1.   GOALS
3.   SCOPE
     a. Security Officer
     b. Risk Assessments
     c. Procedures and Controls
     d. Identification Program
     e. Access to Sensitive Areas
     f. Emergency Security Procedures
     g. Reporting and Investigating Security Incidents
     h. Infant and Pediatric Abduction
     i. VIP and Media Procedures
     j. Vehicular Access to Urgent Care Areas
     k. Monitoring of Performance
     l. Annual Evaluation
     m. Orientation and Education Program

1. GOALS. To ensure the physical safety of patients, visitors, and staff and to prevent loss of information
and property. These goals are consistent with the Command’s mission in providing quality healthcare to
soldiers, retirees, and their families.

2. OBJECTIVES. This plan is designed to effectively manage the security of patients, staff, and other
people coming to the MTF (Military Treatment Facility). The primary objectives of this plan are:

    a. Ensuring regulatory compliance with applicable Federal, state, and local laws and Department of
the Army regulations pertaining to security.

    b. Promptly identifying security risks and taking appropriate action to eliminate or reduce risk to
acceptable levels.

     c. Immediately reporting and investigating security incidents.

    d. Immediately responding to situations that are immediately dangerous to life or that threaten
equipment and buildings.

    e. Identifying high-risk areas and implementing appropriate engineering and administrative controls
and safe work practices necessary to eliminate or minimize security risks.
    f. Informing staff of security risks and the actions for eliminating or minimizing these risks.

3. SCOPE. This management plan applies to this MTF and all subordinate MTFs to include (LIST ALL


  a. The Security Officer is responsible for developing, implementing, and monitoring this plan and the
MTF’s security policies and regulations.

    b. The organization chart in Appendix A shows the primary officers, departments and services that
provide input into the development, implementation, and maintenance of this Security Management Plan.

    c. Service and department chiefs are responsible for developing department-specific security standing
operating procedures (SOPs) and implementing and monitoring MTF and department-specific security
policies and SOPs.

    d. All staff, personnel, and volunteers are responsible for obeying security procedures.

5. SECURITY MANAGEMENT PROCESSES. This management plan is based on a plan, teach,
implement, respond, monitor, and improve cycle. Appendix B lists the corresponding policies, regulations,
SOPs, systems, and databases pertaining to each of these requirements.

   a. Security Officer. The Security Officer, appointed by the Commanding Officer, is qualified by
education and training and coordinates the development, implementation, and monitoring of the Security

    b. Risk Assessment.

         (1) The MTF uses a risk assessment process to evaluate the impact of buildings, grounds,
equipment, occupants, processes, and systems on the security of patients, staff, and other people coming into
the facility. Management and staff are responsible for implementing the risk assessment process.

         (2) Both proactive (inspections) and reactive (incident investigations) risk assessments are used to
identify trends for which corrective action is needed.

        (3) The risk assessment process is also used to manage “gray areas” that do not have a clear
resolution. An example of a “gray area” is deciding the best way to secure sharps in the Emergency Room.
“Gray area” issues are brought to the EC Committee for discussion and resolution.

    c. Procedures and Controls. The Security Manager and other experts work with supervisors and staff
to determine the engineering and administrative controls and safe work practices necessary to eliminate or
control security risks. First-line supervisors are responsible for making sure controls and work practices are
used and effective.
    d. Identification Program.
        (1) The Security Officer issues identification badges to –

        (a) Staff members as part of their new hire orientation.

        (b) Students as part of their student orientation.

        (c) Red Cross Volunteer identification badges to Red Cross Volunteers as part of their orientation.
Policies and procedures require badges to be displayed at all times while working

        (2) Each department is responsible for obtaining temporary identification badges from the Security
Officer for contractors/vendors/official visitors.

       (3) The Patient Administration Department provides wristbands to patients as a part of their
admission into the hospital

        (4) Outpatients and the general public (visitors) are not provided identification badges

        (2) MTF policy requires staff, students, volunteers, contractors, vendors, and official visitors to
display badges at all times while working.

    e. Access to Sensitive Areas. The following areas have been identified as “sensitive” within the
facility, and they are equipped with work area specific access control measures.

        (1) Emergency Room

        (2) Pharmacies: In/Out Patient/PX

        (3) Command Suite/Staff Offices

        (4) Power generation stations/Generator system/Mechanical Rooms

        (5) Dental Lab/Vault

        (6) Computer Rooms

        (7) Others as identified in the EPP

    f. Emergency Security Procedures. Emergency security procedures regarding patients, visitors,
personnel, and property are specifically addressed in the MTF’s security regulations and in the Emergency
Management Program (EMP). Examples of emergency security procedures include, but are not limited to:
       (1) Security Incidents

        (2) Security of Infants and Children (to include infant or pediatric abduction)

        (3) VIPs and/or Media
        (4) Mission Essential Vulnerable Areas

        (5) Key Control

        (6) Theft

        (7) Bomb Threat

         (8) Hostage Situation

         (9) Civil Disturbance

         (10) Violence in the workplace.

    g. Reporting and Investigating Security Incidents.

        (1) The Incident Reporting and Investigation System covers all security incidents involving
patients, staff, visitors, information, and property. Examples of reportable serious incidents are listed in
MEDCOM Supplement 1 to AR 190-40 and include suicide attempts, arson, incidents that result in the
evacuation of patients, etc.

        (2) Anyone can report a security incident to the Security Office via telephone or by the MTF’s
Report of Serious/Sensitive Incident, MEDCOM Form 104-R (MCPM), Aug 95.

