https://sm.asisonline.org/Pages/Algunas-ideas-desde-Panamá.aspxGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Le Toca a Usted: Algunas Ideas Desde Panamá2015-03-23T04:00:00Z0

 

 

https://sm.asisonline.org/Pages/The-Lone-Terrorist.aspxGP0|#21788f65-8908-49e8-9957-45375db8bd4f;L0|#021788f65-8908-49e8-9957-45375db8bd4f|National Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465The Lone Terrorist

 

 

https://sm.asisonline.org/Pages/A-Giant-Leap-for-Arecont-Vision.aspxGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465A Giant Leap for Arecont Vision2015-02-12T05:00:00Z

 

 

https://sm.asisonline.org/Pages/Watchdog-Recommends-Changes-to-Secure-Flight-Program.aspxGP0|#21788f65-8908-49e8-9957-45375db8bd4f;L0|#021788f65-8908-49e8-9957-45375db8bd4f|National Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Watchdog Recommends Changes To Secure Flight Program2015-03-20T04:00:00Z

 

 

https://sm.asisonline.org/Pages/Le-Toca-a-Usted-A-New-Spanish-Language-Column.aspxGP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Le Toca a Usted: A New Spanish Language Column2015-03-23T04:00:00Z

 

 

https://sm.asisonline.org/Pages/Industry-News-March-2015.aspxGP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Industry News March 2015
https://sm.asisonline.org/Pages/Too-Much-Information.aspxGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Too Much Information2008-12-01T05:00:00Z
https://sm.asisonline.org/Pages/Preparing-for-the-Worst-2.aspxGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465VIDEO: Preparing for the worst 2015-01-21T05:00:00Z
https://sm.asisonline.org/Pages/Planning-for-Tumultuous-Times.aspxGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Planning for tumultuous Times2011-06-01T04:00:00Z
https://sm.asisonline.org/Pages/60-Years-60-Milestones.aspxGP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a434446560 Years: 60 Milestones2015-01-01T05:00:00Z

Security Management

 Morning Security Brief

View RSS feed

 SM Weekly

Retrieving Data

 SM Daily

Retrieving Data
Not a Member? Join Now

 

 

