Category Archives: Risk-Based Security

77-Year Old Man in a Senior Care Retirement Home Fatally Shoots One Firefighter and Injures Another in Long Beach, California

RISKAlert Report # 1149         Updated:  June 27, 2017                                                    Long Beach, California

A 77-year-old retirement home resident identified as Thomas Kim, has been accused of intentionally setting a fire Monday morning to lure first responders to the facility.  After the firefighters entered the Home and
put out the fire, Kim fired on the men, killing one firefighter and wounding another.

It’s the first time we have seen anything like this said, Mike Duree, Long Beach Fire Chief..

Around 4 a.m. Monday morning, firefighters Capt. Dave Rosa and Ernesto Torres responded to reports of a fire, followed by an explosion and the smell of gasoline, at the Covenant Manor senior care facility, Duree said. As they approached the high-rise building, the firefighters noticed that the windows of one unit had been blown out and that the sprinklers were on.

After extinguishing the fire, Rosa and Torres remained inside the building to investigate the gas smell and explosion, the chief said. Ten minutes later, gunfire erupted and police received reports of an active shooter. Rosa, a 45-year-old veteran of the Long Beach Fire Department, was killed in the attack. Torres and another man, a civilian resident of Covenant Manor, were injured and taken to a local hospital.

Long Beach Police arrested 77-year-old Thomas Kim, who lived in the facility, in connection with the fire and the shooting.

They booked Kim  on suspicion of murder, as well as two counts of attempted murder and arson, and is being held on $2 million bail.  It is not known about where he got his weapon and how he started the high-rise fire.

Not much was immediately known about Kim, police said he was arrested years ago for auto theft and that detectives are looking into reports of erratic past behavior.  His family said that they were stunned to find out the suspect was alive, living in Long Beach, and was a suspect in the murder and arson investigation.


LESSONS LEARNED:

  1. Retirement facilities should institute a No-Weapons Policy for Residents. 
  2. Firefighters place themselves in danger every day, but didn’t expect to encounter
    a killer in the retirement home!
     


    THANKS FOR READING THE RISKAlert Report
    ©For more information and a free subscription:  write to:  caroline@riskandsecurityllc.com 
    We provide the best Active Shooter and CMS Facility Risk Assessments & Training Programs. Find out more at  www.riskandsecurityllc.com.

DOD moves military bases to a higher alert status

In an unusual move today, the U.S. Department of Defense (DOD) raised the security level at
U.S. military bases because of the increasing concerns about possible attacks by ISIS (ISIL).

While the DOD cited no specific threat, they did refer to the recent attack in Garland, Texas,
(last Tuesday), after ISIS claimed responsibility for the Prophet Mohammed cartoon contest
featuring cartoons about “the Prophet”.

The threat level was raised to ‘Bravo’ level, and it’s worth noting that it’s the first time the
threat level has been that high since the anniversary of the 911 attacks on September 11,
2011
,
which was the 10th anniversary of the 2001 attacks.

A higher threat level could mean 100% ID checks at the entrance to all military bases, including
air force bases, army bases, navy and marine bases.   It also puts base military police on alert
to be highly situationally aware, including investigating anything they see that might be
terms “suspicious”.  The FBI will also increase surveillance of suspected pro-ISIS individuals.

Persistent stories have been focusing on the Texas border, which may be harboring an
ISIS camp, and the right wing media has reported that an ISIS camp may be sending their
soldiers into the US on specific missions.  Although this has been widely discredited by
officials,  some circles are reporting a link to the Army’s Operation Jade Helm, a massive
military drill across nine states, which is slated for July 15th, to September 15th, 2015.

We encourage individuals to be situationally alert AT ALL TIMES, and a increase
in military alert levels would certainly be something to note.

 

 

 

How to Build a New, Risk-Based Police Model that Really Works

Law Enforcement Can Transform Itself by Turning to a Risk-Based Policing Model

Watching the protests across the country over the last few months,  the two groups, the Citizens and the Police, as polarized as the US Congress, I think, we can do BETTER than this. We can make police officers RISK OFFICERS for their communities.

The current stereotypes of police with military-style weapons and protective gear, is counterproductive, just like the stereotype of poor, uneducated, violent, drug-using citizens is also counterproductive to progress.

