JCAHO Update for Infection Control

Homeland security warns of fake JCAHO surveyors

Contact JCAHO to make sure they’re authentic

Federal counterterrorism officials are warning about a disturbing pattern of incidents in which people tried to gain access to hospitals by posing as surveyors from the Joint Commission.

The Department of Homeland Security (DHS) issued a bulletin on the incidents, April 22, 2005. “This bulletin is intended to raise awareness and share information about recent suspicious reports involving hospitals. [We have] no information indicating a specific and credible threat of an al-Qaida-associated terrorist attack against hospital facilities inside the United States.”

Over the past year, there have been several reported cases of personnel falsely representing themselves as JCAHO officials, the bulletin said. These individuals were attempting to gain public health service information from hospital personnel and behaved in a manner inconsistent with legitimate inspection professionals. No suspects have been detained as of this reporting, the DHS reported.

There is only one known example of Islamic extremists targeting hospitals. In 1995, known terrorist Shamil Basayev and Chechen rebels led a hostage-taking raid at Budennovsk in southern Russia in which 2,000 hostages were taken at a hospital. About 150 of them died when Russian forces stormed the building; Basayev himself managed to escape.

However, DHS has noted an increased number of suspicious incidents involving hospitals. On March 27, 2005, a New Jersey hospital experienced its fourth separate incident in a six-week period. Three male subjects in their 30s and 40s, possibly of Middle Eastern descent, spoke fluent unaccented English and presented themselves as physicians from JCAHO. The subjects inquired about capacity, services, and operations of the hospital and left the facility when their questions were not answered.

From Feb. 26 to March 10, 2005, three other U.S. hospitals in Boston, Los Angeles, and Detroit also reported individuals posing as JCAHO inspectors. These individuals similarly behaved in a manner inconsistent with professional inspection staff and were described respectively as:

  • a Caucasian woman man and woman at the Los Angeles hospital;
  • a male of South Asian descent at the Boston hospital;
  • a Caucasian woman at the Detroit hospital.

JCAHO administrators have stated that these suspects were not with JCAHO and that there were no planned inspections at these facilities. The suspicious individuals entered hospitals at 3 a.m. local time in Los Angeles and Boston; the Detroit entry time was reported only as “AM.” Suspects from all three locations left immediately after being challenged by hospital staff. Hospitals routinely hire commercial inspection teams before a JCAHO inspection, to evaluate their processes, etc. These teams typically would inspect during normal day duty hours and report to senior hospital management/administrators, the DHS bulletin noted. Early morning evaluations are out of character, at least in the initial stages of a pre-JCAHO “spin-up.” U.S. hospitals offer easy public access and would be recognized by terrorist planners as easy, accessible targets. Known targeting of such facilities would instill great panic and fear in the general public, the agency reasoned.

These most recent nationwide impersonations are more noteworthy when seen in the broader context with similar incidents that have occurred from October 2004 to February 2005. While these suspicious activities may exhibit characteristics of criminal activity or even possible pre-operational planning activity, DHS has no information indicating they are tied to a specific and credible threat of an al-Qaida-associated terrorist attack against hospital facilities inside the United States.

The use of false credentials to gain entry into hospitals is not new. However, according to JCAHO, these new events mark a different trend because of the number of incidents over this time period and nature of the questions seeking information on services. As an emerging pattern, this activity needs to be closely followed and reported. The DHS advises:

  • Enforce stringent credentialing and badging of all hospital employees. Implement credentialing and badging of contractors, official visitors, inspectors, and others with hospital business.
  • Do not allow access or give information to JCAHO representatives without first contacting hospital administration and senior security representatives.
  • Require photo identification of JCAHO representatives. Contact JCAHO office to verify an inspection has been authorized.
  • Provide security guard and hospital administration staff escort to JCAHO representatives as they conduct inspections. Defer any requests for access or information that are not consistent with established inspection protocols.
  • Inspect parcels and packages being brought into the facility by JCAHO representatives. Conduct random inspections of parcels and packages brought in by visitors.