https://sm.asisonline.org/Pages/Industry-News-March-2015.aspxIndustry News March 2015GP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<span style="color:#222222;font-family:novecentosanswide-bold, sans-serif;font-size:1.1em;line-height:1.2em;text-transform:uppercase;">Castle Sentries</span><p>Windsor Castle in Berkshire, United Kingdom, is the largest inhabited castle in the world. It was originally built for William the Conqueror as part of a defensive ring around London, and a wooden palisade protected the wooden castle in the 11th century. Renovations and additions to the castle over the centuries have made it more comfortable and safer.</p><p>In the 21st century, bollards from Delta Scientific have been installed to defend the stone castle from vehicular attacks. The DSC800 decorative bollards can stop 15,000-pound vehicles traveling 30 miles per hour. If damaged, the outer sleeve of the bollard can be removed and a new one slipped over the base.​</p><h4>PARTNERSHIPS AND DEALS</h4><p><strong>Arecont Vision</strong> is providing video sur­veillance cameras for SpaceX to be de­ployed on the SpaceX Dragon spacecraft.</p><p><strong>Arteco</strong> has announced partnerships for distribution and support of its video event management software with Dodic in the Lazio region of Italy and SVT Solutions in western Canada.</p><p>Starwood Hotels & Resorts Worldwide, Inc., has introduced a keyless entry system using <strong>ASSA ABLOY</strong> Mobile Access for Hospitality to allow guests to use smartphones to access their rooms.</p><p><strong>Carousel Industries</strong> has joined the Palo Alto Networks NextWave Partner Program and will offer Palo Alto’s portfolio of enterprise solutions to its customers.</p><p><strong>Catbird </strong>announced that the immixGroup has selected its cloud security and compliance solution to enhance its offerings for government customers.</p><p><strong>Cautela Security UK Ltd</strong> was the main security provider and event spon­sor for “An Evening with Arnold Schwarzenegger” at the Centenary Pavilion in Leeds, United Kingdom.</p><p><strong>Eaton</strong> has been selected by Miller­Coors to provide an integrated emergency communications system for the company’s brewery in Fort Worth, Texas.</p><p><strong>Eyelock Inc. </strong>and Wistron NeWeb Corporation have entered into a licensing agreement to embed EyeLock’s iris authentication technology into a broad array of consumer and enterprise devices.</p><p><strong>Eyewitness Surveillance</strong> is providing security and surveillance solutions to Kelly Auto Group.</p><p><strong>Genetec </strong>has partnered with VenTek to integrate the VenTek Pay-by-License solution and Genetec’s license plate recognition system.</p><p><strong>HID Global</strong> has completed a successful pilot program with Dial-N-Document and Integrity Home Care to test HID’s real-time authentication of caregiver visits using smartphones.</p><p><strong>Hughes Network Systems, LLC,</strong> and the All-Hazards Consortium have created a strategic information-sharing partnership to aid in disaster preparedness.</p><p><strong>PSA Security Network</strong> has formed a vendor partnership with Alertus Technologies.</p><p><strong>Tristar </strong>has been named a nonexclusive distribution partner for SMARTRAC N.V. RFID tags and inlays in Latin America.</p><p>Bitnet Technologies has chosen <strong>Sphonic </strong>to provide global anti-money laundering transaction monitoring and know your customer verification.</p><p><strong>STANLEY Security</strong> has added Vanderbilt Industries, Low Voltage Contractors, Stone Security, and Xentry Systems Integration to its network of value-added resellers for EyeLock identity authentication products and solutions.​</p><h4>Government Contracts</h4><p><strong>Astrophysics</strong> has secured a contract to provide x-ray inspection systems for seaports to the U.S. Navy.</p><p>Chester County, Pennsylvania, is protecting its cell tower sites with <strong>ECKey</strong> access control technology. The Protection Bureau is overseeing the planning and installation.</p><p><strong>General Dynamics Land Systems-Can­ada</strong> was awarded a contract by the government of Canada to provide and integrate an enhanced surveillance suite on its LAV 6.0 vehicles.</p><p><strong>Implant Sciences Corporation </strong>will provide its QS-B220 Desktop Explosive Trace Detectors to the U.S. Transportation Security Administration.</p><p><strong>IndigoVision </strong>cameras are deployed at the Mars Mission control room of the Indian Space Research Organisation.</p><p><strong>The Mariner Group</strong> recently completed a CommandBridge installation for the Port of Stockton in California to improve situational awareness.</p><p>The Alpha Elite Body Armor System from <strong>Point Blank Enterprises </strong>is being used by more than 40 law enforcement agencies, including the Chicago Police Department, the Los Angeles County Sheriff’s Department, and the Boise Police Department.</p><p>More than 40 U.K. police forces have contracted to use the HOLMES criminal investigations and incident management system from <strong>Unisys Corporation’s U.K. </strong>subsidiary.</p><p>São Bernardo do Campo, Brazil, has deployed a security intelligence platform that includes <strong>Verint Systems Inc. </strong>video management software and cameras.​</p><h4>AWARDS AND CERTIFICATIONS</h4><p><strong>AlliedBarton Security Services</strong> was named a 2015 Military Friendly Spouse Employer by Victory Media, publisher of G.I. Jobs and Military Spouse.</p><p>Popular Science named the MINI Z Handheld Z Backscatter Screening System from <strong>American Science and Engineering, Inc.</strong>, among its Best of What’s New.</p><p><strong>CSi </strong>was awarded a Marketing Excellence award from Honeywell.</p><p><strong>DSM Dyneema</strong> has won the 2014 WorldSafe Safety Product Innovation award from the Safe America Foundation for its Force Multiplier Technology, which delivers ballistic performance with light weight and low profile for armor applications. Point Blank Enterprises was also recognized with a Safety Product Breakthrough award for its Alpha Elite system, which uses the Dyneema product.</p><p><strong>Fire-Lite Alarms</strong> by Honeywell has won a Campus Safety BEST Award for its Lite-Connect solution.</p><p><strong>Gamewell-FCI</strong> by Honeywell S3 Series addressable fire alarm control panels and accessories have received approval and certifications from Factory Mutual, California State Fire Marshal, New York City, and Chicago.</p><p>The QS-B220 desktop explosives and drugs trace detector from <strong>Implant Sciences Corporation</strong> has won the 2014 Government Security News Homeland Security Award for Best Explosives Detection Solution.</p><p><strong>Morpho (Safran)</strong> announced that its fingerprint matching technology placed first in the ongoing Minutiae Interoperability Exchange Test (MINEX), which is sponsored by the National Institute of Standards and Technology. Neurotechnology’s fingerprint matching algorithm achieved second place.</p><p><strong>Tacprogear </strong>announced that it has received certification from the National Institute of Justice for its Threat Level IIIA soft armor package.</p><p>Training magazine has named <strong>U.S. Security Associates</strong> one of its Training Top 125.</p><p><strong>Visualant, Inc., </strong>has received a patent from the U.S. Office of Patents and Trademarks on its ChromaID technology, which can be useful in marking goods invisibly to prevent counterfeiting. </p><h4>ANNOUNCEMENTS</h4><p><strong>ADI</strong> is opening branch locations in Jackson, Mississippi, and Mobile, Alabama.</p><p>A new app from the <strong>American Red Cross </strong>teaches children about emergency preparedness via a game. Monster Guard can be played on tablets and other mobile devices. </p><p><strong>Boon Edam Inc.</strong> is expanding its training programs for dealers, installers, and end users. It will offer free monthly webinar training, plus more sessions of factory training.</p><p>The <strong>Digital Risk Management Institute</strong> is a new nonprofit organization that will develop best practices for digital risk governance and management.</p><p><strong>D-Link</strong> is offering new resources and tools, including posters, bandwidth and storage calculators, and evaluation units for its IP surveillance customers.</p><p><strong>G4S Government Solutions, Inc.,</strong> has been sold to a private equity firm and has launched Centerra Group, LLC, a global government and critical infrastructure services company.</p><p><strong>Ganz </strong>has launched a newly redesigned website at ganzsecurity.com, with online product selector and simple search parameters.</p><p><strong>Geutebruck</strong> has launched a new website with clear navigation, adaptive display, and a fast search function at geutebrueck.com.</p><p><strong>Milestone Systems </strong>has announced that its Milestone Husky Series of network video recorders is now available in Latin America.</p><p><strong>Napco Security Technologies, Inc</strong>., was a sponsor of the Security100 K-12 Summit in Arizona.</p><p><strong>ONVIF</strong> hosted a virtual annual membership meeting last fall, where members were updated on the work of the group and selected committee representatives.</p><p><strong>SCATI</strong> has established a sales department in Turkey.</p><p><strong>The Security Identity & Biometrics Association</strong> and the<strong> Security Industry Association </strong>have formed the Airport Entry and Exit Working Group and released Identity and Biometric Entry and Exit Solutions Framework for Airports.</p><p><strong>Securitas North America </strong>and Kaplan University are partnering to offer a scholarship to honor veterans and current members of the military in the Securitas family.</p><p><strong>TRI-ED</strong> has opened new branches in St. Louis, Missouri, and Fort Lauderdale, Florida.</p><p><strong>Zenitel</strong> is uniting its VINGTOR and STENTOFON brands under the VINGTOR-STENTOFON brand.</p>