Most departments are still working with the historical model of law enforcement that is still followed religiously around the country, even though it is over 100 years old.  This model is totally ” Enforcement ” oriented.  Something bad happens, police go find the perpetrator and arrest them.

At the same time, cities and counties are having a hard time enlisting new officers, in fact, in Police Chief Magazine in the December 2014 issue, they point out that 80% of departments are having major recruitment problems. Young men don’t want to become ‘traditional’ police officers. The role needs to change.

The model of law enforcement is at a point when it needs to change, and to evolve into a risk-basedcrime-preventive model, instead of a total arrest and subdue model. 

The benefit would be a different kind of police force, one that is more educated, more  tech-savvy, and problem solving, and focused heavy on prevention.

Instead of educating police officers on some goofy model of how to talk to people, they need to get educated on threat-risk techniques.  They need to be able to go to a neighborhood, pro-actively and come up with a risk assessment for that neighborhood,  followed by a plan to improve the lives of the people who live
there.  Just like we use interviews and surveys for our high-tech risk assessments, these officers could do the same thing.

Police officers today perform only a narrow range of activities.  This great group of ethical professional officers COULD DO SO MUCH MORE.  

 

In the next article, we’ll include suggestions on how to make the change.

Healthcare’s failure to address link between mental illness and violence putting lives in jeopardy

DATELINE:  JULY 28, 2014

Richard Plotts, the man who allegedly murdered a 53-year old caseworker at a suburban Philadelphia hospital last week by shooting her in the face, was formally charged with murder on Saturday following surgery to remove bullets in his torso.

According to Delaware County District Attorney Jack Whelan, police in Upper Darby, Pa., where Plotts lived, were aware of at least three mental health commitments, including once after he cut his wrists and once when he threatened suicide — but said such stays can last just one to three days. Whelan also noted in his press conference that Plotts had also spent time in a mental health facility.

Every week brings a new story in the media about murder-suicides, patients killing healthcare workers, random shootings and assaults.   We can read the new polls like the article on U.S. shootings in healthcare, as well as the recent healthcare crime study by the International Association of Healthcare Security and Safety (IAHSS) that routinely reports that violence in healthcare is soaring.

Not only in healthcare, but throughout the U.S., these random active shooter trends are increasing.  To see how much of this violence is related to severe mental health problems, we only have to look as far as these high profile incidents:

  • June 14, 2012 – Buffalo, N.Y., trauma surgeon shooting
  • July 20, 2012 – Aurora, Colo., movie theater shooting
  • Sept. 16, 2013 – Washington Navy Yard shooting
  • Dec. 17, 2013 – Reno, Nev. urology clinic shooting
  • Jan. 22, 2014 – LAX active shooter incident
  • April 2, 2014 – Fort Hood (2nd) active shooter incident

None of these incidents were related to poor performance review, losing a job, and only one of these could be called “domestic violence,” but what they all have in common is that the perpetrators were all severely mentally ill.

Guns scare me.  Guns kill people by accident and on purpose. I never let my children play with guns.  However, as I analyze the elements of these shootings and dozens more, my bias is changing.  I think it’s less about guns and more about mental illness.

Healthcare and hospitals would be the one industry where you would think that people would be concerned about the state of mental health of their patients and staff. Instead, it seems like mental health problems are walled off by society, treated ineffectively, and violent tendencies (which sometimes make their way onto patients’ Facebook pages) are largely ignored and unreported by the clinicians treating them.

So it’s left to the security and law enforcement community to deal with these individuals who are paranoid, depressed, angry, frustrated, disappointed, hurt, confused, and, ultimately, violent.

Now that mental health has been re-classified as another medical problem, the money is flowing to the treatment centers and it’s covered by Medicare. But progress doesn’t seem to be either easy or effective.

Dr. Graham C.L. Davey, Ph.D. writing in Psychology Today in January said: “Many of those health professionals (GPs and family physicians) at the first point of contact with people suffering mental health problems are poorly trained to identify psychological problems in their patients, and have little time available to devote to dealing with these types of problems. This increasingly makes medication prescription an attractive option for doctors whose time-per-patient is limited—an outcome which will have all the potential negative effects of medicalizing the problem into a “disease.”

