The news recently reported a suspect was arrested after impersonating a physician at least seven times at two Southern California hospitals. It is alleged that he even diagnosed a patient in a consult room.
This was not a failure of credentialing processes. No verification will catch someone who wanders in from the street posing as a physician. Instead, it was a lack of sufficient security policies and procedures or, more likely, not following them.
The perpetrator received a temporary ID badge from hospital security staff after claiming he had lost or misplaced his badge. News articles do not say what policies were in place to verify the person’s identify but unfortunately, many visits occurred before the person was challenged for identification.
The experience of these two organizations offers all health care facilities a chance to make changes proactively to prevent this at their organization. Here are some ideas to consider when reviewing and revising policies and procedures.
With so much focus on other forms of security (HIPAA, cyber, and safety), we might overlook access to our patient areas. Eventually employees did stop the suspect and called the police. Their lesson learned can give all health care professionals pause while we think about how our organization would answer the challenge when faced with the same situation.