Sie sind auf Seite 1von 7

Quesstion 1:

(A) Please identify three (3) security risks associated with each of the following areas in the
hospital (9 risks in total):

 General wards (list 3)


a. Abuse and battery towards medical staff
b. Pressure to cut costs
c. Theft of patient data
 Pharmacy (list 3)
a. Supplies and property theft
b. Inconsistent medicine inventory
c. Exposure/misuse to sensitive medicines/chemicals
 Reception, café, waiting areas (list 3)
a. Robbery
b. Food safety
c. Active assailant attack

(B) Select one (1) of the security risks identified in Part A and outline the potential consequences
to the hospital if this security risk were realised.

I would choose the Assault and battery towards medical staff are the most common types
of abuse-related injuries to occur within healthcare facilities. 80% of serious violent incidents
reported in healthcare settings were caused by interactions with patients and were usually caused
by patients hitting, kicking, beating, and/or shoving medical staff. There are many reasons that
contribute to this. For one, patients may be victims of an incident caused by a dispute, creating a
hostile or volatile environment inside the hospital. In other cases, patients may suffer from
instabilities due to addiction or mental health issues.
The potential consequences to the hospital if this security risk were realized are the detailed
as follows:
a. Financial losses to the healthcare institution because of lack of enough
professionals/manpower
b. Time away from the job because of medication to the injury and it depends on the severity
of the injury
c. Psychological counselling need for abuse-related victims and this may cause a lot of
money too
d. Trust in the service of the healthcare facility may also suffer because of these security-
risked incidents.
Question 2: To answer Question 2, you will need to use the handout.
(A) Among the 9 risks you identified in Question 1, which ones are acceptable / tolerable risks?
Why?

The acceptable risk would be the Assault and battery towards medical staff because
data shows that this is the most common and the most frequent type of risk in a healthcare facility.
This is an acceptable risk because of its probability to occur in a daily basis and its impact on both
healthcare personnel and facility. In practice, this cannot be reduced to zero due to factors such
as the nature of the patients and other secondary risks.

(B) Among the 9 risks you identified in Question 1, which ones are unacceptable risks? Why?

The unacceptable risk would be the Theft of Patient Data because the level of risks at
which, given costs and benefits associated with further risk reduction measures, action is deemed
to be warranted at a given point in time. The more that the patient’s data is exposed to others and
placed in unsecured places, the more that it is more likely to be robbed.

(C) For unacceptable risks you identified in Part B, what are the security risk management
options to reduce these risks without restricting the normal functions of the hospital?

In order to reduce the risk to Theft of Patient Data the following security risk
management options may be done:
a. Computerization of all patient’s data
b. Access of authorized people in the patient’s data and the healthcare database
system as well
c. Capacity-building for healthcare personnel who have direct access to patient’s
data on the proper handling of such confidential data
d. Installation of CCTV especially in the data storage area both physically and
virtually (including the physical database).

Question 3:

Select one (1) of the potential risks against the pharmacy you identified in Question 1. Outline five
(5) existing controls that are expected to be in place regarding the security of a pharmacy of a
hospital

I would choose the supply and property theft and below are the 5 existing controls that are
expected to be in place to secure the hospital’s pharmacy:

1. Proper inventory system of procured, current, and sold products per daily.
2. Implement a standard approach to handle incomplete orders or discrepancies.
3. Installation of CCTV camera in the pharmacy area to monitor especially the area where the
supplies are dispatched and where the cashier is located.
4. Create a written plan for ensuring the safety and security of drugs prescribed.
5. Installation of silent panic alarm.
6. Do not allow unescorted, non-essential personnel in the prescription filling area or pharmacy
department
7. Train staff for prevention and response to robbery
8. Advertise security to the public and employees.

Question 4: Develop an action plan to identify key tasks, activities and resources to achieve
appropriate security controls you identified in Question 3.

SECURITY ACTION PLAN


PRE-EVENT PLANNING  Appoint a security committee consisting of representatives
from facility management, risk management, safety, support
personnel (e.g., ushers, ticket sales personnel, etc.), and event
promoters.
 Assign a security coordinator with overall responsibility for
the plan.
 Complete a Hazard Vulnerability Assessment to identify
potential threats and establish contingency plans to address
them.
PERSONNEL  Always Require all personnel to wear distinctive picture
identification badges. Provide business visitors and service
personnel with temporary identification cards.
 Assign security personnel to patrol the facility during the
event - patrols serve as the eyes and ears for the staff in the
control center.
 Provide training on crowd dynamics, address social media,
reinforce protecting people’s rights, and reinforce objectives
to keep people safe.
POLICIES Pharmacy Guild of Australia’s policies and position statements:
 Alcohol and health risks
 Advertising and Use of Brand Names in Training for
pharmacy assistants
 After Hours Pharmacy Services
 Chemicals of Security Concern
 Medical Practitioners and other health professionals
dispensing
 Packaging of Medicines
 Pharmacy Data Security
 Safety and Security in Pharmacy
The complete lists, policies that are not listed, can be found here:
https://www.guild.org.au/about-us/policies-position-statements
LEGILATION The Privacy Act 1988 (Privacy Act) provides protection to individuals
against the mishandling of personal information and applies to
organisations which include individuals, partnerships, corporations
and unincorporated associations. It does not apply to individuals in a
non-business capacity.
Amendments were passed to the Privacy Act in November 2012 with
the new privacy regime taking effect from 12 March 2014. This new
regime, including the adoption of a single set of 13 Australian Privacy
Principles (APPs), apply to Government agencies and private sector
organisations (‘APP entities’) which include community pharmacies,
pharmacist consultants and other pharmacy businesses. The APPs
set out what can and cannot be done with an individual’s personal and
health information. Details of each APP are available from
www.oaic.gov.au

