Visitor and Vendor Access to Hospitals

A topic of security concern among hospital managers revolves around controlling the level of access vendors and visitors have to hospital entry points. In response to this matter, prudent hospital managers have implemented policies that define the level of access that vendors have when entering their hospital facilities. Credentialing is the first line of defense that helps identify people but also define how and when they can access facilities and physicians.

Equally important, this involves reviewing the level of access that visitors should have to visit their loved ones as they receive care. For these reasons, healthcare systems are responding by examining best practices and reviewing software systems to efficiently manage access that would enhance the level of safety and security for patients, staff, vendors, and visitors, while maintaining a welcoming environment that is open to the community. Additionally, besides safety and security, there is also the ongoing concern of regulatory compliance such Stark Law, HIPAA, and monitoring OIG opinions of anti-kickback. While some of the rules are regulations are clear, others are ambiguous and open to interpretation with valid arguments.

Compliance Rules to Follow

For instance, the Joint Commission has published the “Environment of Care (EC) and Life Safety (LS) Chapter Revisions for the Life Safety Code Update” and under EC 02.01.01, in Element of Performance (EP) No. 7 it clearly states: “The hospital identifies individuals entering its facilities. Note: The hospital determines which of those individuals require identification and how to do so.” Nonetheless, the Joint Commission does not specify details of the proper or correct identification process. While this provides flexibility and allows hospitals to decide the details of what is considered proper identification, it can be a conundrum for experts. Meaning, the element of performance No. 7 leaves much room to interpretation that can lead to unremitting debate and in the end not accomplish the requirement of meeting compliance. Perhaps, it is because the Joint Commission knew that some action and guidance was needed but did not know how to specifically address the problem, and therefore in good faith has left it up to the healthcare community, to arrive at a consensus of what is considered correct and proper identification. With time and the adoption of policies by multiple healthcare systems, with constant refinements, such guidance and practice would eventually become an accepted industry standard.

Workplace Violence in Hospitals

The Occupational Safety and Health Administration (“OSHA”) released a report titled “Workplace Violence in Healthcare, Understanding the Challenge” that revealed that about 80% of the workplace violence is caused by patients, while the remaining 20% is provoked by visitors and other people. Healthcare systems open their doors to provide treatment with hopes of delivering immediate recovery for their patients. In most cases, after receiving treatment or surgery, patients will probably receive visitors to show their moral support (i.e., hospital visits). However, in the least expected situations, driven by emotions unwanted visitors may pose discomfort or threats to the recovery of a patient and others inside the hospital. Additionally, hospitals receive scheduled visits from contractors and in some cases unsolicited visits from vendors. The challenge of managing the entrance of visitors and tracking their IN/OUT status can vary depending on the size of the hospital facilities. The magnitude and task of ensuring safety and security are to some extend correlated with the amount of activity, just consider cases where some hospital facilities manage 50 to 1,000 beds with 10,000 to over 100,000 emergency visits per month.

While visitors and vendors have different purposes for entering a hospital facility, this would imply that different strategies are needed to address each case effectively. However, with the right blend of technology and policy these two unrelated concerns can be properly addressed simultaneously. For instance, a possible approach would be to learn from other industries (e.g., cruise industry) where proper identification practices can be reviewed, modified, and implemented. As we move further, for now let's focus on vendors.

Vendors are also Visitors

Vendors are normally suppliers that range from medical equipment, pharmaceuticals, software providers and other sales representatives that are basically there to make a sales call to introduce new products and services. While this may appear normal and harmless, in healthcare organizations these unsolicited distractions can cause a financial burden and diversions to physicians and staff from delivering adequate care to their patients. Especially for under staff organizations or from overwhelming ER visits caused by an unexpected event such as a natural disaster (e.g., earthquake, hurricane) or manmade disaster (e.g., major train accident, active shooter).

