Page 1 of 35

SECURITY POLICY

Last Review Date

October 2019

Approving Body

Audit Committee

Date of Approval

14 November 2019

Date of Implementation

25 November 2019

Next Review Date

October 2021

Review Responsibility

Associate Director of HR & Corporate

Services

Version

3.0

Page 2 of 35

REVISIONS/AMENDMENTS SINCE LAST VERSION Date of Review Amendment Details March 2014 The original CCG document has been revised to:

• Reflect the Clinical Commissioning Group establishment.

• Reflect the Clinical Commissioning Group security arrangements.

April 2015 Policy reviewed in line with NHS Protect Standards for Commissioners 2015-16 guidance documents – v1.1. Procedure added with further detail to the existing roles and responsibilities.

April 2015 Local procedures added on lone working – reviewed by Competent Person for Health & Safety and approved by Chief of Corporate Services as a minor amendment to the policy in line with current practice

April 2017 Policy reviewed in line with timeframes for review: • Included reference to NHS Counter Fraud Authority • Change of name from LSMS to Competent person for

security • Updated definitions section • Updated legislation section • Minor amendments to the policy in line with current

practice • Minor amendments to the wording in Appendix 1 • Minor amendments to Appendix 2

September 2017 Policy reviewed: • Updated Legislation section • Updated information included for section B (13.0

Harassment, Violence and Aggression) April 2018 Policy updated to reflect revised roles and responsibilities July 2019 Policy reviewed:

• Updated security regarding contractors and visitors to site

• Removal of reference to Counter Fraud and Security Management Service (CFSMS)

October 2019 Policy reviewed: • Updated section 15 – CCTV. To reflect changes in

accessing CCTV information • Updated roles and responsibilities to reflect the

changes in the policy • Amendments to the information on pages 4,14 & 23 • Visitor signing in / out procedure (page 15). • Equality Impact Assessment (Appendix 3).

Page 3 of 35

CONTENTS

Page Definitions 4

Section A – Policy

1. Policy Statement, Aims & Objectives 5 2. Legislation & Guidance 6 3. Scope 6 4. Accountabilities & Responsibilities 7-10 5. Dissemination, Training & Review 11-12

Section B - Procedure

1. Employment 13 2. Personal Security 13 3. Staff Identification 13-14 4. Cash Movement/Handling 14 5. Funding 14 6. Key holding 14 7. Access / Egress 14-15 8. Visitor Signing In / Out Procedure 15 9. Security of Goods 15 10. Security of Personal Belongings 15 11. Fraud 15 12. Fire 16 13. Information Security 16 14 Violence & Aggression 16-20 15. CCTV 20 16. Contractors 20-21 17. Emergency Preparedness, Resilience & Response 21 18. Risk Assessment 21-22

Appendix 1 – Reporting of crime / security incidents

Appendix 2 – Lone Working Procedure Appendix 3 – Equality Impact Assessment

23-25 26-33 34-35

Page 4 of 35

DEFINITIONS

Term Definition

NHS Counter Fraud Authority (NHSCFA)

The NHSCFA was established in November 2017 as a specialist organisation with the commitment to protect the NHS by ensuring that resources made available to patient care and services are not lost to fraud and corruption

Local Security Management Specialist (LSMS)

The LSMS will be involved in performing a wide range of security-related tasks: • Creating a ‘pro-security’ culture amongst staff, professionals

and the public • Deterring those who may be minded to breach security • Preventing security incidents or breaches from occurring • Detecting security incidents and reporting them to the NHS

Counter Fraud Authority • Investigating security incidents in a fair, objective and

professional manner • Applying a wide range of sanctions against those responsible

for security incidents, involving a combination of procedural, disciplinary, civil and criminal action as appropriate

• Seeking redress through the criminal and civil justice systems against those whose actions lead to loss of NHS resources

• To deter Criminal activities where possible by putting in place essential security control systems and other counter measures

• To deny the criminal opportunity, not only through physical barriers, but by putting in place effective systems of loss prevention and property control

• To detect the criminal act. The earlier the criminal act is detected and reported the greater the chances of preventing the offenders getting away. Raised awareness of security at all levels will both detect and reduce the risk of crime

• To respond effectively to security issues and problems with workable counter measures

• To review the strategy after every incident, also after counter measures have been put in place to evaluate their effectiveness

• To liaise with the local police and the local authority to achieve partnership working towards a safe and secure environment

The LSMS will work closely with the local Counter Fraud Specialist to prevent and detect crime and fraudulent activities.

Page 5 of 35

SECTION A – POLICY 1. Policy Statement, Aims & Objectives 1.1 NHS Doncaster Clinical Commissioning Group (CCG) is committed to a

safe and secure environment that protects staff, patients and visitors, and their property and the physical assets of the CCG, via Health and Safety legislation, by Department of Health Policy and by common law duty of care. This policy aims to deal proactively with the CCG’s security arrangements.

1.2 The CCG will endeavour to ensure necessary resources are made

available to fulfil the policy requirements. 1.3 The CCG also acknowledges its responsibility to monitor the

implementation and progress of this policy and to review on a regular basis. Assurance will be gained on the effectiveness of these measures by independent review and assessments.

1.4 The aim of this policy is to ensure that wherever possible; effective

measures are taken to: • Protect the safety, security and welfare of staff, patients and the

general public whilst on CCG premises. • Provide systems and safeguards against crime, loss, damage or

theft of property and equipment. • Minimise disruption or loss of service to patients/clients.

1.5 It is the CCG’s intention to take all reasonable practicable steps to

reduce the associated risks from security issues. 1.6 The CCG will also ensure, so far as is reasonably practical, that all

employees who are required to work alone for significant periods of time are protected from risks to their health and safety.

