making of emergency examination order (1) Immediately after taking the person to the authorised mental health service, the police officer or ambulance officer must make an order under this subdivision (an emergency examination order (police or ambulance officer)) for the person. (2) The order must (a) be in the approved form; and (b) state the time when it is made. (3) Immediately after making the order, the police officer or ambulance officer must give the order to a health service employee at the health service. (4) The person may be detained in the health service while the order is being made. Section - 36 Detention and examination (1) On the making of the order, the person may be detained for not longer than 6 hours (the examination time) in the authorised mental health service for examination by a doctor or authorised mental health practitioner. (2) In carrying out the examination, the doctor or practitioner must, to the extent that it is

reasonable and practicable in the circumstances explain to the person, in general terms, the application of this subdivision to the person. Editors note See also section 542 (Official to identify himself or herself before exercising powers).

10.9.3 Restraint and Seclusion Mental Health Act 2000 Chapter 4A Restraint and seclusion of patients provides details regarding restraint and seclusion of mental health patients within an authorised mental health service. Whilst there is increasing reluctance for the use of restraint and seclusion, there are occasion where this is deemed appropriate or necessary. Restraint: A mechanical restraint, is a mechanical appliance, approved under section 162B, preventing the free movement of the persons body or a limb of the person. However, the use of a surgical or medical appliance for the proper treatment of physical disease or injury is not mechanical restraint. The Director of Mental Health must approve and communicate, in a policy or guide, the mechanical appliances that may be used for restraint. Currently, the approved form of mechanical restraint is Wrist cuffs to waist belt. It is an offence to use mechanical restraints on a patient in an authorised mental health service other than under part 4A of the Mental Health Act. Doctor may authorise use of mechanical restraint For treating or caring for an involuntary patient in an authorised mental health Service, a doctor may authorise the use of mechanical restraint on the patient only if the doctor is satisfied it is the most clinically appropriate way of preventing injury to the patient or someone else. Note: This relates to involuntary patients only. Use of reasonable force A doctor or the senior registered nurse on duty may, with the help, and using the minimum force, that is necessary and reasonable in the circumstances, apply the restraint as authorised to the patient. Administrator must notify director about mechanical restraint The administrator of an authorised mental health service must give the director written notice about the mechanical restraint of a patient in the health service as soon as practicable after the mechanical restraint is applied to the patient and the notice must include the information required by the director. NOTE: Policy on mechanical restraint in authorised mental health services provides additional information. The following sections of the Mental Health Act are relevant.
162A Meaning of mechanical restraint for pt 1

(1) For this part, mechanical restraint, of a person, is the restraint of the person by the use of a mechanical appliance, approved under section 162B, preventing the free movement of the persons body or a limb of the person. (2) However, the use of a surgical or medical appliance for the proper treatment of physical disease or injury is not mechanical restraint. 162B Approval of mechanical appliances The director must (a) approve the mechanical appliances that may be used for mechanical restraint of a person; and (b) state the approved mechanical appliances in a relevant policy or practice guideline. Note Policies and practice guidelines are issued under section 309A for forensic patients and section 493A for other patients. 162C Offence to use mechanical restraint A person must not use mechanical restraint on a patient in an authorised mental health service other than under this part. 162D Doctor may authorise use of mechanical restraint For treating or caring for an involuntary patient in an authorised mental health Service, a doctor may authorise the use of mechanical restraint on the patient only if the doctor is satisfied it is the most clinically appropriate way of preventing injury to the patient or someone else. 162E How authorisation is given The doctor must give the authorisation by recording the following details in the patients clinical file (a) the type of restraint authorised; (b) the reasons for the restraint; (c) any restrictions on the circumstances in which restraint may be applied; (d) the maximum period or periods for which the restraint may be applied; (e) the intervals at which the patient must be observed while the restraint is applied; (f) any special measures necessary to ensure the patients proper treatment or care while the restraint is applied; (g) the time (not longer than 3 hours after the authorisation is given) when the authorisation ends. 162I Administrator must notify director about mechanical restraint (1) The administrator of an authorised mental health service must give the director written notice about the mechanical restraint of a patient in the health service as soon as practicable after the mechanical restraint is applied to the patient. (2) The notice must include the information required by the director.

Seclusion: Seclusion, is the confinement of the patient, at any time, alone in a room or area from which free exit is prevented. However, the overnight confinement for security purposes of an involuntary patient in a high security unit or an in-patient facility of an authorised mental health service prescribed under a regulation for this subsection is not seclusion. Points to note: Patient is a patient under the Mental Health Act; and Confinement is where a patient is in a room or an area from which free exit is prevented (by doors, barriers or physical intervention); and The patient is alone. The exception is where: For security reasons; the involutary patient; is in overnight confinement; is in a high security unit or in-patient facility of an authorised mental health service prescribed under a regulation for this specific subsection. Prohibition of seclusion - Offence to keep patient in seclusion Significant penalties exist under the Mental Health Act where a patient in an authorised mental health service is kept in seclusion other than under Chapter 4A Part 2 of the Act. Use of reasonable force A doctor or senior registered nurse on duty who authorises a patients seclusion may, with the help, and using the minimum force that is necessary and reasonable in the circumstances, place the patient in seclusion. It would be advisable that the doctor or senior registered nurse on duty that authorised the seclusion was present. Additionally and where practicable, a security officer may request a written direction for assistance from the doctor or senior registered nurse. This may be achieved by entering a signed notation in the security officers official notebook. Where circumstances prevented prior written direction, written verification may be sought after assistance is given. Where the doctor or senior registered nurse is unable or unwilling to provide such information, the security officer should make a notation to that effect in their official notebook and note details of any witness to the clinical direction for assistance. Who may authorise seclusion Seclusion of an involuntary patient in an in-patient facility of an authorised mental health service may be authorised at any time, by a doctor; or in urgent circumstances, by the senior registered nurse on duty. Section - 162U Use of reasonable force A doctor or senior registered nurse on duty who, under this part, authorises a patients seclusion may, with the help, and using the minimum force, that is necessary and reasonable in the circumstances, place the patient in seclusion.

Division 2 Prohibition of seclusion Section - 162K Offence to keep patient in seclusion A person must not keep a patient in an authorised mental health service in seclusion other than under this part. Division 3 Authorisation of seclusion Section - 162L Who may authorise seclusion Seclusion of an involuntary patient in an in-patient facility of an authorised mental health service may be authorised (a) at any time, by a doctor; or (b) in urgent circumstances, by the senior registered nurse on duty. Section - 162M When seclusion may be authorised A doctor or the senior registered nurse on duty must not authorise seclusion of an involuntary patient unless the doctor or nurse is reasonably satisfied (a) it is necessary to protect the patient or other persons from imminent physical harm; and (b) there is no less restrictive way of ensuring the safety of the patient or others.

NOTE: Policy on seclusion in authorised mental health services provides additional information. 10.10 Search Definition of Patient for the purposes of search patient, in an authorised mental health service, means any person admitted to or assessed, examined, detained, treated or cared for in the health service. 10.10.1 The purpose of conducting a search For ensuring the protection of patients and the security and good order of authorised mental health services, this part provides for carrying out searches of patients and their possessions in authorised mental health services; and visitors and their possessions to high security units. It is important that, in the first instance and prior to any search being conducted, the patient (or other person/visitor) is requested to voluntarily submit to a search. When a patient or visitor to a high security unit is treated with respect and asked to submit to a lawful search, compliance with the request is common.
Mental Health Act 2000 Section 352 - Purpose of pt 3 For ensuring the protection of patients and the security and good order of authorised mental health services, this part provides for carrying out searches of: 1) Patients in authorised mental health services and their possessions; and 2) Visitors to high security units and their possessions. Searches on reasonable belief of possession of harmful things Section 353 - Application of subdivision 1 This subdivision applies if a doctor or the senior registered nurse on duty, at an authorised mental health service reasonably believes a patient in the health service has possession of a harmful thing.

With respect to section 352 a number of conditions must apply before a search may be legally conducted on a person or their possessions. The person subject to search must be a patient as described above or a visitor to a high security unit. The search may include the person and their possessions. The question which must be asked each time, and before a search is carried out is whether the person is a patient as defined under the Act and at that relevant time. Only if the answer is yes, can a search be legally conducted. A person must not be considered to be a patient merely because the person has previously been treated for mental illness or previously been subject to involuntary assessment or treatment. Furthermore, to be a patient as defined under the MHA, the person has to have been admitted to, or assessed, examined, detained or treated for a mental illness in the authorised mental health service. If the patient has not at the relevant time, been admitted, assessed, examined, detained or treated for a mental illness at the authorised mental health service, a search cannot be conducted. 10.10.2 Reasonable belief

There are no words that will exactly define what a reasonable belief is for every situation. In each particular case, the doctor or senior registered nurse must believe, in the particular circumstances, of the particular patient, and based on relevant observable or otherwise known factors, that the patient has possession of a harmful thing. It is the weight or strength of the observable or otherwise known facts that will determine whether the belief is reasonable. The above comments are also relevant to section 360(2) which requires the searcher to make a written record of the details of the search, including the reasons for the search. The reasons for the search should include reference to the observable or otherwise known or believed facts the searcher relied on prior to attending to the search. The reasonable belief must be formed under section 353 before there is authority under the Act to conduct the search under section 354. This is clear because the doctor or nurse is also required to tell the patient the reasons for the search before conducting it. 10.10.3 Harmful thing Harmful thing is defined in the Act as meaning anything that may be used to: threaten the security or good order of an authorised mental health service; threaten a persons health or safety; or that, if used by a patient in an authorised mental health service is likely to adversely affect the patients treatment. The definition makes it clear that a harmful thing is anything that can be used in a way that threatens security, a persons health or safety, or anything used by a patient that is likely to adversely affect the patients treatment. The thing does not have to be harmful in itself. The provision is broad in that if the thing may be used by any person to threaten it can be harmful. It is not limited to being in the possession of the person being searched.

