Providers are increasingly being confronted with the issue of placing surveillance cameras, or “granny cams,” in residents’ rooms by their loved ones to ensure quality of care. A handful of states currently have laws granting individuals the affirmative right to install surveillance cameras in their nursing home rooms, and other states are considering similar legislation. Even in states where there is no legislation, the state’s attorneys have used hidden cameras that have captured abuse for prosecution purposes.
Pros and cons of surveillance cameras
Providers should evaluate the pros and cons of surveillance cameras carefully. On one side, surveillance cameras can help detect and deter abuse and neglect in long-term care (LTC) facilities. The technology can also stop residents’ risky behavior. For example, the technology allows providers to observe if a resident gets out of bed without assistance, which could lead to falls-related injuries. Cameras can also allow adult children to observe if parents’ needs are being met, which builds confidence in the care provided by the organization.
On the other side, providers say cameras are invitations for lawsuits, can expose organizations to cyber risk, can invade the privacy of residents and have the potential for negative staffing implications if employees decide they don’t want to work under constant scrutiny. Providers also worry cameras could inhibit the relationship between caregivers and residents. Verbal interactions can be stifled because of concerns about being “listened to” and scrutinized by the residents’ family leading to textbook-like care. Cameras can also become a substitute for family interaction. The ability to check in via camera may ease an adult child’s peace of mind but can result in the reduction of visits or calls.
What should providers do?
There are definitely strong cases for and against the use of surveillance cameras in LTC facilities. However, the bottom line is we live in a litigious and technology-driven world where people desire to keep an eye on their loved ones even when they can’t physically be with them.
Providers should take a proactive approach to surveillance cameras by embracing the technology and what it can do for both caregivers and residents. While there is no one-size-fits-all approach, the best policies and procedures involve all parties—caregivers, residents and residents’ loved ones—and will make the residents’ well-being the top priority.
In states that do not regulate surveillance camera use, the following should be considered as part of a provider’s policy and procedures:
- Prohibit privately placed cameras. Instead, offer residents and their families’ access to the secured cameras on your network through a safe portal. This way, you can be certain of how the cameras are being used and have a recording of what is viewed by residents’ families.
- Notify residents and their adult children upon admission of monitoring and ask for their written consent.
- Post signage in common areas to inform residents and visitors the area is being monitored.
- Review recordings of activity throughout the entire facility as part of your quality assurance and performance improvement program, but demonstrate respect for resident privacy by only giving loved ones access to footage from common areas, such as lobbies, hallways or dining rooms and resident rooms at times when residents are not expecting privacy and are dressed in a publicly acceptable manner.
- Obtain written consent if during special circumstances a camera is used in a resident’s room. In a shared room, consent should come from both roommates.
- Address a family’s desire to check in on their family member by promoting morning and/or evening videoconferencing sessions.
- Be completely transparent with employees by clearly explaining to them what is being recorded, who has access to the recordings and the benefits of the monitoring.
- Create an open-door policy that encourages residents’ loved ones to share with you their concerns or suspicions of abuse.
The use of surveillance cameras exposes providers to certain cyber liability risks. At a minimum, executives should make an annual practice of reviewing their organization’s cyber risk management program with their insurance broker. As part of this review process, they should carefully examine their insurance policies to ensure adequate protection in the event of a data breach and confirm the organization as a whole is following best practices for the inadvertent release of Protected Health Information (PHI).
Most general liability policies have exclusions for cyber liability. This is where cyber liability insurance becomes a necessity. A cyber liability policy will provide coverage for third-party claims arising from a failure with the company’s network security, failure to protect personally identifiable information, failure to protect confidential corporate information or associated regulatory actions (including HIPAA/HITECH). The policy will also provide coverage for first-party claims, such as those necessary steps needed responding to a security failure or privacy breach.
This coverage usually includes the costs of notification, public relations and other services to assist in managing and mitigating a cyber incident. It can also give LTC organizations access to lawyers, public relations specialists and forensic firms.