Preventing Abductions
Software solutions protect precious patients and healthcare facillities
On March 10, 2007, three-day-old Mychael Darthard-Dawodu
disappeared from her mother’s hospital room in the maternity
ward of Covenant Medical Center in Lubbock, Texas. Even
though the infant had been fitted with a state-of-the-art security
bracelet around her ankle, the woman who abducted her simply
snipped through the device and carried the five-pound bundle-of-joy out of the
facility in her purse.
In a typical year, five infants are abducted from U.S. hospitals, creating nightmares
both for concerned parents and for healthcare facilities that are morally and
legally bound to keep their patients healthy and safe. While both video surveillance
and security tags play a valuable role in healthcare facilities, neither has been proven
to be able to prevent disturbed individuals from walking into hospital rooms, pretending
to be a healthcare worker and walking out with someone’s precious child.
Part of the challenge of building a fully secure hospital is the need for hospitals
to offer an open, welcoming environment for patients and their families and visitors
who come and go 24 hours a day. A large number of staff members, visiting
doctors, vendors and delivery people also walk the halls of the facilities on a regular
basis. From a security perspective, these realities create tremendous obstacles
for keeping buildings and the surrounding campus grounds safe and secure. In
fact, it’s possible in many hospitals for any individual to enter a building and walk
into any hallway, wing or patient’s room without any clearance—a situation that is
untenable for an organization in the business of caring for the defenseless.
Taking preventive measures for protecting against the abduction of infants and
children must begin with keeping unauthorized individuals from entering areas of
the hospital where the youngest patients are being cared for. Unless a person is a
family member or other visitor previously specified as welcome by the mother, that
person should not be able to enter the maternity ward or other relevant wing of
the facility. This is not an impossible task; control of the premises on this patientby-
patient basis can be administered efficiently and effectively by a sophisticated,
identity-based visitor management system.
Visitor management software can be difficult to implement for today’s hospitals
and healthcare campuses. As organizations, they are no longer always singlebuilding
facilities with personnel at a front desk to welcome and direct visitors.
Now, they may include multiple disconnected buildings across a campus, each with
its own security systems from differing providers, each with its own set of personnel,
patients and vendors—and each working under an increasingly tight set of
compliance regulations. The need to present a welcoming environment to visitors
and patients while meeting HIPAA requirements for privacy presents one more
hurdle in using visitor management systems to create tighter controls for access to
the hospital’s halls.
Fortunately, even in this extremely challenging setting, an intelligent identitybased
visitor management solution can be implemented to differentiate new mothers,
their infants and others who have a valid reason to be on the premises from
those who do not. Visitor Identity Management (VIM) software provides enhanced
security by automating the verification, screening and badging of identities across
healthcare facilities. An intelligent web-based visitor identity management system
can rapidly screen and handle all of the physical identities that come into contact
with the organization. Through visitor management integration with electronic
medical records systems, the software can quickly vet identities within the healthcare
system nationally and beyond, screening against watch lists and performing
essential background checks. Each identity entered into the system can be provisioned
into the correct physical access control system (PACS) to ensure that no
individual is able to enter an area of the hospital where he or she should not be. The
PACS integration has an additional benefit for personnel management. Temporary employees and contractors who forget
their identification badges will be in the
hospital’s system with all their relevant
data including permissions and levels of
authority. This can be a significant time
and cost saver for the organization.
A former nurse at Lubbock’s Covenant
Medical Center, who gave birth
there shortly after Mychael Darthard-
Dawodu was born, told the Lubbock
Avalanche-Journal that the hospital
had placed an electronic band on her
newborn girl’s ankle. She further reported
that she was told if her baby got too
close to a door or an elevator, a sensor
in the band would automatically trigger
the door to lock or the elevator to shut
down. If the band was cut off before it
was deactivated, she was told, the hospital
would be locked down. However,
while the senior vice president of Covenant
Medical Center confirmed that
Darthard-Dawodu was in fact tagged
with a security bracelet, it is clear that
the system did not function in this way
when she was abducted. A criminal was
able to carry the baby out of the hospital
without triggering any locks, alerts
or other security functionality.