And that’s exactly what we see, patients who don’t take their meds because of the negative side effects and so they become isolated and increasingly violent.  The side effects are clearly pointed out in TV commercials, that you’ve probably watched.

For example, one medicine has side effects that include sexual side effects, convulsions, brain shrinkage, stroke, death, suicide, violent thoughts, psychosis and delusional thinking.

The increase in hospitals adding seclusion rooms, expanding the number of beds for psych patients, and the time spent by both law enforcement and security professionals  in dealing with these troubled individuals, may account for one-quarter to one-third of an organization’s security budget.

Many of the security risk assessments we do are focused on handling mobile mental patients, including the baby boomers suffering from Alzheimer’s and dementia.

As violent incidents continue to increases in our society, our workplaces, and in our hospitals, we need to spend more time looking for, and demanding treatments that work and that are sustainable by the patients so they can lead happier lives and we can protect the rest of society, and our healthcare facilities,  from their potentially violent behavior.


http://www.securityinfowatch.com/blog/11598089/healthcares-failure-to-address-link-between-mental-illness-and-violence-putting-lives-in-jeopardy

Author:  Caroline Ramsey Hamilton

Since 1988,  Caroline Ramsey-Hamilton has been a Thought Leader in All Aspects of Active Shooter and Security Risk Assessment in both Public  and  Private  companies and organizations.  Specializing in Hospital and Healthcare Security. Hamilton is Certified in Homeland Security (CHS-III), Anti-Terrorism (ATAB) and Security Risk Assessment. As President of Risk & Security (www.riskandsecurityllc.com) she works with many hospital clients, and develops affordable risk-based apps for improving security risk assessments, and publishes the RISKAlert security awareness program.  She lives in south Florida with two beagles, a rescued kitty and (on weekends), 4-year old twins.

Reprinted with permission from www.SecurityInfoWatch.com

Aventura Hospital Patient Strangled in his Room on July 1st,, 2014

RiskAlert INCIDENT REPORT 565 –

Patient Strangled in Aventura Hospital, Florida

32-year old Behavioral Health Patient found Strangled to Death
in his Hospital Room

32-year old Alex Paloumbis diagnosed with bipolar disorder and schizophrenia at a
young age, had been in the hospital for two weeks. He was on the fourth-floor psychiatric
ward when he was attacked by the patient in the next bed. 

The other patient in the room, identified by police as Alexander T. Jackson, 31,  was
charged with first-degree murder and remained in Miami-Dade County Jail on Monday
with no bond. Jackson, who is homeless, was admitted to the hospital around 10 a.m
Thursday,  the day of the murder, which occurred about 3 p.m. the same day. He was
put in the same room with Rios, according to the arrest report. 

 LESSONS  LEARNED:  

Behavioral health patients require extra controls including
live, continual camera monitoring, use of appropriate
medication and possible use of restraints.

Patients may pose a danger to others, as they did in this tragedy,
and should be under continuous supervision.

Rios was last seen alive at about 2:45 p.m. Thursday. At 3:36., a hospital
housekeeper found him face down on the floor.  “The defendant admitted
to killing the victim by strangling him with his hands and a bedsheet,”
according to the report.

While administrators declined to comment on the security procedures at the
hospital, IAHSS 
(the International Association for Healthcare Security & Safety)
President Marilyn Hollier said psychiatric floors generally have lock-down
procedures, metal detectors, seclusion rooms and cameras at the access
points.  It is not known whether any of these security controls existed at the
hospital.  Hollier also stressed that security officers need specialized
training to deal with behavioral health patients.

Aventura Hospital, located near I-95 north of Miami, Florida, has a large
behavioral health unit with 46 beds.  The victim’s mother said her son was
never violent. “He never, never, never raised his voice,” Paloumbis said.
The mother was summoned to the hospital Thursday. She was told come
quickly and then was ushered into a room where police officers and detectives
were waiting. Though she had limited English skills, she understood that
her son was dead and initially thought that he may have died from a heart attack
or other natural causes.

Stay Situationally Aware and Continuously Monitor Behavioral Health Patients!