https://sm.asisonline.org/Pages/Fit-For-Duty.aspxFit For DutyGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​<span style="line-height:1.5em;">Security professionals are a company’s first line of defense in preventing and dealing with employee threats, violence, corporate sabotage, and other wrongdoing in the workplace. Amid the recent rise in workplace violence, security executives have led efforts to implement procedures aimed at countering cyberthreats, establishing a drug-free workplace culture, and eliminating hostility and harassment on the job.</span></p><p>These types of issues, however, can make both employees and supervisors hyper vigilant of their surroundings. This is especially true for security personnel, who make daily in-the-moment decisions that can affect the safety of those around them.</p><p>Thus it is imperative that security directors and other decision makers have confidence that their employees are psychologically fit to perform their jobs. When they are not, the outcomes can be catastrophic, resulting in significant harm to the company, or even serious injury or death in the workplace. In this context, psychological fitness for duty evaluations (FFDE) can be instrumental in promoting safety and ensuring that employees can competently perform their jobs. </p><p>The mechanics of an FFDE may vary, but some patterns are common. Often, but not always, psychologists and psychiatrists who conduct FFDEs are chosen by an independent company, usually referred to as a fitness for duty evaluation facilitator, which can coordinate the assessment process. This organization protects the employee, employer, and employee assistance program (EAP) in a number of ways, including ensuring that the doctors are well qualified and use appropriate and thorough assessment techniques.  </p><p>FFDEs often include a lengthy clinical interview.  Objective psychological testing is also an important part of the assessment process; doctors can review available medical records and even call the professionals who prepared those materials. In addition, they can contact workplace supervisors to learn about the employee’s at-work behavior, past and anticipated job stressors, and anticipated levels of support.  </p><p>The independent company, or facilitator, can help employers develop their referral questions for the doctors in a manner that will both help them make employment decisions and comply with applicable laws. This independent entity also provides other services, such as delivering the doctors’ reports to employers. The facilitator can act as an intermediary when doctors contact employers to discuss results with them and to ensure that all of their questions are answered. </p><p>Following are some real-world examples of typical scenarios employers face every day, based on composites drawn from common incidents. They illustrate that psychological issues can affect people of any age, race, or sex, and in any type of employment setting—including a security operation. Using these examples as context, the article offers best practice guidance on how to use and administer FFDEs and how to comply with applicable laws and current requirements.  </p><h4>Inappropriate Behavior </h4><p>The senior management team decided to downsize the company. Its vice presidents announced the layoffs, following the guidelines set out in the company’s employee assistance program. During the announcements, an employee appeared to be deeply distraught. Security personnel overheard him yell, “Wait ‘til I get back to my computer—maybe then this company will suffer and know how powerful I can be!” </p><p>The employee’s closest coworkers were obviously rattled by this incident. Nobody knew if this was a true threat or a harmless outburst because such behavior was out of character for this employee. Management, however, had noticed that this employee had been moody, angry, and distraught in prior days, and so they suspected the employee was experiencing some psychological problems. As a result, management requested a psychological FFDE. </p><p>Fortunately, the FFDE revealed that this long-term, previously stellar employee had a low potential for violence. It also revealed that he was experiencing some personal difficulties, but there were no signs of a major psychological problem. Management then worked with him and his fellow employees to encourage more appropriate workplace behavior and de-escalate the tensions he had caused.</p><p>As this example shows, organizations often struggle to determine whether or not an employee’s behavior poses an actual threat to the workplace. However, it’s the security professional’s responsibility to be vigilant regarding an employee’s warning signs and to understand when it is necessary to take action. Knowing when to consider an FFDE is vital to ensuring that the workplace remains a safe and productive environment for employees. </p><p>An FFDE is appropriate to consider when employee behavior includes threats of violence, inappropriate outbursts, suicide threats or attempts, serious employee errors, or sudden changes in mood or bizarre behavior. It’s also appropriate if management suspects the employee is suffering from a medical condition or if management has received reports from coworkers that an employee is being hostile or behaving in a way that is dramatically increasing tension at work. If management suspects that mental impairment is the cause for the employee’s difficulty, then a referral for an FFDE may be appropriate, regardless of whether there has been one incident or a pattern of behavior.</p><p> To make this judgment effectively, security directors in most cases should cooperate with HR, legal, and other managers to make the request for an FFDE. Not requesting such an evaluation may lead to legal implications and jeopardize workplace safety. Thus, as outlined below, it is imperative that security professionals know what an FFDE is, when to request one, and when applicable laws may prevent one from being requested.  ​</p><h4>When to Evaluate</h4><p>Jason has worked for a large international defense contractor for 18 years. He has held several positions during that time, including a three-year period during which he was a supervisor. A year ago, Jason was demoted because of his verbal aggressiveness with customers and an explosive temper with new employees. For example, after one disagreement he threatened to burn down a coworker’s house. </p><p>After a complaint from a female colleague, Jason was required to attend a communications skills workshop and counseling with the company’s EAP. After one counseling session, he said, “No one is going to tell me what to do, and I will keep my rifle in my truck when I come to work—every day!” Further, he threatened to use his gun at work if he were provoked.</p><p>An FFDE revealed that Jason had recently started collecting weapons, wearing camouflage, and fantasizing about killing a coworker. There were no outward signs of mental illness. However, due to his threat, his violent fantasies, and other inappropriate workplace behavior, Jason was fired to protect workplace safety.</p><p>State and federal laws, as well as collective bargaining agreements and civil service policies, often give employers the authority to require FFDEs. According to the EEOC’s Enforcement Guidance: Disability-Related Inquiries and Medical Examinations of Employees, inquiries or medical examinations are permitted if they address reasonable concerns about whether an individual is fit to perform the essential functions of his or her position.</p><p>Thus, an employer can generally require an FFDE if it is job-related and consistent with business necessity. This standard will be met if the employer reasonably believes, based on objective evidence, that the employee’s ability to perform essential job functions will be impaired by a medical condition, or if the employer suspects the employee poses a direct threat to his or her own safety or others. According to the EEOC, this standard may be met when an employer knows about a particular employee’s medical condition, an employer has been given reliable information by a credible third party that an employee has a medical condition, or an employer has observed symptoms indicating a suspected medical condition, has observed performance problems or safety issues, and can reasonably attribute the problems to the medical condition. </p><p>Still, employers who want to administer comprehensive FFDEs must be aware of the many relevant laws. Nervous employers sometimes ask for FFDEs when employees show behavior that, although worrisome, does not impact performance or jeopardize safety. For example, an employee might report paranoid thoughts to a close confidante, but still perform his or her job duties and show no signs of anger. The Americans with Disabilities Act (ADA) generally prevents FFDEs in such circumstances, under the rationale that the employee’s thoughts neither affect his or her ability to perform critical job tasks nor reveal indications of potential violence. In sum, if the employee has not endangered his or her own job performance or workplace safety, the employer may not request an FFDE, even though the employer might suspect mental illness.  </p><p>On the other hand, in safety-sensitive fields, such as aviation, law enforcement, healthcare, and transportation, the threshold for requiring an FFDE is lower. Preemptive FFDEs, requested before work performance has declined or safety issues have become apparent, may be appropriate. Because an employee’s behavior in these fields may threaten workplace safety or endanger the lives of others, it is critical for employers to monitor warning signs in these employees. These warning signs, if negligently ignored, can leave companies liable for their employees’ behavior. Juries commonly award multimillion-dollar judgments against employers for failing to take appropriate action regarding impaired or dangerous employees.</p><p>In addition, certain state and federal laws, such as the U.S. Occupational Safety and Health Act of 1996, require employers to proactively maintain workplace safety. And in some instances, courts have found that in highly stressful and dangerous jobs, employers might have the obligation to require an FFDE even before the employee’s job performance declines.  ​</p><h4>Best Practices</h4><p><em>Jim had been with ABC Trucking Company for 15 years. He had been a trustworthy and reliable driver for most of that time. His dispatcher noticed that recently he seemed confused and was often late completing deliveries. Security personnel suspected that drug use might be a factor. When confronted with these issues, Jim claimed to have no idea about his problems. After a psychological FFDE, it was clear that he had early signs of dementia. The company then arranged for his transfer to a different position, and eventually for his early retirement.</em></p><p><em>In another case, Judith, an older employee, was having work performance issues. It was her job to monitor the feeds from security cameras, and she recently failed to identify a break-in. She also had become irritable, snapping at customers and coworkers. Thinking she might be depressed or have some other medical issue that was impairing her cognitive ability, the employer referred her for an FFDE. The psychiatrist who performed Judith’s FFDE noticed that she relaxed considerably, and seemed less distracted, when she moved from the noisy waiting area to the privacy of his back office. Upon questioning, he learned that Judith’s new hearing aid picked up sounds from distant corners of the large work area around her desk. When this happened, she felt anxious and distracted. His suggestion to move her to a quieter work area resulted in a tremendous improvement in mood and concentration. </em></p><p>To ensure that workplace safety remains protected, security executives should have well-thought-out practices for both arranging the FFDE and proceeding once the completed report is received. To achieve this, companies should follow an eight-step program–purpose, policies, protocol, paperwork, procedures, partnership, personalization, and a plan.  </p><p><strong>Purpose. </strong>The first step is to know the purpose of the FFDE. As required by the ADA, such examinations must focus on the employee’s ability “to perform essential job functions or to work without posing a direct threat.” Therefore, security executives must be clear in their purpose of determining an employee’s ability to safely carry out tasks critical to his or her performance. Thus, the FFDE must be designed to answer very specific questions. </p><p><strong>Policies. </strong>The company should develop well-defined FFDE policies. These should be informed by state and federal law and be applicable to collective bargaining agreements. Employer security policies should identify scenarios when an FFDE might be appropriate and when FFDEs should be mandatory. They should also specify the manner in which the employee is notified about the FFDE—typically, both orally and in writing. The policy should clearly establish the consequences for employees who refuse to participate. </p><p><strong>Protocol.</strong> The next step is to establish a collaborative team protocol to ensure that only the appropriate parties see an employee’s sensitive information. This may include security, HR, legal, and EAP professionals. It is critical to identify each player’s role and determine who works with the employee and who works with management. Keeping these areas separate can help the company maintain employee confidentiality and preserve working relationships. </p><p>For example, if EAP professionals work directly with the evaluating psychologist or psychiatrist, they might become aware of an employee’s personal information. To the extent that this is not relevant to job performance, they should protect that sensitive information from other team members. Similarly, the employer’s lawyers might work only with the employer, rather than with the employee. </p><p><strong>Paperwork.</strong> Companies must determine the paperwork needed to document the objective evidence required to justify the FFDE. This can include the employer’s direct observations, credible third-party reports, or other reliable evidence. </p><p>An employer should be able to create a detailed statement of the problems that led the company to the conclusion that the employee is unable to safely perform the essential functions, and why a medical condition may be contributing to these problems. The amount of evidence necessary to support an FFDE depends on the functions of the job; safety-sensitive jobs often require less evidence. </p><p><strong>Procedures.</strong> As part of the program, companies must also establish referral procedures to send employees to the appropriate mental health specialist. To do this, the nature of forensic FFDEs must be understood. In clinical treatment exams, doctors typically develop a therapeutic alliance with their own patients. In contrast, a forensic FFDE doctor does not establish a standard doctor/patient relationship. FFDE doctors, such as psychologists and psychiatrists, do not treat the employee, but instead impartially gather objective evidence. They then give the employer the information they need to make the best employment decision. They do not have a primary obligation to the employee, and therefore they can more impartially protect the workplace. Hence, it is usually a poor practice to enlist the services of a doctor who establishes a treatment alliance with employees and does not understand the importance of neutrality. </p><p>Objective psychological testing can be an important part of the data collection that goes into a forensic FFDE. Such testing can improve doctors’ accuracy and help the evaluation withstand the scrutiny of litigation. </p><p>The FFDE can make use of the many assessment tools that have become commonplace during hiring, career promotion, and leadership development programs. Courts often place significant weight on objective psychological test results, so obtaining an FFDE from a doctor who incorporates objective testing can be a good practice for ensuring the most accurate and objective information and guarding against legal challenges.</p><p><strong>Partnership. </strong>Companies should consider establishing a partnership with a third-party facilitator. This independent entity can select a doctor and help encourage a thorough assessment, with psychological testing, that is consistent with state and federal laws. A third-party facilitator may serve as an intermediary between the doctor and the employer, which can reduce concerns about the employer having undue influence on the doctor. The facilitator can also oversee the assessment process. </p><p><strong>Personalized.</strong> Personalized referral questions should be written to address the specific circumstances of each individual referral. These should be written to help the employer get the information needed to make the best employment decisions, while not overstepping the limitations on FFDEs imposed by law. For example, the employer may not write overly broad questions requesting information about the employee’s complete medical or psychiatric history. The referral questions should be limited in scope and clearly tied to employment.  </p><p><strong>Plan.</strong> The final step is to have a clear plan for the results. The results of an FFDE might reveal that an employee is fit for duty, needs treatment or accommodations, could be helped by managerial changes or a work adjustment, or is unfit and presents a clear safety risk or is unable to perform job tasks. Given this range of possible scenarios, the employer must have a clear plan of how to take action based on the report. </p><p>This is a good time to rely on the internal team. Knowing about security, the law, EAP, accommodations, and disability management, they can coordinate their efforts to achieve the most beneficial outcome.  </p><p>Fitness for duty evaluations, when focused on employee work behavior and consistent with the law, can greatly help employers maintain safe workplaces. But achieving this end can require the collaboration of professionals with different areas of expertise. Fortunately, this goal is within reach of most employers who take the time to learn about the potential benefits, and how to avoid the risks, of FFDEs. </p><p><em><strong>Dr. David Fisher</strong> is a psychologist and has been president of PsyBar LLC since 1995. Fisher oversees independent psychological and psychiatric evaluations performed across the country through a network of 1,800 psychologists and psychiatrists. He publishes and lectures on psychiatric and psychological assessment, and has developed national assessment protocols.</em></p><p><em>​<br></em></p>
https://sm.asisonline.org/Pages/An-Insider’s-Perspective.aspxAn Insider’s PerspectiveGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​<span style="line-height:1.5em;">With years of experience offering executive protection services in South America, Benjamin Hockman provides risk consulting and operational risk management support to clients throughout both the Andean and Central American regions. He sat down with Security Management to provide an exclusive insider’s look at the essential best practices necessary to run a successful executive protection operation.</span></p><p>Among the issues critical to any executive protection detail are advance work, vehicle selection, staffing, and whether the team should carry firearms.</p><p><strong> Knowledge. </strong>Part of any effective executive protection operation is knowing what’s going on in the area you’re working in. “If you don’t know the environment you’re working in, or going to be working in, you can’t effectively and safely deliver an operation like this,” Hockman says. “It’s absolutely essential to have an understanding of what’s going on where you are from a security perspective, to understand the economy, to understand the politics.”</p><p>With the Internet, learning about a country and its economy, politics, major crime centers, and other general security information is easier than ever. Hockman uses a variety of news sites, and the company he’s currently with has in-house data sources that he can use to keep up-to-date with the latest information. </p><p><strong>Reconnaissance.</strong> “Advance reconnaissance is probably the most important part of any executive protection detail, whether it’s armed or unarmed,” Hockman says. “If the planning’s done well, you should be able to reduce or completely remove a large amount of the risk that could affect an operation.” </p><p>Typically, reconnaissance is conducted about a month in advance of a trip and consists of “really detailed route analysis,” with distances between fuel stops, police stations, hospitals, and communication dead zones carefully measured. </p><p>Executive protection professionals also identify a number of alternative routes as well, “partly so that we can vary the routine—which is obviously important for security—but also so, if we get to a point and we’ve got a problem…we’ve got a load of other options that we can quickly move to,” Hockman explains. This will also aid in contingency planning for ambushes and medical emergencies. Such planning is done during reconnaissance work to ensure that the client can get out of a dangerous situation as quickly as possible.</p><p>Photos are taken throughout the reconnaissance work to share with the rest of the team. “If there was a big team on an operation, it might be that only one or two of them would go out and do the advance reconnaissance work, so they’ve obviously got to paint a clear picture for the rest of the team when they get back, and we do that using diagrams, schematics, photos, and things like that,” Hockman adds.</p><p>Furthermore, part of reconnaissance might involve reaching out to the local community directly to open communication with local law enforcement and others. “Depending on the job, the advance work may involve liaising with the local community to ensure that they’re ready for our arrival,” Hockman says. “We might also make contact with the local authorities and ask them if there’s anything they need to know, is there anyone they’d like us to communicate with?” </p><p>However, this is done on a case-by-case basis; the team may not want to tip off individuals that a client is coming to the area. “In environments where we’ve got such a tenuous relationship between the state and the criminals—like Colombia and Mexico and so many other parts of the world—there you would obviously want to limit your reliance on anyone that you didn’t know,” Hockman explains.</p><p>After all of this information is gathered, the reconnaissance team goes out a day or two before an operation to check the routes again to ensure that nothing has changed between the original reconnaissance mission and the client’s arrival. </p><p><strong>Vehicles. </strong>Based on the reconnaissance findings, the executive protection detail decides what kinds of vehicles the team will use to complete three different jobs: immediate advance reconnaissance, transporting clients, and emergency response. Immediate advance reconnaissance vehicles travel five to 10 minutes ahead of the main convoy, radioing back if there are any problems ahead—“anything from a security problem to something doesn’t seem right to there’s a blockage in the road,” Hockman explains.</p><p>Emergency response can be one vehicle or several depending on the operation, and their job will “usually be to race to the scene of an incident and actually provide a physical deterrent or physical blockade if that’s required,” he adds. Or, a single vehicle can be used to transport all of the executives away from the scene. It can be any type of vehicle, but is usually dictated by the terrain and should be large enough to accommodate all of the executives at one time, Hockman says.