       (3) The Security Manager, the Risk Manager, or other hospital representatives as deemed
appropriate by the Commander promptly review incident reports to identify trends, determine root cause(s),
and suggest corrective actions to prevent recurrence. Summary reports are submitted to the appropriate
committee for further review and resolution as needed.

    h. Infant and Pediatric Abduction.

        (1) Engineering and administrative controls in place to prevent infant and pediatric abduction.
These include, but are not limited to –

         (a) Alarm systems in sensitive areas.

         (b) Staff and parent education and training programs.

        (c) Matching the infant’s identification wristband with the mother’s, father’s, or other designated
individual’s wristbands.

         (2) Emergency response procedures are listed in the Emergency Management Program.

    i.   VIP and media procedures.

        (1) The Public Affairs Officer and the Security Officer are contacted when VIP's enter the MTF. If
necessary, Security provides assistance with parking arrangements, escort, and security presence at patient
room or clinic area.

        (2) The Public Affairs Officer coordinates media visits and approves all interviews and press
releases. Security escorts media out of unauthorized areas as needed.

    j.   Vehicular Access to Urgent Care Areas.

         (1) Directional signs are posted to guide patients, staff and visitors to appropriate parking lots.

“NO PARKING” signage is posted in the emergency room/urgent care area.

         (2) Security and the Military Police patrol the emergency room/urgent care area and direct drivers
to alternate entrances that are more convenient for picking up and dropping off patients.

    k. Monitoring of Performance.

        (1) Performance monitoring is used to –

        (a) Identify areas of concern and strengths in the MTF’s Security Program.

        (b) Identify or determine actions necessary to address areas of concern.

        (c) Assess actual compliance with relevant security standards.

        (2) The Security Officer –

        (a) Identifies at least one measurable performance improvement standard to monitor performance
regarding actual or potential risk related to one or more of the following –

        (1) Staff knowledge and skills

        (2) Level of staff participation

        (3) Monitoring and inspection activities

        (4) Emergency and incident reporting

        (5) Inspection, preventive maintenance, and testing of equipment

        (b) Considers high-risk, high-volume or chronic problems when developing performance standards
to better focus limited resources.

       (c) Sets desired goals or benchmarks and develops and implements data collection and reporting

        (3) The EC Committee tracks performance and documents the results in the committee minutes.

        (4) Annually, the EC Committee recommends at least one EC performance improvement standard
to the Executive Committee for review and inclusion in the MTF’s performance improvement program.

        (5) The current performance standard(s) is listed in Appendix C.

    l. Annual Evaluation.

        (1) The Security Officer evaluates the management plan and presents the evaluation to the EC
Committee for review and approval each January. In performing the annual review, the Security Officer
uses a variety of sources such as inspection and audit results, incident reports, customer satisfaction surveys,

suggestion boxes, performance improvement committees, and other statistical information and tracking
reports. The Security Officer may also use other forms of review and input from relevant sources such as
leadership, other EC disciplines, management, staff, personnel, and volunteers.

        (2) The annual evaluation includes an assessment of the plan’s –

       (a) Scope. Based on the outcome of objectives assessment, the scope of the plan is expanded,
reduced or maintained at its present scope (buildings, equipment, people, operations, services)

       (b) Objectives. An annual assessment is made to determine if the objectives, as outlined in
paragraphs 2.a through 2.f were met

       (c) Performance. Review of performance standard(s) is made to determine the level of performance
and whether the level of performance is acceptable

        (d) Effectiveness. An acceptable level of effectiveness is determined by attaining success in meeting
objectives and producing a satisfactory level of performance

      (3) Once the EC Committee approves the annual review, the results are submitted to the Executive
Committee for review and approval.

         (4) The annual review is used as an opportunity to develop or modify programs, plans, and policies;
identify and implement additional or more effective controls; and enhance the Employee Orientation and
Annual Refresher Training Programs.

    m. Orientation and Education.

        (1) The orientation and education component pertaining to security addresses the following criteria:

        (a) General processes, such as wearing identification and reporting security incidents

        (b) Processes for minimizing security risks

        (c) Emergency procedures

        (d) Work area-specific security procedures

       (2) The Chief, Plans, Training, Mobilization, and Security (PTMS) Office manages the MTF’s
New Employee Orientation Program. Generally, new employees are scheduled to attend orientation within
30 days of hire.

       (3) The Chief, PTMS Office manages the MTF’s Annual Refresher Education and Training
Program. Generally, all staff members attend annual refresher training during their birth month.

        (4) Supervisors provide worksite-specific orientation and annual refresher education and training.

        (5) All education and training is documented in the staff competency folders.

                                                      APPENDIX A

               Responsibilities Chart

                      Deputy Commander                                                                                       Deputy Commander
                       for Administration                                                                                    for Nursing Services

EC Committee   PTMS                         Safety Manager          Information Management                                      Risk Manager

                                                 Security Officer                       Public Affairs Officer

                      Installation Provost Marshal/
                              Military Police

                                                      APPENDIX B

                           SECURITY MANAGEMENT PLAN
                               Visual Table of Contents
                        Corresponding Policy,                         Date   POC
                      Regulation, SOP, System, or












 Not applicable to ambulatory care or stand-alone business occupancies.
                                   APPENDIX C

                     2006 Security Management Program Performance Measures
Performance Standard             Performance         Justification for   Source of Data
                                 Indicator           the
                                                     Selection of the
95% of staff interviewed         % of correct        Assessment of staff Staff interview reports
during periodic security rounds responses from staff knowledge and skill
will be knowledgeable in         interviews
procedures for an infant
100% of reported security        % of reports        Assessment of       Incident reports
incidents will be evaluated for evaluated            emergency and
compliance with established                          incident reporting
security procedures                                  systems


To top