 RISKAlert® is a publication of Risk & Security LLC at www.riskandsecurity.com

How Risk-Based Security Can Reduce Violence in Healthcare

reprinted with permission from www.securityinfowatch.com

Using Risk-Based Security to Stem the Tide of Violence
in Hospitals and Healthcare


Created by:   Caroline Ramsey Hamilton

Date: May 22, 2014

Hospital and healthcare security is experiencing a major increase in violence,
instigated by patients, patient families and even healthcare staff.  Just last year,
there was an active shooter incident in Reno, Nev., in which two physicians were
shot, and in Houma, La., 
a hospital administrator was shot to death by a terminated
nurse. As recently as Easter Sunday in California, two nurses were stabbed at the
hospitals, where they worked.  One was stabbed in both the upper and lower torso
and is in critical condition. These two incidents add to the more than 100 
violent
incidents in 2013 and the first half of 2014.

Since 2010, violence in healthcare has skyrocketed. As a result, the Joint Commission has
issued a “Sentinel Event Alert” on the issue and contributed to numerous articles on shootings
in U.S. hospitals. The Department of Homeland Security and a consortium of state and local
hospitals recently released 
a standard for active shooters in healthcare. These all point to the
conclusion that the current law enforcement-based hospital security model is not working.

Changes in Healthcare
The changes in healthcare, including the increase in insured Medicaid patients and increased
traffic to emergency departments, highlights the fact that very well-intentioned people are
working with an outdated security model that hasn’t evolved to address a changing healthcare
environment. The change in billing and reimbursements for healthcare organizations, such as
tracking of readmission rates, has squeezed hospital profits causing reductions in funding in many
security departments at a time when violent events are steadily increasing.

A new risk-based model for hospital security is emerging that is less linear and more cyclical.
It uses technology to a greater extent, employs forecasting and statistical models to predict the
likelihood of future incidents, and is proactive instead of reactive, focusing money and energy on
preventing events instead of simply responding to them. This model also uses risk assessment
formulas to quickly assess the current security profile of a hospital, clinic, hospice, or behavioral
health facility, factoring in heightened threat-risk environment, not only for the facility in question,
but also adding in the wealth of healthcare data that’s now available.

Risk –Based Security Focuses on Continual Assessment
A major focus of this model is the continual assessment and evaluation of preventive security
controls, which are reviewed quarterly, semi-annually, or annually to discover gaps in controls,
and to fix gaps as soon as they are identified. This dovetails nicely into the assessment models
already required by the Joint Commission, OSHA and new CMS standards.

Looking at recent high-profile security events that took in place in hospitals shows that incidents
happen because of exploited gaps in the existing security of the healthcare facility. In the past,
security officers successfully worked hard to reduce response time so that often officers could
arrive in under two minutes, but it’s still too long.  In the Reno shooting, response time was under
two minutes, but that was long enough to kill two doctors.

Focusing on prevention makes sense for healthcare, much in the way the Joint Commission
focuses on patient safety, by continually assessing controls, reducing discovered gaps in controls,
and mitigating gaps by reassessing and tightening security, which creates a cycle of continual
improvement in the healthcare security environment.

Taking Advantage of Technology
The healthcare risk-based security model takes advantage of technology. Instead of waiting
for manual recording of security incidents every day, software programs allow hospital security
officers to enter data at the end of each shift, and that means security directors can map what’s
happening in the hospital or facility on a daily, weekly, monthly and yearly basis.  This can go a long
way to identifying trends early and help facilities make appropriate changes in controls so that
negative trends can be reversed 
quickly and both patient and staff security is increased.

In addition to automating incident collection and analysis, the healthcare security risk assessments
must be automated too.  Risk assessments are too time-consuming and labor intensive to be done
annually.   
By the time the risk assessment is over, the environment has changed again.  By
automating the risk assessments, including environment of care and hazard vulnerability,
it produces data that can be used instantly to analyze and recommend the most cost-effective
controls, and rank them by their return-on-investment (ROI).

The role of security in hospital and healthcare organizations is changing too. Security organizations
should no longer be isolated without intensive interaction with others in the organization, including
the human resources department, the facilities managers, safety managers, and the emergency
management staff.

New DHS Guidelines for Active Shooters in Healthcare
With DHS issuing new guidelines for active shooters in healthcare, hospital emergency managers
are now required to prepare for active shooter incidents, as well as storms, hurricanes, tornadoes,
power interruptions and other events related to natural or man-made disasters.  This creates a
natural partnership between the emergency management staff and the security program,
because the skills of both functions are needed to properly prepare an organization for any disaster.

