AS 4485.2:2021 pdf free.Security for healthcare facilities Part 2: Procedures guide.
Many facilities process and store information on computers, or computer systems, as well as in hard copy form. When identifying information to be protected, it is important to look at both electronic (locally and remotely stored) and hard copy holdings.
3.4 Assessment of threats
3.4.1 Non-deliberate threats
Not all risks which could impact on security will be deliberate or have a criminal connection. Human error, natural hazards outside of the facility’s control and equipment failure are some examples of non- deliberate risks which could impact on the security of a facility. Such matters need to be considered during the risk assessment process.
Particular consideration should be given to patients who are a risk to themselves and/or others.
Security risk management and related business continuity planning (BCPJ should fully consider the possible impact on security operations and the control of security risks during major natural disruptions, e.g. flooding from heavy storms. The BCP should consider the relevant risks, e.g. the loss of technical service support from contractors during such circumstances.
3.4.2 Criminal risks
Many threats will involve some form of criminal or illegal activity, such as burglary, theft, vandalism, molestation, violence or misuse of assets or information. The source of such risks could be from within (“insider threat”) or external to the facility. The reasons for such individuals or groups posing a threat will be varied, but could include:
Theft (facility or personal property).
Targeted assault.
Abduction.
Arson.
Any person who targets a healthcare facility or individual with criminal intent.
People looking to illegally acquire personal information about patients or workers, or
information concerning the management or operations of a facility.
3.4.3 Sources of information
Information relevant to assessing risks can be gathered from a wide variety of sources including, for example, incident reports, the facility’s workers, contractors providing security services.
Police services are usually able to advise on the nature and level of criminal activity occurring in a particular location. The healthcare facility should establish and maintain a working relationship with local police, preferably requesting a liaison officer from police to the facility.AS 4485.2 pdf download.