From a financial perspective, these situations are tied to supply chain management. In some occasions, it is somewhat common to hear stories where a physician procured products or services without going through the purchasing requisition process. But it was possible because the physician of the medical director had the authority to complete the transaction. Weeks or days later, the goods are delivered to everyone else’s surprise, but: was that in the budget? or was any formal research made to validate the claims? or was the product or service delivered at fair market value ("FMV") to avoid any breach of ant-kickback laws and regulations? Therefore, in response to these scenarios, security concerns, and regulations (i.e., EC 02.01.01 EP No. 7), health care systems are requiring the following with support of new policies.

Issue Vendor Passes and other Practices

Vendors may call and request a visit, and with the use of a visitor management software program to monitor pre-authorized vendor visits, issue a temporary pass, and track their exit time. In other cases, some vendors make frequent visits (i.e., weekly or monthly) and in such cases, these vendors would require additional training to remain apprised of patient privacy laws (e.g., HIPPA) but if vendors failed to meet standard operating procedures, then they can be added to a deny entry list. The FAST-PASS 7 system includes such features and can send notifications in the form of emails and mobile text messages when a deny entry person arrives at a facility.

Moreover, establishing a liaison or point of contact at the hospital who can schedule vendors. Train hospital staff and physicians of the new policy requiring vendors to wear a badge and ask them to help enforce the policy. It is practical for staff and physicians to easily spot a vendor walking around the halls of hospitals and with a simple encounter they can ask: Can I help you? Are you looking for anyone in particular? Where is your badge? Then if a vendor fails to meet the policies, after a second or third infraction, then they can be added to the not welcome list. Some hospitals have gone as far as not reimbursing the vendor for their product or service and that hurts the vendors wallet but sends a strong message about appointment rules.

Another example of an industry trend that spawned from the need to meet compliance, is to issue for a select few vendors a unique special photo ID pass, somewhat similar to staff badges (e.g., include hospital logo and format) that would grant immediate access upon arriving at the hospital. Such unique passes remove the need to schedule an appointment each time a vendor needs to visit the hospital. And mitigates the numerous requests for permission from the supply chain management department or representative. The passes also allow the vendor to avoid going through the check-in process at the main entrance. For these cases and others, some vendors may go through an extensive vendor credentialing application that require access to operating rooms at any time during the day. FAST-PASS 7 system includes a badge designer with the word processing features to format and edit custom passes.

Vendor Pass Samples Designed with FAST-PASS 7

One of the main features of the FAST-PASS 7 system is the ability to design a printable and wearable visual pass to help identify a visitor's purpose within a facility. In this example, we have a pass template for a vendor. The pass template has a horizontal page layout with two image place holders. One for the company logo and the second one for the person photo. The badge will include text boxes with labels and database fields such as the name of the person, the issue date of the pass. A barcode reader can be used to scan entry and exit activity, so a code 128 barcode is also included.

Vendor horizontal Badge Sample

In another example, we have a portrait page layout with two image place holders. One for the company logo and the second one for the person photo. In this example, there are no text boxes to act as containers for labels and database fields such as the name of the person, the issue date of the pass.

Vendor vertical Badge Sample

Similarly, the badge below includes text boxes with labels and database fields such as the name of the person, the issue date of the pass. A barcode reader can be used to scan entry and exit activity. This badge has extra formatting with colors and uses Calibri font.

Vendor ID vertical Badge Sample

FAST-PASS 7 Dynamic Charts

FAST-PASS 7 includes these new Dynamic Charts to expedite the task of preparing data to perform visual analysis. The end goal is to inform organizations using the data collected during the registration process to help them prepare their facilities and make better decisions with data on hand.

Dynamic Charts provide a concise historical view of visitor volume activity, which can provide an essential item of information for an organization. Likewise, Dynamic Charts can provide a visual sense of the visitation activity and some clarity to the important consideration of assessing risk.

For example, an organization can review conditions or events that were peculiar to a period in time and proceed to identify key factors that would help explain certain visitation behaviors and patterns. The Dynamic Charts can help uncover certain patterns that may have some predictive value in planning for emergencies, evacuations, fire drills and other events.

Avatar Erci Moisa, MBA