1.7 To ensure continuous improvement in risk management, the

organisation has a range of key performance indicators (KPIs) which it uses for monitoring purposes:

No. Key Performance Indicator Method of Assessment 1. Ensure all lone workers are identified and

have a lone working risk assessment completed by their line manager

Job descriptions, managed by Human Resources

Page 6 of 35

2. Legislation & Guidance 2.1. The following legislation and guidance has been taken into

consideration in the development of this procedural document: • Private Security Industry Act 2001 • Regulation of Investigatory Powers Act 2000 • Reporting of Injuries, Diseases and Dangerous Occurrences

Regulations (RIDDOR) 2013. • Data Protection Act 2018. • The General Data Protection Regulations 2016. • Protection from Harassment Act 1997 • The Health and Safety at Work etc. Act 1974 • The Management of Health and Safety at Work Regulations 1999 • Human Rights Act 1998 • Criminal Procedure and Investigations Act 1996 • Police and Criminal Evidence Act 1984 • Criminal Justice and Public Order Act 1994 • CCTV Code of Practice 2016 • Equality Act 2010 • Rehabilitation of Offenders Act 1974 • Children Act 2004 • Employment Rights Act 1996 • Offences against the Person Act 1861 • Preventing Workplace Harassment and Violence – Health and

Safety Executive (HSE) -http://www.hse.gov.uk/violence/preventing-workplace-harassment.htm

• NHS Security Management Standards for Providers and Commissioners

• Violence and aggression: short-term management in mental health, health and community settings - NICE guideline [NG10]

• Harassment and Bullying at Work Policy 3. Scope 3.1. This policy applies to those members of staff that are directly employed

by the CCG and for whom the CCG has legal responsibility. For those staff covered by a letter of authority / honorary contract or work experience this policy is also applicable whilst undertaking duties on behalf of the CCG or working on the CCG premises and forms part of their arrangements with the CCG. As part of good employment practice, agency workers are also required to abide by the CCG’s policies and procedures, as appropriate, to ensure their health, safety and welfare whilst undertaking work for the CCG.

Page 7 of 35

4. Accountabilities & Responsibilities 4.1 Security is a management responsibility and the provision of a security

service in no way relieves management at any level of its obligations to fulfill the stated purpose of security in the CCG. Managers are required not only to exercise preventative aspects but also to take appropriate action where necessary in respect of those who offend against the law, commit misconduct or other breach of security in contravention of the policies of the CCG.

4.2 Overall accountability for ensuring that there are systems and processes

to effectively manage security lies with the Chief Officer who takes the risks to the CCG from breaches of security seriously and seeks to reduce the numbers of incidents occurring as a direct result. Responsibility is also delegated to the following individuals:

Associate Director of HR & Corporate Services

Has delegated responsibility for: • Functioning as the Security Management Director

and having lead responsibility for the development and strategic review of Security within the CCG, in line with the Secretary of State’s Directions of November 2003.

• The formulation, implementation and maintenance of an effective Security Policy in consultation with staff representatives, and ensuring that Managers co-ordinate and implement the Policy in their respective areas.

• Instituting regular campaigns to highlight the importance of security and the responsibilities of all CCG staff.

• Leading Security Management within the CCG and identifying security initiatives for improving the security across the CCG.

• Advising the CCG of any requirements, statutory or other, by the preparation of procedures for dealing with crime prevention, supply of security systems and maintenance.

• Monitoring the performance of the CCG with regard to the implementation of this policy.

• Lead point of contact for releasing CCTV information.

Page 8 of 35

Head of Corporate Governance

Has delegated responsibility for: • Reviewing and amending this policy to ensure

compliance with any current guidance. • Supporting the Associate Director of HR & Corporate

Services to fulfil the function as the Security Management Director

Competent Person

Sourced from the Health and Safety Shared Service, hosted by NHS Rotherham CCG, the Competent Person has delegated responsibility for: • Working on behalf of NHS Doncaster CCG to deliver an

environment that is safe and secure. • Working in close partnership with stakeholders within • Leading on the day to day work within the CCG to

tackle violence against staff and professionals in accordance with national guidance.

• Ensuring that lessons are learned from security incidents and that these incidents are assessed and the impact on the CCG reported to appropriate authorities in accordance with guidelines issued by the NHS SMS.

• Investigating security incidents/breaches in a fair, objective and professional manner so that the appropriate sanctions (and allow consideration of preventative action to be taken).

• Ensuring that the security management policy addresses all the organisations identified risks and contains all the required elements from guidance.

• Ensuring that the security management policy is reviewed or evaluated to establish its effectiveness.

• Ensuring that any corrective or preventative actions identified as a result of the policy review or evaluations are implemented, to ensure that the security management policy continues to address the CCG’s identified risks.

Executive Team

Have delegated responsibility for: • Planning any capital investment required to address

matters arising from risk assessments. • Security risk assessment within their areas and for

ensuring that staff for whom they are responsible are aware of these risks.

• Preventative measures and appropriate action in respect of persons who are suspected of committing a criminal offence, misconduct or other breach of security in contravention of the policies of the CCG.

• Ensuring staff awareness of and how to access this policy and other relevant documents and their responsibilities and also ensure that staff (including

Page 9 of 35

temporary staff) receives training appropriate to the risks involved.

• Ensuring that security arrangements within their area are being observed and those deficiencies are reported.

• Ensuring that any particular security problems known to them are reported accordingly.

Line Managers

Have delegated responsibility for: • Ensuring compliance with CCG Security Policy

requirements in the areas for which they are responsible.

• The completion of any risk assessments required in relation to security of staff or premises.

• Ensuring that any security problems known to them or are brought to their attention are reported accordingly

Staff

Responsibilities of Staff (including all employees, whether full/part time, agency, bank or volunteers) are: • To co-operate with management to achieve the aims

and objectives of the Security Policy. Great emphasis is placed on the importance of co-operation of all staff in observing security and combating crime.

• The protection and safe keeping of their private property. Any loss of private property must be reported without delay. If private property has been stolen, then it is the owner’s responsibility, not the CCG’s responsibility to contact the Police.

• To familiarise themselves with any special security requirements relating to their place of work or work practices and the action to take in the event of a security incident

• To safeguard themselves, colleagues, visitors, patients/clients etc., so far as is reasonably practicable, and ensure that neither equipment nor property are put in jeopardy by their actions or omissions, either by instruction, example or behaviour.

• To follow prescribed working methods and security procedures at all times.

• To co-operate with managers to achieve the aims of the Security Policy.

• To comply with all training requirements concerning security issues.