Other relevant legislations as follows:


 Code of conduct for pharmacists
 Guidelines for dispensing of medicines

DOCUMENTATION  All incidents must be properly reported with all the relevant
details
 Paper documents must be locked in file rooms or storage
device
 Document Management System should be established
 Inventory of supply should be revitalized, and all information
must be recorded in both hard and soft copies
 Pre and post event report must also be done to track the
continuity and sustainability of the plan
RISK ASSESSMENT  Identify risks associated with medicines handling, storage
and distribution across the organisation, and develop and
implement evidence-based strategies aimed at reducing
these risks.
 Implement systems and equipment that continuously
monitor and maintain the integrity of temperature-sensitive
medicines.
 Implement policies, procedures and guidelines for the
disposal of unused, unwanted or expired medicines.
 Incorporate factors that reduce opportunity for ‘look-alike,
sound-alike’ selection errors when considering:
a. Product labelling, packaging and storage
b. Listing of new medicines in the formulary
c. Situations of temporary replacement of a formulary
medicine (for example, when medicine shortages or
supply chain interruptions occur)
d. Contract specification and safe procurement (for
example, anaesthetic medicines)
e. Availability of medicines (review of ward stock or
imprest lists)
f. Design and layout (including workflow and safe access)
of the dispensary and ward stock rooms or cupboards,
their proximity (high- or low-traffic areas), and the
labelling requirements in these areas.
ROLES OF HOSPITAL STAFF  Training in securing pharmacy supplies and properties
 Pharmacist who are knowledge of prescription, dispense and
disposal of medicines
 Maintenance and update of documents and records
 Access controls for the pharmacy
 Screening of crowds
 Supply inventory management
REVIEW OF ACTION PLAN This action plan must be reviewed and evaluated bi-weekly to ensure
proper and effective implementation. Moreover, all hospital
personnel are always required to safeguard all hospital facilities.

Hint. Your answer should cover:

 policies for ensuring privacy and confidentiality of information


 relevant legislation
 documentation
 risk assessment
 roles of hospital staff
 specify how frequently you would review the currency of the action plan and security controls

Question 5: Use the risk you chose in Question 3 (against the pharmacy).
Despite your controls and action plan, some risks will realize. Assume the risk you chose in
Question 3 (one that is against the parmacy) realizes one day. Discuss what contingency
arrangements you would recommend, which ensure security is intact.

RISKS CONTIGENCY ARRANGEMENTS


Medicine handling  Proper training in handling of medicines
 Categorization of medicines based on
their susceptibility
Storage of medicines  Secured storage of medicines
 Access control to storage
Distribution of medicines across the healthcare  Proper inventory of medicines distributed
facilities
 Proper handling, distribution and transit
of medicines
Disposal of unused, unwanted or expired  Proper waste disposal procedures
medicines
 Proper waste disposal facility
Integrity of temperature-sensitive medicines  Secured storage facilities
 Proper inventory of medicines
Inconsistent inventory of supplies and properties  Proper documentation of all medicines
 Secured inventory of supplies (procured
versus sold versus what are left)
Question 6:
(A) Identify three (3) potential and a further (3) real risks that exist for your security team.
a. Theft of Facilities and Medicine
b. Unauthorised Entry
c. Insider Misuse

(B) What are your treatment options for the risks you listed in Part A? How will you document
them?

I can break risk treatment options down in a number of types:

a. Avoid: Risk avoidance is actually pretty self-explanatory. If a risk is deemed too high, then you
simply avoid the activity that creates the risk. For instance, in the hospitals, the risks that
usually happen in common areas where common people also visit. It must be avoided and
there is no other way they should not be because we should avoid the unsecured entry of
people that creates the risks mentioned in Part A.
b. Transfer: In many instances, you can transfer the risk you take to another party. For instance,
the healthcare facilities may outsource services to other companies, say, in their document
management system and other security personnel needs. Outsourcing of services to other
organizations or companies is very common especially that these jobs require very technical
skills and knowledge.
c. Reduce: Risk reduction is one of the most crucial steps for processes or activities that cannot
be avoided, and where risk cannot be transferred to another party. An example of this would
be training the hospital about the vital security measures that are part of their jobs.
d. Accept: For some processes and activities, there is no option but to accept the risk. Of course,
these instances should only involve low risk, or repercussions that are easily managed. Some
risks might be completely acceptable and require you to take no action at all. For instance, the
natural risks that the medicines contain due to their chemical composition and other high-
risk related to supplies and properties in a pharmacy.

Note these risk treatment options do not always reduce risk to nothing. In many cases, there
is residual risk that must also be considered. In other instances, secondary risk can also have an
effect on the healthcare facility. The creation of a Security Risk Management Plan is still the best
way to counter all the risks and to plan for the implementation of the said treatment options.

The best way to document these is by integrating them in the Security Risk Management
Action Plan of the hospital as it contains all the details of the security measures of the organisation.

( C ) Explain how will you test the applicability/feasibility of your treatment options?

The following are the important tips that can help ensure risk treatment plans are
implemented correctly and monitored accurately.
 Cascading the Security Risk Management plan to the whole organisation so everyone is
informed and their roles.
 Ensure the right structure is used to support the treatment plan. This may involve additional
task delegation.
 Make sure that adequate resources are available for those involved in risk mitigation.
 Communication should be a significant concern, not only within the treatment plan, but also
with key stakeholders.
 Accurate, timely risk analysis is the key to ensuring the right risk treatment plan can be
developed.
 Ensure the owner of the treatment plan is able to specify how implementation will be
monitored, including key indicators that note increasing or decreasing risk levels.
 Review treatment plan effectiveness and risk levels regularly through meetings. Include all
stakeholders in these meetings.

Das könnte Ihnen auch gefallen