</p><p><strong>The team.</strong> Using information garnered during reconnaissance, Hockman would also use the seven Ps—people, places, personality, prejudice, personal history, political views, and private lifestyle—to assess the level of risk a client has. This methodology allows the team to learn almost everything about a client and make a judgment about how large the team should be. For instance, in Hockman’s Colombia example, the team consisted of him, the driver, and an emergency response vehicle—making it a relatively small operation. </p><p><strong>Attire. </strong>Once the team has been created, one major decision it has to make is whether to dress like a security team or a group of business professionals. In Hockman’s story, they chose to wear business attire and use vehicles with the company livery because “we didn’t want to look like a security team,” he explains. “If we’re automatically assumed to be a security team, there’s potentially an assumption there that we’re carrying guns, and that’s never a good thing.”</p><p>“In some environments, you might argue that by showing that the client and the team are affiliated with a big company, you’re actually increasing their value,” he explains. “You’re showing criminals that this is part of a multinational company, and you’re alluding to the fact that there’s some money behind that.”</p><p>In some cases, this could increase the likelihood of kidnapping, but showing company connections can also be a turn-off for some criminals because a company's response can drain resources, cause bad PR, or get the authorities involved. </p><p><strong>Firearms. </strong>Another major decision the team has to make is whether to be armed when working with a client, and a large factor in that decision is where the operation is taking place. “The environment where you see these heavily armed guys in Iraq and Afghanistan and the Middle East is very different to the one that I work in in South America where, arguably, you’d say the risk’s equally as real. And it’s no safer to be at the hands of a Colombian drug cartel or a Mexican cartel than it is to be facing down ISIS or al Qaeda in Iraq,” Hockman says. “The difference is that, in these environments, you can’t just drive around or walk around armed because you’ll get shot by the police potentially.”</p><p>Also, in South America the criminals are often better armed than the police or the federal government. “If these groups are that well armed and that well prepared…what are our two guys with a couple of pistols and a car going to do, apart from make the situation worse?” Hockman asks. He adds that, instead, his team does its best to avoid risk in the first place and focuses on evacuation—not confrontation.</p><p>“We want to be looking at how we get out of that situation, and not stand and exchange gunfire with these people, because our two guns and our 12 bullets aren’t going to do anything,” he adds.</p><p><strong>SOPs. </strong>Once the reconnaissance work is completed and the team assembled, the information is put into standard operating procedures (SOPs) that detail everything from the client, the locations, the routes for travel, and contents of vehicles involved. </p><p>“It’s basically like an idiot’s guide to the operation,” Hockman jokes. The day before the operation, the team then runs through the whole SOP, which might take three or four hours depending on the operation. “You’re talking through absolutely everything, from emergency procedures…all the way through to phone numbers, communication procedures, everything.”</p><p>All of these steps come together in an effort to reduce risk as much as possible for the operation, but nothing can eliminate risk entirely. “Obviously, there’s always an element of uncertainty and things you can’t control, but if the planning’s done well, you should be able to reduce or completely remove a large amount of the risk that could affect an operation like this.”  </p>
https://sm.asisonline.org/Pages/The-Prediction-Possibilities.aspxPrediction PossibilitiesGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​<span style="line-height:1.5em;">Fading in from black, Police Chief John Anderton enters the scene, breaking through a skylight to subdue a man in his home. “Mr. Marks, by mandate of the District of Columbia Pre-Crime Division, I’m placing you under arrest for the future murder of Sarah Marks and Donald Dubin that was to take place today, April 22, at 0800 hours and four minutes,” says Anderton, who then arrests Marks for a crime he hasn’t yet committed.</span></p><p>Since it premiered in 2002, Tom Cruise’s depiction of a Wash­ington, D.C., police officer in Minority Report who arrests individuals prior to committing murder has been thrown around as either a doomsday or utopian example of the predictive policing that could come our way. However, unlike Hollywood’s version, predictive policing already exists in law enforcement across the country and is used to help police officers designate areas to patrol in hopes of preventing crime before it occurs—not to make preemptive arrests for homicide.</p><p>Predictive policing, or “the application of analytical techniques, particularly quantitative techniques, to identify promising targets for police intervention and prevent or solve crime,” has allowed police to make better use of limited resources and is a smarter, more effective way to police, according to Predictive Policing: The Role of Crime Forecasting in Law Enforcement Operations, a 2013 report by the Rand Corporation.</p><p>There are four main types of predictive policing methods: methods for predicting crimes, used to forecast places and times with an increased risk of crime; methods for predicting offenders, used to identify individuals at risk of offending in the future; methods for predicting perpetrators’ identities, used to create profiles that match likely offenders with specific past crimes; and methods for predicting victims of crime, used to identify groups or individuals who are likely to become victims of crime.</p><p>To the average person, crime might seem random, but that perception is inaccurate, says Dr. Jeff Brantingham, professor of anthropology at the University of California, Los Angeles. For example, crime can seem like a random act of violence when a person who has parked their car in their driveway for years without a problem finds that car vandalized one morning.</p><p>“The truth is, there’s actually a lot of patterning and structure to crime,” Brantingham explains. “Even though it seems like a random event from the point of view of that one victim, there’s a lot of regularity to it. That car window being smashed in did not occur just out of the blue.” </p><p>Understanding the pattern of crime and the factors that come together to create that pattern are predictive policing methods, which use years of data on crimes, incidents, and offenders to produce predictions about what will happen in the pattern next. Each predictive policing technique is unique and, once created, can give police operations a chance to intervene before a crime occurs and “ideally, these interventions will reduce criminal activity, or lead police to solve crimes,” according to the Rand report.</p><p>Also, these predictive policing methods aren’t just for departments the size of those in Los Angeles, Memphis, or Washington, D.C., but can be used by a department of any size with success. “Small agencies with relatively few crimes and reasonably understandable crime patterns may need only relatively simple capabilities, such as those provided by basic spreadsheet or statistical programs,” the report explains. “Larger agencies with higher data demands may need more sophisticated systems that are interoperable with existing systems and those in other jurisdictions.”</p><p>Private security can also tap into these resources as fusion centers across the nation look into using predictive policing methods and sharing that information with private-sector partners.</p><h4>Los Angeles Police Department<br></h4><p>One of the first predictive policing tools to be used by a large metropolitan police department is PredPol, developed by cofounders Brantingham and George Mohler, an assistant professor at Santa Clara University, through research with the Los Angeles Police Department (LAPD). </p><p>“We’re just a group of geeky scientists working with the police just trying to understand where crime patterns come from, what they do, and as part of that research project, we came up with some very interesting mathematical models,” Brantingham tells Security Management. </p><p>The cofounders decided to test one of those models in the field to see if it could predict crime in an experiment in the foothills of San Gabriel Valley, outside of Los Angeles. The experiment was successful in proving that the algorithm could predict two-and-a-half times more crime than existing practices when it came to burglaries, car thefts, and burglary thefts from vehicles. After initiating police responses to the prediction, the LAPD saw area crime drop by approximately 12 percent.</p><p>The algorithm works by looking at the features that are crime generators, such as high schools and shopping malls, which either house people prone to committing crime or are environments that are likely to experience crime. Along with the crime at each generator, there are aftershocks created by that generator, or crimes that occur after an initial event has happened, often termed repeat victimization.</p><p>Brantingham gives the example of having your house broken into on Wednesday, which increases the chances of another break-in on Thursday. “That’s because the offender realizes, ‘Wow, it was really easy to break into your house the first time,’” he says. “They can get in there again and take away the stuff they didn’t get yesterday, or two days ago, and they can be just as successful a couple of days after the first time they were in there.” This also places houses in the same neighborhood at risk because criminals realize that they could just as easily break into another home on the street and get away without being apprehended.</p><p>Using these crime generators, the concept of repeat victimization, and incident report data, “you can study [crime] using the mathematics that people use to study earthquakes” to learn what crime has occurred up to today and what it’s likely to be tomorrow, which is exactly what PredPol does, Brantingham explains. </p><p>PredPol then breaks those predictions down and produces a map of the 20 500-foot by 500-foot territories, depicted as boxes, in Los Angeles where crime is most likely to occur. There are approximately 5,220 boxes total in the 50-square miles of Los Angeles, says LAPD Captain Sean Malinowski. This allows officers to easily patrol areas that are at a higher risk of crime and increase the odds of preventing a crime or apprehending the culprit once a crime has been committed.</p><p>Also helping to keep officers in the loop about predictions is PredPol’s ability to update in near real time as new incident report data is entered into the system and processed by the algorithm. Currently, the LAPD has the system set to make predictions over a 12-hour period to coordinate with officer shift changes, so prediction maps can be produced for each officer on the day and night watches.