• To ensure that their CCG ID is worn and visible whenever on CCG premises or on CCG business.

• To notify their line manager of any potential security problems and report all incidents involving criminal

Page 10 of 35

activity.

Staff Side

Have responsibility for: • Understanding the policy and its application • Advising and supporting members

All staff are reminded that it is an offence to remove property belonging to the CCG without written authority. Failure to seek authority from their line manager could result in disciplinary action or criminal proceedings being taken. The CCG will not accept liability for the loss of, or damage to private property including motor vehicles or other modes of transport. Motor vehicles are brought onto the sites entirely at the owner’s risk. The CCG will take reasonable steps to safeguard vehicles on their property. 4.3 Committees and Sub Committees of the Governing Body have

delegated responsibility for security management according to the scheme of delegation detailed below. These Committees and Sub Committees should ensure that relevant consultation on planned changes has been undertaken with relevant groups prior to reaching decisions around security matters.

Body Type of Responsibility Governing Body

Has a responsibility to monitor the effectiveness of this policy and ensure resources are available to support the implementation of associated control measures via regular updates from the Corporate Assurance Report on incident statistics. Where it is not possible to address certain risks, the CCG Governing Body has the ultimate responsibility for the acceptance of those risks.

Audit Committee

The Audit Committee is responsible for the monitoring, through the Corporate Assurance Report, the effectiveness of: • Security management • Risk assessments • Security action plan

Page 11 of 35

5. Dissemination, Training & Review 5.1. Dissemination The Security Policy is located on www.doncasterccg.nhs.uk. A set of

hard copy Procedural Document Manuals are held by the Governance Team for business continuity purposes and all procedural documents are available via the organisation’s website. Staff are notified by email of new or updated procedural documents.

5.2. Training Part of the requirement for the effective implementation of a security

management system is the training of all staff (including temporary staff) in security awareness.

The awareness training will cover the importance of conformance to the

Security Policy, significant security effects, roles and responsibilities for security management functions, and the consequences of non-conformances.

Security awareness training will be integrated into induction training and into any mandatory ongoing training programmes as required based on risk assessments.

The CCG will ensure that appropriate information, instruction and

training is given to employees who may be required to work alone, to ensure that so far as is reasonably practicable a safe system of work is in operation. Training will include physical security of assets and premises, and personal safety of staff.

Frontline Staff need to undergo Conflict Resolution Training and attend

refresher training on a three yearly basis, as well as preventing and reporting crime in the workplace. This mandatory training must be included in departmental programmes as part of in-service training, and with periodic refresher courses. Training involves dealing with situations of potential or actual abuse, aggression of violence, and includes:

• understanding the causes; • recognising the warning signs; • identifying when and where to get help; • interpersonal skills/defusing techniques’

5.3. Review As part of its development, this procedural document and its impact on

staff, patients and the public has been reviewed in line with the CCG’s Equality Duties (refer to Appendix 3). The purpose of the assessment is to identify and if possible remove any disproportionate adverse impact

Page 12 of 35

on employees, patients and the public on the grounds of the protected characteristics under the Equality Act 2010.

The procedural document will be reviewed every three years, and in

accordance with the following on an as and when required basis:

• Legislatives changes • Good practice guidelines • Case Law • Significant incidents reported • New vulnerabilities identified • Changes to organisational infrastructure • Changes in practice

Procedural document management will be performance monitored to

ensure that procedural documents are in-date and relevant to the core business of the CCG. The results will be published in the regular Governance Reports.

Page 13 of 35

SECTION B - PROCEDURE 1. Employment 1.1 All persons applying for a post within the CCG must have completed

the section on the application form entitled Rehabilitation of Offenders Act 1974. This section states that ‘because of the nature of the work for which you are applying, this post is exempt from provisions of Section 4(2) of the Rehabilitation of Offenders Act, 1974 (Exemption) Order, 1975.’ Applicants are therefore, not entitled to withhold information about convictions which for purposes are ‘spent’ under the provisions of the Act, and in the event of employment, any failure to disclose such convictions could result in dismissal or disciplinary action by the CCG. This should also be referred to the Counter Fraud Specialist in line with the Counter Fraud, Bribery and Corruption Policy.

1.2 This application form also requests details of any convictions, adult

cautions or bind-overs, and requires the applicant to sign the statement confirming that the information given is correct. For more information refer to the Recruitment and Selection Policy.

1.3. In accordance with the provisions of the Children Act 2004, the CCG

must ensure that staff who occupy certain positions that brings them regularly in contact with children have Disclosure and Barring Service check which will be requested as appropriate following appointment of the staff member by the HR Department.

2. Personal Security 2.1 Specific procedures for local needs such as domiciliary visits (e.g. lone

workers), staff in other premises, reception staff, agile workers etc. are to be developed and implemented by individual departments. All staff must follow existing Health and Safety policies and guidelines.

2.2 The requirement for security personnel (e.g. static or mobile guards)

should be assessed by local managers and managed within each Department. The Competent Person can advise and help manage arrangements if so required.

3. Staff Identification 3.1 Every employee, including bank staff, will be issued with an

identification badge on commencement of employment which must be worn at all times whilst on CCG premises or on official business.

3.2 Each member of staff is personally responsible for their badge, and to

ensure that the badge is up to date and that there are no radical changes in physical appearance, title or department. All staff must wear an official CCG identification badge and it is the responsibility of each

Page 14 of 35

departmental manager to ensure that this is implemented. The identity badge will state the employee name and job title and must be clearly visible to other staff, and visitors.

3.3 Identification badges must be returned to the HR Department when a

member of staff leaves the employment of the CCG. It is the responsibility of the line manager to recover the identity badge from the member of staff concerned and return it to the HR Department.

3.4 External contractors should be escorted on site. The member of staff who is responsible for the contractor will arrange for the contractor to be escorted to the relevant department.

4. Cash Movement / Handling 4.1 Each Department must ensure that they have suitable and effective

procedures in place for the movement of cash / valuables around the CCG. The procedures must take into account the security of the staff as well as the security of the cash / valuables.

