The Centers for Medicare and Medicaid Services needs to improve the way its staff and contractor staff process complaints from its waste, fraud and abuse hotline. Long timeframes and inefficient processes have delayed starting work on many complaints. On average, more than five months passed between CMS receiving complaints from OIG and contractors beginning work on them.
Lessons Learned: It is critical for government agencies and all organizations to improve responses to tips and hotline complaints. Not only are five months of inaction un-excusable, but employees aware of this timeframe will no longer trust and will no longer report incidents to hotlines that do not deliver results. Organizations must develop secure and anonymous incident reporting procedures and ensure all incidents are communicated to the appropriate personnel immediately for a timely and documented response to achieve trust and better results.
The Ethics Resource Center’s (ERC) recent survey revealed that 40% of employees observing misconduct do not step forward to report it out of fear of retaliation, mistrust or feel their reports will be ignored.
Lessons Learned: Organizations must develop secure, anonymous and/or confidential reporting solutions to empower all employees (and third-parties) to report suspicious incidents, violence, fraud, misconduct, ethical violations, etc. And once an incident has been reported, all appropriate personnel (ethics, legal, management, compliance, safety, law enforcement, etc) should be immediately and automatically notified to ensure a timely response and ensure red flags do not fall through the cracks.
Based on other surveys and reports, the percentage of people reporting incidents is even lower and when tips are not reported, it is nearly impossible for organizations to proactively prevent or intervene.
Tips prevent a lot of bad things from happening within organizations, but tips alone are not the answer based on recent lessons learned. The Christmas Day Bomber attack was prevented and lives saved thanks to tips, but also thanks to the FBI’s proactive efforts in confidentially sharing information with other key players, such as law enforcement and local government.
An anonymous tip from Saudi Arabian intelligence helped to locate package bombs that were sent from Yemen. No doubt these package bombs could have caused a lot of damage and loss of lives, had specialized prevention teams not taken proactive actions to locate and confiscate the packages before they arrived at their destinations.
Tips play a critical role in global security, as well as our communities. But just having the tips is not going to prevent unwanted incidents from happening. People – specialized teams with situational awareness, accountability, secure information sharing tools and the ability to connect the dots – are clearly the most effective way to proactively prevent unwanted incidents in schools, communities, private organizations, governments and where ever else bullies and terrorists may target.
While I am very thankful that the Christmas Day Bomber and the package bombs were prevented, every day I see or hear about stories involving bullying or terrorism or ethics or safety where red flags existed, but organizations did not take appropriate actions.
I hope organizational leaders realize it is their responsibility and obligation to take proactive steps in understanding how their organization receives tips, how their teams share information, how teams respond to tips and if their traditional tips system (see previous blog) is empowering their security and prevention teams to proactively prevent incidents.
Feel free to share these lessons learned, because they help organizations and their leaders understand the need to replace status quo solutions sooner than later to meet safety obligations and escalating risks.
New data released this week revealed:
17 percent of American students report being bullied 2-3 times a month or more within a school semester.
Over 9% of girls and 14% of boys just watch their fellow classmates get bullied.
Over 30% of girls and 22% of boys think they ought to help the bullied students, but don’t do anything about it.
80% of bullying is witnessed; but only 10% of witnesses/bystanders report incidents.
Why are bystanders not reporting incidents?
There are many reasons and some of the most common include:
“The world is a dangerous place to live; not because of the people who are evil, but because of the people who don’t do anything about it.” — Albert Einstein
But, we have to be careful not to rush to judgment and blame the bystanders. If 90% of the bystanders are not reporting, maybe the problem is the way incident reporting is being offered?
Perhaps the lack of incident reporting starts with school leaders? Are school leaders ensuring that all faculty, school administrators, school security officers, school resource officers, counselors, parents, and students understand and trust their entity’s incident reporting? Are school leaders ensuring individual understand their roles and responsibilities for preventing, responding, reacting and reporting bullying related incidents?
Lessons learned reveal it is critical for school administrators to encourage victims and bystanders to report bullying. Lessons learned also reveal that school leaders have an obligation and responsibility to provide easy, accessible and anonymous ways for victims, bystanders, parents and third-parties to report incidents occurring at school and off of school grounds too.
