Managing Risks to Facilities Providing Care or Custodianship of Persons (Schools, Child Care Centres, Aged Care Homes, etc)
No single security guide or protocol can apply comprehensively to all facilities designed to provide care or education to occupants, students or other attendees/visitors. As is the case for all institutions, centres of care or facilities of a similar type, a tailored approach that takes into account the needs and risks specific to the prevailing circumstances is optimal. Nevertheless, certain key considerations are always worthy of consideration by those managing premises that house people and/or provide care and custodianship of clients or visitors. Below, we outline the main areas of risk under headings that are easily comprehensible. A more detailed consultation can reveal additional or alternative areas of concern for discussion.
Staff
As any business manager knows, people can be your greatest asset but they can also be a catastrophic liability in the wrong circumstances. At the point of employment, employers have an opportunity to gather a range of information about employees and conduct background checks. Such information can help identify risks and aid in investigations if wrongdoing on the part of an employee becomes apparent. Detailed workplace policies regarding such issues as workplace surveillance are also sensible when employees deal with people in positions of vulnerability. During employment, risk minimisation strategies such as drug-testing, surveillance and ongoing training can be used to endeavour to ensure the workplace and those subject to care are safe. Employees should ideally be proactive in assisting to minimise risks in the workplace. The conclusion of employment can become complicated, especially if there is any suggestion of wrongdoing on the part of an employee. An employer should seek advice prior to the conclusion of employees’ employment to ensure any contingencies are considered.
Visitors and Those Subject to Care
Naturally, clear policies regarding the rights, responsibilities and treatment of those who visit or occupy the facility are a must. Managing the care of persons is a complex process. This complexity can be mitigated by delineating what access subject persons will have to the facility and what access staff will have to those persons. For example, some facilities insist on two or more staff members being present with any subject person or persons at all times. If it is necessary for one staff member to have access to a subject person, then ideally that would take place in a location in which monitored CCTV is operational, where appropriate. Access controls, CCTV systems, suitable building designs/modifications and clear policies and registers around these issues can help offer a layer of protection that would otherwise not exist.
Physical Facility Considerations
Besides typical hazards such as fire, flood, trespassing and the like, facilities that provide care need to concern themselves with risks to staff members, persons subject to care, visitors and/or other persons. Such risks can entail physical or emotional abuse, unlawful surveillance/monitoring, identity theft, digital compromise and more. The policies and processes mentioned above, such as access control policies and CCTV systems, can help limit the risk of abuse but will not necessarily prevent other issues from arising. TSCM or bug sweeps can identify covert recording or monitoring devices installed by any person in or on a building (or on a vehicle). Property registers can help identify theft. Some facilities are easier to secure than others, based on their layout and the nature of the site’s operations.
Digital Security
As described above, policies about who can be where and with whom seek to limit the physical ability of those with malicious intent to act improperly. Similarly, suitable workplace policies around the use of digital devices can limit the ability of any person at a facility to either use their own device for improper purposes or gain unauthorised access to the device of another person. Much depends on the requirements of the facility and the expectations regarding use however, limiting the use of personal devices, except in controlled environments at certain times, helps to limit the risk of impropriety. Employees would ideally use devices set up and provided by the employer during work so that anything improper can be documented and dealt with and any persons subject to care would comply with clearly-defined usage policies. Ideally, except in specified circumstances where supervision exists, employees and persons subject to care would not use or access each other’s devices (except work devices). These policies limit the risk of the use of spyware/malware, unauthorised access to accounts, identity theft, cyberbullying, etc. Quarantining digital fraternization during time on site at facilities to the extent possible (this naturally varies depending on the facility) is optimal.
Identity Security
If the digital security processes above are implemented, identity security is naturally strengthened but any facility needs to consider who has access to what type of personal information (of employees, persons subject to care, visitors, etc). Personal information needs to be stored so it is secure and only accessed in circumstances in which persons are held accountable for their use of such information.
Training
The training of staff in policies and practices, including those mentioned above, can help managers to some extent delegate the regulation of any behaviour considered to be a breach of a policy or improper in some other sense. If staff are clearly aware of what constitutes appropriate conduct and understand how to report anything they deem improper, this can assist in creating a culture of positive behaviour that ideally becomes the norm. Staff can also be trained to conduct basic inspections of physical spaces, digital devices, property and other records, where appropriate, so as to minimise the likelihood of the risks detailed above manifesting. A qualified security trainer, such as Lyonswood’s managing director Robert Fahim, can provide training tailored to the needs of a facility in which care or education is provided.
