to main content Plans - Security Management Risk Assessment | Hospital and Hospital Clinics | Environment of Care EC | The Joint Commission
Plans - Security Management Risk Assessment

What are the requirements for developing a security security management plan?

Any examples are for illustrative purposes only. 

The Joint Commission standard EC.01.01.01 EP 5 requires the organization to develop a security management plan based on the organizations facility’s circumstances.  This security management plan is developed from the risk assessment as described in EC.02.01.01. This risk assessment would include but not limited to:
  • applicable staff
  • type of training
  • level of training
  • required credentials
The security management plan should take into consideration how the organization manages workplace violence and manages security during an emergency or disaster.

The security management plan may be a stand-alone document or may be combined with other Environment of Care plans (one overarching plan or combined with another, such as the safety management plan, for instance).  Components of the plan are outlined in EC.02.01.01 EPs, which include but not limited to:
  • how will security risks be assessed and mitigated
  • staff rolls in security management
  • how the facility is secured
  • how the organization contact external security forces if needed
  • how the organization will control access to areas identified as security sensitive
  • how physical or verbal threats, acts of violence, inappropriate behavior will be managed
  • If the organization has an MRI, there is to be an assessment for safety and security risk that addresses patient comfort and safety, equipment safety and security, and staff safety
For example, a forensic behavioral health environment would likely have different criteria than a geriatric health environment. Based upon their duties, staff may be assessed to require physical restraint training, self-defense training, situation de-escalation training, etc. Once the required skillset and type/level of training is established, the organization is to create applicable policies, implement the security program, assess for effectiveness, and adjust the strategy if needed. 

Any requirements from the local authority having jurisdiction (AHJ) are expected to be followed. 

EC.01.01.01 EP 5
Last updated on July 21, 2020
Manual: Hospital and Hospital Clinics
Chapter: Environment of Care EC

If no, please comment on how we could improve this response.

If you have additional standards-related questions regarding this topic, please use the Standards Online Submission Form
Surgeons in an operating room

Additional Resources

Train your staff with a tool to quickly and efficiently assess standards compliance with our 2021 Hospital Compliance Assessment Workbook.

A group of medical professionals have a discussion in a meeting room

Hospital Webinars

Keep learning with our Hospital Breakfast Briefings Webinar Series. Get a deep dive into our standards, chapter-by-chapter, individually or as a team.

Female doctor using digital tablet in her office.

Looking for Standards?

Get key information your hospital needs to achieve and maintain continuous standards compliance and experience operational improvement.