黑洞社区

Access control is one of the oldest and simplest forms of security there is. It鈥檚 based on quite simple logic. Namely that, by keeping illegitimate users out of a given area, the opportunity for crime is reduced. In practice there are many ways in which to achieve this state of affairs, from using locks and bolts such that only key holders can enter the building through to more technologically advanced options including swipe cards or biometric entrance systems.

Perpetuity Research and Consultancy International (PRCI) was recently commissioned to study the true effectiveness of an access control system complicated by the fact that it鈥檚 not just 鈥榮taff鈥� or 鈥榤embers鈥� (in other words a clearly defined group of people) who enter the building concerned but also strangers. Specifically, we were tasked with reviewing access to hospitals.

The research was undertaken as part of a study into the amount of new technologies on crime in schools and hospitals, sponsored by the Home Office鈥檚 Safer Schools and Hospitals Programme and led by PRCI.

By way of making a point up front, the study suggested that differing levels of access control can (and do) have a significant impact on security and safety. One hospital providing both a day service and in-patient care in what is a highly deprived area was encountering significant problems as a result of open access to the building. Although there was a Reception Area at the main entrance, for five hours of the day this wasn鈥檛 staffed. There were other entrances being used by members of the public for easy, unauthorised access.

Just to complicate matters, the hospital was being used as a short cut from one side of town to the other by members of the local community. Trespass was not uncommon.

Drug abuse and trespass

The building was an old community hospital that had been adapted for its current purpose, and some parts of it were not in use. It was also not uncommon for staff to encounter members of the public using the building as a shelter or for drug abuse and/or prostitution. There was a concern among staff members that trespassers could well become aggressive towards them if challenged. Theft of both staff and patient property was common, and the fear of crime very high.

As a response to trespass and its associated problems, an access control system had been installed on 26 doors throughout the hospital, in turn securing wards and offices. Staff had been given identification badges with RFID tags so that they can move throughout the building 鈥� although access was restricted to a needs-only basis such that staff may only access those areas of the hospital relating to their own employment function(s).

Access to the building had been restricted in such a way that the main entrance was the only public entrance, with access beyond the Reception Area or the Waiting Rooms controlled by doors which could only be opened with the appropriate RFID card or by 鈥榖uzzers鈥� controlled by members of staff. Individual wards and corridors had also been secured, with only relevant staff permitted access to required areas.

Security technology never involves just the technology. To make it work there is always some kind of human intervention required, and some type of process

When the Reception Area is closed the main entrance is locked and visitors are only able to gain access to the building through a video-linked monitor. This connects to the appropriate ward, and the Staff Nurse can both see and talk to the person pressing the buzzer in order to confirm their identity. They can then 鈥榖uzz鈥� legitimate users into the building. Once visitors have entered the premises, they may then only gain access to individual wards if they are allowed to do so by staff within a given ward (again by way of a video-linked monitor).

The measurable outcomes

The system proved to be an outstanding success. Thefts declined markedly, while trespass and associated problems (including assault) had ceased almost completely. The success of the system meant that the hospital鈥檚 management team was able to cut back on personnel costs to the tune of 拢45,000 per annum. Therefore, although the access solution cost something like 拢120,000, the savings realised by reductions in theft, etc meant that, over five years, they will outweigh the initial capital cost outlay.

In addition, the access system improved employee feelings of safety. 75% of staff felt safer at work post-system installation. However, it鈥檚 important to note that some employees expressed grave concern that there was no longer a security guarding presence (in particular at night) should a problem occur. This is an important finding. Cutting back on security people has definite consequences, and must always be considered with great care.

There were two incidences of theft subsequent to system installation. A drinks machine in the Waiting Room was targeted for its cash content on two occasions. On further investigation, it became clear that not all members of staff were aware of the security policies in place, and thus were not escorting patients or visitors to and from the building.

There were also concerns over tailgating. Staff complained that it wasn鈥檛 possible for them to check the identity of every visitor. They also felt under extra pressure to monitor access, which they considered to be undesirable and a distraction. It was also suggested that visitors would become frustrated or distressed when refused entry or being made to wait.

Technology is never alone

Herein lies an important message. Security technology never involves just the technology. To make it work there is always some kind of human intervention required, and some type of process. All-too-often that is forgotten.

In terms of the study discussed here, it would be far too simplistic to state that: 鈥淎ccess control worked.鈥� What worked was the implementation of access control alongside a set of security procedures and processes, training in the adoption of those procedures and reviews of their robustness.