What are the requirements for developing a security management plan?

Any examples are for illustrative purposes only.

• applicable staff
• type of training
• level of training
• required credentials

The security management plan should take into consideration how the organization manages workplace violence and manages security during an emergency or disaster.

The security management plan may be a stand-alone document or may be combined with other Environment of Care plans (one overarching plan or combined with another, such as the safety management plan, for instance).  Components of the plan are outlined in EC.02.01.01 EPs, which include but not limited to:

• how will security risks be assessed and mitigated
• staff rolls in security management
• how the facility is secured
• how the organization contact external security forces if needed
• how the organization will control access to areas identified as security sensitive
• how physical or verbal threats, acts of violence, inappropriate behavior will be managed
• If the organization has an MRI, there is to be an assessment for safety and security risk that addresses patient comfort and safety, equipment safety and security, and staff safety

For example, hospitals with newborn nurseries and pediatric units (pediatric security risk assessment) would have very different criteria than a forensic behavioral health environment or geriatric health environment. Based upon their duties, staff may be assessed to require physical restraint training, self-defense training, situation de-escalation training, etc. Once the required skillset and type/level of training is established, the organization is to create applicable policies, implement the security program, assess for effectiveness, and adjust the strategy if needed.

Any requirements from the local authority having jurisdiction (AHJ) are expected to be followed. 

Reference:
EC.01.01.01 EP 5
EC.02.01.01.