Instead of existing in a vacuum, healthcare security directors and managers should cheer at
this development because it expands the importance of security inside the hospital or healthcare
facility, and underscores its value in protecting the organizational assets –  the physical facility,
patients, visitors and staff –  to proprietary information, including the HIPAA mandated PHI
(Protected Health Information), vehicles, security systems, high-value healthcare equipment
and the healthcare provider’s reputation.

Security budgets have always suffered because security costs are seen as operating
expenses, not an income source, but by tying the security expenses more closely to loss
prevention and protection of the organization, it creates a cost justification for hospital and
healthcare security.

Risk-Based Security Links to Hospital Compliance Standards
A risk-based security model also links security to myriad compliance standards that affect healthcare
and this also supports and justifies the costs related to security. For example, hospitals are required
to have a variety of security controls in place related to tagging of newborns, posting of no-weapons
signs, and environment of care issues. Any healthcare organization accepting funds from Medicare
or Medicaid must comply with the new mandate for annual security risk assessments. 

OSHA 3148 also requires hospitals and healthcare organizations to do annual workplace violence
assessments, and more than 33 states also require enhanced protection of hospital and healthcare staff.

As security incidents continue to increase and violence in healthcare escalates, making the
switch to a risk-based security program will provide better protection for hospitals and healthcare
organizations, making more effective use of existing security personnel, as well as justifying and
expanding healthcare security budgets.

 

For more information:  contactCaroline Ramsey-Hamilton at caroline@riskandsecurityllc.com

 

Two Nurses Stabbed on Easter Sunday in Different SoCal Hospitals

Dateline:  April 21, 2014

Stabbing at Olive View – UCLA Medical Center

In the early morning hours of Easter Sunday morning, nurse at Olive View-UCLA
Medical Center in Sylmar, California  was critically hurt after being stabbed
multiple times.

Prior to the stabbing, deputies said the suspect had entered the hospital and
allegedly bypassed the weapons screening area.  As the deputies searched
for the perpetrator, they heard a woman scream, and located the nurse, who was stabbed in both the upper
and lower torso. The nurse was transported for medical treatment in critical condition.

Torrance Hospital – Later at 9:20 am on Easter Sunday,   Thomas Fredette walked
into Torrance Hospital, in the south Bay, and grabbed a nurse from behind and
stabbed her in the ear
with a sharp object, according to Los Angeles County

Sheriff’s officials.  Fredette faces charges of assault with a deadly weapon,
sheriff’s officials said.  He is being held on $130,000 bail.

What We Learned:    

Strong Access Controls at Hospital Entrances and Exits are the first line of
defense against injuries to hospital staff.  Both events were random and
apparently unprovoked. 

Nursing staff in particular, should receive adequate training in situational
awareness, which may be in conflict with their total focus on caring
for patients.

 

Double Check these critical Potential Controls:  
Stronger Access Controls
Panic & Duress Alarms at Entry Points and on Nurses working late shifts
Better Weapons Screening

 

Why We Need to Switch to a Risk-Based Security Model – School Stabbing at Franklin Regional, Active Shooter Incidents at Fort Hood (twice), LAX, and The Washington Navy Yard.

When I turned on the news today, I was in the middle of writing an article on the 2nd Shooting
at Ft. Hood from last week, and then saw that there had been a violent knife attack at a
Pennsylvania high school, with 20 casualties and at least eight injured critically, the next day,
there was a hate crime shooting at the Jewish community center in Overland Park, Kansas.

Once again, we see violence on a mass scale, the FBI has been brought in, and next will come
information on the victims.   With two major events, in two weeks, what can we deduce about the
security in place at both Franklin Regional High School, Pennsylvania, and Fort Hood, Texas.

        NEWS FLASH:   THE CURRENT SECURITY MODEL IS NOT WORKING!

CURRENT SECURITY MODELS

Disaster preparedness is improving,  Emergency Management is working, but security is
still not where it needs to be.  It is a systemic problem based on the fact that security around
the U.S. is still locked in a REACTIVE mode, not a PROACTIVE mode.

The main reason for this reactive mode in security organizations, is because most security
officers come from a law enforcement background, with a model which is based on crimes
and arrests, and it is totally REACTIVE.  A crime happens and police officers go into action
and arrest the perpetrator(s).

