Workplace violence (WPV) cannot be 100% prevented. However, we know from experience that well-placed preparedness and prevention measures can significantly diminish the probability and severity of potential workplace violence.

A prime example comes as an outgrowth of the multiple “going Postal” shootings at the U.S. Postal Service (USPS) by employees or ex-employees (mostly in the 1990s). Out of necessity, USPS implemented a comprehensive workplace violence program throughout their organization. As a result, with approximately 750,000 employees at the time, USPS went over eight (8) years without an employee or ex-employee shooting by utilising a workplace violence program like the program outlined herein. This author contributed to the development and implementation of the USPS program in the 1990s.

Formal people management training

One noteworthy component that was implemented appeared to be a major contributor to the success of the USPS program. Previously, supervisors and managers were promoted from within the ranks with no formal training in “people management.” The culture was one of mostly autocratic, top down management. As a part of the WPV program, supervisors and managers were trained not only in identifying and reporting WPV threatening situations, but also in how to lead with dignity and compassion. The latter component seemed to be a vital cultural component that led to the success of the WPV program.

How To Design A Workplace Violence Program

The following components of a comprehensive Workplace Violence Program can be used as a template to assess one’s present WPV program. This exhaustive list includes all the main components, and may include more or fewer controls according to individual organization’s culture.

  1. Workplace violence policy: Defines workplace violence and consequences for policy Contains verbiage that will support managers who must confront potentially violent individuals. Content is periodically updated to address new issues and State laws, e.g., concealed weapons, gun possession in vehicles at work, bullying, discrimination, etc. Some organizations omit the “zero tolerance” statement in belief that it inhibits reporting of violations by employees who erroneously believe it implies automatic firing of violators.

  2. Threat notification system: Clearly communicated availability and access for reporting threatening behavior and situations. Confidentiality for those who report is addressed. Anonymous reporting is typically available. Disciplinary action is defined for those knowingly making false reports. Reporting can be provided through an internal vs. external provider. Ongoing reminders (posters, flyers, etc.) are provided to employees and supervisors.

  3. Social media intelligence monitoring: Ongoing monitoring of openly available social media posts that identify warnings, threatening discourse, mental health disorders associated with violent ideation, and other signs of violence against people and the workplace. Monitoring can be provided through internal or external resources. Protocol is established for reporting monitored threats to management and timely, appropriate response.

  4. Threat management team: Multidisciplinary management team trained and exercised in handling threatening situations. The team is responsive to threat notifications on a timely and thorough basis. At a minimum, representation from legal, HR and security are core members. Other disciplines are included, e.g., union reps and/or additional staff positions, as appropriate. External team members and specialists are included as core or ad hoc members. 
Clear and actionable guidelines for managing threatening situations are utilised for effective, efficient and defensible threat management
As a part of the WPV programme, supervisors and managers were trained in identifying and reporting WPV threatening situations
  1. External relationships established: Relationships are established with professionals and specialists to support the Threat Management Team, e.g., local law enforcement, threat assessment and defusing professionals, attorney(s), judges with jurisdiction over domestic violence and injunctive relief, guard services, surveillance, covert, investigations, executive protection, dispute resolution, hostility management, linguistic analysis, IT forensics, polygraph testing, outplacement services, etc.