5. Funding 5.1 Each Department must take into account security issues including cost

implications when: • Developing schemes for minor improvements • Developing schemes for new premises, major upgrading etc. • Introducing new services or changes to existing services, which

may have implications for staff security. 6. Key Holding 6.1 The responsibility for the arrangements for daily opening / closing

premises rests with the Associate Director of HR & Corporate Services. This includes the maintenance of a key register which identifies the location of all keys. The register must detail the individuals in receipt of keys and signatures must be obtained.

7. Access and Egress 7.1 Access to the CCG premises will be restricted. The responsibility for

the arrangements for daily opening/closing premises and individual departments rests with the Associate Director of HR & Corporate Services

7.2 Where appropriate, access will be controlled by the use of digital locks,

electronic alarm systems and access to keys. 7.3 All windows at ground level, where appropriate, will be fitted with

security devices or restrictors limiting the extent to which they can be opened.

Page 15 of 35

7.4 The Associate Director of HR & Corporate Services will put in place measures to ensure that locking systems and alarm codes are reviewed on a regular basis.

7.5 All Digital Lock codes will be changed immediately following the

dismissal of any staff member 8. Visitor Signing In/Out Procedure 8.1 All visitors and contractors should be aware of the signing in/out

procedures and these must be followed at all times. Visitor’s details including; their name, name of the company or organisation they represent, car registration number, person they are visiting/meeting, time in, time out; This is also a requirement of the Regulatory Reform (Fire Safety) Order 2005 and to maintain the security of the premises.

8.2 In the event of a fire or security incident and an evacuation is

necessary, the signing in book must be taken from the building to facilitate a visitor roll call to ensure all visitors are safely out of the premises.

8.3 All visitors to the CCG will wait in the reception area until they are met

by a member of staff who will accompany them while on site. 9. Security of Goods 9.1 Goods received into the organisation must be checked against delivery

notes prior to signing for acceptance. The organisation will provide secure accommodation for goods awaiting distribution.

9.2 Some CCG goods are received by Rotherham Doncaster & South

Humber NHS Foundation Trust (RDaSH). These goods will remain the responsibility of RDaSH until signed for by a CCG staff member.

9.3 All CCG departments receiving goods must ensure there are

procedures in place to monitor the receipt of goods and safe /secure systems are in place to protect goods from theft or inappropriate use.

10. Security of Personal Belongings 10.1 All staff should ensure that personal belongings are stored in a secure

location e.g. locked in cupboards, lockers or desk drawers. The CCG cannot be held responsible for theft of personal items.

11. Fraud 11.1 The responsibilities for fraud prevention are described in the CCG

Fraud Corruption and Bribery Policy. The Competent Person will liaise regularly with the Local Counter Fraud Specialist to ensure a direct and close relationship is maintained.

Page 16 of 35

12. Fire 12.1 The overlapping interests of security and fire safety policies are fully

recognised and there is full co-operation between fire and security staff. 13. Information Security 13.1 Information security risk is inherent in all administrative and business

activities and everyone working for or on behalf of the CCG continuously manages information security risk. The aim of information security risk management is not to eliminate risk, but rather to provide the structural means to identify prioritise and manage the risks involved in all our organisational activities. It requires a balance between the cost of managing and treating information security risks with the anticipated benefits that will be derived.

13.2 All information is held in accordance with the CCG’s Information

Governance Policy Strategy, Framework, and Associated Procedures. Further information can be found in the organisation’s Information Security Management Statement and Assurance Plan.

14. Harassment, Violence and Aggression 14.1 Any member of the public or patients who abuse CCG staff may have

sanctions taken against them, be refused treatment, or taken to court by the CCG.

14.2 Harassment and Violence

The HSE defines harassment and violence as: unacceptable behaviour by one or more individuals that can take many different forms, some of which may be more easily identifiable than others.

14.2.1 Harassment occurs when someone is repeatedly and deliberately abused, threatened and/or humiliated in circumstances relating to work. Violence occurs when one or more worker or manager is assaulted in circumstances relating to work. Both may be carried out by one or more manager, worker, service user or member of the public with the purpose or effect of violating a manager’s or worker’s dignity, affecting his/her health and/or creating a hostile work environment.

14.2.2 Harassment and violence can:

• Be physical, psychological, and/or sexual. • Be amongst colleagues, between superiors and subordinates or by

third parties such as clients, customers, patients etc. • Range from minor cases of disrespect to more serious acts,

including criminal offences, which require the intervention of public authorities.

Page 17 of 35

14.2.3 Harassment can be further defined as any conduct which:

• Is unwanted by the recipient • Is considered objectionable by the recipient • Causes humiliation, offence and distress (or other detrimental

effect) 14.2.4 The key to distinguishing between what does and does not constitute

harassment is that harassment is behaviour that is unwanted by the person to whom it is directed. It is the impact of the conduct and not the intent of the perpetrator that is the determinant.

14.2.5 Harassment is a course of conduct which may occur against one or more individuals. Harassment may be, but is not limited to:

• Physical contact – ranging from touching to serious assault,

gestures, intimidation, aggressive behaviour • Verbal – unwelcome remarks, suggestions and propositions,

malicious gossip, jokes and banter, offensive language • Non-verbal – offensive literature or pictures, graffiti and computer

imagery, isolation or non- co-operation and exclusion or isolation from social activities

• Unwanted conduct related to a protected characteristic which has the purpose or effect of violating an individual’s dignity or creating an intimidating, hostile, humiliating or offensive environment for that individual.

14.3 Aggression

• A forceful action or procedure (such as an unprovoked attack) especially when intended to dominate or master;

• Hostile, injurious, or destructive behaviour or outlook especially when caused by frustration aggression is often the expression of pent-up rage

• Spoken or physical behaviour that is threatening or involves harm to someone or something

14.4 Assessing the risk of violent behaviour

Violent incidents do not necessarily have to cause physical harm. They can:

• Involve a threat, even if no serious injury results. • Involve verbal abuse. • Involve non-verbal abuse, for example gestures. • Involve other threatening behaviour, for example stalking.

