Skip to content Skip to navigation

The security vulnerability assessment

March 10, 2015
by Steve Wilder, CHSP, STS
| Reprints

A resident is sexually assaulted in her room. Meetings are held. Fingers are pointed first at the nursing staff, then at security, then at the administration. The safety committee calls a special session. By now, numerous “security experts” are employed by the facility, all well-intentioned, making scores of comments and recommendations without merit, including: “Where was security?” “Why weren’t the police notified?” “If only we had an access control system.” “We need to install closed-circuit television cameras.” “Employees need to be trained to detect and prevent violence.”

The incidents may vary, but it’s the same old story at many facilities: Everyone becomes a “security expert” immediately following an incident. Recommendations are plentiful, blame is abundant and a “quick-fix” is needed to make it seem like something is being done to prevent future incidents. That’s all well and good for the media and the onslaught of concerned citizens demanding action. Quick fixes, however, only temporarily mask the problem. The real solution is to be proactive in your approach to security. Identify your weaknesses early through a comprehensive security vulnerability assessment (SVA), and put together a “plan for improvement.”

The assessment

A comprehensive SVA, performed by a qualified healthcare security professional, is the first step in creating a secure environment. You cannot minimize your vulnerabilities if you don't know what and where they are.

Imagine that you don't feel well. You have a headache, your throat hurts and you have body aches. When you go see your doctor, he or she doesn't just start handing you pills, saying, “Here. Try this and let's hope it works.” The first step in treating you is to make a diagnosis and, once it is made, begin appropriate treatment.

Creating and maintaining a secure environment in a long-term care community is no different. You have to know where your vulnerabilities lie (diagnosis) before you can think about treatment (minimizing the risk).

It is critical that the person(s) performing the SVA be a qualified healthcare security professional(s). You want someone who is looking out for the safety and well-being of the facility, the residents and the staff, and not someone who is hoping to sell you cameras and alarms when the assessment is over. A professional healthcare security consultant can be your greatest ally in creating a secure environment.

In simple terms, an SVA:



Steve Wilder

Steve Wilder


Steve Wilder, CHSP, STS, is president and chief operating officer of...