The Texas Medical Center is the largest medical complex in the world. More than 60 institutions operate within its 2.1-square-mile footprint in Houston, including The University of Texas Health Science Center, which produces the most healthcare graduates in the state, and the MD Anderson Cancer Center, a joint academic institution and cancer treatment and research center.
It's up to the University of Texas Police at Houston (UTP-H) to protect the 25,000-plus employees, 5,000 students, and 135,000 patients treated annually at the two institutions and across multiple cities—a Texas-sized job that requires the efforts of sworn officers, public safety officers, and civilians. The unique organization, which combines police and security operations under the same umbrella, serves a disparate community of patients, teachers, students, and healthcare workers. And a few years ago, the need for the ability to adapt and respond to an increasingly complex threat profile became apparent to UTP-H leadership.
"Don't get me wrong—we really did a great job of responding and mitigating threats, but we were response-
oriented," says UTP-H Chief of Police and Chief Security Officer William Adcox. "Frankly, we weren't able to take a systematic focus across the entire risk spectrum on an institutionwide basis."
To do so, UTP-H took inspiration from the industry it serves. "Prevention has always been a major tenet of healthcare, and we wanted to look at opportunities where we could contribute to the prevention piece within security," Adcox explains. "We saw the organizational value in shifting to looking at prevention, integration, and near-miss opportunities, to the point where we even looked at our traditional planning cycle and how we could become more agile and adaptive to the threats."
The department embarked on a three-year process to overhaul its operations to become a more adaptable, responsive force with a shared purpose of prevention, protection, and preparedness.
"We wanted to try and get upstream of harm—prevent incidents before they occur, and be prepared to deal with what is occurring," says Raymond Gerwitz, director of risk strategy and operational excellence at UTP-H. "We created a shared purpose around prevention, preparedness, and protection and are engaging everyone in the idea. It's no longer enough to protect and serve—we want to prevent too."
Building an Operations Center
When approaching the department's overhaul, leaders adopted a business state of mind. Most of UTP-H's senior leaders hold MBAs and have been trained in business principles, and Gerwitz says that mindset—an unusual one for security organizations—has gone a long way to inform the department's operational strategy.
"We ask, 'How can we operate more like a business rather than a security group?'" Gerwitz says. "We looked at the strategies of communities we serve, took those principles, and adapted them to our environment. You won't find many police departments or security groups that have a strategy map—it's not a thing they think about. We took that from corporate America and blended it into how we do things."
UTP-H began its overhaul with an internal value analysis that assessed operations at a day-to-day level to determine whether they aligned with the department's updated goals.
"We look at different groupings of employees, every single task that they perform—how much time does it take, and what resources, and why they do it. Because there's a law or regulation? Or because there's an organizational policy? Or because it's historically done? Or because there's an executive directive?" Adcox says. "You break it out and that gives you a good picture of your internal value analysis so that you can look at those tasks that you can effectively quit doing and see what bandwidth you can pick up."
One result of the analysis was the transition from a traditional police and security dispatch center into a more forward-facing risk operations center.
"In the call center's case, there were opportunities there to retire some misaligned tasks and insert new responsibilities that bring the value we're looking to provide to the organization," Gerwitz explains. "In essence it becomes a mathematical formula—I can retire tasks that are limited in value and repurpose the staff to increase value without adding headcount."
Adcox says that it is important for employees to have both security training and a business mindset. "We really started placing priority on identifying members of our organization and people we would be bringing in that had a business acumen and were able to help lead us in new directions," he says. "We've been fortunate and able to recruit capable individuals who bought into the vision. It all starts with your people, and that's what's critical. Getting the right people in the right roles and then ensuring that there's a shared purpose—that's how we approached it."
The new department structure includes five service lines—healthcare security, investigative services, police services, risk management, and threat management—which often work together to respond to an incident.
"For the longest time, the face of the department was police services—the individual who wore the uniform, but now we have these five major service lines—the groups that set us on this journey of prevention," Gerwitz explains. "A big part of being engaged is understanding everyone's contribution—everyone has a role to play, even if it's in the background."
Gerwitz notes that the approach has paid off. Thanks to a combination of training and monitoring how calls are addressed, the percentage of calls handled by a single team member has increased. These percentages are tracked monthly and shared with staff, encouraging open conversations about how calls are managed and keeping team members engaged.
The switch in response protocol illustrates how UTP-H is achieving its goal of predictive policing by focusing more on analyzing calls and encounters. Adcox says that previously, as in many organizations, analysts would log the data of the encounter but not use it.
"That was our response—we'd handle it, log it, and move on," Adcox says. "We didn't know the basis for the suspicious person—what's the story? Now, we analyze and take data that comes in from multiple calls and visualize the data, and that better informs our officers of any trends, repeat offenders, potential threats that were averted, and what to look for. We now have an extended prevention opportunity on behalf of the communities we serve."