Page 18 of 35

In any situation where physical assault is considered imminent, staff should immediately leave the area if able and contact security (if

available) or the police (9-999 from an internal phone). 14.5 Processes for Staff Following Violent or Abusive Behaviour 14.5.1 All instances of actual or threatened violence and aggression must be

reported in accordance with the CCG Incident Reporting Policy. Incident reporting will be used to ensure that other members of staff benefit from shared experiences and training can be realistic and relevant. Staff that has been subjected to violent / abusive behaviour should report such incidents to their line manager. The line manager will need to consider whether the matter should be referred to the Police.

14.5.2 Incidents of violence and aggression can have a detrimental effect on

the victim out of proportion to the scale seen by outsiders. Managers are to ensure that staff are properly cared for, or as soon as is reasonably practicable, after such incident(s). Staff not directly involved could be subject to anxiousness and concern. It is important that staff are informed as soon as possible of the basic details of the incident and any counter measures planned.

14.5.3 The CCG will make training available in the management and handling

of violence and aggression, based on the training needs analysis. In any cases where a member of staff feels that an individual has behaved in an unprofessional or inappropriate manner, the Line Manager must be informed of the occurrence and an Incident Form completed as soon as reasonably practicable.

14.6 Dealing with harassment, violence and aggression pro-actively 14.6.1 Staff should attempt to avoid physical intervention at all costs and be

aware of their own verbal and non-verbal communication. Conflict resolution training (CRT) is available to members of staff. Techniques include:

• Simply ask the person who is becoming aggressive to stop, some

people will respond to this. • attempting to establish a rapport; • offering and negotiating realistic options; • avoiding threats; • asking open questions and asking about the reason for the service

user’s concern; • showing concern and attentiveness through non-verbal and verbal

responses; • listening carefully; • attempting to neither patronise nor minimise the service user’s

concerns

Page 19 of 35

14.6.2 Possible warnings which may indicate an individual’s behaviour is escalating towards physically violent behaviour includes but not limited to:

• Direct prolonged eye contact • Facial colour may darken / go pale • Head drops to protect throat • Lips tighten over teeth • Eyebrows droop to protect eyes • Breathing rate accelerates • Fists clenching and unclenching • Subject stands tall • Behaviour may stop/start abruptly • Kicking the ground • Large movements close to people • Hands rise above waists • Shoulders tense • Stare is now at intended target • Stance moves from square to sideways • Lowering of body to launch forward

14.7 Dealing with harassment, violence and aggression reactively 14.7.1 Dependent on the circumstances, in an incident involving harassment,

violence and aggression, the following course of action (13.8) could be pursued in conjunction with any other course of action, but always in consultation with Senior Management. Any and all action must be fully and factually documented and an incident report form completed.

14.8 Actions following violent or abusive behaviour 14.8.1 Where a patient, relative or member of the public is alleged to have

carried out an act of violence, abuse or aggression then the CCG reserves the right to respond to the alleged incident, as deemed necessary in light of the circumstances. The level of response will be dependent upon the seriousness of the incident and the outcome of any investigation. The potential responses or actions available to the CCG include:

• Verbal warnings • Recommendation to use advocacy services • Warning flag applied to patients notes • Written warnings from the CCG • Withdrawal of services • Involvement of the Local Security Manager • Involvement of the police • Criminal prosecution • Civil Prosecution

Page 20 of 35

14.9 Support mechanisms 14.9.1 Dealing with actual or threatened violence and aggression could have

an effect on an employee’s health and wellbeing, and they may feel that they need further support with this. The CCG is committed to the health and well-being of staff, and has therefore put in place an employee assistance programme (EAP) to provide additional support where needed. The EAP will offer employees a variety of support services, including financial, legal, education, consumer and family care advice as well as access to 24 hours a day, 7 days a week health advice lines, staffed by qualified pharmacists and nurses. In addition to this, the programme will also offer staff free access to counselling services. Staff, when experiencing an issue where they feel counselling would be beneficial will be able to contact the employee assistance provider and have up to 5 face to face counselling sessions. The counselling lines are open 24 hours a day 7 days a week and are staffed by qualified counsellors and psychologists.

15. CCTV 15.1 CCTV is in place on CCG premises. This is managed by the CCG.

Requests for access to CCTV images must be made to the Associate Director of HR and Corporate Services or Head of Governance and Corporate Services.

16. Contractors 16.1 Contractors are expected to adhere to the security procedures and staff

organising contractors are responsible for ensuring security is maintained.

16.2 In accordance with CCG procedures, all contractors, including IT, must

report to reception upon arrival and sign in - they will also be asked to complete a separate Contractors Log (not IT). On completion of the work, approval is required and the Contractors Log must be completed. All contractors and IT must sign out.

16.3 When required facilities will inform the CCG via email that contractors

are on site; advising staff to ensure personal identifiable information is secure.

16.4 The CCG does not undertake to provide secure areas for contractors’

tools and equipment and as such contractors are responsible for the security of their tools and equipment whilst on CCG premises.

16.5 Any contractors found working on the premises that have not signed in

or accessed an area without permission to do so will not be allowed to continue and may be asked to leave the premises and their actions reported to their manager. Contractors arriving outside of normal hours

Page 21 of 35

(8am-5pm) are not to be given access unless a member of the facilities team is present.

16.6 Contractors are to be accompanied to all areas which have coded

access. Dependant on the length of time, contractors may be unaccompanied to carry out the works.

17. Emergency Preparedness, Resilience and Response (EPRR) 17.1 A significant incident or emergency can be described as any event that

cannot be managed within routine service arrangements. Each requires the implementation of special procedures and may involve one or more of the emergency services, the wider NHS or a local authority. Please refer to the EPRR Policy for further details.

18. Risk Assessment 18.1 The Management of Health and Safety at Work Regulations 1999

(Regulation 3) require that suitable and sufficient risk assessments be undertaken, so that the significance of a hazard can be identified assessed and controlled. Guidance on Assessing risks to safety and health can be found in the CCG’s guidance document – Risk Assessment Matrix. Please refer to the Integrated Risk Management Framework, Strategy, Policy and Procedure for further information.

18.2 Risks associated with security should be reported to the Competent

Person. 18.3. Risk Assessments must be completed for all security hazards including

physical (buildings, equipment etc.) and people. These risk assessments are the responsibility of the department involved, with support from the Competent Person where required.