  2. Threat management team manual and system: Clear and actionable guidelines for managing threatening situations are utilised for effective, efficient and defensible threat management. The same protocol is used, even though team members may change. Guidelines include immediate actions, assessment, investigations, defusing methods, follow-up, purposeful disengagement, and legally compliant documentation. Authority, communications and expectations are defined.  
  1. Pre-employment reference checking / Criminal background checks: Reference-check questions to assess potentially violent job applicants that previous employers feel compelled to report, e.g., “So I can document my file, do we have any reason to be concerned about this applicant from a workplace violence standpoint? Protocol for legally-compliant pre-employment and “for-cause” criminal background checks. 
  1. Character-based pre-employment interview questions: Pre-employment interviews designed to identify individuals with violent history, character problems, entitlement issues, anger and sociopathic tendencies. Compliance with “ban the box” legislation related to hiring persons with criminal histories. 
  1. Hostility management training: Take-and-use methods for managers, supervisors and employees regarding how to calm hostile situations in real time vs. Inadvertently provoking increased aggression or violence. 
  1. Corporate security program: Physical and IT Security Director(s) that integrate violence-related threat management (prevention, preparedness and response) with other appropriate corporate disciplines, e.g., HR, legal, facilities, site management, unions, etc. Methods established for investigating electronically-generated threats. 
  1. Physical security audit: Periodic assessment of facilities, property, security systems and other methods for monitoring and preventing breaches and potential violence. It is best if this audit is conducted under attorney privilege.
  1. Tracking of threatening situations: Ongoing Management Information System (MIS) that identifies, compiles, and tracks data re: the occurrences of threats (toward people, the organization, reputation, and/or property) i.e., electronic, written, verbal, symbolic, etc. Risks may be related to location of workplace(s) in a community, industry incidents, local crime rates, employee population, previous incidents, near misses, etc. Tracking of motives could be related to supervisor/employee conflicts, employee-on-employee hostilities, domestic violence, drugs and alcohol, crime/robberies, toxic work environment, union/management conflicts, activist groups, terrorism, political, kidnap and ransom, etc. 
  1. External provider screening: Investigation of methods used by external providers to screen out potentially violent contractors in your workplace, e.g., temporary placement agencies, catering services, consultants, contractors, security services, etc. 
Ongoing information about the organisation’s WPV programme, recognising and reporting threatening situations, and hostility management methods
The WPV program should include reference-check questions to assess potentially violent job applicants that previous employers feel compelled to report
  1. Layoffs/Terminations protocol: Guidelines and protocol for preparation and implementation of disciplinary meetings, layoffs, and for-cause terminations when hostility and potential violence are a concern. Caring communications, crisis actions, staging of the meeting, law enforcement or guard services, threat assessment and defusing psychologist, outplacement services, severance payments, protection of dignity, etc. may be included in the preparedness planning. 
  1. Supervisory training: Methods for disciplining and managing employees who are potentially violent or hostile. Skills training regarding the people-side of supervision, e.g., caring and compassionate handling of employee issues and human complexities that arise during supervision and working relationships. 
  1. Employee workplace violence publicity: Ongoing information about the organization’s WPV program, recognizing and reporting threatening situations, and hostility management methods. Orientation for employees at least annually and for new employees. 
  1. Employee assistance program: EAP provider that has access to skilled anger management specialists and an internal threat-related “duty-to-warn” protocol that involves more than solitary judgment of the clinician, i.e., collaborative/supervisory procedures when potential violence is a concern. EAP professionals that are trained in boundary issues regarding when it's appropriate to utilize outside resources into potentially violent situations, e.g., organization’s management, law enforcement, threat specialists, etc. Avoidance of unethical “dual relationships” where the EAP is serving the threatening individual and the Threat Management Team simultaneously. EAP should have local domestic violence relationships, e.g., women’s shelters, men’s stopping violence groups, etc. 
  1. Domestic violence program: Guidelines and assistance for employees who are subjected to, or notice evidence of, domestic violence. Protocol for domestic threats that can come into the workplace, if additional employees are targeted, and when restraining orders are issued by employees, especially when the violator’s access to the workplace is prohibited. 
  1. Employee survey: Inclusion of violence issues in employee surveys. 
  1. Alternative dispute resolution program: Methods to address situations that may include hostilities and potential violence, e.g., structured intervention by threat-experienced psychologist, coaching, facilitated communications, negotiation, mediation, collaborative law and arbitration. 
  1. Emergency and post-crisis response system: Evacuation, shelter in place, active shooter plan, lock down, safe rooms, etc. with employee/supervisory training and exercises on a periodic basis. Floor warden system. Beyond emergency response, development of strategic crisis management preparations for senior management to protect core assets affected by violent incidents, e.g., employees, key relationships, reputation, finances, shareholder value, brand, operations and physical/intellectual property.

These guidelines are listed as a generic template to help an organization evaluate their present Workplace Violence Program. A comprehensive program may not include each of these components and it may include other elements that are not listed herein. This checklist is to be used with prudent management judgment in designing a comprehensive Workplace Violence Program that best fits the organization’s time, budget, culture, and risk tolerance.