For example, the operations center team is now encouraged to handle call loads on their own without passing them along to another section to streamline the process.
"If they take care of a call on their own, they receive credit from a performance perspective on that," Gerwitz says. "If they hand it off to someone else downstream, then they don't. We monitor the percentage of things they are doing on their own on behalf of the organization without handing it off, because that generates efficiencies for us. And it empowers that group to try to handle things without having to go to others to get it done."
If a call comes in about a suspicious person on campus, the operator can look at surveillance footage and recognize that person as an employee. Operators may reach out to that employee's manager and ask why that person is in that area, but they don't send a resource out to respond because they know it's an authorized person who is perhaps in that area for a reason.
Gerwitz emphasizes how data visualization informs all aspects of the combined protection model.
"How do we want to go about creating a new shared purpose and engage the shift towards prevention? Let's find data we need," Gerwitz says. "We know the narrative, so what's the data that supports it? Now we have that data, so we create visuals to enlighten our staff and get them engaged in what we're all trying to do. For a long time, this information was kept in databases and didn't resonate with our managers."
Part of any organizational restructuring often includes developing a strategic plan, but once changes become the new normal it can be hard to measure whether operations are still true to that plan. Adcox and Gerwitz say the department constantly checks whether the department's efforts point to its guiding principles.
"Three years ago, when we started this process, strategic planning was viewed as a necessary evil," Gerwitz says. "There's this perception that our efforts were a waste of time because we wouldn't really use it. We had to change that mindset and educate everyone that some of what we're trying to do will be unrealized, some will be impacted by emergent needs, or executive mandates, or in response to particular threats. It's okay not to do everything as planned, but there is value in planning."
Data analysis and visualization play a big part in both sticking to the plan and adapting where needed. UTP-H does not shy away from recalibrating or retiring components in the department if they do not show added value.
"Putting all these things in place is good but validating and proving that they are providing value intended is the most significant piece," Gerwitz says. "How do you show people that you're doing the things you say? Or, if you need to, how do you recalibrate your organization to do something more valuable? In today's security field you have to adapt to threats coming, you can't lay back and rely on the same strategies. We don't spend a lot of time on traditional analysis. We let the current predict the future."
All calls, incidents, and interactions are meticulously documented in a robust, interactive database that can be accessed by employees and managers alike. In a demonstration, Gerwitz was able to assess all slip and fall incidents that occurred in May—27 instances—and in a few clicks could drill down and view when and where the incidents occurred, who was the responding officer, and the final outcome.
"To be able to see this type of detail is very powerful for supervisors and managers, we ask them to go in and conduct management by visualization," Gerwitz explains. "It's easy for them to see what's going on in their teams, and they can adapt their strategies based on what they're hearing from the outside—if there are lots of vehicle and pedestrian hazards in a certain area, they can look and see whether we're in those areas or we need to adapt our patrol tactics."
Near misses are of particular interest to the department, because they signal both a looming threat and an area where predictive policing can be used.
"We're almost fanatical about failure or near misses," Adcox explains. "We're not interested in numbers—how many doors we check that have to be secured, that kind of thing. What we are interested in are the doors that should have been secured that were found unsecured, or individuals in a certain part of the hospital who don't belong or are lost—those are near misses. We'll see how often that's occurring or if it's the same individuals. We have got to get in front of something happening."
UTP-H relies on metrics to inform its tactics and mitigate negative trends before they affect the community.
"It might be how we view and put together video feeds, or we might put together a specific covert operation or put cameras in certain areas," Adcox explains. "It might be working within a specific group of employees, asking them to watch for certain activity and report a certain way. It's very proactive."
All employees have access to performance and value visualization tools in the spirit of transparency and to understand the operations of the entire department and the impact their teams have in keeping the institutions safe. Gerwitz says that most employees don't view the information every day, but they are alerted when new resources are added. There has been a lot of thought put into how the data is accessed—the department is on its second iteration of the visualization tool, he notes.
"It's now much more graphic and in line with how people want to consume information," Gerwitz says.
Managers will also put together visualization boards specific to their teams, and in the case of groups like security officers who aren't often in front of computers, they will print them off and review them during meetings.
"It has been helpful in allowing people to straightforwardly show their value," Gerwitz explains. "Before we put this in place, it was hard for people when they were stopped to tell me how your team benefits what we're trying to do—it was hard for them to articulate that in a way that made sense to people. This program makes it easy. I think that's the biggest benefit to the department—now managers are able to adapt and show value at any moment based on what teams are doing. From an organizational perspective, the feedback we get from senior executives who use these processes themselves brings a lot of credibility to our team."
Connecting with Communities
Adcox has worked with UT Health and MD Anderson for 14 years and is aware of the challenges of protecting the esteemed educational and healthcare facilities. Part of UTP-H's transition included opening more dialogue between the department and the institutions to ensure they are working towards the same goals.
"We bring in leaders from the institutions and walk them through our process and spend time on things they value," Gerwitz says. "If we bring in the clinical team, we'll spend a lot more time on issues they deal with in the clinics and how we adapt our training, versus meeting with the finance folks, where we validate our programs and show value."
One example of partnership between UTP-H and the institutions it serves is the approach to people experiencing a mental crisis. Beyond developing a trusted response protocol, the UTP-H threat management team strives to work with the school and hospital to predict potential personnel issues before they come to fruition.
"You bring all these pieces of information together, so they can present to you a real picture of what the situation is," Adcox explains. "You're able to get people help in advance of losing their jobs or harming themselves or someone else. It's been very effective, and we have progressive data and use data visualization to show that."
If an employee, patient, or visitor is actively in mental crisis, the threat management team is trained on how to respond and follow up. Gerwitz says that 98 percent of UTP-H responders are certified mental health officers due to the unique stresses of the joint education and healthcare environment—most other law enforcement departments in Texas provide less than 10 percent of their officers such training, he says.
"That employee in crisis will be assessed using tools we have been trained on to screen for the person's mental state," Gerwitz explains. "So, say on a scale of one to 10, I'm an eight—I'm in a bad place, and the responders apply a strategy to bring me down. Following that event, through peer review or interacting with me as they continue to monitor my status, they reassess me, and now I'm a five—they measure that delta."
The team has a calculated goal for an average reduction of the intervention score and, using data visualization tools, can track how successful different intervention methods are and adapt intervention tactics based on those statistics across a variety of populations.
"It's a team effort across the institutions—there are others participating in this effort, such as human resources, employee health programs, supervisors, and we can track who all handled each case and its outcome," Gerwitz explains.
Being able to map out the outcomes of police interactions with people in crisis has been impactful in promoting relations between the institutions and UTP-H, Gerwitz adds. Of the 98 threat intervention cases he mapped out, only two resulted in arrest. This statistic goes a long way in garnering trust with hospital employees who might be wary of involving police in a mental crisis.
"For a long time while implementing this, we had to break down the walls of thought that if you call the police, someone is going to get arrested," Gerwitz says, adding that the outcome statistic was well received by clinicians. "To me, this is the more high-level analytical, value-driven style, compared to performance monitoring that goes on in typical security operations."
Adcox agrees, noting that such data illustrates UTP-H's thoughtful approach to conflict in such a sensitive environment.
"In our business, our whole approach is an organizational health, individual wellness method," Adcox says. "It is not in any way a prosecutorial or criminal justice approach. Because we have a police component, you have that extra tool in your toolbelt if you need to bring a situation under control."
Partners in Business and Purpose
Gerwitz says that another important culture shift has been thinking about the business success of the organizations UTP-H serves, not just its own success.
"Not only are these healthcare institutions and educators, they are also businesses," he says. "Part of the value we've been able to distill from all of this is that if you act like a business partner and are treated like a business partner, you can do better with your allocated resources and meeting the goals of the organization."
Adcox explains that UTP-H has assessed where its operations overlap with UT Health and MD Anderson and partners with them to share knowledge and training. In areas such as investigations and crisis training, the department can step in and share its own resources for the benefit of the entire organization.
"I cannot stress enough the importance of going into each of these places that perform these critical functions for these organizations and working with them," Adcox says. "Have a joint training, let us explain what we do and what our expertise is, and they'll teach you what's important to them, and then you have the trust factor and can start talking about how to integrate and help each other."
Since UTP-H is known for its high level of conflict resolution training, it has partnered with UT Health to train nursing students on handling people in mental crisis—everything from body language in the hospital room to handling a patient's family to deescalating conflict. Adcox says UTP-H also trains clinicians, physicians, and nurses working at the facilities in the same practices.
"We're able to bring that into play because of the expertise we've had to develop in being effective in our organization," Adcox says. "We also have an immersive simulation center so that you actually have practical, holistic experiences and not just the classroom. This technology is for the entire organization, not just us."
By aligning UTP-H with UT Health and MD Anderson's enterprise goals and overarching missions, the department is now seen as an equal and valuable partner—in business and protection alike.
"The struggle we have on the security and law enforcement side is that we're not accepted as legitimate business partners, we're a cost center that's a necessary evil," Gerwitz says. "You have to hold yourself to the same accountability and integrity and commitment to the organization as any other business unit. You're no different from the other teams working on behalf of the organization. This business approach is aimed at making sure we're being good stewards of the resources provided. When people believe you're doing that, they'll support you."