10.10.4 Authority to search patients and possessions


Mental Health Act 2000 Section 354 - Authority to search patients and possessions 1) The doctor or nurse may search, or authorise another health practitioner to search, the patient or the patients possessions. 2) The search may be carried out without the patients consent. 3) However, before carrying out the search, the doctor or nurse must tell the patient the reasons for the search and how it is to be carried out.

10.10.5 Searches of patients and their possessions on admission or entry to high security units
Mental Health Act 2000 Section 355 - Authority to search patients and possessions 1) On a persons admission as a patient, or a patients entry, to a high security unit, an authorised officer may, for detecting harmful things, search the patient or the patients possessions. 2) However, before carrying out the search, the officer must tell the patient the reasons for the search and how it is to be carried out.

3) The search may be carried out without the patients consent. 10.10.6 Carrying out searches Under certain circumstances, searches may be conducted on patients or visitors to a mental health facility .Mental Health Act 2000
Section 356 - Application of subdivision 3 This subdivision applies if: 1) Under subdivision 1, a doctor or nurse is authorised, or another health practitioner has been authorised by a doctor or nurse, to search a patient or a patients possessions; or 2) Under subdivision 2, an authorised officer is authorised to search a patient or a patients possessions. Section 357 - Carrying out search 1) The person authorised to carry out the search (the searcher) may require the patient, to submit, or submit the patients possessions, to a search under this section. 2) The searcher may do any 1 or more of the following: Pass a hand-held electronic scanning device over or around the patient or the patients possessions; ii. Open or inspect a thing in the patients possession; iii. Remove and inspect an outer garment or footwear of the patient; iv. Remove and inspect all things from the pockets of the patients clothing; v. Touch the clothing worn by the patient to the extent reasonably necessary to detect things in the patients possession; or vi. Remove and inspect any detected thing. 3) Also, the searcher may, with the approval of the administrator of the authorised mental health service, remove and inspect all, or part of, the patients other clothing and anything found in the clothing. 4) However, the administrator may give the approval only if the administrator is reasonably satisfied it is necessary in the circumstances for carrying out an appropriate search. 5) The searcher may: Exercise a power of inspection under subsection (2) only if the patient is present or has i.

been given the opportunity to be present; or Exercise a power under subsection (2)(c) to (f) or (3) only if: a. The searcher is the same sex as the patient; and b. The search is carried out in a part of a building that ensures the patients privacy. 6) The searcher must: Carry out the search in a way that respects the patients dignity to the greatest possible extent; and Cause as little inconvenience to the patient as is practicable in the circumstances. 7) However, the searcher may carry out the search with the help, and using the force, that is reasonable in the circumstances. Section 358 - Seizure of things The searcher may seize anything found during a search that the searcher reasonably suspects is a harmful thing. Section 359 -What happens to thing seized 1) If the administrator of the authorised mental health service is reasonably satisfied the seized thing is a harmful thing, the administrator must: Keep it for the patient and give it to the patient on the patients release from the health service; Give it to someone else if the patient is able to, and has given, agreement to do so; If the administrator is satisfied someone else is entitled to possession of the thing, give or send it to the person; or If the administrator is reasonably satisfied it is of negligible value dispose of it in the way the administrator considers appropriate. 2) However, if the administrator reasonably believes the seized thing is connected with, or is evidence of, the commission or intended commission of an offence against an Act, the administrator must give it to an authorised person under that Act. 3) The seizure provisions of the Act mentioned in subsection (2) apply to the thing as if the authorised person had seized it under the provisions of the Act that relate to the offence. 4) If the authorised person is not reasonably satisfied the thing is evidence of the commission or intended commission of the offence, the authorised person must return it to the administrator who must deal with it under this section. 5) Immediately after making a decision about what happens to a seized thing, the administrator must make a written record of the decision. Section 360 - Records of searches 1) This section applies if: 2) A search is authorised under subdivision 1; An administrator of an authorised mental health service gives an approval mentioned in section 357(3); or A searcher seizes anything found during a search under this part. Immediately after carrying out the search, the searcher must make a written record of the following details of the search: The reasons for the search; If, under subdivision 1, a doctor or nurse authorised another health practitioner to carry out the searchthe name of the doctor or nurse; The name of the searcher; How the search was carried out; The results of the search; and Anything seized.

Section 361 - Power to search visitors 1) An authorised officer for a high security unit may ask a visitor to submit, or submit the visitors possessions, to being searched, under this division, by an authorised officer.

2)

The officer must tell the visitor in general terms of: The officers powers in relation to the search; How the search is to be carried out; and The visitors rights under this division.

Section 362 - Directions to leave high security unit 1) If the visitor does not agree to the request, the authorised officer may refuse the visitor permission to enter the high security unit or, if the person is in the unit, direct the person to immediately leave the unit. 2) If the visitor is directed to leave the unit, the visitor must comply with the direction. Section 363 - Carrying out the search 1) For carrying out the search, the authorised officer may ask the visitor to do any 1 or more of the following:

Walk through an electronic scanning device; Remove a stated outer garment or footwear; Remove everything from the pockets of the visitors clothing; and Open or inspect anything in the visitors possession. 2) Also, the officer may ask the visitor to leave a thing the officer reasonably suspects is a harmful thing with the officer until the visitor leaves the high security unit. 3) If the visitor refuses to comply with a request under subsection (1) or (2), the authorised officer may refuse the visitor permission to enter the unit or, if the person is in the unit, direct the person to immediately leave the unit.. If the visitor is directed to leave the for carrying out the search, the authorised officer may: Pass a hand-held electronic scanning device over or around the visitor or the visitors possessions; Inspect an outer garment or footwear removed by the visitor; Touch the clothing worn by the visitor to the extent reasonably necessary to detect things in the visitors possession; and Remove and inspect any detected thing. 4) The authorised officer may: Exercise a power of inspection under subsection (5) only if the visitor is present or has been given the opportunity to be present; or Exercise a power under subsection (5)(c) or (d) only if: a. The officer is the same sex as the visitor; and b. The search is carried out in privacy in a part of a building that ensures the visitors privacy. 5) The authorised officer must: Carry out the search in a way that respects the visitors dignity to the greatest possible extent; and Ensure the officer causes as little inconvenience to the visitor as is practicable in the circumstances to carry out an appropriate search.

Invasion of Privacy Act 1971

10.11 Confidentiality The Hospital and Health Boards Act 2011 provides safeguards to protect the confidentiality of information that identifies persons who have received public sector health services. Strict legal requirements govern patient confidentiality. Queensland Health and its employees must maintain strict rules protecting patient information confidentiality. One of the commonly held moral principles in healthcare is that of Non Maleficence meaning the avoidance of harm to the client. It has been suggested that the purpose of the right to privacy is not merely the protection of the special nature of the relationship between health carers and their clients, nor the peace of mind and reputation of the patient, although these are certainly reasons for respecting patients privacy. The most important reason, it is argued, is the need to ensure that a patient may disclose those facts that may be embarrassing but vital, for his/her proper care and treatment In brief, no current or former health service employee (designated person) can disclose any confidential information about a person who has received a public sector health service. However, this does not apply if the disclosure is required or permitted by law. confidential information means information, acquired by a person in the persons capacity as a designated person, from which a person who is receiving or has received a public sector health service could be identified.
Hospital and Health Boards Act 2011 Section 142 Confidential information must not be disclosed (1) A designated person must not disclose, directly or indirectly, confidential information to another person unless the disclosure is required or permitted under this Act. (2) For subsection (1), another person includes another designated person. (3) Subsection (1) applies even if the person who could be identified from the disclosure of confidential information is deceased.

designated person includes a person who is or was a public service employee employed in the department or a health service employee

10.11.1 Invasion of Privacy A person cannot use a listening device or recording device to monitor or listen to a private conversation. However, this does not apply where the person using the listening device is a party to the private conversation.

