Part 4 of our Security in Healthcare series

 Integration with hospital databases enables benefits like accessing real-time patient feeds using Health Level-7 (HL7) standards
 Secure visitor management integrated with physical access control systems (PACS) is increasingly popular

Controlling visitors to hospitals and healthcare facilities can directly impact security.

Traditional methods of visitor management, such as paper visitor logs and handwritten badges are insufficient given today’s variety of security challenges. A hospital using paper-based systems cannot easily cross-check information, confirm patient information, check visitor names against up-to-date watch lists, or visually confirm identity.

For instance, one children’s hospital recently chose HID Global’s EasyLobby Secure Visitor Management solution to streamline screening/badging using driver’s licenses or other government-issued IDs. Integration with hospital databases enables benefits like accessing real-time patient feeds using Health Level-7 (HL7) standards. All visitor information Is seamlessly passed to the hospital’s access control system to optimise efficiency at nine stations badging more than 160,000 visitors annually. The example shows what technology can do in the area of visitor management.

Today’s visitor management
systems enable the screening,
badging and tracking all visitors
or, at a minimum, those visiting
critical areas or “after hours”

An increasingly popular and important application is secure and simplified visitor management, integrated with the physical access control systems (PACS). Today’s visitor management systems enable the screening, badging and tracking all visitors or, at a minimum, those visiting critical areas or during “after hours” periods, according to HID Global. Systems should support real-time patient feeds using HL7 integration, which ensures that no visitor is sent to the wrong location or to see a patient who is no longer checked in. Systems should also pre-register approved vendors and temporary employees through Status Blue integration, and support integration with access control systems for the most efficient badging.

Barriers to visitor management

"Due to financial limitations, many hospitals are trying to make do with older desktop technology, and have not been able to benefit from some of the newer efficient options, such as mobile tablet-based visitor management, "says Paul Terschuren, CEO, STOPware Inc.

"And, some hospitals have the mistaken belief that the multiple entrances and complexity of a modern hospital facility pose a barrier to implement visitor management, or that managing visitors more closely will create an unwelcoming culture or environment," says Terschuren. "As a result, some hospitals only implement visitor management after hours, when the number of entrances and visitors is reduced."

"However, neither of these ideas should be barriers", says Terschuren –" visitor management can be implemented at multiple entrances, including unstaffed entrances, and managed easily by the software. And, many hospitals have found that visible security improvements, when they are not overly burdensome, actually improve the feeling of safety and security with patients, visitors and families alike. Some hospitals with limited implementations are already realising this and changing their plans to implement systems hospital-wide."

Many hospitals have not been able to benefit from newer efficient options, such as mobile tablet-based visitor management due to financial limitations
Visitor management can be implemented at multiple entrances, including unstaffed entrances, and managed easily by the software

STOPware PassagePoint visitor registration

STOPware specialises in visitor management, a critical element in physical security for hospitals and healthcare facilities. STOPware’s flagship software product, PassagePoint, provides visitor registration and pre-registration, visit approvals, identity confirmation, visit logging, and integration with access systems. STOPware also provides related hardware including self-registration kiosk, mobile registration tablets, credential scanners, and badge printers. As announced in March, PassagePoint software now integrates with HL7 to allow real-time patient location tracking for hospitals and healthcare facilities, as well as integration with more than 20 access control systems to help make the healthcare environment more secure.

STOPware takes Health Insurance Portability and Accountability Act (HIPAA) and all privacy regulations very seriously. The PassagePoint HL7 module only uses patient location data, and functions as a “listener;” that is, the data used by the module is not “stored” in PassagePoint. The HL7 integration only makes use of patient location data and does not collect or use any diagnosis information.

PassagePoint is also designed to protect visitors’ Personal Identifiable Information – either by not capturing certain data or by encrypting information that is stored.

By treating sensitive information of both patients and visitors in this way, STOPware Visitor Management system is designed to help healthcare facilities protect privacy in alignment with the letter and the spirit of their required regulations.

Pre-booking and advance approval

Tighter control of visitor and contractor management in non-public areas through pre-booking and advance approval are developing areas, says Dave Ella, Vice President of Product Marketing, AMAG Technology. AMAG has developed a new visitor management solution called Symmetry GUEST that allows visitors to be vetted to provide a safer and more secure environment for patients and staff, as well as the use of smartphones as identification and access credentials.

"Guards, and general staff for that matter, need training on how to properly deal with unruly or inappropriate patients and visitors in such a way as to secure the situation"

Staff training and turnaround processes are an often-overlooked element of a security plan in general, and a Visitor Management plan in particular, says Terschuren of STOPware. “It is well and good to put guards and checkpoints in place, but what should those guards do when they find someone that should be denied entry? Guards, and general staff for that matter, need training on how to properly deal with unruly or inappropriate patients and visitors in such a way as to secure the situation while minimising the chances of negative impact on the facility.

STOPware expects that remote reception desk management, which makes use of an operator from another location and/or country who can greet and process visitors efficiently, will continue to grow and improve. Integration of Visitor Management systems with access control and other security-related systems provides for safety and an audit trail in such implementations.

“We are also seeing a groundswell of interest in Mobile Visitor Registration and Kiosk Self-Registration and Sign-ins,” says Terschuren. “These systems increase efficiency, empower visitors, and provide for a better visit experience that many facilities find compelling.”

Combining identity verification and visitor management

“We are also seeing the growing importance of identity verification; and, in particular, the use of biometric methods to verify identity, ranging from fingerprints and facial recognition all the way to higher security iris readers,” Terschuren adds. “Identity verification can tie in with Visitor Management, both in terms of identifying visitors, but also in terms of verifying the authority of hosts and approvers, to improve the security of sensitive areas and facilities in general.”

One other growing technology is the ability to link to internal or governmental watch lists, to quickly identify inappropriate visitors before they gain access to the facilities. For example, Visitor Management systems can be configured to perform a Sex Offender search in both Children’s Hospitals and Pediatric areas, further decreasing the likelihood that someone of the list could gain access.

Read Part 5 of our Security in Healthcare series here

Download PDF version Download PDF version

Author profile

Larry Anderson Editor, SecurityInformed.com & SourceSecurity.com

An experienced journalist and long-time presence in the US security industry, Larry is SourceSecurity.com's eyes and ears in the fast-changing security marketplace, attending industry and corporate events, interviewing security leaders and contributing original editorial content to the site. He leads SourceSecurity.com's team of dedicated editorial and content professionals, guiding the "editorial roadmap" to ensure the site provides the most relevant content for security professionals.

In case you missed it

Anviz Global expands palm vein tech for security
Anviz Global expands palm vein tech for security

The pattern of veins in the hand contains unique information that can be used for identity. Blood flowing through veins in the human body can absorb light waves of specific wavelen...

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Quick poll
What is the most significant challenge facing smart building security today?