CRIME HAPPENS    =    PERP IS IDENTIFIED    =   PERP IS ARRESTED

Unfortunately, this reactive model does not work for preventing security incidents and mass violence
because it is INCIDENT DRIVEN, not Risk-Driven.  It focuses on individuals, not on a more holistic,
generalized view of Threats, and it totally leaves Solutions (Controls) out of the equation.

After studying pages of after action reviews, post-incident analyses and media sources, the one
recommendation that makes sense is that organizations need to switch to a RISK-BASED,
PROACTIVE mode for security to work
.

This was highlighted in a remark made by a Pentagon official, commenting on the 2nd Fort Hood
Shooting on April 2, and the fact that new DOD recommendations for security, had just been released.

“After the Navy Yard shooting in September 2013, another round of recommendations were made
to improve security at all DOD installations, however, a  Pentagon official said that the new
recommendations had not yet been put into effect at Fort Hood.
 At Fort Hood, very little 
had
changed from 2009
regarding security procedures for soldiers at the entrance gates.”

The question for the Department of Defense is “how could this happen again at the same military
base?  
I took extra time to study the 89-page document called An Independent Review “Protecting
the Force
”, one of 3 reports created after the initial Fort Hood Shooting, whene 13 were killed, and
43 injured.

If you look at the recommendations, they are very bureaucratic and procedural.  They could have
been written by an efficiency expert, not by anyone with a background in security, and covered things
like policy changes, and having screening for clergy and psychologists, and improved mental health
programs.   These are all important, but they do not provide a secure environment.

The LAX after action analysis’ Number One recommendation was to change
the security focus to a Risk-Based approach
.

 


RISK-BASED SECURITY

The problem with a reactive approach is that you can’t screen and lock down everyone. At Fort
Hood, for example, there are 80,000 individuals living on the base, and probably hundreds of
visitors who go in and out every day.  It’s impossible to assess the mental health, and the
‘intentions’ of all of them.

FortHoodAmbulances-Medium

That’s why a Risk-Based Approach works – because it focuses on the potential threats and then evaluates the existing controls to see whether they offer the required amount of protection based on the likelihood of the threat occurring.

You stop violent events by controlling access and by controlling weapons.  No matter how unpopular they are, you use metal detectors at certain points, you use security officers at key entrances, you control entrances and exits.

Once the event starts, you can improve security by having faster notification (panic alarms), ability
to block, or disable weapons and attackers, adequate transport, better emergency response, but to
avoid the violence, you need to have strong access control.

The Risk-Based approach makes use of annual risk assessments that are holistic in nature. They
are not done in stovepipes, they include the entire organizations, they include input from staff
members, visitors, students, vendors, soldiers, patients on how they see security from their point
of view, which is always dramatically different from management or administration.

A risk-based approach requires an organization to:

  • Define potential security risks.
  • Develop standardized risk assessment processes, for gathering and
    analyzing information, and use of analytical technology
  • Risk-Based Security focuses on PREVENTION OF NEW INCIDENTS
    whether they are active shooter, general violence, etc.
  • Enhances security’s ability to rapidly respond  to changes in the threat environment.

MORE BANG FOR THE BUCK

According the LAX (LAWA) after action report, “Simply adding more security does not
necessarily provide better security.
  Determining priorities and where to achieve great
value for the dollars invested requires regular, systematic assessment of the likelihood
and consequences (risks) associated with a range of threat scenarios that morph and
change more quickly now than ever before. 

Collaborative engagement in a security risk assessment process across the community builds
the buy-in needed to develop and sustain a holistic security program over time. Leaders must
be open to challenging established practices and demonstrate a willingness to change direction”
.

Making the switch to a Risk-Based security program is the best recommendation for those who
want to protect their staff, students, patients, vendors, clients, soldiers, and visitors from a mass
casualty event, or for all the organizations who don’t want to have a terrible incident happen in
the first place!

 Caroline Hamilton, friend of Patty Garitty (Soup Kitchen voluteer)

Caroline Ramsey-Hamilton

President, Risk and Security LLC

Caroline@riskandsecurityllc.com

 

www.securityinfowatch.com/blogs

www.riskandsecurityllc.com