Download PDF version

Author profile

Bruce Blythe Owner & Executive Chairman, R3 Continuum

In case you missed it

Highlighting The Importance Of Security Integrations And Alliances
Highlighting The Importance Of Security Integrations And Alliances

Most technology companies have one goal in mind: to provide customers with high-quality, affordable products that can efficiently help streamline operations. Whether it's surveillance cameras, video management software, access control technology or any other type of security device, today's leading organizations invest in expertise in these product segments and strive to produce the highest quality solutions. To effectively fulfill this task, technology providers are always searching for emerging components to make their products and services even stronger. Oftentimes, a key aspect necessary to build a comprehensively robust solution involves finding like-minded partners that share a common goal and are willing to work together to create an integration that increases insight and intelligence.The interoperability between systems, devices and different types of applications should be intuitive and fast Key Factors For Security Integrations A basic factor in a partnership is openness. For an integration to perform seamlessly for the end user, the platform through which the technologies converge must follow standard protocols, easily operate with other platforms, allow freedom and customization, and provide adaptability. The interoperability between systems, devices and different types of applications should be intuitive and fast, enabling more time to be spent on analyzing critical data and responding to security events. The puzzle of a complete security solution contains many pieces, and it's often necessary to fuse together aspects from various providers to create a best-in-breed technology offering. When organizations collaborate, the end result is a simplified solution with an increased level of value. As threats become more severe and complex, customers demand solutions that combine different security and business elements into a single interface that can address a wide variety of risks.  A unified security system requires a strong collaboration between technology providers and integrated solutions Interconnected Security Devices Users used to only look at specific security devices - such as cameras or door alarms - as each having a strong, autonomous purpose, but now, every device plays an important interconnected role. And the progression of the Internet of Things (IoT) has made this transition even easier, as maintaining a consistent and uniform communication and interconnectivity between devices has now become the norm. The IoT has also made it so that partnerships must not only exist between manufacturers, but also within the customer's organizational structure. Although exceptionally beneficial, the IoT brings with it an increased amount of cyber vulnerabilities. As security systems are networked to increase flexibility, the door is opened to a number of potential threats that could compromise the entire enterprise. This risk highlights the need for an internal partnership and knowledge sharing between a company's physical security professionals and its IT team. IT experts should be pulled into security decisions and positioned as collaborative partners to assist with software updates, data safety protocols and solving complex network challenges, ultimately leading to a more cyber secure solution.Partnerships are beneficial to both the companies involved and their customers Knowledge Sharing And Learning Aside from cybersecurity, the latest prominent security attacks and events have focused primarily on soft targets, such as schools, concerts or shopping malls. This has caused many technology providers to venture into different vertical markets, and strong partnerships streamline this crossover. Innovators can extend their geographic reach and purpose through integrations with other like-minded manufacturers or integrators to add new levels of functionalities. Of course, a partnership cannot operate properly and to the best of its ability without a core component: learning. In today's evolving business and risk environment, knowledge is critical. A shared knowledge base can open up new opportunities and lead to the strengthening of security across many levels. A truly powerful, unified security system requires a strong collaboration between technology providers and integrated solutions. Partnerships are beneficial to both the companies involved and their customers, and the results created through these alliances can reach far beyond a user's expectations, offering enhanced flexibility and extensive safety options.

What Are The Security Challenges Of The Hospitality Market?
What Are The Security Challenges Of The Hospitality Market?

Hospitality businesses work to provide a safe and pleasant customer experience for their guests. Hotels offer a “home away from home” for millions of guests every day around the world. These are businesses of many sizes and types, providing services ranging from luxury accommodations to simple lodging for business travelers to family vacation experiences. Hospitality businesses also include restaurants, bars, movie theaters and other venues. Security needs are varied and require technologies that span a wide spectrum. We asked this week’s Expert Panel Roundtable: What are the security challenges of the hospitality market?

How SecuriThings Boosts Cybersecurity Across Multiple IoT Devices
How SecuriThings Boosts Cybersecurity Across Multiple IoT Devices

As Internet of Things (IoT) devices go, networked video cameras are particularly significant. Connected to the internet and using on-board processing, cameras are subject to infection by malware and can be targeted by Distributed Denial of Service (DDoS) attacks. Hacking of cameras also threatens privacy by allowing unauthorized access to video footage. The performance of hacked cameras can be degraded, and they may become unable to communicate properly when needed. Ensuring cybersecurity is a challenge, and the fragmented structure of the video surveillance market contributes to that challenge. A variety of companies are involved in manufacturing, integrating, installing and operating video systems, and cybersecurity threats can enter the picture at any stage. “It’s not always clear who is responsible,” says Yotam Gutman, vice president of marketing for SecuriThings, a cybersecurity company. “However, the only entities who can ensure cybersecurity are the security integrator and the service provider. They will bear the financial pain and are willing to pay for cybersecurity. An extra $1 or $2 per camera per month is not expensive.” SecuriThings’ “lightweight software agent” runs in the background of video cameras, sending information to an analytics system in the cloud IoT Device Security Management At the recent IFSEC trade show in London, SecuriThings unveiled its IoT Device Security Management (IDSM) approach to enable integrators to ensure cybersecurity. Founded in 2015, the company has around 20 employees in Tel Aviv, Israel, and operates a sales office in New York City. SecuriThings’ “lightweight software agent” runs in the background of video cameras, collecting metadata on camera processes and connections and sending information back to an analytics system in the cloud. Drag-and-drop deployment enables a camera to begin generating data within seconds and requiring only two mouse clicks. The cloud system analyzes data, pinpoints abnormalities, identifies new users, detects multiple entry attempts and tracks other camera processes to identify any cyberattacks. It monitors all devices, gateways, users and APIs to detect threats in real-time and mitigate the threats based on a pre-determined security policy. Machine learning tools also analyze more subtle activities that can indicate insider abuse. For example, a user support center can identify if cameras are being accessed improperly by employees, thus preventing insider abuse. Certified Vendor Agnostic Software SecuriThings is working with camera manufacturers and video management system (VMS) manufacturers to certify operation of its software agents with various camera models and systems. Working through integrators, such as Johnson Controls, is the fastest route to market, SecuriThings has determined. The system can be added after the fact to existing installations for immediate monitoring and remediation, or it can easily be incorporated into new systems as they are launched. “We have a strong sales team in the United States focusing on bringing the technology to more local and national integrators,” says Gutman. Certification ensures SecuriThings’ software agent can be installed in most modern camera models without negatively impacting operation; the software is vendor agnostic. Another eventual route to market is to work with camera manufacturers to install the SecuriThings software agent in cameras at the factory. In this scenario, the system can easily be “clicked on” when cameras are installed. The SecuriThings cloud system generates a dashboard that tracks system activities to identify any cybersecurity threats IoT Security Operations Center SecuriThings operation is transparent to the VMS, and the company works with VMS manufacturers to ensure the code operates seamlessly with their systems. Cloud analytics generate a dashboard that tracks system activities, and/or a managed service monitors the system and notifies customers if there is a problem. “We monitor it from our IoT Security Operations Center, a fully managed service that ensures the real-time detection and mitigation of IoT cyber-threats,” says Gutman. “We found that end-customers don’t have the manpower to monitor the system, so our experts can guide them.”Access control and cloud-based access control will be the next systems under cyberattack, and they are almost as vulnerable" A benefit for camera manufacturers is the ability of a system like SecuriThings to “level the playing field” on issues of cybersecurity, says Gutman. The approach provides a higher level of cybersecurity confidence for integrators and users, including those using cameras that have previously had cybersecurity problems such as “back door” access. SecuriThings has certified its software for use with Hikvision cameras and is in the process of certifying with Dahua, says Gutman. “Western manufacturers say their products are more secure, but we can help all camera manufacturers prove that they are just as secure,” says Gutman. “Integrators and users can log into a device and see all the activity.” Securing Connected Devices From Cyber Threats Beyond video, SecuriThings’ products target the full range of connected devices in the Internet of Things (IoT). The SecuriThings security solution enables real-time visibility and control of IoT devices deployed in massive numbers in smart cities, physical security, building automation, home entertainment and more. Video surveillance is an early focus because of market need, an opportunity to gain traction, and the critical nature of security applications. But the challenges are much broader than video surveillance. “We are seeing similar risks to other devices,” says Gutman. “Access control and cloud-based access control will be the next systems under cyberattack, and they are almost as vulnerable. If you can disable the access control system, you can cause a lot of problems.” Other connected devices that could be at risk include building automation and heating and cooling (HVAC) systems.