Section 43 - Prohibition on use of listening devices 1) A person is guilty of an offence against this Act if the person uses a listening device to overhear, record, monitor or listen to a private conversation and is liable on conviction on indictment. 2) Subsection (1) does not apply: Where the person using the listening device is a party to the private conversation; To the unintentional hearing of a private conversation by means of a telephone; To or in relation to the use of any listening device by An officer employed in the service of the Commonwealth in relation to customs authorised by a warrant under the hand of the Comptroller-General of Customs under the Customs Act 1901 (Cwlth) to use a listening device in the performance of the officers duty; A person employed in connection with the security of the Commonwealth when acting in the performance of the persons duty under an Act passed by the Parliament of the Commonwealth relating to the security of the Commonwealth; To or in relation to the use of a listening device by a Police officer or another person under a provision of an Act authorising the use of a listening device. A person referred to in subsection (2)(c) who uses a listening device to overhear, record, monitor or listen to any private conversation to which the person is not a party shall not communicate or publish the substance or meaning of that private conversation otherwise than in the performance of the persons duty. The court by which a person is convicted of an offence under this section may, by its conviction, order that any listening device used in the commission of the offence and described in the order shall be forfeited to Her Majesty and delivered up, within such period as may be specified in the order, by the person who has possession of the listening device to a person specified in the order. If an order is made under subsection (4), the person who has possession of the listening device must deliver up the listening device under the order If a person contravenes subsection (5), whether or not a proceeding for the offence has started, a Police officer may seize the listening device and deliver it up under the order.

3)

4)

5)

6)

Section 8 General principles for administration of Act The following principles apply to the administration of this Act in relation to a person who has a mental illness: 1) Same human rights i. The right of all persons to the same basic human rights must be recognised and taken into account; and ii. A persons right to respect for his or her human worth and dignity as an individual must be recognised and taken into account. 2) Matters to be considered in making decisions i. To the greatest extent practicable, a person is to be encouraged to take part in making decisions affecting the persons life, especially decisions about treatment; ii To the greatest extent practicable, in making a decision about a person, the persons views and the effect on his or her family or carers are to be taken into account; and iii. A person is presumed to have capacity to make decisions about the persons assessment, treatment and choosing of an allied person.

3) Provision of support and information To the greatest extent practicable, a person is to be provided with necessary support and information to enable the person to exercise rights under this Act, including, for example, facilitating access to independent help to represent the persons 4) Achievement of maximum potential and self-reliance

To the greatest extent practicable, a person is to be helped to achieve maximum physical, social, psychological and emotional potential, quality of life and self-reliance. 5) Acknowledgment of needs A persons age-related, gender-related, religious, cultural, language, communication and other special needs must be taken into account. 6) Maintenance of supportive relationships and community participation The importance of a persons continued participation in community life and maintaining existing supportive relationships are to be taken into account to the greatest extent practicable, including, for example, by treatment in the community in which the person lives. 7) Maintenance of environment and values To the greatest extent practicable, a persons cultural and linguistic environment, and set of values (including religious beliefs) must be maintained. 8) Provision of treatment Treatment provided under this Act must be administered to a person who has a mental illness only if it is appropriate to promote and maintain the persons mental health and wellbeing. 9) Confidentiality A persons right to confidentiality of information about the person must be recognised and taken into account.

11. GEOGRAPHICALLY REMOTE LOCATIONS


This section provides additional information for the provision of protective security in healthcare facilities which are geographically remote. This information should be read in conjunction with this Guideline in its entirety. Queensland Health defines certain healthcare facilities as geographically remote based on common prerequisites being: geographically isolated location; lack of a resident doctor; lack of other resident healthcare staff; and lack of readily available support services. Security risk assessments, in accordance with AS Handbook 167 Security risk management must be conducted and appropriate security risk controls implemented. In addition to general protective security considerations which apply in larger cities and towns, Health Services that have geographically remote and rural locations must also consider factors specific to those locations. Unique challenges faced by health workers in geographically remote locations influence risk management strategies. These can include: high staff turnover leading to reduced continuity of knowledge; delayed response times and activities; close community ties; lack of anonymity; cultural sensitivities; communication difficulties; deficiencies in education; and isolation. Consultation and information gathering with staff and key stakeholders including community groups and other Agencies will assist to ensure all security risks have been identified, assessed and addressed in the appropriate manner. 11.1 Recruitment Briefing Persons who apply for positions at geographically remote facilities must be fully briefed about conditions and situations they may encounter. Briefing should be carried out at recruitment stage and further highlighted at orientation and induction sessions. Staff should receive appropriate training in exit and safety strategies relevant to their location. Table 1 seeks to identify conditions and situations at a minimum, for briefing which may assist potential staff to determine their suitability for employment in particular locations. Not everyone is suited to a remote lifestyle or be personally equipped to work in some remote locations. Rapid staff turnover may be reduced if time is taken to adequately brief potential employees. Where practicable, candidates should be given the opportunity for a pre-employment visit to the work location.

Table 1: Recruitment briefing information for remote facilities Role of facility Emergency; Disease treatment; Environmental and community/public health; and/or Health promotion. Demographics Who is the healthcare service treating and limitations on the treatment available; On-site or at community-out-stations; or Mining camp workers; or Tourists. Peer support Professions; Location; and Numbers. Medical support Location and nature of support; Medical evacuation options including access to RFDS; and Frequency and nature of visiting medical services. Closest servicing Road condition or air and sea only transportation; town Distance and travel time; and Services available in that town. Facilities Power supply, water supply, refuse and other municipal services; available to the Postal services; community Community transport (as opposed to that associated with the health facility); Fire and other emergency management plans; Spiritual centres and services; and Social and sporting facilities. Closest hospital Location and nature of services. or healthcare facility Police presence Visiting or onsite; Frequency of visits (if applicable); Contact details; and Emergency response time. Transport Consider seasonal weather conditions; facilities and Potential for access/exit routes to be cut; access routes Fuel supplies: aviation, petrol, LPG or diesel; Storage: drums, bowsers or cylinders; and Maintenance: tyres, spare parts servicing options. Type of Isolation Topography of the area. Potential violence Situational factors such as alcohol and other drugs; Possible outcomes of violent incidents; Potential consequences for the healthcare worker; and Available exit strategies. Community Cultural blend; Community organisations or structures (eg. elders or council); Employment opportunities for youth and adults; Teaching institutions including primary and high schools; and Any existing localised barriers or obstacles that could be expected due to size and population demographics. Passing traffic Capacity to have personal/private/family visitors; such as tourists Accommodation available; and Potential community attitudes.

Climate Community expectation Communications

Best and worst climatic conditions that may be experienced. Possibly 24 hour availability. External: TV, radio, microwave dish, satellite phone (where available), 2-way radio base station, postal mail, duress systemtraining; and Internal: within the community (eg paging system and 2-way radio). Expected response times and impacts on response times. Condition and maintenance of healthcare facility (This may be an important consideration); Condition and maintenance of living accommodation including size, type, facilities and location in relation to other accommodation in the community; and Security and safety including existence of retreat rooms if applicable. On site and/or by order. Comparative degree of expense. May or may not be provided. Vehicle and plant maintenance arrangements; Communications equipment operation; Navigation resources; Generator operation (eg. start up and shut down); Vehicle and plant spares and emergency equipment; and Types and availability of training provided (eg. 4WD driving, winches and tyre jacks). May be limited except when accompanying patients requiring evacuation. Provisions for leave; Availability of relief staff; and Professional development opportunities.

Response Accommodation

Food supply Cost of living Visiting medical services Vehicles and plant

Time away from the community Employment conditions

It should be acknowledged that people without experience living and working in geographically remote locations may not fully comprehend the information provided until they have spent time at their new location. Refer: AS4485 Security for healthcare facilities. 11.2 Security Provisions Personnel employed in remote area healthcare facilities are entitled to a safe and secure working environment. At these facilities, accommodation is usually joined or located in close proximity to the healthcare facility therefore the work place and living quarters are inseparable. Geographically remote healthcare facilities have unique characteristics that require special attention including factors relating to security and safety. Further information is contained in AS 4485 Security for healthcare facilities Part 2, Sections 5, 6 and 7. 11.3 Security Procedures Procedures should be put in place to cover the following: 1. Community involvement: Where possible, the community should be invited to be involved with decision making relating to security for healthcare workers.

2. Urgent assistance and duress alarms: Procedures should be formulated regarding action to be taken in response to requests for urgent assistance and include service agreements with Police, Emergency Services, or other available resources. 3. Evacuation plan (employee): Should the healthcare worker reasonably believe that they are under serious threat of injury, they have the right to leave the community with no fear of retribution at any time. 4. Safety and security regarding home visits and call-outs. 11.4 Accommodation Employee Housing Design Standards and Guidelines (http://qheps.health.qld.gov.au/policy/docs/gdl/qh-gdl-929.pdf) detail the minimum standards for Queensland Health supplied staff accommodation. Scales and standards are based on the Queensland Government Employee Housing Standards and have been established for Queensland Health with the aim of providing the acceptable level of amenity for existing and future departmental employee accommodation and housing. 11.5 Vehicles Vehicles supplied by Queensland Health should be for official use only. Where a vehicle is supplied, it should be appropriate to the terrain. Adequate training should be provided relevant to that particular vehicle and any additional equipment fitted to it. Training should also cover survival techniques in the event of breakdown along with contacts and reliable communications. 11.5.1 Vehicle breakdowns In the event of a car breakdown on the way to or from a home visit: If nearby, return to the healthcare facility, own home or clients home if is safe to do so, and contact the RACQ or other appropriate car service provider; Call for assistance from the nearest telephone and return to vehicle; and Remain in the car whilst awaiting assistance. If at night or in a secluded or otherwise unsafe area, keep windows closed and doors locked. 11.5.2 Vehicle garaging and storage A lock up garage for a vehicle and other minor equipment storage should be provided. Separate storage for personal items should also be provided. Vehicle key security is paramount. Keys must not be left in vehicle and must be stored in a safe location. 11.6 Communications Staff working in rural and remote areas needs to have ready access to suitable communications devices. The device/s (more than one device may be required) should provide complete and effective communications coverage. Radio, telephone (static, satellite, mobile), GPS duress beacons and tele-pagers should be considered. Equipment appropriate to the location should be provided to allow for requests for back up in emergencies and immediate response to emergency situations for the employee as well as for members of the community. A code/call sign should be devised for serious security breach situations. GPS Duress beacon may be considered due to their capacity to assist in locating a staff member who has had an accident, mechanical breakdown or experiencing some misfortune. Staff must be trained in the effective use of all communications equipment supplied by Queensland Health.