</p><p>Malinowski encourages officers to patrol the boxes highlighted in the map when they aren’t responding to calls so they can be in the right place at the right time to “deny the criminal the opportunity to commit the crime in the first place.” </p><p>PredPol can also be used by specialized units, including the narcotics team, with success, Malinowski says. “I just had my narcotics unit tell me that they were armed with the [PredPol] maps…they were in a predictive policing box…they observed a suspect engage in a hand-to-hand transaction,” he recounts. “They picked up surveillance of that individual, followed her, and actually ended up arresting her in another predictive policing box that was close to the original predictive box they were in.”</p><p>The LAPD used PredPol throughout 2013 and saw a 14 percent drop in violent crime through October. The foothills, where the department originally tested PredPol, have seen a 24 percent decrease in crime since it was put into place in 2011. On average, incidents have fallen from about 94 crimes per week to a new low of 70 crimes per week in the foothills and “in an area this size with that many people, that is pretty significant,” Malinowski says.</p><p>Brantingham notes that it’s not the prediction that’s preventing crime. “The prediction is information that is of value to the police officer and it’s the police officers who are out there engaging with the problem who actually are preventing the crime…the predictions are just helping them leverage their abilities in places where they get a big bang for it—so it’s a bigger bang,” he says.​</p><h4>Memphis Police Department</h4><p>Another successful predictive policing system is Memphis’s Blue Criminal Reduction Utilizing Statistical History (CRUSH), which was introduced in 2005 through the combined efforts of Memphis Police Department’s (MPD) Director of Police Services Larry Godwin and former criminology professor at the University of Memphis, Richard Janikowski.</p><p>Prior to his work on Blue CRUSH, Janikowski worked on a project with the U.S. Justice Department to help decrease rape in Memphis. “Memphis was number one or number two for 20 years in the nation, and in the year [we did the study] we actually had hit an all-time high of 974 reported rapes,” he explains. </p><p>Because of this, Janikowski and his colleagues set out to prove that law enforcement could prevent rape by identifying patterns, like those that exist for other types of crime. “One of the things we found in that data analysis was there were real concentrations at certain locations of predator-type forcible rapes,” he says. </p><p>Instead of relying on just the numbers, Janikowski visited the concentrated areas and discovered that they were high poverty areas in general and likely to have convenience stores, specifically. “What was happening was since we were in high poverty areas, you had women who...could not afford phones at home,” and instead would go to the convenience store to use a public phone located on the outside of the building. “They were on the side of a building, generally where there were no windows and no lighting, so in the evening and at night these women became perfect targets for predators.” </p><p>To help prevent rape, Janikowski and his colleagues made the simple suggestion of moving public phones inside buildings so women weren’t as vulnerable when making phone calls at night. </p><p>Using that same logical approach of combining community information with crime information, Janikowski helped develop Blue CRUSH. It takes information from police incident and arrest reports, variables that can predict crime, a computer program from IBM’s Statistical Program for the Social Sciences, and a mapping program through mapping companies ESRI and ArcGIS to create predictions about crime in specific areas of Memphis at certain days and times.</p><p>Instead of focusing on all crime, MPD decided to concentrate on aggravated assault, robbery, and grand theft auto, because these were crimes that uniformed patrol officers could respond to most effectively. “Uniformed patrol can have an impact on aggravated assaults, particularly fights and stuff like that be­tween folks on the street, because you can measure that,” Janikowski explains.</p><p>To make Blue CRUSH even more accurate, Janikowski also included additional variables that could be predictions of crime. “One of the things we noticed was there’s always a spike in crime in March, particularly in burglary,” he explains. “When we ran some variables, one of the things we realized is that’s when the city schools went on spring break. So MPD was able to take the school officers, because the schools weren’t in session, make them into an extra task force, and target locations the data was showing tended to peak.” In response, those peaks disappeared.</p><p>Drawing from the lessons learned in the study on rape that Janikowski was part of, the MPD has also been feeding data on socioeconomic demographics and neighborhoods into Blue CRUSH. “You can link the crime data to all kinds of community data and use that effectively for the development of problem-oriented and community-oriented policing initiatives,” Janikowski explains. “MPD has launched an entire community outreach program using task forces, and the research shows that if you leave officers in high crime chronic areas, those officers can work with the community to leverage resources.”</p><p>In addition to using the predictive policing system, MPD has also begun holding Blue CRUSH Track meetings with every precinct commander present. At the meeting, commanders present their hotspots of problems based on the data provided by Blue CRUSH and what their plan of action is to handle the problem. During the next week they are expected to provide a follow-up on whether the plan was effective. “So this is both a data analysis model and it’s also an accountability model,” Janikowski explains.</p><p>Also aiding in the accuracy of the system are advances in technology as the MPD moves towards electronic incident and arrest reports. Now officers can enter new information into the system while out on patrol, without having to wait to get back to the station to file a report. </p><p>“For data analysis purposes, it means the data is hitting the data system within minutes, so now trends are analyzed and sent on a daily basis to precinct commanders and on a weekly basis for the Track meetings. And that data tracks literally what has happened since 2006, which we use as the baseline year…as the initiative was launched citywide,” Janikowski says.</p><p>Between 2006 and 2010, violent crime in Memphis decreased 28 percent and property crimes decreased 26 percent, according to Sergeant Alyssa Macon-Moore, MPD public information officer. Following the success of the program, MPD used its data to redistrict precincts and ward boundaries inside each precinct in January of 2012.</p><p>“The Memphis Police Department answers nearly 1 million calls for service each year,” Macon-Moore explains. “This redistricting exercise allowed us to more effectively compare the effectiveness of precincts against each other. Redistricting also allowed us to more effectively deploy resources and budget for overtime.”</p><p>Additionally, Blue CRUSH data has been used to deploy officers through the Community Outreach Program to establish rapport with the community and take back areas that had been “infested with gangs,” Macon-Moore adds. The data has also been used to identify areas for the Shelby County unit, a Tennessee program that allows police to arrest gang members for associating with one another within a designated area.</p><p>By the end of 2014—eight years after initiating Blue CRUSH—Memphis had seen a 30 percent decrease in serious crime and a 26 percent decrease in violent crimes compared to 2006, according to Macon-Moore. ​</p><h4>WRTAC</h4><p>In November 2013, the Washington Regional Threat and Analysis Center (WRTAC) was the first fusion center in the nation to begin installation of a tailored software program that enables predictive policing for the 30 different agencies that use the primary fusion center in Washington, D.C. </p><p>Dfuze Predict software by Intelligent Software Solutions (ISS) is customized specifically for the WRTAC to enable predictive policing and allow the fusion center to be proactive about crime. It works in conjunction with ISS’s Dfuze 360 software, which takes information from a variety of sources and combines it into visualizations that analysts can then use to quickly assess the information. Data is then passed on to decision makers, such as the Metropolitan Police Department, which can intervene if necessary.</p><p>These capabilities will help streamline the work that the eight analysts at the WRTAC do and assist local and federal agencies that use the fusion center, says Jorhena Thomas, WRTAC operations manager. </p><p>“It’s really vital because, in this line of work, being able to provide information in a timely manner and as accurate as possible is the crux of what we do,” Thomas explains. “It is extremely vital for analysts to have access to systems and technology solutions that facilitate that process.” </p><p>This is because analysts at the WRTAC work in four basic teams: law enforcement facilitation, health and emergency services, counterterrorism, and critical infrastructure protection. “Those teams work together to provide information analysis to different customer sets within D.C.,” Thomas says. “They do a lot of information sharing and collaboration on products that would inform decision makers in the D.C. government on various topics in regards to public safety.”</p><p>Additionally, because the WRTAC is in the nation’s capital, it also provides information to numerous federal agencies. </p><p>Dfuze Predict works by allowing analysts to create pattern models that are user defined within different information sources and then automating the process so the software accesses those same information sources, attempting to find patterns in real time. When the software finds a pattern that matches the user-defined model, it alerts the user to take action, says ISS Vice President of Federal Systems Rob Rogers.</p><p>“Dfuze Predict is the complex event processing component,” he explains. “It’s a piece of software that resides and kind of lays on top of Dfuze360, and it is the pattern recognition and alerting engine part of it. It is what is going to enable predictive policing.”</p><p>One example of the way the software can work is to help the police department determine where to station officers when conditions are right for increased criminal activity, Rogers says. For instance, after entering information into the system, Dfuze Predict could assess that environmental conditions—temperature and precipitation—were indicators that there could be an increase in crime, along with a major sporting event at a local venue, bringing lots of outsiders into the city. </p><p>All of these factors together would cause the system to alert analysts, saying there’s an increased risk of crime in this area on this day. “It doesn’t necessarily answer specific questions [for analysts], but it does give them a lot of evidence that a certain type of crime could be increasing in that area during that time and also lays out all the reasons why,” he explains. </p><p>The WRTAC is still working out data sharing agreements with its partners. However, Robyn Johnson—a spokeswo­man for D.C.’s Homeland Security and Emergency Management Agency—says they hope to have those agreements in place and the software operational by July.</p><p>Despite the differences in approach to the predictive policing systems in Los Angeles, Memphis, and Washington, D.C., one thing remains the same: predictive methods allow police officers to make informed decisions about their policing efforts. Unlike those in the Mi­nority Report version of predictive policing, real-world officers are using predictive policing to increase their presence and act as a deterrent—preventing crime before it happens.</p>