18.4 Risks relating to security are identified on an ongoing basis through

incident reports, complaints and claims procedures, and the risk assessment procedure.

18.5 It is important that all staff within the CCG are aware of the security

risks involved within their work. They must also be aware of formal risk assessments that apply to them, the actions identified to control the risks and the measures to be taken by them personally to reduce the risks to themselves and others.

18.6 When working arrangements are agreed with an individual which result

in that person working alone for regular/significant periods, the manager will be responsible for ensuring that a risk assessment is undertaken and that a related safe system of work is put in place. This will take into account the capability of the individual. The employee will be required to conform to these arrangements, to safeguard both themselves and the CCG.

Page 22 of 35

18.7 Working alone is not illegal, but it can bring additional risks to a work

activity. The CCG has developed policies and procedures to control the risks and protect employees, and employees should know and follow them. Apart from the employee being capable of undertaking the work/detail the three most important aspects to be certain of are that:

• The lone worker has full knowledge of the hazards and risks to

which they are exposed. • The lone worker knows what to do if something goes wrong. • Someone else knows the whereabouts of the lone worker and what

he/she is doing.

Page 23 of 35

Appendix 1 Reporting of Crime / Security Incidents All staff have a responsibility to report any crime / breach of security. This reporting falls into the following categories: 1. NHS Doncaster CCG Premises When a crime/security incident of a serious nature is taking place dial 999 and report the incident to the police, and follow their advice. You must then contact the Associate Director of HR & Corporate Services or their Deputy and inform them of the incident. Where a security/criminal incident is discovered, the information must be passed to the Associate Director of HR & Corporate Services or their Deputy and the Competent Person as soon as practicable. Completion of an Incident Reporting Form (as per Incident Management Policy) a copy should be forwarded to the Competent Person. Suspicions of fraud must be reported to the CCG’s Counter Fraud Specialist in line with the Counter Fraud, Corruption and Bribery Policy. 2. External Locations When a crime/security incident of a serious nature is taking place, you should call the police immediately by telephoning 999. Where a security incident is discovered, the information should be passed to the Associate Director of HR & Corporate Services or their Deputy as soon as practicable. Completion of an Incident Report Form (as per Incident Management Policy) a copy should be forwarded to the Competent Person. 3. Out of Hours When a crime/security incident of a serious nature is taking place, you should call the police immediately by telephoning 999. Following this; the incident should be reported to the Associate Director of HR & Corporate Services or their Deputy as soon as possible. 4. Suspicious (Suspect) Packages A suspect package is a package believed to contain a potentially harmful device or substance. Any suspect package or letter when received must immediately be placed in isolation and away from water, chemicals, heated surfaces, naked flames and gaseous substances. It is more likely to be an incendiary device than a bomb; i.e. it is designed to start a fire. • Do not shake it, squeeze, or open the letter or package. • Turn off all air conditioners, fans, photocopiers, printers, computers and

heaters within the room where the letter/package is located. • Close all windows and evacuate the room, lock all doors and leave the

key in the lock. • Place a clearly visible warning on the door.

Page 24 of 35

Any suspicious packages should NOT be moved and its position should be reported to the Associate Director of HR & Corporate Services, their Deputy or a member of the Senior Management Team who will undertake the initial investigation (without touching or moving the package) identifying: • The listed owner of the package • Visible wires or electrical components showing from the package,

especially where the wrapping has been damaged • Any greasy marks on the envelope or package • If an unknown powder or liquid substance is leaking from the package • Distinctive smells from the package e.g. almonds/marzipan, ammonia

or machine oil • If the package when received was heavy for its size or has an uneven

distribution of weight or has excessive wrapping • If the package was delivered by hand from an unknown source or

posted from an unusual place If in doubt, dial 999 and report to the police and evacuate the building without sounding the fire alarm, closing doors and windows behind you. • Do not use mobile telephones near suspect packages. • If you feel you may have been contaminated, go to an isolated room

and avoid other people if you can. It is vitally important that you segregate yourself and others who may have come into contact with the suspicious package. It is unlikely that you have been contaminated and you will get medical treatment if required. Signs that people may have been exposed to a chemical incident are streaming eyes, coughs and irritated skin. Do not rub your eyes; touch your face or other people. Thoroughly wash your hands in soap and water as soon as possible.

• Where convenient, fire assembly points can be utilised for the purpose of evacuation, but only if they are located at a distance of at least 400 metres from the suspected bomb site. Safe assembly points are best situated behind a solid building at a distance away from the blast site.

5. Bomb Threats A bomb threat is a threat to detonate an explosive or incendiary device to cause property damage or injuries, whether or not such a device actually exists. Bomb threats are usually made verbally over the phone. Notification of a bomb threat can be made at any time and can be made and delivered by several means, usually anonymous, but all must be considered seriously. Any member of staff receiving a telephone threat regarding a suspect package or explosive device should obtain as must detail as possible from the caller. The police should be informed immediately - dial 999 and report to police and evacuate the building without sounding the fire alarm and closing doors and windows behind you. Report the situation to the Associate Director

Page 25 of 35

of HR & Corporate Services or their Deputy or a member of the Senior Management Team who will decide whether an emergency should be declared in line with the Emergency Preparedness, Resilience & Response Policy.

Page 26 of 35

Appendix 2

Lone Working Procedure 1. Security Policy NHS Doncaster CCG’s Security Policy states that: When working arrangements are agreed with an individual which result in that person working alone for regular/significant periods, then the manager will be responsible for ensuring that a risk assessment is undertaken and that a related safe system of work is put in place. This will take into account the capability of the individual. The employee will be required to conform to these arrangements, to safeguard both themselves and NHS Doncaster CCG.

Working alone is not illegal, but it can bring additional risks to a work activity. The CCG has developed policies and procedures to control the risks and protect employees, and employees should know and follow them. Apart from the employee being capable of undertaking the work/detail the three most important aspects to be certain of are that: • The lone worker has full knowledge of the hazards and risks to which

they are exposed. • The lone worker knows what to do if something goes wrong. • Someone else knows the whereabouts of the lone worker and what

he/she is doing 2. General Lone Working Guidelines Before undertaking any activity with involves lone working the following good practice guidelines should be considered and followed as appropriate. • The risk management process should be used to identify appropriate

actions for particular activities. • Check any known documentation that may indicate existing risks

associated with the activity. • Information sharing of known risks across different settings (for

example health and social care) should be facilitated. • Identify low risk lone working that is deemed acceptable. • Identify high risk areas where lone working is not deemed acceptable

and alternative arrangements have been made, such as staff attending in pairs.