Trust is critical to achieving better results. School leaders must quickly and consistently respond to all incident reports to ensure all individuals that the school is serious about bullying and is not ignoring victims or bystanders. Anti-bullying and incident reporting efforts should not be a bunch of posters, memos, e-mails or a program brochure disseminated in a binder or student handbook.
Are you doing what you need to do to empower victims and bystanders in your school?
What is your first thought when you hear the word WHISTLEBLOWER?
Whistleblower definitions commonly say a whistleblower is any person that reveals wrongdoing or malpractices taking place within an organization. And in many cases a whistleblower may face retaliation or other negative ramifications and by law may require special protection.
What is your first thought when you hear the word HERO?
Hero definitions run from mythical and legendary figures to a person that is admired for their achievements or noble qualities to a central figure in an event, period or movement.
When is the last time you heard an organization promote their Hero Line? What if organizations promoted their Hero Line in targeting Workplace Violence or Bullying or Cyber Bullying or Ethics?
I recently came across a Joint Commission Sentinel Event Alert focused on preventing violence in the health care setting and I thought the Hero Line would be a great fit.
Some of the causal factors identified in the Sentinel Event Alert point out the importance of making sure policies and procedures are IMPLEMENTED (not just disseminated) and the need for ongoing education and competence assessment processes ensuring people understand what to do in different situations.
The Sentinel Event Alert cited multiple prevention strategies and said:
“…- security is a people action and requires staff taking responsibility, asking questions and reporting any and all threats or suspicious events.”
Sounds like something a HERO would do….what do you think?
In my previous blog I suggested that building a successful preparedness campaign is like building a skyscraper…and in some cases it seems like building a skyscraper may actually be easier than building a successful campus-wide or organization-wide preparedness effort.
I mentioned that building a skyscraper and building a campus-wide or organization-wide preparedness effort have a lot in common and one of those common items is blueprints.
Blueprints can be a technical drawing, a mechanical drawing, an architectural plan, a model, a prototype, a detailed plan of action and etc. Blueprints can also include programs, policies, procedures, processes, guidelines, checklists and etc.
But blueprints are not skyscrapers.
Lessons learned continue to reveal that many organizations are extremely vulnerable because they purchase blueprints (emergency plans, anti-bullying programs, checklists, and etc.) and schedule a meeting or training session and post their blueprints on an intranet/portal and think they have built their “skyscraper”.
More and more organizations are learning the hard way that having blueprints is not enough.
Even though financial organizations have policies, government entities have plans, schools have procedures, healthcare organizations have checklists and organizations have been offering general training on an annual basis for years… tragedies, failures, bullying and lawsuits continue to escalate.
Do your organization’s leaders understand that building organization-wide preparedness efforts or a culture of safety or an anti-bullying environment requires more than disseminating blueprints?
I attended the Virginia Governor’s Campus Preparedness conference last week and had an interesting discussion with one of the attendees. We were talking about how building preparedness across an organization or an entire campus is becoming more complex and more difficult due to escalating challenges, regulations, obligations, liabilities and much more.
As our discussion continued, we started talking about how important tools can be when building campus-wide preparedness programs. In reference to whether tools can make a difference, I offered the following analogy:
Could a skyscraper be built using a hammer, a saw and some nails?
The attendee responded quickly, yes the skyscraper could be built but she wouldn’t go inside it!
Next we discussed how building a skyscraper and building a campus-wide or organization-wide preparedness program have a lot in common:
Are you building your __________ program [preparedness, compliance, business continuity, safety, security, ethics, etc.] with old outdated tools such as binders, intranets, shared drives and general training?
Did you see the article in the USA Today last week regarding TSA keeping a database of pushy flyers?
The pushy fliers program was launched in 2007 to help prevent the nation’s 50,000 airport screeners from being attacked or threatened. TSA officials voiced concern about passengers disrespecting screeners so they began issuing new uniforms with police style badges pinned to shirts. According to the article, the database has records from about 240 incidents and most are screeners in conflict with other screeners and 30 incidents involve passengers or airport workers attacking or threatening screeners.
Based on my experiences leaving a New York area airport this week, I understand why 8 times more incidents are screeners in conflict with other screeners. And based on my experiences, I am also curious if TSA has started creating a database of TSA screeners that disrespect passengers?
These New York area TSA screeners seemed more interested in being bossy than screening passengers to ensure safety and security. Maybe it’s the uniform and the pin on badge? Maybe the uniforms are the problem?
