Physical security procedures
A practice manager has a responsibility to provide a safe working environment for all patients and staff, with effective security procedures in place.
A safe work environment
- Keys should be kept in a secure place out of public access and
- All reasonable steps must be taken to ensure a safe, secure
environment and to prevent unauthorised access to the premises and restricted
areas. This includes supplying the use of locks, alarm systems and duress
- Provide a back-to-base alarm system.
- Duress buttons
should be available at each desk for staff to alert other staff within the
practice of an urgent situation threatening patient, and/or staff safety. This
includes a duress alarm for each seat at reception, each consulting room desk
and at least one button in the treatment room/nursing area. Ideally, there
should be two duress buttons in the nursing area – with one being a remote
version, to be kept on the staff member and easily accessible in the case of
an emergency. Duress alarms should connect through to the alarm system, to
ensure police are instantly alerted and able to respond quickly without an
additional phone call.
- Either a mobile telephone or an additional,
non-powered (analogue) phone line should be available in the event of an
- Provide security monitors (preferably digital) in the
public areas of the practice. These can generally act as a deterrent, but
footage may be required by the police after an emergency event such as a
violent episode. The alarm system and duress buttons should be tested
frequently to ensure that they are operating effectively.
should be trained in the handling of an emergency (see Emergency procedures).
- Any patients or visitors exhibiting challenging or disruptive
behaviour should be treated with caution and management notified immediately.
Where necessary, the police should be contacted and the appropriate emergency
- Adopt a zero tolerance policy relating to any
aggressive or violent behaviour. Notices outlining the policy should be
displayed prominently in the practice.(see Zero tolerance policy)
- Medication, prescription stationery and other official documents, including
stationery with letterhead should be accessible only to authorised personnel.
These should be kept out of public view and access (e.g. in a locked
- Only minimal amounts of cash should be held – other
forms of payment should be encouraged (e.g. EFTPOS, credit card). Cash should
be kept in a locked drawer. Cash should not be handled in public view and
should be banked regularly.
- A keyed safe should be kept in a discreet
and locked cabinet somewhere on the premises. Only senior/leadership staff
should be able to access the safe, which ideally has a mail box-type slot for
any daily takings to be inserted.
- If there are a number of staff on
duty, cash taking and balance records should be kept daily to ensure the
integrity of banking system.
- All confidential staff/contractor
records should be kept in a locked, secure place only accessible by management
- Lockers should be provided for staff for secure storage of
their possessions during working hours.
- All medications, including
samples should be kept in a locked cupboard and only accessed by authorised
personnel. Any drug samples provided to patients should be documented in their
- Drugs of dependence must be kept in a separate locked
safe, which is attached to a fixed object (e.g. a wall). All use of drugs of
dependence is to be documented and recorded appropriately as per standards and
- Computer security measures must be implemented. (RACGP
4th Edition Standards Occupational Health and Safety)
Data security procedures and policies
- Systems and data
- Procedures and policies
- Practice computer and information security manual