• Someone should always be aware of a lone workers movements and whereabouts.

• Consider what technology and emergency equipment may be useful (such as a mobile phone, personal alarm, torch etc.).

• The use of a buddy system.

Page 27 of 35

• An escalation process should be agreed to manage any problems that arise.

3. Buddy System A buddy system involves identification of a point of contact for the period you are working alone. This person should be aware of the movements, known breaks or rest periods and contact details (including next of kin) of the lone worker. If communication stops, the buddy should attempt to make contact and follow appropriate escalation when necessary (if contact still cannot be made after reasonable timescales). Arrangements should be made if the buddy needs to leave before the lone work activity is over. The lone worker must ensure they keep the buddy updated regarding any delays to avoid unnecessary escalation. It is essential that an escalation process is agreed before a lone working situation and use of a buddy system to ensure escalation is implemented appropriately. Based on the seriousness of the situation and the discretion of the caller the process may include escalation to:

• Line manager • Head of Department • Police

4. Lone Working on Sovereign House Reception 4.1 Team members who are regularly assigned to Reception duties should

complete the NHS Conflict Resolution Training course. 4.2 Team members who are lone working should not:

a. place themselves in undue danger at any time; b. carry any valuables or items that may be used against them (lock

handbags etc. away). 4.3 Team members who are lone working should

c. Utilise their lone working buddy every time they are lone working; d. Make sure an escape route is available to them at all times and is

free of any trip hazards etc. e. Ensure they have access to a phone at all times, if using a mobile

phone makes sure it is fully charged and has credit.

Page 28 of 35

4.4 If an incident occurs and you consider yourself capable of diffusing the situation using conflict resolution techniques, do so and then report this as an incident when safe to do so.

4.5 If an incident occurs and you are unable to diffuse the situation then

leave the area raising the alarm as you leave and take yourself to a safe area. Report this as an incident when safe to do so.

4.6 Alarms may be raised either verbally or automatically via the alarm

button on the laptop/computer if applicable. 4.7 If you raise an alarm in the reception area and there are visitors in this

area, you must complete a dynamic risk assessment to confirm whether you are able to help the visitors leave the area. If you are unable to help, this information must be given to the person responding to the alarm call.

4.8 Following any incident an incident form must be completed. 5. Lone Working for team members in Sovereign House and White

Rose House 5.1 There is a lone working hazard due to team members working in the

offices, either early morning or late evening when no other staff is in the vicinity, and possibly no first aiders on duty.

5.1.1 Lone workers should ensure that the main front door of the building is

locked.

• The door can be locked from inside the building by turning the thumb-turn lock.

• The door should only be left unlocked when you are no longer lone working and feel safe.

• Keep several lights on – not just your own. • Additional keys for the front door can be requested from Reception

for anyone who regularly opens up the building or leaves late. • The cleaner opens White Rose House at 7am and deep cleans the

premises until approximately 8:30am Monday to Friday before returning to clean both White Rose House and Sovereign House from 3:30pm to 7:30pm and therefore lone working should be minimised during this period.

5.1.2 Lone workers should keep their mobile phone with them at all times or

have immediate access to a telephone in order to call for help.

• Dial 9 for an outside line on the CCG landlines. • If using a mobile phone make sure it is fully charged and has credit.

5.1.3 Lone workers should identify potential escape routes include fire exits.

Page 29 of 35

5.1.4 Team members working alone within a department during office hours should consider taking the following precautions as necessary:

• Ensure that you are near a telephone to call for help if needed. • Secure valuables in an appropriate place. • Ensure that keys are secured and not accessible to visitors. • If you become anxious regarding your safety, call a colleague for

assistance. • Avoid arranging meetings with people you don’t know if you are

alone in the workplace. • If you are meeting someone, let other people know who you are

meeting, when and where, and telephone them to let them know that your visitor has arrived and that you will get back to them at a certain time.

• Do not tell anyone that you are alone in the workplace. • Report any incidents to the relevant Manager as soon as

practicable after any events. • Never assume it won’t happen – plan to stay safe.

5.1.5 Team members interviewing service users in the office should consider

the following:

• Use interview rooms with windows where possible so staff can observe the interview.

• Sit nearest the exit. • Make yourself aware of locks, bolts etc. on exit doors and observe

how they work. • Ensure that colleagues are aware that an interview is taking place. • If there is ever a need to take a client/visitor through a coded

security door, ensure that the client/visitor cannot see the code or knock on the door and be let through to maintain security.

5.1.6 From time to time, employees may need to carry out their office-based

work outside of normal office hours, such as weekends, early mornings and evenings. The following precautions should be considered to ensure that your health and safety continues to be protected:

• If you are working at weekends or very late at night / early in the

morning, consider letting a friend or relative know your whereabouts and the time that you are expected back. Contact them at regular intervals to verify that you are OK. If you change your plans, let your contact know immediately.

• Ensure that all windows and doors are secured to prevent unauthorised access, so that the working environment is as safe as possible.

• Do not open the doors to any strangers no matter what identification they have. If they are meant to be there, they will either have keys or another means of access.

Page 30 of 35

• Never give security codes or keys to any stranger. Again there are channels they can use to gather information if they are legitimate and are meant to have access.

• Make sure your fire escape routes are available to you and not locked (this could occur outside work hours).

• Do not use lifts at these times, as you may become trapped inside and unable to gain assistance or attention.

• Should the fire alarm activate whilst you are in the office alone, you must leave the building immediately by the nearest fire exit. Make your way to the fire assembly point, a safe distance away and call and then wait for the emergency services to arrive.

• Should you discover any problems with equipment whilst in the office, do not attempt to repair or tamper with the controls. Report it to your manager the following working day.

• On leaving a Department, ensure that all windows are closed and doors locked.