Without a doubt, keeping the woman
who abducted little Mychael out of
the maternity ward would have made
it impossible for her to take the child
or any other infant in the facility. With
intelligent, identity-based visitor management,
all patients can control who is
on their list of friends and family members,
and only those individuals will be
issued badges authorizing them to enter
specified access points, which may
include the patient’s room or the maternity
wing itself. The flow of visitors
can be managed in accordance with the
patient’s movements in real time, and
rules can be created to meet the organization’s
specific needs.
The specifics work as follows: The
hospital uses a single point of control—
both to track and identify patients
and to track visitors who are
seeing patients. Approved visitors can
be assigned an access card populated
with clearances to the areas where the
patient they are visiting will be located.
Tracking and identifying patients and
their locations is accomplished by interfacing
the VIM system with EPIC,
the hospital’s electronic medical records
system, which enables authorized
staff to easily see the location, unit and
room where a patient is located and
where their visitors are going, as well
as through seamless integration with an
IT-based access control and advanced
event monitoring solution. All activity
is captured for later auditing or immediate
investigation purposes.
Visitors are required to check in at
welcome center locations, where their
photo identification is entered into the
system and checked against an approval
list. System administrators can quickly
add or delete names from the approval
list using EPIC’s “Friends and Family
List,” which regulates who has access
to visit the patient. The approval list
can be updated with names and information
from the hospital’s lightweight
directory access protocol (LDAP) list.
Patient information imported from
EPIC complies with HL7, the global
authority on standards for interoperability
of health information technology.
In a connected world, hospitals and
healthcare organizations are using a
number of security modalities to protect against infant abduction. Beyond
RFID tags, the use of video surveillance
is growing rapidly and it provides
many benefits to healthcare. In the
infant abduction case in Lubbock, it
was video surveillance that ultimately
helped identify and capture the woman
who took Mychael Darthard-Dawodu,
ending her mother’s nightmare. Unfortunately,
locating a baby who has been
abducted does not necessarily put an
end to the consequences. Darthard-
Dawodu was suffering from newborn
jaundice. Fortunately, the infant did
not have any complications, but these
and other health issues—including nutrition
for a new baby, who must be fed
breast milk or infant formula several
times a day—can become greatly magnified
for a newborn who is taken out
of a hospital setting too early. These
risk factors can create devastating consequences
even for infants who are rescued
relatively quickly, as well as vast
liability for healthcare organizations.
Intelligent visitor management systems
can provide hospitals with benefits
beyond enhanced physical security.
New mothers require stress-free
surroundings in which to recover while
their babies thrive, and hospitals direct
significant resources for creating this
sort of peaceful environment. Those
facilities that are known for what they
have to offer mothers and families have
a distinct advantage in attracting women
who want to give birth and recover
in an atmosphere of serenity. Improving
patient recruitment contributes to
the overall ROI that an intelligent visitor
identity management solution can
provide to healthcare facilities.
It takes only a single adverse incident
to permanently damage the
reputation of even the best healthcare
facility. The negative effects can go far
beyond the maternity ward to discourage
potential patients from choosing
that facility for any of their healthcare
needs. Without a strong visitor management
program in place, there are
potential liability concerns if there is
an incident. In light of this, executive
management at healthcare institutions
must consider the many negative consequences
this type of event has on the
financial strength of their institution.
Hospitals and healthcare facilities
are obligated to provide an environment
that is caring, comfortable and
free from the worry of physical safety,
which includes freedom from worrying
about infant abductions. Identitybased
visitor management systems
create a better sentry system around
mothers and babies in healthcare facilities
to help eliminate child abduction.
By incorporating identity information
in a flexible database, they can meet
compliance and safety regulations
while providing patients and their families
with tangible assurance that measures
are in place to keep the premises
secure. Healthcare facilities that offer
this individualized level of protection
will be preferred by
families who want to
feel more secure.
This article originally appeared in the March 2014 issue of Security Today.