printer friendly version

No access mistakes allowed

Access control in hospitals always receives serious consideration.

A hospital is by its very nature a public place with a constant flow of patients, staff and visitors where urgency associated with clinical admissions may conflict with entrance control measures. Screening visitors may slow down movement but is vital to security and can be part of a delicate balancing act for facilities managers.

King’s College Hospital NHS Foundation Trust is one of London’s largest and busiest hospitals. It provides a full range of local services for over 700 000 people in south-east London. The Trust is recognised internationally for its research in the field of liver disease and operates the largest liver transplantation programme in Europe.

The hospital site in Denmark Hill has a 950-bed acute care facility and acts as a referral centre in its fields of expertise for the wider population of southern England. The Trust has complex needs for role-based access control which are being met by installer NT Security working in association with Dublin-based Access Control Technology (ACT).

Security requirements at King’s make subtle demands on manufacturers. Role-based access control has been implemented at multiple levels in the hospital by establishing a relationship between job profiles and appropriate privileges in terms of ability to move around the campus.

The Trust works closely with police on security matters and initially NT Security received an enquiry from the Metropolitan Police regarding a specific problem.

Legacy failure

Andy Purvis, MD of NT Security, said: “After we addressed the police concerns it became apparent that the legacy access control system could not meet the Trust’s needs. They needed functionality that would enable them to distinguish between levels of seniority within the medical and administrative workforces, areas of practice for clinicians (which could change weekly) and even simple criteria such as gender and likely hours of work.”

Purvis continued: “Access control cards had to contain precise information on an individual’s profile, job description, responsibilities and seniority. In turn, as an installer, we needed the support of a manufacturer whose equipment could not only create a hierarchy of privileges, but would allow for growth and continued alterations at individual and group level. The Trust currently receives 150 requests a day for changes of access rights and has a permanent member of staff implementing these. My engineers have recently audited activity on ACT’s ACTWin pro software and they report that 50 million transactions (this being anything that is recorded on the ACT system) have been carried out in the last six months.”

In on the act

The ACT offering suggested itself immediately since networking the company’s units to a PC allows up to 2000 doors to be monitored on a single system with 30 000 users. Crucially, the flexible protocols that characterise the controllers meant they could function with the existing third-party readers already on site. This kind of transparency appealed to the client and an initial 140 doors were fitted with ACTpro 3000 controllers. There are now over 500 doors on the system. It was also a requirement that the controllers could work off-line where necessary.

Similarly, intrusion by security technicians into the core functioning of the hospital was reduced. A final plus factor – and one that avoided a potential logistical nightmare at a site of this complexity – was that the controllers were able to function from existing IT cabling on the Trust’s LAN, so avoiding the need to lay additional hard wiring in all but a few locations.

Flexibility

The flexibility of the controllers is endorsed by the fact that currently the Trust has approximately 10 000 staff, all of whom use cards from the legacy system. Calling in such a large volume of cards would not have been viable. ACT’s engineers adapted their offering so that it would operate with the existing cards and the inherited database.

Naturally, at a hospital site, product reliability is paramount and there must be fail-safe override in the event of emergency as well as the ability to ensure unimpeded entry for crash teams. Logistics managers at the Trust rely on the access control system to create a subtle hierarchy of access rights for different users with hundreds of distinct levels. Access may be granted at certain times of day only according to a member of staff’s profile. The range of building types to secure is broad and includes operating theatres, childcare facilities, the dental school and a pharmacy that contains significant holdings of medication that would have enormous street value in the event of theft. The access control is complemented by extensive CCTV consisting predominantly of PTZ and dome cameras from Honeywell and Samsung, the units being both analogue and IP-addressable. Recording is to DVRs from the Dedicated Micros Sprite range.

Share this article:

Further reading: