VIOLENCE against healthcare workers is a topic never far from media headlines. In 2010/11 there were 57,830 assaults on doctors, nurses, paramedics and ambulance crews in England yet only 40 prosecutions. This recently prompted some radical new proposals to revise the NHS constitution giving hospitals the right to refuse treatment to violent patients.
All NHS bodies and primary care contractors have a legal duty of care to protect not only staff and other patients but all healthcare professionals who may come in contact with a violent or abusive patient. No less than five pieces of health and safety legislation are relevant to protecting employees from violence at work.
Risk of violence markers placed on patient records are a means of identifying individuals who pose or could pose a threat to other patients or staff. Systems for applying such markers – either to paper or electronic patient records – can vary from formalised procedures in hospitals or other NHS bodies to the more ad hoc measures used in some primary care practices. In making use of marker systems it is important to ensure that they comply with basic legal requirements in both health and safety and data protection.
In 2010 the NHS Security Management Service (NHS SMS) launched guidance on the use of violence markers in patient care records. Procedures for placing a risk of violence marker on electronic and paper records provides a set of clear policies and procedures for organisations implementing new maker systems and for those reviewing existing systems. The guidance is perhaps geared more toward larger NHS bodies but the SMS recommends that all providers should review their procedures in light of the guidelines set out in the document.
Not just physical violence
In the SMS guidance the working definition of violence includes both physical assault and non-physical assault, or “the use of inappropriate words or behaviour causing distress and/or constituting harassment”. All incidents involving physical assault must be reviewed in order to consider placing a marker on the records. Cases involving non-physical assault (including threatening behaviour) can be equally serious and should also be reviewed.
Markers should not be used as a mechanism for attributing blame but only as a means of alerting staff to the possibility of violence. It does not matter whether the violence was deliberate or a result of a medical condition or response to treatment or medication, and markers need not apply only to the patient but may refer to a violent friend, relative or guardian, or even a dangerous family pet.
The SMS guidance provides a list of risk factors to be considered when reviewing the need for a marker, including the degree of violence used or threatened, injuries sustained by the victim, the need for an urgent response to protect staff and the likelihood the incident will be repeated.
In larger NHS bodies the expectation is that such decisions would be coordinated by a local security management specialist (LSMS) with the support of a review panel but in smaller operations such as a general medical or dental practice it will be a senior nominated person such as a partner or practice manager.
"Fair and lawful"
Violence markers will by their nature incorporate personal and often sensitive data and as such must comply with the Data Protection Act 1998. The Information Commissioner’s Office (ICO) has specific guidance in relation to the use of violence warning markers which states that in compliance with the first principle of data protection the processing must be "fair and lawful".
"This means that a decision to put a marker on an individual's file must be based on a specific incident or expression of clearly identifiable concern by a professional, rather than general opinions about that individual. The individual should pose a genuine risk and the decision should be based on objective and clearly defined criteria and in line with a clear and established policy and review procedure. The criteria should take into account the need to accurately record any incident."
The ICO guidance goes on to state that the individual should be informed in writing of the decision to add a marker to their record. This should include an explanation of the nature of the threat or incident that led to the marker, who the information may be passed to and when the marker will be removed or the decision reviewed. In some exceptional cases there may be justification for not notifying the individual – particularly if this may provoke a violent reaction and put staff at further risk. Any such decision should be recorded in detail along with the rationale.
In regard to passing violence warnings to external bodies, say as part of a referral, the ICO states: “The senior nominated person in the organisation should determine this on a case-by-case basis where there is a credible risk that an unlawful act, such as an assault, will occur. They should only provide the information to an individual of a similar level in the other organisation.” In future such warnings may become part of the universal electronic summary care record through alerts such as the violent patient indicator (VPI).
Another key principle in data protection is the retention of personal information. Violence markers should be reviewed on a regular basis and removed when there is no longer a threat. The retention period is likely to depend on various factors such as the original level of threat and the length of time elapsed, previous and subsequent behaviour of the individual and whether or not an incident was likely to have been a ‘one-off’, for example due to stress, grief or other factors.
Risk of violence markers are not intended as a sop to the zero tolerance policy promoted throughout the NHS. Other means of dealing with violent patients are still open to healthcare managers including exclusion or deregistration from practice lists. Neither though should violence markers be used indiscriminately as they can carry quite a stigma.
ADVICE: Ensure violence marker flags on patient records are applied consistently according to set policies and procedures and that these comply with health and safety and data protection laws.