12. SECURITY FOR STAFF WORKING WITHIN THE COMMUNITY


As part of an integrated risk management process, Health Services will develop and implement procedures which ensure all reasonably foreseeable security risks associated with staff working in isolation or within the community are identified and assessed pursuant to AS Handbook 167: Security risk management and where possible, eliminated or effectively controlled. Wherever possible, the process should be undertaken in consultation with staff and key stakeholders such as line managers, human resources representatives, safety and protective security officers, risk management specialists, Unions, staff representatives and community groups. Procedures must as a minimum, be reviewed biennially (every two years). Further information is available at: Security Risk Management and Asset Protection Implementation Standard; and Queensland Health Policy 23859-09 Student Health Professionals Home Visiting Policy.

12.1 Risk Management in the Community Working within the community often includes services provided in a patients or clients home, at community health centres and public venues such as schools or community halls, in mobile units or elsewhere not within a health service facilitys land. Community health staff often work independently and away from the immediate support and assistance from co-workers and line management. There may be limited access to rapid response from emergency services such as Police. These factors require particular attention while conducting security risk assessments (SRA) and when developing protective security risk management strategies. It is important for staff to have access to current and relevant information regarding patients and also for the patient and carer to receive information about the visiting healthcare worker and what is expected. This information should include: the purpose of visit; and clear instructions regarding any safety and security requirements which must be met such as minimum acceptable behaviour standards, dogs tethered and other pets suitably controlled. Information gathered through consultation with staff, stakeholders and other resources for the completion of SRAs should include as a minimum: Details of previous healthcare visits and outcomes of the visit; Previous history of any violent behaviour or sexual harassment by the patient/occupant whether in the community setting or healthcare facility setting; Geographical location of the premises, for example: a) is it isolated; b) situated in dead end street; c) is the premises difficult to access due to the terrain; and d) what are the available exit or withdrawal accesses if necessary? Specific information about the premises, for example: a) is there safe access; b) are there front and rear stairs; c) is there external lighting; d) are there any perceivable hiding places; e) does the premises have a telephone connected; f) is the area a known high crime area; or

g) any other known dangers or concerns for workers. Physical attributes and skills level of healthcare worker undertaking the visit. Is the worker in possession of appropriate communications resources that work effectively at the premises to be visited; Capacity for response in an emergency situation; and Relevant information from point of referral, inpatient facilities, relevant patient/client records, other staff, local GPs and local Police.

Risk management strategies should include, as a minimum, the following: Staff training and awareness including: a) local / facility specific protective security procedures; b) working within the community; c) risk management strategies; and d) Aggressive Behaviour Management for Healthcare Workers training. Obtaining relevant and current patient/client information from the referring clinician/service and other Agencies if available; Undertaking a risk assessment and implementing appropriate risk control measures; Outlining local reporting procedures; Provide appropriate and timely support for staff in the event of an incident; Fostering sound networking relationships with local Police and other emergency service providers; and Considerations for client / gamily / carer / occupier dynamics. Where there is a risk of violence and risk control strategies have failed to eliminate the risk or resolve the issues, senior management should write to the patient indicating that visits will not be made to that address and that alternative arrangements will need to be made. 12.2 Risk Mitigation Strategies for Community Visits Health Services should consider the implementing precautions and strategies to reduce the potential for risk or minimise exposure to risk. The following should be considered: Implement a system for file flagging to alert staff of potential for aggressive behaviour by patient/occupant; If evidence of potential for violence exists, arrange for patients or clients to be seen at clinics where other staff have been alerted and are present. Where this is not practicable, arrange for another member of staff or Police to be present during the visit; Where staff arrives at a site and the person is intoxicated, suffering withdrawal or there are signs of agitation, disorientation or aggressiveness, Police are to be called or arrangements made for the person to be seen in an emergency department or Police station or alternative safe venue; Develop and implement a Fail Safe process whereby failure of visiting staff to meet strict communications protocols result in response activation for example, failure of staff member to contact base at 10 minute intervals during time of visit will result in Police response; Ensure possession of appropriate communication devices which will operate effectively on site and in transit. Devices can include two-way radio, mobile phone, satellite phone, vehicle security and tracking device; Provide staff with an appropriate resources such as a torch or remote duress alarms;

Contact the patient / client by phone prior to the appointment particularly for the first appointment to confirm and clarify the purpose of the visit. This may provide insights into the patients current physical and mental state and may establish if there may be other persons on site. Patients/carers should be given instructions to ensure that the house is illuminated (if in darkness) and easily identified with access gates unlocked and animals restrained; Only staff with an appropriate level of training should make community visits such as staff who have competently completed the Queensland Health Aggressive Behaviour Management for Healthcare Workers training, use and maintenance of communication devices and use and maintenance of security equipment; Cultivate good relations with local Police and other Agencies; Implement a process whereby visiting staff report on events either positive, negative or neutral which occurred during visitation. Details should be entered into a searchable database which can be used in a future risk management process; and Provide appropriate support for staff in the event of an incident.

12.3 General Security Precautions Healthcare workers working in community settings should: show identity Cards; assess the situation as they approach and not enter a location if they have doubts about their security; lock their vehicle while driving through areas identified as potentially dangerous; not remain in the parked car for a prolonged period either before or after making the visit; park in a well lit area as close to the patient's home as possible; park in a way to allow exit (ie do not allow vehicle to be blocked in by another vehicle). drive to the nearest Police, fire or petrol station or a pre-determined safe venue if they suspect they are being followed; conceal all bags, drugs and equipment when first entering the car so that nothing is visible while travelling, and staff are not seen to be hiding them as they park or prior to leaving the car for the visit; walk in the centre of footpaths away from buildings; cross the street and walk in the opposite direction or into an open business if there is suspicion of being followed by a car; observe windows and doorways for loiterers; avoid walking in deserted places, or taking short cuts through secluded alleys or vacant lots; remain aware of the environment and potential escape routes in case problems arise; not enter areas of unrest or where there appears to be trouble in the neighbourhood; not search for clients by unnecessarily knocking on doors; check lighting and stairwells when entering a building where no lift is available; look before entering a lift and not enter if unsure about safety; stay near to the door and control panel in lifts and be observant of other passengers; determine whether the client is at home prior to entering the premises if an unfamiliar person opens the door; make an excuse not to enter the premises if the person answering the door gives cause for concern, for example intoxication, patient not at the premises, or if a potentially dangerous relative is present; follow the occupant when entering the premises ;

immediately leave if firearms or other weapons are seen. The presence of weapons should be noted in the client's file and communicated to Police and healthcare facility management. Staff should not return to these premises until the matter is resolved; ensure any correspondence for a client is pushed firmly under the door or placed in their letterbox; and treat clients and visitors courteously at all times.

12.4 Prior To Community Visits Healthcare workers should prepare themselves prior to attending a community visit. Staff should as a minimum: know the name, address and telephone number of the client being visited and the expected time and duration of appointment; know the proposed route and map references; set agreed contact time/procedures with agreement that failure to meet the arrangements will initiate appropriate intervention strategies; have access to an appropriate and well maintained vehicle; be in possession of effective communications devices and other appropriate resources such as a working torch and duress alarm. 12.5 Field Communication Technology Staff working in the community should have access to suitable communication devices suited to their location. In some instances multiple types of communication may be needed. Devices should be selected to give complete communication coverage in the event of an emergency. Suitable devices can include: mobile telephones; satellite telephones; two-way radios; long-range GPS satellite duress alarms; duress beacons; and tracking devices that can provide the location of the person. When providing communication devices the following elements should be addressed in local procedures training should be provided to staff: How to communicate with designated support systems (ie. base, other healthcare workers, Police or other services); The limitations of the equipment; Testing, maintaining and operating communication systems; Effective and efficient methods of communicating problems; and Activating a duress alarm. 12.6 Car Breakdowns In the event of a car breakdown on the way to or from a home visit: if nearby, return to the healthcare facility, own home or clients home if it s safe to do so. Upon return, contact RACQ breakdown service or other appropriate emergency car servicing provider; telephone or radio for assistance using mobile telephone, two-way radio or other communication device from the nearest telephone and return to vehicle; and remain in the car whilst awaiting assistance. If at night or in a secluded or otherwise unsafe area, keep windows closed and doors locked.