https://sm.asisonline.org/Pages/Threats-to-Health.aspxThreats to HealthGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​<span style="line-height:1.5em;">Joseph Sweeney served as a New York Police Department officer for 21 years and ran his own security company—witnessing the full range of crimes and sticky situations that the Big Apple has to offer—but he never guessed what challenges were in store when he became the director of hospital police at Bellevue Hospital Center in 2010. “You can’t shut the doors and walk away. You have to deal with whatever happens. It’s a 24-7 business, and you can’t turn anybody away,” Sweeney says. “It’s like being in charge of a small city.”</span></p><p>Today, healthcare security directors like Sweeney are in charge of small cities with growing crime rates. According to a 2014 crime survey conducted by the International Association of Healthcare Security and Safety (IAHSS), the rate of violent crime in American healthcare facilities rose by 25 percent from 2012 to 2013, and the rate of disorderly conduct jumped by 40 percent. </p><p>Jim Stankevich, a past president of IAHSS, tells Security Management that the survey results reflect the need for comprehensive physical security in hospitals, especially visitor management systems—a tool that he admits isn’t always conducive to the open environments of traditional hospitals.</p><p>“Every hospital technically should know every person that enters a facility, why they’re there, and where they’re going, whether it be a contractor, vendor, patient, or visitor,” Stankevich says. “The problem is many hospitals are over 50 years old, and they probably have up to 50 entrances on the ground level, which makes it kind of impossible for them during normal business hours to really control that access.”</p><p>Sweeney points out that the hospital industry—even the security aspect—is a customer service business. “There’s an emphasis on the patient experience, and we’re a part of that,” he says. The balance between creating an open, customer-oriented environment and keeping those customers safe is a challenge, Sweeney notes.</p><p>The increase in active shooter scenarios, crime numbers, and the routine threats hospitals face on a day-to-day basis all combine to make physical security at healthcare facili­ties more important than ever. Whether it’s at a metropolitan hospital, a network of nonprofit healthcare facilities, or a research-based medical center, security directors have to employ a combination of training and technology to keep their small cities secure. ​</p><h4>Medicine in Manhattan </h4><p>Bellevue Hospital Center was founded in 1736 and is the oldest continuously operating hospital in the United States. In 2013, it housed 828 beds, and more than 115,000 people visited its emergency room. More than 80 percent of Bellevue’s patients are from New York’s medically underserved population.</p><p>Sweeney, who oversees the peace officers stationed throughout Bellevue, says the hospital’s open atmosphere presents a number of challenges when it comes to securing the facility. Many buildings in New York require identification and screening upon entering, but Bellevue’s open environment during daytime hours allows people to come and go freely, he explains.</p><p>“In a sense, we’re the softest target left, especially in Manhattan,” according to Sweeney. “You go to any other building in Manhattan and it’s difficult to get into, but the hospital is the one place that’s open. That’s the philosophy here, and I don’t disagree with that. But it does make it more challenging for security.”</p><p>Hundreds of patients, visitors, doctors, and staff move in and out of Bellevue every day, and Sweeney says one of the most difficult parts of keeping everyone safe is managing the wide variety of people who come and go. </p><p>“These are folks who are outpatients or they’re presenting themselves to the hospital for some type of service, but they have some sort of psychiatric issue, and it’s very challenging to deal with, but we can’t turn them away.” Sweeney notes. “I’d say the biggest challenge for anybody in the healthcare industry is dealing with somebody who’s emotionally disturbed or even just upset—people are sick and dying, their loved one is sick or in pain or dying, and it’s a very challenging environment.”</p><p>Indeed, the IAHSS report found that 93 percent of assaults in healthcare facilities were directed at employees by patients or visitors. This is why Belle­vue’s security officers are thoroughly trained to de-escalate almost any situation, Sweeney explains.</p><p>“We’re a part of the patient experience, and we’re a part of making sure that these people get the care that they need,” he says. “At the same time, we’ve got to keep the place safe.”</p><p>When Sweeney first came to Bellevue, no identification was required to access any area of the hospital. Over the past five years, he’s helped implement restricted access areas within the hospital with the help of access control technology while still committing to providing a positive experience for visitors, he explains.</p><p>“We couldn’t survive without the technology,” he says. “It’s really allowed us to focus our people where they need to be, and that’s important to have a good balance because this is a people business.”</p><p>For example, areas in the hospital with psychiatric patients are equipped with silent panic buttons that alert security officers of an incident. “When you’re dealing with a psychiatric patient, you don’t want to escalate the situation,” Sweeney notes. “You don’t want to call and say, ‘Hey, police, this guy is getting aggressive, come and help me.’ Just saying that makes the person more aggressive.”</p><p>Access control technology also helps keep vulnerable patients safe. Patients in Bellevue’s brain injury unit who are unable to make informed decisions for themselves are fitted with electronic tags, and security officers are notified if a patient attempts to leave his or her designated area. The hospital also uses the tags on infants in the maternity ward to track where they go and automatically lock the nursery doors should someone attempt to leave with a baby. </p><p>When it comes to preparing for out-of-the-ordinary incidents, Sweeney says he puts more emphasis on training security officers to think outside of the box rather than to follow specific protocols for a certain emergency, whether it’s a natural disaster, active shooter, or bioterrorism incident. </p><p>“We have that ‘what if’ mentality, so that if something happens we’re not totally taken by surprise,” he explains. “Those real-life drills of what we’ve done in those circumstances have trained us for the next one.”</p><p>And Bellevue has certainly seen its fair share of real-life drills. Sweeney recalls closing and evacuating the hospital during Hurricane Sandy in 2012, working around power outages and staffing shortages caused by blizzards, and more recently, housing a patient infected with the Ebola virus. </p><p>“A lot of the different things we had to deal with during Sandy, we had already had little pieces happen before, whether it was a telecommunications failure, or a power failure, or elevators knocked out,” he explains. “We’re trained to take each experience, whether it’s a real experience or a drill, and put it in our toolbox and make it adaptable so that when something similar comes along we know how to handle it.”</p><p>And although staff and security were given additional training on how to deal with potential Ebola patients, Sweeney says a lot of the same protocols—creating clean zones and hot zones and suiting up in personal protective gear—were brought over from previous bioterrorism training.​</p><h4>Pittsburgh’s Provider</h4><p>Jeff Francis jokingly calls the University of Pittsburgh Medical Center (UPMC) “one of the biggest companies that people have never heard of.” UPMC is a nonprofit network of 21 full-service hospitals and hundreds of ancillary facilities throughout western Pennsylvania. The hospitals treat more than 690,000 emergency patients annually and have more than 5,100 beds. </p><p>Francis, the security director of UPMC’s facilities, was a police officer in the Pittsburgh region before he joined UPMC a decade ago. Like Sweeney, he says he was surprised by the wide variety of threats that needed to be managed.</p><p>“Hospitals are the confluence of pretty much every risk factor that can exist as far as the propensity of violence is concerned,” Francis says. “In a hospital, you have a lot of controlled substances, you have a lot of behavioral health issues, and a hospital by its nature is a very high-stress environment in terms of patients, their families, and even the staff.”</p><p>UPMC’s security team is made up of more than 500 security professionals, including 130 armed police officers—the organization’s campuses have their own police departments. Francis is in charge of developing and maintaining the infrastructure needed to keep staff, patients, and visitors safe. </p><p>Security is assessed on a facility- by-facility basis, and Francis says he relies on access control and analytics systems to keep each location secure. Some facilities, like UPMC’s children’s hospital and behavioral health facilities, are 100 percent access controlled and have multiple layers of screening, he explains. </p><p>“Every visitor is screened by metal detectors, as well as assuring that you are registered there ahead of time so you have a reason to be there, so we confirm that there is a patient for you to see and a patient is expecting you,” Francis says. “In those cases, everybody gets a badge, you have to check in, check out, and you’re monitored pretty closely.”</p><p>On top of those precautions, the chil­dren’s hospital screens each visitor against a sexual offender registry upon entry. </p><p>Francis notes that finding a balance between protecting vulnerable patients and allowing visitation can be tricky. “We can’t lock these things down like a prison,” he says. “If someone is coming to visit a sick relative in a hospital, they don’t want to be treated the same way as if they’re going to visit a prisoner. So we have to maintain this balance between this open therapeutic environment [and managing] all these risk factors that make hospitals dangerous.”