Preventing Abductions

Software solutions protect precious patients and healthcare facillities

• By Ajay Jain
• Mar 01, 2014

On March 10, 2007, three-day-old Mychael Darthard-Dawodu disappeared from her mother’s hospital room in the maternity ward of Covenant Medical Center in Lubbock, Texas. Even though the infant had been fitted with a state-of-the-art security bracelet around her ankle, the woman who abducted her simply snipped through the device and carried the five-pound bundle-of-joy out of the facility in her purse.

In a typical year, five infants are abducted from U.S. hospitals, creating nightmares both for concerned parents and for healthcare facilities that are morally and legally bound to keep their patients healthy and safe. While both video surveillance and security tags play a valuable role in healthcare facilities, neither has been proven to be able to prevent disturbed individuals from walking into hospital rooms, pretending to be a healthcare worker and walking out with someone’s precious child.

Part of the challenge of building a fully secure hospital is the need for hospitals to offer an open, welcoming environment for patients and their families and visitors who come and go 24 hours a day. A large number of staff members, visiting doctors, vendors and delivery people also walk the halls of the facilities on a regular basis. From a security perspective, these realities create tremendous obstacles for keeping buildings and the surrounding campus grounds safe and secure. In fact, it’s possible in many hospitals for any individual to enter a building and walk into any hallway, wing or patient’s room without any clearance—a situation that is untenable for an organization in the business of caring for the defenseless.

Taking preventive measures for protecting against the abduction of infants and children must begin with keeping unauthorized individuals from entering areas of the hospital where the youngest patients are being cared for. Unless a person is a family member or other visitor previously specified as welcome by the mother, that person should not be able to enter the maternity ward or other relevant wing of the facility. This is not an impossible task; control of the premises on this patientby- patient basis can be administered efficiently and effectively by a sophisticated, identity-based visitor management system.

Visitor management software can be difficult to implement for today’s hospitals and healthcare campuses. As organizations, they are no longer always singlebuilding facilities with personnel at a front desk to welcome and direct visitors. Now, they may include multiple disconnected buildings across a campus, each with its own security systems from differing providers, each with its own set of personnel, patients and vendors—and each working under an increasingly tight set of compliance regulations. The need to present a welcoming environment to visitors and patients while meeting HIPAA requirements for privacy presents one more hurdle in using visitor management systems to create tighter controls for access to the hospital’s halls.

Fortunately, even in this extremely challenging setting, an intelligent identitybased visitor management solution can be implemented to differentiate new mothers, their infants and others who have a valid reason to be on the premises from those who do not. Visitor Identity Management (VIM) software provides enhanced security by automating the verification, screening and badging of identities across healthcare facilities. An intelligent web-based visitor identity management system can rapidly screen and handle all of the physical identities that come into contact with the organization. Through visitor management integration with electronic medical records systems, the software can quickly vet identities within the healthcare system nationally and beyond, screening against watch lists and performing essential background checks. Each identity entered into the system can be provisioned into the correct physical access control system (PACS) to ensure that no individual is able to enter an area of the hospital where he or she should not be. The PACS integration has an additional benefit for personnel management. Temporary employees and contractors who forget their identification badges will be in the hospital’s system with all their relevant data including permissions and levels of authority. This can be a significant time and cost saver for the organization.

A former nurse at Lubbock’s Covenant Medical Center, who gave birth there shortly after Mychael Darthard- Dawodu was born, told the Lubbock Avalanche-Journal that the hospital had placed an electronic band on her newborn girl’s ankle. She further reported that she was told if her baby got too close to a door or an elevator, a sensor in the band would automatically trigger the door to lock or the elevator to shut down. If the band was cut off before it was deactivated, she was told, the hospital would be locked down. However, while the senior vice president of Covenant Medical Center confirmed that Darthard-Dawodu was in fact tagged with a security bracelet, it is clear that the system did not function in this way when she was abducted. A criminal was able to carry the baby out of the hospital without triggering any locks, alerts or other security functionality.

Without a doubt, keeping the woman who abducted little Mychael out of the maternity ward would have made it impossible for her to take the child or any other infant in the facility. With intelligent, identity-based visitor management, all patients can control who is on their list of friends and family members, and only those individuals will be issued badges authorizing them to enter specified access points, which may include the patient’s room or the maternity wing itself. The flow of visitors can be managed in accordance with the patient’s movements in real time, and rules can be created to meet the organization’s specific needs.

The specifics work as follows: The hospital uses a single point of control— both to track and identify patients and to track visitors who are seeing patients. Approved visitors can be assigned an access card populated with clearances to the areas where the patient they are visiting will be located. Tracking and identifying patients and their locations is accomplished by interfacing the VIM system with EPIC, the hospital’s electronic medical records system, which enables authorized staff to easily see the location, unit and room where a patient is located and where their visitors are going, as well as through seamless integration with an IT-based access control and advanced event monitoring solution. All activity is captured for later auditing or immediate investigation purposes.

Visitors are required to check in at welcome center locations, where their photo identification is entered into the system and checked against an approval list. System administrators can quickly add or delete names from the approval list using EPIC’s “Friends and Family List,” which regulates who has access to visit the patient. The approval list can be updated with names and information from the hospital’s lightweight directory access protocol (LDAP) list. Patient information imported from EPIC complies with HL7, the global authority on standards for interoperability of health information technology.

In a connected world, hospitals and healthcare organizations are using a number of security modalities to protect against infant abduction. Beyond RFID tags, the use of video surveillance is growing rapidly and it provides many benefits to healthcare. In the infant abduction case in Lubbock, it was video surveillance that ultimately helped identify and capture the woman who took Mychael Darthard-Dawodu, ending her mother’s nightmare. Unfortunately, locating a baby who has been abducted does not necessarily put an end to the consequences. Darthard- Dawodu was suffering from newborn jaundice. Fortunately, the infant did not have any complications, but these and other health issues—including nutrition for a new baby, who must be fed breast milk or infant formula several times a day—can become greatly magnified for a newborn who is taken out of a hospital setting too early. These risk factors can create devastating consequences even for infants who are rescued relatively quickly, as well as vast liability for healthcare organizations.

Intelligent visitor management systems can provide hospitals with benefits beyond enhanced physical security. New mothers require stress-free surroundings in which to recover while their babies thrive, and hospitals direct significant resources for creating this sort of peaceful environment. Those facilities that are known for what they have to offer mothers and families have a distinct advantage in attracting women who want to give birth and recover in an atmosphere of serenity. Improving patient recruitment contributes to the overall ROI that an intelligent visitor identity management solution can provide to healthcare facilities.

It takes only a single adverse incident to permanently damage the reputation of even the best healthcare facility. The negative effects can go far beyond the maternity ward to discourage potential patients from choosing that facility for any of their healthcare needs. Without a strong visitor management program in place, there are potential liability concerns if there is an incident. In light of this, executive management at healthcare institutions must consider the many negative consequences this type of event has on the financial strength of their institution.

Hospitals and healthcare facilities are obligated to provide an environment that is caring, comfortable and free from the worry of physical safety, which includes freedom from worrying about infant abductions. Identitybased visitor management systems create a better sentry system around mothers and babies in healthcare facilities to help eliminate child abduction. By incorporating identity information in a flexible database, they can meet compliance and safety regulations while providing patients and their families with tangible assurance that measures are in place to keep the premises secure. Healthcare facilities that offer this individualized level of protection will be preferred by families who want to feel more secure.

This article originally appeared in the March 2014 issue of Security Today.