12.7 At The Conclusion Of Community Visits Ensure base/contact is appraised of the conclusion of the visit and the safety or otherwise of staff and others; Ensure relevant information regarding the visit is updated (eg. dangerous dog not tethered; rear exit point blocked by bolt and padlock); Confirm arrangements for return or next visit; At first available opportunity update records and amend any local procedures relating to this or any other community visit; and Where critical event occurred provide appropriate staff / client support mechanism. 12.8 After Hours Visits In The Community Healthcare workers who are required to visit clients in the community outside normal business hours can be particularly vulnerable. Generally speaking no client should be registered with the after hours community service prior to being visited and assessed by staff during business hours. Where a clinical need for a visit after hours has been identified the relevant staff member, should be satisfied that the visit can be undertaken safely. Follow general security prevention outlined in 12.3. 12.9 Working in Isolated Clinics and Community Health Centres Isolated clinics and community health centres include a variety of locations. These can include school buildings with oral health services, early childhood centres situated in community premises or community health facilities in regional areas. Health services should consider the following risk management strategies: At a minimum, two staff members are rostered on simultaneously; In some circumstances it may be appropriate to also provide protective security officers; Clinic premises are secure, appropriately located and have an effective communication resources are installed; Emergency and evacuation procedures are developed and communicated to staff; All major emergency telephone numbers are prominently displayed and an effective contact network is established within the local community prior to a staff member working at the site. Some emergency contact numbers should be programmed into telephones; Doors are locked when clinics are not in session and doors are locked when staff are working alone during out of clinic hours; Door and window locks are in good working order and maintenance problems are responded to and resolved promptly; Blinds or other window furnishings are placed on windows and staff close blind/furnishing after hours to reduce the likelihood of break-ins; Established system for people seeking entry to identify themselves without the staff member having to open the door. Systems can include the installation of an intercom; Visibility of computers, office equipment, research equipment and other portable items is limited by placing such items away from windows and doors; Healthcare worker completes a movement sheet which establishes arrival and departure times, routes taken and any foreseeable difficulties with travel to and from the clinic and its buildings; Implement processes for staff members leaving isolated workplaces to advise another staff member of planned destination, purpose and anticipated return. This will include procedures for what to do in the event of an incident or the staff member does communicate by the scheduled time;

Display signage to potential offenders as a deterrent. For example, a large sign stating No drugs or money are stored on these premises. and These premises are protected by alarm.; and Duress responses are planned, tested regularly and activated when staff member activates alarm.

12.10 Occupational Violence Prevention Violence and aggression against Queensland Health staff is not acceptable and will not be tolerated. Detailed guidance is available in Occupational Violence Prevention and Management Implementation Standard and related documents (section 8) and http://qheps.health.qld.gov.au/safety/occup_violence/home.htm. Under no circumstances should any staff member working in the community knowingly place themselves or another person at risk. If a client, carer or member of a household or site being visited makes physical or verbal threats, staff members should retreat and seek further assistance. In these circumstances the behaviour of staff should be defensive rather than aggressive, controlling rather than punitive and with no more force than is reasonably required to control that risk. . Staff should not hesitate to request Police assistance by dialling triple zero (000) rather than ringing a local Police station. Explain to the triple zero (000) operator the urgency of the situation so that an appropriate Police response can be formulated. It is most important that all security incidents are reported as per local reporting protocols as soon as possible after an incident, and if relevant, documented on the patient/client's file. 12.11 Working in the Community Questionnaire Checklist An example checklist has been developed to assist healthcare workers plan community visits. Health services may wish to adapt this checklist to suit their own requirements. Refer page 7 Table 1: Working in the Community Questionnaire Checklist.

Table 1: Working in the Community Questionnaire Checklist


Question Has client history been obtained? Are there any issues which affect security? Has client been contacted and advised of the visit, its purpose and acceptable / unacceptable behaviours? Has client been contacted and advised that animals must be restrained / confined? Has movement sheet or similar approved visit record been completed and provided to base/facility? If off-site, telephone base/facility and give information. Have fail safe protocols been implemented such as pre arranged actions and responses in the event of an emergency or event? For example, contact base every hour, or set pre arranged arrival and departure times and failure to meet timeframes or make contact may result in Police response action being initiated. Do you have all relevant personal protective equipment such as communications (mobile phone, radio, and pager), working torch, duress alarm. Comment (List your comments) Examples provided Client has a history of aggression when women visit; plan all visits with male staff. Client contacted and advised of visit & purpose and was agreeable, showed signs of agitation during discussions Small dog will be locked up under house, normally barks but does not have a history of biting. Further information resulting from visit Date information updated

Movement sheet completed and base advised.

Exit and emergency strategies are still current . Contact base every hour.

Signed for mobile, duress alarm and pager tested all ok

Question Transportation: Is the vehicle in good, safe and serviceable condition? Is the vehicle fueled? Is there sufficient drinking water in the event of breakdown or emergency? Are you familiar with the directions? Street directory or suitable map in the vehicle? Location: Should you fail to arrival on time, have arrangements been made whereby the client contacts the healthcare facility at a pre arranged time? Is parking available in well lit and safe area? Are car doors locked? On arrival: Assess any threats to your personal safety. Avoid walking in deserted or unlit areas. Ensure that animals are restrained / confined. Contact base/facility to confirm location. Within clients home/community centre: Ensure correct positioning to allow access to escape route. Leave the premises if you feel threatened. Call for assistance if required.

Comment (List your comments) Examples provided If vehicle breaks down / emergency occurs, the occupants should remain with the vehicle. Press duress alarm, ring for assistance using available phone or other communication devices issued. Lock car doors.

Further information resulting from visit

Date information updated

Check in with base as pre arranged before leaving vehicle, check surroundings, and ensure you are in possession of personal safety equipment prior to opening and alighting vehicle.

Align from vehicle if safe and keep vehicle keys handy.

Continually assess risks, know where escape exits are, leave immediately if threatened, lock vehicle doors and leave the premises, contact support

Question When leaving premises: Avoid walking in deserted or unlit areas. Drive to the nearest Police, fire or petrol station or a pre-determined safe venue if you are concerned for you safety. Contact base/facility to advise location.

Comment (List your comments) Examples provided Contact persons as prearranged, Report any incident to your supervisor, and complete staff incident report, Make relevant notes suitable to assist with future visits and assessments

Further information resulting from visit

Date information updated

13. SECURITY IN CLINICAL AREAS


13.1 Operating Theatre Security Operating rooms present management with unique security requirements. At times of low activity staff attendance is reduced or non-existent. Valuable equipment and supplies (including drugs) for surgical procedures may not be locked away securely and may be susceptible to theft. Access by unauthorised staff will need to be rigidly controlled. Access control measures such as swipe access and supporting administrative controls should be implemented and regularly reviewed. These would include after hours access and supervision of contractors. A security risk assessment (SRA) in accordance with AS Handbook 167 Security risk management must be undertaken in consultation with appropriate operating theatre staff to determine exposure to risk. Appropriate risk control strategies must be developed and implemented. 13.2 Emergency Department Security Due to the nature of services provided by an Emergency Department (ED) it is reasonable to expect that the risk of aggressive incidents towards staff and others would be high. Measures need to be taken to reduce risk to staff and patients. An extensive SRA must be undertaken in consultation with staff from ED to determine potential security risks. Strategies will then be developed and implemented to eliminate or minimise exposure to risk. All entries into the department are to be effectively controlled. The SRA will determine the level of access control appropriate to identified risk. Electronic control of doors would be appropriate and would provide a means to audit access to sensitive areas. External areas should have effective lighting appropriate to needs of the healthcare facility. Appropriately positioned lighting tends to reduce unwanted activity, aid in surveillance of the area and assist in effective closed circuit television (CCTV) monitoring. 13.2.1 Design Security professionals should contribute to the planning, design or renovation of all healthcare facilities. This is particularly important for high risk areas such as EDs. The principles of Crime Prevention through Environmental Design (CPTED) should be considered when designing or assessing all areas of the healthcare facility including the ED. Proper design of a built environment plays a significant role in ensuring safety and security by reducing opportunity for crime and unwanted behaviour. The design of ED includes the waiting area, triage and nurses station, treatment rooms, corridors, utility rooms and so forth. Administration areas, interview and treatment rooms should be designed, constructed and fitted out in a manner which minimises potential for persons to attack staff or other unwanted purposes. The waiting room should be clearly visible from the triage area and should have beverage vending machines, telephones, and reading material available to clients. Noise control and diversionary strategies will assist in minimising potential for

unwanted behaviour. For example, aquariums, audio visual systems (with noise control) may assist in providing a calming environment. The nurses station within the department should have a clear and unobstructed view of the entire department. Consultation rooms should not have any fittings that may cause injury to patients or staff (eg. sharp cornered desks, protruding fittings). 13.2.2 Duress alarms As a consequence of a risk assessment, duress alarms may be deemed necessary in the ED. Placement of such devices should be carefully considered. A regular testing/auditing regime and training program needs to be established and documented. 13.2.3 Staff training Occupational violence prevention training should be made available to all ED staff and exercised with local security team if available. Training should include: Identifying potential aggression; Assessing aggression; Managing aggressive behaviour; Communication; Intervention; and Critical Incident Stress Management techniques. 13.2.4 Distressed relatives room A purpose built or otherwise designated distressed relatives room or quiet room should be available to relatives or other appropriate persons when the need arises. Such accommodation may be necessary to provide a quiet area to allow ED or security staff to calm anxious persons without disturbing others. It may also be utilised as an interview room for Police when required. 13.3 Adolescent Security For the purpose of this document adolescents are to be considered as adults. 13.4 Mental Health Facilities Security measures should be similar to that of the wards but may need to be enhanced. The protective security coordinator and mental health unit managers should conduct an extensive SRA to determine exposure to risk. Strategies to eliminate or minimise risk should be developed and implemented in consultation with key stakeholders. Staff should be made fully aware of the security, safety and emergency procedures. Security officers should not enter the patient treatment areas unless requested by authorised staff or in response to emergent situations. 13.5 Wards Issues relating to the security of the wards that need to be addressed include: a) b) c) d) Access control - during and outside visiting hours; Maintenance work by either staff or contractors; Duress alarms; and Fractious patients or visitors.

