On 26th July 2021 AEGIS Protective Services sent Freedom of Information (FOI) requests to 194 NHS Trusts in England. The requests were sent via email to each trust’s publicly advertised FOI email address with read receipts being asked for with each.

This is the first in a series of interim snapshot reports on the results received to date.

The Freedom of Information Requests asked:

  1. Does the NHS Trust contract a private security company to provide Security Officers to work onsite, or employ an ‘in house’ team of Security Officers, or both?
  2. Please provide a copy of the most recent ‘training needs analysis’ conducted at the Trust for a Security Officer role or, explain why there isn’t one.
  3. Do Security Officers have autonomy to remove people from the Trust’s premises i.e. without seeking advice from clinical staff as to whether or not the person to be removed requires medical advice, treatment or care?
  4. Are Security Officer training deficiencies that are known to exist listed on the NHS Trust’s Risk Register?

Clarification of the meaning of ‘training deficiencies’ in question 4

The ‘Management of Health and Safety at Work Regulations 1999’ requires employers to make a suitable and sufficient assessment of the risks to health and safety of employees and other people who may be affected by the activities of their work.

The process of Risk Assessment enables employers to identify ‘risk control measures’ they must implement to ensure they are meeting legislative requirements.

One ‘risk control measure’ will be the instructions and training given to staff.

The Health and Safety at Work Act 1974 (S.2.2c) requires employers to provide whatever information, instruction, training and supervision as is necessary to ensure, so far as is reasonably practicable, the health and safety at work of their employees.

What training is ‘necessary’ is to be determined by a full and sufficient Health and Safety Risk Assessment of the employees’ roles and the known risks, followed by a Training Needs Analysis.

A Training Needs Analysis (TNA) is a structured approach to identifying the training which is required to enable legal requirements to be met (or exceeded). The TNA should identify what knowledge and skills staff need to know in order to perform every aspect of their work role safely and well.

The outputs of a TNA should be a series of Learning Outcomes (LOs) describing what the trainee should know and be able to do after completing the training.

A Training Needs Analysis would be the basis for producing a Job Specification and stipulating training requirements for any contracted in Security Officers.” – Jim O’Dwyer, AEGIS Protective Services.

Other legislation also makes explicit training requirements of NHS Trusts.

For example, NHS Trusts whose employees provide care to adults who may lack capacity are required to comply with the Mental Capacity Act Code of Practice (MCA CoP), which states that certain categories of people are ‘legally required’ to have regard to relevant guidance in the Code of Practice and that they must be aware of the Code of Practice when acting or making decisions on behalf of someone who lacks capacity to make a decision for themselves, and they should be able to explain how they have had regard to the Code when acting or making decisions. In other words, they must be provided with suitable training. And, when you consider the kinds of interactions Healthcare Security Officers have with patients who lack mental capacity the legal requirement would clearly apply to them too!

Also, NHS Mental Health Units are now subject to the Mental Health Units (Use of Force) Act 2018 which requires the ‘responsible person’ for each Mental Health Unit to provide training for staff that relates to the use of force by staff who work in that unit.

The training MUST include training on the following topics:

  • How to involve patients in the planning, development and delivery of care and treatment in the Mental Health Unit
  • Showing respect for patients’ past and present wishes and feelings
  • Showing respect for diversity generally
  • Avoiding unlawful discrimination, harassment and victimisation
  • The use of techniques for avoiding or reducing the use of force
  • The risks associated with the use of force
  • The impact of trauma (whether historic or otherwise) on a patient’s mental and physical health
  • The impact of any use of force on a patient’s mental and physical health
  • The impact of any use of force on a patient’s development
  • How to ensure the safety of patients and the public
  • The principal legal or ethical issues associated with the use of force.

So, to clarify, ‘training deficiencies’, means training that would be legally required to be provided to Security Officers deployed at the NHS Trust, but not yet provided.

Training deficiencies put staff and service users at risk.

Where a training deficiency exists (or should reasonably be known to exist) that presents a serious and imminent threat of harm to anyone, it should be recorded on the organisation’s Risk Register. (For example no training for Security Officers deployed in an Emergency Department in how to hold and immobilise a resisting person so as to enable a clinician to administer an intra-muscular injection to sedate them.)

Interim Results

194 NHS Trusts were contacted.

The Freedom of Information Act 2000 gives guidance for the time period for provision of requested information to be supplied, (subject to exemptions):

“A public authority must comply with section 1(1) promptly and in any event not later than the twentieth working day following the date of receipt.”.

However, COVID has to be considered!

Below is an example of how NHS Trusts have requested additional time to respond.

“Due to the ongoing CORONAVIRUS pandemic, the Trust is facing numerous challenges, including pressures in maintaining staffing levels.  The Trust will endeavour to respond to your request for information that the Trust holds within the statutory 20-working-day period, however, this may not always be possible.  As you will appreciate, the Trust is prioritising the delivery of healthcare and focusing its resources on making sure that service users are receiving the treatment and care needed. This means that staff who would usually assist with responding to information requests are focusing the majority of their time and attention to this in order to ensure that our service users are well looked after. Unfortunately, this may mean that there could be a delay in providing you with the information that you have requested.  The Information Commissioner’s Office (ICO) is aware of these understandable delays and has stated that it will not penalise organisations, such as the Trust, that need to prioritise their resource within other areas or adapt their usual approach during this time.

Thank you for your understanding.

The Information Commissioner can be contacted at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF


A new deadline for responses

In view of COVID exigencies – it would be reasonable to extend the deadline by another 20 working days, before reporting them to the ICO. (40 working days from sending.)

That’s twice the normal time period allowed for FOI responses.

So, the new ‘deadline’ will be 5pm on Monday 6th September 2021.

Current Position

As of 22nd August 2021, 192 (of 194) NHS Trusts contacted had either acknowledged or responded to in some way to the FOI request, with only 2 remaining completely unresponsive (West London NHS Trust and Imperial College Healthcare NHS Trust.)

As of 2nd September 2021, 21 Trusts have not yet submitted formal responses.

Figure 1

Security Provision

Our Question 1 was: “Does the NHS Trust contract a private security company to provide Security Officers to work onsite, or employ an ‘in house’ team of Security Officers, or both?”

Analysis of 163 FOI responses received as of 2nd September 2021, showed:

Figure 2

Interesting revelation #1

Four NHS Trust’s replied stating that security was provided by ’wholly owned’ subsidiary companies.

This sparked discussion as to the legal position about SIA licensing requirements, resulting a public poll being posted on LinkedIn on 3rd August 2021 (for one week) seeking the views of other security professionals.

The question posed was:

Figure 3

The poll closed leaving uncertainty and so official clarification was invited from the SIA.

Paul Cartlidge, Business Relationship Manager at SIA, then confirmed the position – see Figure 4 below.

Figure 4

So, to confirm, NHS Trusts that contract in manned security provision from wholly owned subsidiary companies will be subject to SIA Licencing, meaning NHS Directors will need to be appropriately Licenced (as the parent company) as well as the security officers.

Paul invited affected NHS Trusts to contact him for clarification/advice.

Paul’s email address is:

Investment in suitable training is crucial

The AEGIS Healthcare Security Officer Training programme is a comprehensive learning package that provides NHS security managers with a verifiable record of training provision (and candidate testing) across a broad spectrum of topics identified as necessary by a Training Needs Analysis, following a Health and Safety risk assessment and evaluation of the role.