</p><p>Facilities with fewer at-risk patients are more open, Francis says. During business hours, people can walk in freely, and during off hours visitors must sign in and out. </p><p>With such a wide variety of healthcare facilities to secure, Francis relies on data-driven decision making. UPMC hospitals use D3 Security incident management software that tracks not only security and police activity, but also specific statistics, such as the number of people who enter through metal detectors, the percentage of those people who carry in banned items, and what those items are. This type of data allows Francis and his team to address trends in individual hospitals or throughout the UPMC system. </p><p>“Training topics are determined by the types of issues that we’re seeing in tracking,” Francis explains. “We’ll see spikes in certain incident types through our informational analysis, and we know we need to address that through training or other remediation processes.”</p><p>UPMC also uses risk assessment tools on individuals suspected of being a danger, Francis says. “If we have a reason to suspect that this person is prone to a violent act, technology is at the forefront for our risk assessment of that person,” he explains. “Have they been violent in the past? Do they have a criminal record? How many incidents do we have across the system that might involve that patient?”​</p><h4>Research and Recovery</h4><p>St. Jude Children’s Research Hospital in Memphis, Tennessee, is more than just a healthcare facility. The 27 buildings on its 62-acre campus house cutting-edge medical research teams and equipment, a convention center, 67,000 young patients annually, and extended-stay housing facilities for the families of those patients. </p><p>St. Jude is 100 percent donor funded and it treats children with cancer at no cost to the family. Shawn Young, the security systems coordinator at St. Jude, says he tries to be a good steward with the donor money while keeping the unique campus secure.</p><p>The combination of vulnerable patients, visitors, and researchers coming and going at all hours makes access control and visitor management vital to campus operations, according to Young. The entire campus is fenced in, and guests must check in with a security officer. Visitors are encouraged to preregister, and once they’re approved, their credentials are taken, they receive a badge, and are escorted to the correct building. </p><p>More than 600 doors at St. Jude are fitted with card readers, and Young says a staffed control room monitors entry and exit points at all hours. Guards are also present at the three extended-stay facilities on campus. </p><p>St. Jude uses video cameras for both security and treatment, which can be challenging in hospital environments due to the Health Insurance Portability and Accountability Act (HIPAA) privacy laws. Doctors and technicians use live video feeds to keep an eye on patients who need extra supervision. “We’re not recording any of it, but it’s really the first time in the history of the hospital that we’ve actually used video for any kind of clinical care and monitoring any kind of treatment,” Young says. </p><p>In the six years since Young started working at St. Jude, the campus’s video footprint has doubled—more than 400 cameras are coordinated throughout the campus. “We’re large and it looks like we’re going to get even larger,” he says. </p><p>In fact, a new combination research and treatment building partially opened last year. The first floor serves as a convention and collaboration center, the second floor is a traditional surgery and intensive care facility, and higher floors will house a computation biology department and a proton therapy unit—one of 14 in the United States. Young says the multiuse building presented some unique safety challenges, but he’s been involved in the security design from the start. This collaboration allowed Young to lay out the placement of cameras and card readers, he explains.</p><p>“We have a great relationship with our design and construction department, and we’re lucky to be pulled into these before we have a set plan in place,” Young says. “We were involved almost from the very beginning.”  </p>
https://sm.asisonline.org/Pages/Passing-the-Biometrics-Test.aspxPassing the Biometrics TestGP0|#91bd5d60-260d-42ec-a815-5fd358f1796d;L0|#091bd5d60-260d-42ec-a815-5fd358f1796d|Cybersecurity;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p><span class="ms-rteStyle-Emphasis"></span><a href="/Pages/Pasando-la-Prueba-Biométrica.aspx"><span class="ms-rteStyle-Emphasis">​For the Spanish version, click here​.​</span><br></a></p><p>​<span style="line-height:1.5em;">It’s late in the evening, and after a long day of lectures and office hours, a professor checks the latest discussion posts of her online classes on Blackboard (an online learning management system). But just before she logs off, she notices something odd. Eight students have posted almost identical answers to her questions.</span></p><p>After some digging through the previous weeks’ coursework, she notices increased similarities in all of the eight students’ work for the semester. She flags the students and, following protocol, notifies the financial aid department. An investigation is launched. The probe reveals that one student had enrolled at the community college under eight different names, using a transcript signed by a nonexistent high school principal. The individual posing as the student then took out numerous student loans.</p><p>With online classes now a standard feature at community colleges and universities across the United States, many in education are beginning to recognize the need for foolproof methods of student verification to make it harder for individuals to engage in fraudulent behavior. Cuyahoga Community College (Tri-C) in northeast Ohio, where those eight identical students were en­rolled, is one of those institutions.</p><p>With its six campuses, Tri-C edu­cates almost 52,000 credit and non­credit students annually, and one-third of these students are enrolled in at least one online class per semester. This means that verification is an ab­solute must to ensure that students are who they say they are. However, Tri-C found that its verification methods were not sufficient to keep up with its move to online education.</p><p>“The community college mission has always been about access, and we do everything we can to provide access to populations that might not normally have access to higher education,” says Charles Dull, assistant dean for e-learning and innovation at Tri-C. “We took a very open approach—not thinking folks would want to try to steal from a community college.”</p><p>That open approach consists of hu­man recognition. When an individual notices something suspicious in a student’s file, they report it up the chain of command. Tri-C also uses a notification system, which checks to make sure that students who are en­rolled in online classes have logged in to Blackboard to participate in their classes. But it doesn’t check to make sure that students are who they say they are, making it easy for someone to pose as another student by obtaining his or her password and login information for Blackboard.</p><p>This can be especially problematic if someone is engaging in student loan fraud by enrolling in classes, applying for financial aid and loans, and then dropping the class and pocketing the money with no intention of repaying it.  </p><p>Along with concerns about fraudulent behavior, Dull was also worried about new federal regulations that would require colleges to do more for student verification than use logins and passwords for online interactions. “I had been reading government reports that were talking about student authentication becoming a requirement for compliance,” Dull explains. “And the rule coming out of the Department of Education was that students’ login and password weren’t sufficient to meet the standards for authenticating a student’s identity.”</p><p>With these concerns in mind, Tri-C decided it needed a new way to verify students from their first interaction on­line with the college. In 2012, a group of faculty members at a conference discovered a biometric signature product called BioSig-ID. It works by having users handwrite letters or numbers in a confined space by using their finger, mouse, or stylus three times. BioSig-ID then measures the length, angle, speed, height, and number of strokes used to make each character and stores the information in an encrypted database. </p><p>Software algorithms then compare this data against patterns collected during the user’s subsequent logins, confirming whether they match or not. If they don’t match, the user’s profile is flagged and sent to an administrator, along with a notice indicating the probability that the attempt is fraudulent, and the user is blocked from accessing the profile.</p><p>“We wanted a tool that wasn’t going to just say, ‘hey, this is fraud; get rid of this student,’ but could give us a range of probability from which we could develop a policy,” Dull says. “We needed easily readable reports that allow us to make a decision—not just take what came out as black or white.” This is especially important as it ensures that students who’ve forgotten their authentication credentials aren’t automatically accused of fraudulent behavior, he adds. </p><p>After learning how BioSig-ID worked, Tri-C reached out to the company, created a faculty committee that included IT, and conducted several demonstrations to understand the product and how it would report its findings to faculty members should a user be flagged by the system. Tri-C then pulled together resources and ran a one-semester test of BioSig-ID with two faculty members in the spring of 2014.</p><p>“We did one term where we created a sandbox in Blackboard for them to play around and understand how the product worked,” Dull adds, explaining that faculty learned how to use BioSig-ID as a standard sign-in for classes, or as just an added authenticator for students to use prior to taking an online test. Tri-C also used that test period to see “would students see gesture-based authentication as an additional hurdle to get into class? Are they going to complain that it is too cumbersome?”</p><p>Tri-C found that the system wasn’t a turn-off for students. It takes roughly five minutes to set up and can be used on computers, tablets, and mobile devices, making it easy for students to use the verification tool on any technology format. </p><p>Another factor that plays in Tri-C’s favor is that many students are also taxpayers in the county. “So there’s a much stronger connection between our community college and our students,” Dull explains. “They really appreciated the college taking a step to do something to provide better resources for students—because if we have fraud, that’s money we can’t put towards education.” </p><p>BioSig-ID will also ensure that Tri-C remains compliant with the new regulations that Dull was originally concerned with. One is within the reauthorized Higher Education Act, which requires institutions that offer distance education—like online classes—to have a process to establish that the student who registers in a class is the same student that participates in, completes, and receives credit for that class. </p><p>Tri-C has not expanded the use of BioSig-ID beyond the trials run in 2014, but it is in the process of securing the final approval from the administration to implement the solution campuswide for any secure interaction with the college online, Dull says.   </p>

 UPCOMING EVENTS AND EDUCATION