Maybe the uniforms make TSA scanners behave like control freak umpires – like Cowboy Joe West and Bossy Bill Hohn – both are major league baseball umpires that forgot about their real job responsibilities because they were too busy trying to be in control. MLB announced they were going to address Bill Hohn “in a very stern way”…perhaps lessons learned from the TSA database and lessons from MLB will help TSA address what seems to be a growing problem?
Passengers deserve respect and passengers deserve TSA scanners that put their roles and their responsibilities before their attitudes and personal control issues.
I wonder if organizational leaders are paying attention to these lessons learned when they travel? Or as organizational leaders watch TV and see all the negative feedback on umpires?
Organizational leaders must quickly realize that connecting the dots includes all types of dots – every good, bad and bossy individual must be connected to the organization’s culture and be accountable for their roles, responsibilities, obligations and decisions.
Did your organization use these lessons learned to achieve better results with your passengers, fans, customers and partners?
A recent report from the University of Maryland’s National Consortium for the Study of Terrorism and Responses to Terrorism (START) has revealed that since 1995, a much higher percentage (33%) of terrorist attacks in the United States were conducted by unaffiliated individuals, rather than by organized groups.
From the Oklahoma City bombing to more recent attacks like Virginia Tech, Fort Hood, and the University of Alabama, another commonality has also been revealed; in 80% of the incidents, red flags and warning signs exist, but are often not identified.
There are many reasons red flags go unreported. Victims or bystanders may fear retaliation or they may feel like their report will be ignored or they might think they are just being overly suspicious. And sometimes victims or bystanders make reports but the person receiving the report decides it is not serious or forgets or other.
However, in order to save lives and prevent incidents like this from occurring in the future, suspicious activities and other red flags must be reported to the appropriate personnel immediately and ongoing. By providing employees, victims, bystanders, responders and third-parties the ability to confidentially report suspicious behaviors, they will feel more comfortable and more likely to move from bystander to hero.
Many times one single behavior might not constitute a genuine threat, but when all of the dots are connected, a serious problem may be revealed. For example, maybe one employee hears that John Doe has threatened to “make everyone pay”. A different employee learns that John recently broke up with his girlfriend. A third employee sees John putting a suspicious bag in his locker. Each of these events separately may not be reason for concern, but when connected….
Organizations must ensure they are “connecting the dots” at the individual level and sharing the right information with the right people at the right time. And lessons learned show the right tools can help make the shift from “lone wolf” terrorists to “lone wolf” heroes.
awareness and preparedness efforts.
While we have done a considerable amount of research on this topic, there were a few items in this presentation that grabbed my attention:
1) Zero reports of violence do not equal zero violence
This is a critical statement for employers to understand and address. Over 80% of violent incidents have clear warning signs, but red flags are often not reported. How is your organization ensuring your employees, third-parties, etc. understand their responsibility to report suspicious incidents, threats, etc.? Have you made it easy for employees to submit an incident report? Can they do so anonymously? Once an employee submits an incident report, how does your organization ensure the appropriate personnel or threat assessment team members are notified? How does your organization know what actions were taken?
2) Distinguish between “making a threat” and “posing a threat”
The speaker addressed three key points:
How can organizations determine the difference between threatening behavior and odd or unusual behavior? John Doe might have a fascination with guns. Jane Smith just broke up with her boyfriend. Henry Johnson has a history of mental illness. However, just one of these risk factors alone does not generally constitute a threat. The whole picture has to be reviewed and Threat Assessment Teams need specialized awareness to help identify and mitigate risk factors.
There are several assessment tools available (VRAG, RAGE-V, etc.) that can help Threat Assessment Teams evaluate behaviors and determine risk factors. Risk factors can include contextual factors, deterrent factors, potential stressors and resiliency factors, and all should be taken into account when evaluating a potential threat.
3) Don’t Get Caught in the White Zone
As soon as an organization thinks they are safe (“My employees would never do that”) and stops preparing is when they will get caught. It is critical for employers to understand that the risk of workplace violence is real and implement a proactive approach to ensure workplace safety and security.
Organizations must ensure they are “connecting the dots” across all departments, locations, individuals, etc. and eliminate silos between management, staff, mental health, law enforcement, third-parties, etc. When the right information is shared with the right people at the right time, your organization’s chances of preventing workplace violence, negative publicity, lawsuits and much worse, are much better.