13.6 Newborn and Paediatric Security Not all healthcare facilities have a new-born or paediatric services but those that do are faced with special vulnerabilities. It is essential that an extensive SRA is conducted in

consultation with key stakeholders. Appropriate risk controls, which eliminate or minimise the identified risks, must be developed and implemented. The following information may assist in determining exposure to risk and in the development of appropriate strategies to control those risks. Some clients may be considered at risk due to social, environmental or family factors and may require special protective measures. These issues should be considered in consultation with the nursing/medical practitioners handling the case, Security and the parent(s). Any security program developed must be in consultation with maternity and paediatric Team Leaders or equivalents. Whilst the incidence of child abduction is relatively few, the consequences may be extremely severe. Studies of child abductions in the United States of America (new born to six months from 1983 to 1997) indicate: Nearly 100 infants were abducted from hospitals; 57% were taken from the mothers room; and Tragically, 5% were never recovered.

The study indicated that the persons who abducted the child from hospitals were nonfamily members and had the following characteristics: a) b) c) d) e) f) g) h) i) j) k) l) m) Female of child bearing age (12-50); Overweight; Compulsive; Married or living with significant other; Indicates she has lost a child or cannot conceive; Impersonates nurse or healthcare worker; Becomes familiar with healthcare worker or parent prior to abduction; Visits maternity section at multiple hospitals; Uses fire stairs as escape route; Plans abduction but not of specific infant relies on opportunity; Demonstrates ability to provide good care of child once abducted; Lives in community where child abducted; and No prior convictions.

Not every offender will meet these traits however, staff should remain alert and report any unusual occurrences or suspicious activity. (Source: National Centre for Missing and Exploited Children). 13.6.1 Security for Newborns The nature and extent of security measures that may be needed are determined through conducting a security risk assessment. However, heightened security measures should be considered as normal practice. Security measures that may be considered or adopted with consent of the parent(s) include: Take footprints of each newborn; Take a clear, high quality head and shoulder colour photograph of the newborn child; Maintain a full written description of the newborn which should be kept with the footprint and photograph and entered as part of the newborn's medical records; Ensure all hospital personnel wear conspicuous ID cards; Use a distinctive code or second ID card for those authorised to handle newborns;

Anyone transporting the newborn outside of the mother's/guardians room must wear the appropriate identification; Persons not wearing appropriate ID must be challenged; Ensure that the newborns are always supervised by either the mother or authorised healthcare personnel; Sight the identification of the person taking the newborn home from the hospital and match the child's band with that of the parent; Take newborn to mothers one at a time rather than in a group; Mark newborns T-shirts or gowns at the throat and newborn's blankets in all four corners with the hospital name and logo; Maintain strict adherence to procedures regarding the authenticity of visitors; and Ensure the mother's or newborn's name is not visible to visitors. 13.6.2 Physical Security The design of the ward or unit will influence the effectiveness of security. Consideration may be given to positioning nursing stations to allow an unobstructed view of the entry/exit to the ward. Where considered necessary and identified through SRA, facilities may utilise security technologies in maintaining newborn security and could include the use of: CCTV in strategic locations such as the nursery, stairwells, doorways, elevators and hallways to monitor incoming and outgoing activity; Alarms with time-delay locks on stairwells and exit doors (must meet fire safety legislative requirements); and Electronic surveillance detection system (passive patient tagging). 13.6.3 Awareness and Training As an essential element of the newborn and paediatric security program, each facility should provide security awareness and training to staff, the patient, patients family and relatives. This will include providing the families of parent(s)/guardian with a brochure/information explaining procedures in place to protect the safety of newborns, highlighting that the protection of newborns is the responsibility of the parent(s)/guardian and staff member. Healthcare facilities should encourage the parent(s)/guardians to actively participate in the newborn and infant security program. This is best achieved through preadmission orientation and awareness programs. Additional security strategies may include reminding parent(s)/guardian of the measures they should take to provide maximum protection. This can be achieved by staff, parents and/or guardians being: a) Watchful over the newborn and not leave their child unsupervised; b) Aware of the security protocol for the facility and maternity unit; c) Fully conversant with the any special identification worn by healthcare personnel to further identify those who have authority to handle their child; d) Advised not to surrender their child to anyone not displaying properly verified identification (parents and/or guardians); e) Familiar with the unit staff and in particular healthcare personnel assigned to them; f) Inquisitive about unfamiliar persons entering their room or inquiring about them, and notifying unit staff immediately they become concerned. This should be the case even if that person is wearing a uniform; and g) Aware of times for weighing and tests, who has authorised them and verifying their identification.

Parent(s) and/or guardians should be encouraged to start an information file of their child which should include a head and shoulders colour photograph, footprints and a complete written description including birthmarks, moles, scars and any other distinguishing feature. The file should be updated every three months in the first two years and at least annually thereafter. The facility should also provide ongoing in-service training for healthcare personnel. 13.6.4 Newborn and paediatric abduction The abduction of a child may occur for a number of reasons including family and custody disputes. Where warranted, a facility should develop and maintain an abduction procedure plan. All infant abduction protocols and incident response plans should be in writing and known to facility personnel. Healthcare staff must be alert to any unusual behaviour displayed by individuals, such as: Repeated visits just to see or hold the newborns; Questioning about the facilitys procedures and floor layout; and Taking uniforms or other means of identification.

Such behaviour should be reported immediately to the unit supervisor. This applies both to nurseries and to the paediatric setting. 13.6.5 Abduction procedure plan The Abduction Procedure Plan is to include, but is not restricted to the following procedures. Should abduction be reported, the appropriate staff must: a) Immediately notify Police and hospital management; b) Notify security team or occupational health and safety unit;; c) Secure the facility, posting an appropriate person at all exits and directing visitors to exit through one point. Pay particular attention to anyone carrying luggage, a gym bag etc; d) Search the entire interior and exterior of the facility starting with the unit. This should include a head count of all mothers and children; e) Obtain a clear description of the event from the mother, Healthcare personnel, and any visitors as to the child's possible location, and if any strangers were observed; f) Move the parent(s)/guardians to a quiet area and assign a staff member to be with them at all times to ensure their privacy and monitor their condition; g) Secure the scene in order to preserve any evidence that may be collected or required by Police; h) At shift change, all unit staff should be encouraged to remain until excused by Police; i) The nursing unit director should brief all unit staff; j) Notify surrounding Healthcare facilities about the incident and provide a full description of the infant and abductor (if possible); k) Management will brief the facilitys spokesperson to inform the media, requesting their assistance in accurately reporting the facts and obtaining the support of the public;

l) Instruct all employees that all inquiries, including media, are to be referred to the designated spokesperson; m) Prepare the switchboard for an influx of calls and identify to whom and where they are to be directed. Setting up a hot line for these calls may be appropriate; n) Have a prepared sighting form so that any information can be gathered; o) Re-assure anxious parents of other newborns; p) Ensure that all information on the abduction is cleared by the facility's spokesperson and Police before being released; q) All units including paediatric, emergency and outpatients should be provided with a full description of the infant and abductor; r) Be sensitive to the staff who may experience post incident stress as a result of the abduction. Organise Critical Incident Stress Debriefing (CISD) and or counselling; and s) Be aware of the possibility of diversionary tactics being used. 13.6.6 Media strategies The media play a key role in publicising search efforts in the event of a newborn abduction. The media should be used to publicise the abduction since the abductor may be compelled to show off the new infant. Also, it will be necessary for the abductor to acquire baby supplies. Abductors should not be portrayed as hardened criminals as such action may frighten the abductor into fleeing or harming the infant. The facility should develop a media plan, which should be activated if an infant goes missing. This, in part, is to brief the media on the incident and enlist their aid in publicising accurate descriptions of the child and abductor (if possible). The child's photograph should be included in the media release (if available). It may be prudent to involve the Police media liaison personnel at an early stage. 13.7 Paediatric Security The facility may encounter situations where children are at risk due to social or environmental factors. In some medical, legal or social circumstances the child may be separated and placed in special care units. Some admissions may be the subject of court orders and subject to access restrictions. These patients should be considered as persons with protective status. 13.8 Child Minding Services Where a facility provides day care services for the children of staff and others, security procedures should be established, including procedures for children at risk. Parents should be advised that they are required to inform the service provider of any changing circumstances that may impact on the safety and security of their children and in turn others. Where these services are provided within a facility a direct line of communications should be established with the security section of the facility. 13.9 Mortuary As a minimum security standard, all mortuaries should be secured, intruder resistant and have rigid access and security control measures in place as determined by a SRA.