• Ensure you have access to a phone in case you need to call the emergency services.

• Park as close to the building as possible in a well-lit area. (Move your car closer to the building during normal hours if you know you will be leaving late to minimise the risks when leaving the building on your own).

• If an incident occurs, follow the incident reporting procedure. • Never assume it won’t happen – plan to stay safe.

6. Lone Working Procedure for attending meetings off-site 6.1 There is a lone working hazard due to team members driving to and

from meetings alone, and attending meetings off-site where there may be a lack of communications.

6.1.1 Team members in this situation should complete their electronic diaries

in advance of the meeting with full details of off-site meetings including: length of meeting, full postal address of venue, contact number. Electronic diaries should be open to all other CCG team members to view.

6.1.2 Ensure contact is made with the meeting organiser before the meeting

to confirm the meeting. 6.1.3 Plan your route to the meeting. 6.1.4 Do not walk or park where you do not feel safe. 6.1.5 If you are going to a non-routine meeting e.g. not a meeting with our

“usual” partner organisations, you may wish to establish an informal buddy system within your department.

Page 31 of 35

6.1.6 Do not put self at risk if a situation arises that is unfamiliar or unsafe. Withdraw and seek further advice.

6.1.7 Travelling by car:

• Consider time of day • Plan your route in and out • Lock your car while travelling if possible • Don’t leave items on view in your car even whilst driving • Keep equipment/prescription drugs in the boot and ensure they are

easily accessible • Make sure petrol is replenished prior to commencing journey • In cases of road rage do not make eye contact or gestures and

always drive to a place of safety • Consider places of safety on the route, e.g. garages, shops, police

stations • Beware of faked ‘accidents’ and other ploys to get you to stop

6.1.8 Travelling by Public Transport:

• Plan your route in and out • Don’t carry too much • On buses try to sit near the driver, as they have a radio which is

accessible • On trains/trams, try to sit near the front of the carriage • Sit near other people if possible • Have change for your fare ready and easily accessible.

6.1.9 Walking:

• Don’t carry too much • Always notify your colleagues that you will be walking to your

destination • Do plan your route, avoid waste ground, subways or other isolated

and poor lit areas • Do keep to well-lit routes and paths, short cuts are rarely safe • Do be alert and look confident, don’t switch off to the world by

listening to music through headphones • Do wear shoes and clothes that do not restrict movement • Do plan your route and know where you are going • Consider places of safety on route e.g. garages, shops, pubs • Walk facing oncoming traffic, so you cannot be kerb crawled by

oncoming traffic • Keep to the outside of the pavement • Never accept lifts from strangers • Keep at least one hand free • Always know where your mobile phone or personal alarm is and

make sure it is accessible in the event of an emergency

Page 32 of 35

• Use a bag which can ideally can be worn diagonally across the shoulder

• Don’t walk with your hands in your pockets • Continually assess the situation, if in doubt be prepared to abandon

or postpone the visit. 6.1.10 Parking:

• Lock your car • Close all windows and sunroof • Don’t leave anything on view • When parking in daylight imagine what the area will be like in the

dark • Locate your nearest observable busy road and park closely to it • Do not leave visible permits/notices indicating that you are a health

professional • Reverse park so that you can drive right out • Never leave car registration documents in your car • Have your car keys ready when returning to your car • Check the interior of your car before getting in • Be particularly vigilant and careful when getting equipment into and

out of the boot 7. Little Green Button (Panic Alarm System) 7.1 NHS Doncaster CCG laptops have the “little green button”

installed. This system is linked to reception and provides a panic system for the receptionist. When the receptionist clicks the “little green button” on their desktop, a message will be sent to all machines which have this software installed.

7.2 Should this happen a member of staff should click “respond” and

proceed to reception. If you assess through the window in the door to reception it is safe for you to enter the reception area, proceed into reception to support the receptionist. If you assess it is not safe to proceed, you should consider whether to place a call to the Police by dialling 9-999.

7.3 By clicking respond, the system sends another message to all

remaining devices informing the other staff that someone has responded to the panic request.

Page 33 of 35

In your taskbar you will see this: 7.4 This is the “little green button”. If this button is grey in colour it means

your machine is the only one connected to the panic system and therefore cannot be used to raise a panic request.

7.5 If this button is green in colour it means there is more than one

machine on the network connected to the system and therefore active. 7.6 If you click this button, all users will be asked to respond to your panic

request. It is therefore important that this button is only pressed by the receptionist.

7.7 Please do not press this button if you are not on reception. This

feature is for team members working on reception who feel they need assistance in dealing with a potentially threatening or confrontational situation.

7.8 If you are not on reception and can see a green button on your desktop

as well as your taskbar, you can remove this by completing the following steps:

• Right click the button on the desktop • Select “Settings” • Select “Appearance” • In the “Appear…” section, click “in notification area only” radio

button. • Now click “Ok”

Page 34 of 35

Appendix 3

Equality Analysis Form

Subject of equality analysis

Security Policy including Lone Working Procedure

Type Tick Policy X Strategy Business case Commissioning service redesign Contract / Procurement Event / consultation

Owner Name: Ian Plummer Job Title: Health and Safety Manager

Date 23rd October 2019 Assessment Summary

NHS Doncaster CCG has a legal duty of care via Health and Safety legislation, Department of Health Policy and by common law duty of care, to ensure a safe and secure environment which protects staff and visitors; their property and the physical assets of Doncaster CCG,

This policy describes how the CCG will comply proactively with the security arrangements to fulfil those duties.

Stakeholders

Tick Staff X General public X Service users Partners Providers Other

Data collection and consultation

N/A

Page 35 of 35

Protected characteristic Positive Neutral Negative

Negative: What are the risks?

Positive: What are the benefits / opportunities?

Age

X

Disability

X

Gender

X

Race

X

Religion & Belief

X

Sexual Orientation

X

Gender reassignment

X

Pregnancy & Maternity

X

Marriage & Civil Partnership

X

Social Inclusion / Community

Cohesion X

Conclusion & Recommendations including any resulting action plan

N/A

Review date October 2021 Please return the Equality Analysis Form to the Corporate Governance Manager: donccg.governance@nhs.net