enterprisesecuritymag

Special Considerations for Electronic Visitor Management

By Myron Love, CHPA, CPP, PSP, PCI, Ann & Robert H. Lurie Children's Hospital of Chicago

Myron Love, CHPA, CPP, PSP, PCI, Ann & Robert H. Lurie Children's Hospital of Chicago

Today’s Physical Security environment is one of constant technological change as organizations large and small look to leverage technology towards the improvement of Customer Service, Life Safety, and the overall Client Experience. Physical Security too, has seen massive technical improvements in the already well-established usage of security surveillance systems and electronic access control systems. As organizational needs evolve, many are also turning to Electronic Visitor Management, or EVM to support our shared mission of protecting our patients, visitors, staff, and physical assets.

"Working to understand the needs of your population is a helpful way to begin designing an EVM system that meets the expectations and needs of your visitors, as well as meets the physical security requirements of the organization"

Electronic Visitor Management, also known as EVM or VMS, provides the ability for an organization to identify approved visitors, ensure compliance with an approved vetting process, provide visual credentialing of their authorized visit, provide reporting on who is on property, record data on visits over time, and provide a screening process for individuals identified as high risk. It is widely used in schools, universities, retail, corporate business, and healthcare, and is not just being considered an acceptable physical security safeguard; it is widely becoming an expectation.

There is a lot to consider, and as an organization begins to assess the myriad of system vendors, software & equipment options, peripherals & badging supply options, it can be all-to-easy to overlook some of the many operational needs that will arise as a result of Electronic Visitor Management. As I have participated in the organizational rollout of visitor credentialing programs at two top ranked Medical Centers, several overlying issues became apparent to me:

Get to know your greatest Asset: Your people

Working to understand the needs of your population is a helpful way to begin designing an EVM system that meets the expectations and needs of your visitors, as well as meets the physical security requirements of the organization. Whether your clients are vendors, parents, patients, guests, or customers, there is a certain level of expectation they will have, as well as a particular feeling their experience with your system will leave them with.

Think about seeking information by way of surveying your clients and taking their feedback into account as you design the system. From my personal experience in Healthcare, we want to understand the impact to the Patient-Family Experience. Does the System make our families feel unsafe, wondering what happened to cause us to need additional vetting? Does a requirement to provide photo ID and be entered into the system feel like an invasion of privacy? Or does too-little physical security leave visitors feeling like the safeguards are meaningless?

In addition, look at who, or what groups, will be considered “in scope” for your EVM system. Will vendors be registered, or just clients and general visitors? How about meetings with non-employees, interviewees, delivery services, contractors, service calls, and the many other groups that will potentially be using EVM to some capacity.

Seek Opportunities for Systems Integration

It’s important to also look at opportunities to integrate the Electronic Visitor Management system with other existing systems. For example, many organizations require visitor compliance with polices regarding billing, confidentiality, privacy, workplace violence & behavioral expectations, and more. Having your EVM integrate with systems that manage policies or having documents viewed through the system, with a signature of acknowledgement via touchpad, can ensure that all visitors have agreed to required protocols.

For schools and healthcare, integration to a third party background check service can support proper vetting for registered sex offender status, felony convictions, concealed carry firearm permit holders, and more. The EVM system itself can notify registration or security staff on the spot, allowing for an appropriate response based on organizational policy.

Identify Integration Pitfalls

When considering these Integration opportunities, it’s vital for the Information Technology team, by way of their project scoping and architecture review, to understand how those systems communicate and identify early on how various systems feed information into EVM. An important consideration is whether visitor records are unique, or as in our healthcare example, directly linked to an Electronic Health Record (EHR) system through a Health Level-7 (HL7) identifier, or an Admission, Discharge and Transfer (ADT) feed? Will both Inpatient and Outpatient patients, who may each have a different identifier, both be able to be registered with EVM? It harkens back to the need to know your people, and identity the specific groups that will be registered in the EVM system.

What technological benefits are you looking to achieve?

Once the foundation is planned for visitor vetting and front line registration, a robust EVM system can also allow for additional functionality; for example, pre-registration.

Read Also

Providing Tools to Implement Security in the Cloud

Providing Tools to Implement Security in the Cloud

Sam Schoelen, CIO, Continental Resources
The Technology World is Evolving, are you?

The Technology World is Evolving, are you?

Steven Antoine, Director, Global Assets Protection, Yum! Brands
The Convergence of Physical and Cybersecurity

The Convergence of Physical and Cybersecurity

Jana Monroe, Vice President of Global Security and Enterprise Risk Management, Herbalife
ERM for all

ERM for all

Henry Essert, Managing Director, PwC

Weekly Brief