14. PHARMACY AND PHARMACEUTICAL SECURITY


Security for pharmacies and pharmaceuticals is essential to total protective security. To prevent unauthorised entry to pharmacies and unauthorised access to pharmaceutical goods, security measures taken should meet or exceed all minimum security standards required and be commensurate with security risks identified during an effective security risk assessment (SRA). While the measures described in section are designed primarily for pharmacies in healthcare facilities, their application is equally relevant to any area where pharmaceuticals, and particularly drugs and other controlled substances, are held. This could be in drug cupboards, trolleys or medical kits. 14.1 Responsibility The person in charge of pharmacy services is responsible for the control of all pharmaceuticals and must ensure that Standing Operation Procedures (SOP) are developed and implemented for the secure handling of all pharmaceutical goods. The person in charge of pharmacy services should also liaise with the security manager/coordinator where appropriate. 14.2 Standard Operating Procedures (SOP) SOP should reflect statutory requirements, current standards of pharmacy practice and objectives of the service. They should be reviewed at least every two years and revised as necessary. Staff members are to be made aware of and comply with current SOP. Procedures relating to the purchase, control, storage, manufacturing, dispensing and distribution of pharmaceuticals should include: prescribing, dispensing, supply and storage of all pharmaceuticals in accordance with statutory regulations; stock control (ordering, delivery); handling of investigational drugs and drugs used in various clinical trials; control of sample drugs brought into the facility and medications used by patients; out of hours service; expired stock and waste control; handling cytotoxic drugs and other hazardous substances; physical security of all pharmacy areas; prevention of drug diversion; and clinical pharmacy services and drug administration.

14.3 Security Area Design, Pharmacy Pharmacies, as a minimum, must meet the physical security features of a Burglar Resistant Area (BRA) and a Controlled Area (CA). See Section 5. Security and the Physical Environment subsections 5.2.2 and 5.2.3. Secure storage areas within pharmacy must conform to statutory and other requirements. Keys to these areas must be managed as security keys and comply with minimum security standards. Consultation with the Principal Occupational Health and Safety, Security should occur prior to design and construction of pharmacies via SecureHealth@health.qld.gov.au 14.4 Pharmacy Computer Systems The security management of pharmacy computer systems is to be in accordance with Queensland Health Information Security Standards and AS/NZS 7799 Information Security Management.

14.5 Purchasing of Pharmaceuticals Facilities should develop a formulary, which lists the authorised range of pharmaceuticals that may be purchased. Alterations are to be authorised by the person in charge only as endorsed by the drugs and therapeutics committee (or similar body). The purchase of pharmaceuticals should be against authorised purchase orders only. 14.6 Receiving Stock All deliveries are to be receipted by an authorised person. Appropriate security measures must ensure that the stock is not subject to unauthorised access or misappropriation from time of receipt to its placement in either the pharmacy store or the pharmacy itself. Storage of pharmaceuticals should be in appropriately controlled conditions where only authorised persons have access. Where practicable, separate secure area should be used / designated for the receiving and unpacking of pharmaceuticals. The implementation of Closed Circuit Television CCTV should be considered. Schedule 8 substances can only be accessed by a pharmacist or other authorised staff member. All S8 and S4 drugs of accountability are to be stored in safes of certain specifications and attached to the floor / wall in accordance with the statutory requirements. Drugs dispensed for individual patients should be stored in a medication trolley or other suitable equipment which is kept locked at all times when unattended and stored in an area which is not for access by the public. 14.7 Internal Distribution of Pharmaceuticals The internal distribution of pharmaceuticals and drugs in particular requires routines and practices that minimise the potential for unauthorised interception and diversion. Control procedures are to be implemented which will provide a proper audit trail if interception or diversion occurs. Transportation methods such as Lampson Tubes and routines should be flexible to avoid predicability and the likelihood for unauthorised interception or diversion. 14.8 Drug Diversion Drug diversion is a risk to which most healthcare facilities may be exposed. Few healthcare facilities openly acknowledge the existence of substance abuse and drug diversion. It is a problem that can affect any person. The facility must be willing to recognise this as not only a security problem but as resident-care problem, and must institute solutions including staff assistance schemes. All healthcare facilities should have documented procedures dealing with substance abuse and drug diversion. Most cases of drug diversion of controlled substances involve self-abuse and all drug diversions constitute theft. Drug diversions can occur as theft from nurses stations, drug trolleys, operating rooms/suites, from pharmacy, on receipt to store, in store or during distribution. Other methods of diversion involve the substitution of tablets, capsules and injectables or the short dosing of clients. Incorrect charting or substance waste disposal may contribute to diversion. Fraudulent drug requisitions and prescription pad theft/misuse are common problems. These examples do not represent a complete list and the impress drug storage method simplifies the theft of small quantities of drugs on a regular basis. If suitable audit procedures are not observed regularly, the loss of prescription drugs can continue unnoticed.

15. SECURITY IN NON-CLINICAL AREAS


15.1 Research Facilities

Research laboratories may contain both attractive and hazardous material, for example intellectual property (research data); silver recovery; toxic and radioactive or biological agents. There may be significant risks involving these items and therefore the security risk assessment (SRA) must be extensive, thorough and be carried out in accordance with AS Handbook HB167 Security risk management. Security of such areas should be considered as a priority especially in relation to counter terrorism activities. 15.2 Engineering / Maintenance Department Engineering / Maintenance areas may contain valuable tools and equipment; hazardous materials; Building management systems and controls; confidential materials; plant and equipment. Implementation of effective security risk management processes is essential. This will include: The security of tools and equipment that could be stolen, damaged or used to gain access to other areas; The security of services and utilities such as electricity supply (Mains and emergency supply); gasses (medical and industrial); water (mains and recycled); fire mains; Communications (Landline; mobile telephone; data communication; radio communications); The security of plant rooms, switch rooms, lift motor rooms; ventilation; air conditioning and refrigeration; The security of documentation such as plans, tender and contract documentation and maintenance schedules; Attractive equipment being repaired or awaiting return; and Keying equipment and systems (if applicable). 15.3 Car Park Security

A risk assessment of staff and public car parks must be undertaken to identify security risks with controls implemented to reduce the possibility of assaults, deter car theft, vandalism and other offences. Staff should be made aware of the facilitys security and safety procedures. Personal safety awareness training may also be provided by competent security staff or local crime prevention experts such as Queensland Police Service. Where possible, afternoon and night shift workers should be provided with parking as close as practicable to their place of work. Consideration should be given to escorting staff to their vehicles, transport hubs or car parks during hours of darkness. To assist with identifying authorised and unauthorised vehicle access, the identification of staff and their vehicles should be considered. A database listing staff members details and vehicle details should be established including: name; designation; contact details; and vehicle description and registration number. The vehicle should have a clearly displayed form of identification tag/permit issued. The permit / tag should not include personal details which would identify the owner/driver of vehicle

Maintaining a current database assists where it is necessary to contact a staff member. For example, car lights left on, damage caused by another vehicles or where removal of the vehicle is required so that access may be gained to a specific location. Some facilities may have insufficient on site parking available, thereby requiring staff to park in the local area such as adjoining streets. Local councils should be contacted to discuss the organisations needs and possible options that may be available. 15.3.1 Environmental design The planning and design of a car park should take into account the principles of Crime Prevention through Environmental Design (CPTED) including: lighting as per AS1680.2.1 Interior lighting and AS1158.3.1-Part 3.1 Road Lighting Pedestrian Area Lighting.; natural, mechanical and technical surveillance; safe access pathways and clear sightlines; access control for both vehicular and pedestrian; territoriality, for example: indications that the car park is controlled, well maintained and restricted to certain users; and physical design and layout including the minimisation of entrapment areas. 15.3.1.1 Lighting Lighting in a car park, especially during the hours of darkness, is perhaps the most important element in perceived personal safety. Reference should be made to the Australian Standards with regards the type and levels of lighting required for interior and exterior areas. Other considerations may include the use of light coloured surfaces which aid in increasing levels of illumination; Tamper resistant lights; appropriate positioning of lights to reduce potential of persons hiding in shadows. 15.3.1.2 Natural, mechanical and technical surveillance Users of an area should have clear lines of sight so that sources of potential threat can be identified and avoided. Proper design of the environment will assist in maintaining a safe and secure environment. Vegetation will need to be maintained so that clear visibility is achieved. Consideration should be given to closed circuit television cameras (CCTV). Clear warning signage indicating the area may be under electronic surveillance will assist in maintaining security. Clear sightlines will allow the users of the area to be seen and more importantly, allow potential threats to be identified. Technical surveillance may also include other forms of detection such as Passive infrared detectors, movement detectors and sensors. 15.3.1.3 Safe access and pathways Safe access into and out of the car park and throughout the campus is paramount to the safety of the users. Pathways and roads should be well lit and provide optimum visibility for the users. Blind spots should be eliminated where possible. The positioning of convex mirrors may provide improved visibility at curved sections or corners. Consideration should be given to the installation of CCTV and emergency call points. 15.3.1.4 Access control Where possible, access to buildings, car parks, pathways and roads should be appropriately controlled. User specific car parks may require access control measures such as boom gates, car park attendants, fencing and other measures. Placement of Signage needs to be carefully considered and regulatory traffic signs must comply with the Manual of Uniform Traffic Control Devices (Qld).

15.3.1.5 Territoriality In general, where a car park appears well controlled (well lit, access controlled, security patrolled, well sign posted and so forth) there is a reduced likelihood of unwanted behaviour and activity. The area appears to belong to users. For example if an area has little access control, appears unkempt, the walls are covered in graffiti and lighting is poor the user feels unsafe but an offender feels less at risk. 15.3.1.6 Physical design and layout In designing a car park consideration should be given to many issues such as minimising entrapment areas which limit the users ability to avoid potential threats; safe access and egress; appropriate use of vegetation (low and sparse to avoid hiding spots; thorned shrubs to reduce access to certain areas; tall high branched trees to maximise shade but minimise hiding spots; well positioned cameras; appropriate lighting; encouragement of wanted users of an area which will add to natural surveillance. Consideration should be given to installing duress / help points around well lit areas at the car park and on access routes. 15.4 Patrols Frequent, high-profile patrols of car parks are to be carried out at unscheduled intervals. Patrolling officers should avoid set times or routes for patrols. 15.5 Escorts to Car Parks Procedures should be initiated for the provision of security escorts of staff to their vehicles, particularly during hours of darkness. Security officers should (where possible) provide a presence in the car parks at shift changeover times. 15.6 Fleet Vehicle Compound Keys to fleet vehicles are to be kept with the security or designated custodian whenever the vehicle is not in use. Staff requiring access to vehicles would need to sign out keys from security or the custodian according to local procedures. 15.7 Vehicle Break-Ins or Suspected Vehicle Break-Ins Where Security Officers become aware of suspicious activities within a car parking area, consideration should be given to the use of CCTV surveillance to view and record activity. This will also provide an indication of the level of threat that may exist when responding to the area. Police should be called if a person is caught in the act of breaking into a vehicle or committing a criminal offence. Where possible, the details of the offending person are to be taken and supplied to Police as soon as possible. It is prudent to be aware that there may be more offenders in hiding at or near the scene. 15.8 Parking Offences Parking contrary to regulatory notices and disobeying the lawful direction of an authorised person may constitute an offence. An authorised person may impose fines in accordance with local procedures.

16. SECURITY OF HELICOPTER OF LANDING SITES


Emergency services throughout Australia use helicopters for medical retrievals, search; rescue and in support of other emergency service personnel. The Helicopter Landing Site (HLS) Guidelines for Queensland Government provides comprehensive information relating to the operation of HLS at QH facilities. The purpose of this section of the Guidelines is to provide basic safety information for Queensland Health staff that do not have access to the Queensland Government Guidelines. A joint Policy guideline has been developed and published by Queensland Health and the Department of Emergency Services (SOP:12.7 Effective 8/11/2005) entitled Helicopter Medical Crew Training and Safety Policy Guideline. This document provides additional material. 16.1 Civil Aviation Regulations The governing body for civil aviation is Civil Aviation Safety Authority (CASA) and reference should be made to their web site: http://www.casa.gov.au/ 16.2 Helicopter Landing Sites (Hls) Ultimately, the security and safety of helicopter operations is the responsibility of the pilot regardless whether it is on land or airborne. From an operational perspective, HLS ground safety and security is often under the control of the Senior Security Officer or other Queensland Health employee. Further information should be obtained through CASA. The pilot and any HLS control officer must ensure the HLS: a) b) c) d) is clear of persons, other than those essential to safe helicopter operations; is clear of objects and animals; is large enough to accommodate the helicopter safely; and has a surface capable of withstanding static and dynamic loads imposed.

16.3 Communication Communication between the helicopter and the ground support is subject to local environmental conditions and arrangements. For example, communication from the helicopter can be through the following means: a) b) c) d) Direct contact with the helicopter via radio or mobile phone; Relay through air traffic control; Emergency Service communication; and Hand signals.

Please note: When communicating with the pilot, the pilot may not be able to acknowledge your communications immediately as the pilot may be busy controlling the aircraft. 16.4 Unauthorised Persons Only authorised staff and personnel are permitted to access the HLS, subject to the aforementioned guideline and procedures.

16.5 Main Danger Areas Main Rotor: The area covered by the sweep of the Main Rotor Blades is known as the Rotor Disc. Movement anywhere under the disc should not be undertaken unless authorised by the pilot. Tail Rotor: The Tail Rotor is very difficult to see due to its very high rotational speed. The tail rotor clearance is only head high above ground level hence movement rear of the cabin doors is forbidden. Other dangers also exist in this area along the tail boom with the Exhausts, HF Antenna and Elevators. 16.6 Approaching The Aircraft Approval must always be obtained before approaching the helicopter or aircraft. To seek approval to approach the helicopter, one must signal the pilot or crewman by extending one arm horizontally at chest height, making eye contact and displaying a thumb up sign. Only when this signal is received and acknowledged by the pilot or crewman should the helicopter be approached. Approaches, once cleared, must be made from within the pilot field of vision, ie with the nose of the aircraft being the 12 o'clock position, approach is from within an arc between 10 o'clock and 2 o'clock. 16.7 Departing The Aircraft Departure should only be with approval from a crewmember. Departure is from within an arc between 10 o'clock and 2 o'clock. 16.8 Carrying Objects No objects should be brought under the Rotor Disc without the pilots authority. Items must be carried horizontally to ensure maximum rotor clearance, never over the shoulder, or above head height. Long objects must be carried between two people. 16.9 Personal Safety Where possible, an inspection of the HLS must be conducted at regular intervals and prior to the approach of aircraft. All foreign objects and debris must be cleared from HLS. Staff (and others) working on or near the Helipad must always wear eye and hearing protection. If blinded by dust, they should cover eyes and crouch down with their back to the helicopter. All loose items (personal clothing, maps, ID's, charts, medical equipment, etc) should be removed / secured during helicopter / aircraft operations. Directions given by the pilot or crewman must always be followed. Smoking is not permitted. 16.10 Emergency Procedures and Contingencies Local Emergency Procedures & Contingencies should be developed and co-ordinated with local emergency services to address any possibility of an issue that involves the aircraft on approach, while on the ground and on departure.

17. PROTECTION OF INFORMATION


Health Services shall develop, implement and maintain procedures designed to protect any information and material in their possession from unauthorised disclosure which would be prejudicial or harmful to the best interests of the facility, its residents, patients, staff or the community. 17.1 Types of Information Official information and material includes that relating to the business operations, activities, drawings and/or plans of a facility as well as sensitive personal information relating to patients and staff. For security reasons, much of this information and material requires protection to minimise the chances of it being acquired by unauthorised people, organisations and Governments. Such information is known by the generic term classified material, and can be in any form. 17.1.1 Control of classified material The first priority of control of classified material is to prevent, deter and impede any attempt at unauthorised disclosure, theft, sabotage, wilful damage, alteration and disruption to vital operations. Proper control will also assist investigations into any realisation of these threats. 17.1.2 Classified document Control can be maintained by a registry system enabling protective security staff to know: what classified material it has; where it should be found; whether it is where it should be; and who is authorised to have access to it. 17.1.3 Reproduction limitation Classified material should only be reproduced in whole or in part if strictly necessary. 17.1.4 Photocopying Facilities should determine who can authorise and undertake photocopying of classified material and where it should be carried out. In most facilities, photocopying machines are readily available to staff and imposing strict physical access to all of them causes unacceptable administrative burdens, however facilities should consider applying restrictions in some areas, particularly those handling highly classified material. Restrictions could include: utilising registers for classified material photocopying; immobilising photocopiers outside normal hours by locating the machines in rooms which can be secured by approved locks; or programming machine specific security access for photocopy operations. 17.1.5 Removal from a facility The removal of classified material from the controlled security environment within a facility usually places that material at greater risk. Such removal must be authorised and strictly limited to situations where a definite need exists. 17.1.6 Destruction of classified material The careless disposal of classified material and in particular waste material, constitutes one of the most serious sources of unauthorised disclosure of information. In accordance with Queensland Healths Records Management Policy, Health Services shall develop registers and maintain systematic collection, custody and destruction of classified material. Facilities are to ensure that registers of disposal for classified materials and satisfactory

Pending destruction, classified material retains its classification, and is to be protected in accordance with the storage requirements set out in this Guideline. 17.1.6.1 Methods of destruction The destruction of classified material means that it is so mutilated that it is impossible to ascertain the content. The requirements may be met by various methods, the main ones being burning, pulping, pulverising and shredding. Small amounts of shredding should not be disposed of in isolation, and different colours should be well mixed. The product of shredding, pulverising, incineration, etc. should be examined regularly to ensure that destruction is complete. Further information regarding Information Security is available: on QHEPS http://qheps.health.qld.gov.au/infosecurityandrisk/home.htmI Australian Standards: a) HB 174: Information security management implementation guide for the health sector; and b) HB 231 Information security risk management guidelines.