Threat Assessment
Threats From Patients, Visitors & Domestic Cases
A patient threat, a visitor threat, and a domestic situation spilling into care call for different responses. Learn how to manage each defensibly within one workplace violence program.
A threat is not just a threat — its source changes how a facility may and should respond. A patient who threatens staff is someone the facility owes a duty of care, so management leans clinical. A visitor who threatens has no treatment relationship, so conduct policy and access controls carry more weight. A domestic situation that follows a patient or an employee into the building introduces a third party the facility never chose to engage at all. One structured threat assessment process governs all three — but the proportionate response differs by source, and a defensible program knows the difference.
This article works through the three sources, the distinct considerations each raises, and how to keep all of them inside a single documented capability that holds up at survey and in litigation.
#Why source is the first question
When the threat assessment team takes a concern, identifying the source is the first fork in the road because it determines what tools are even available. The facility's relationship — and therefore its obligations and its options — is fundamentally different for a patient, a visitor, and an outside party.
The underlying process does not change. Every source runs the same five-step workflow: identification, triage, assessment, management, documentation. What changes is the menu of proportionate responses the team draws from. The requirements support this: the Joint Commission's workplace violence requirements (effective Jan. 1, 2022 for hospitals) and a facility-specific plan under Texas HSC Chapter 331 both expect a response calibrated to the situation, not a single reflex.
#Patient-source threats: care and safety together
A patient who threatens staff is, almost always, also a patient in clinical need. The duty of care does not pause because a threat was made, and management has to hold safety and treatment together. The response leans on clinical stabilization, behavioral alert flagging, two-staff measures, and de-escalation — and only escalates to law-enforcement involvement when conduct exceeds what clinical and administrative controls can manage.
The defensibility test is whether the record shows the team weighed the clinical driver and managed proportionately. Removing or refusing care to a patient is constrained by clinical, ethical, and regulatory obligations the team must respect — which is exactly why patient-source threats route through clinical input on the threat assessment team, not around it.
#Visitor-source threats: conduct and access
A visitor is a different matter entirely. There is no treatment relationship and no duty of care, which means the facility's primary tools are conduct policy and access control. A documented visitor code of conduct lets the facility set conditions on a visit, restrict a visitor to certain areas, require escort, or remove and bar a person whose behavior threatens staff or patients.
| Patient source | Visitor source | |
|---|---|---|
| Relationship | Duty of care | No treatment relationship |
| Primary tools | Clinical management, behavioral controls | Conduct policy, access restriction, removal |
| Constraint | Care obligations limit removal | Conduct-based measures broadly available |
| Documentation | Clinical reasoning + management plan | Conduct basis + access decision |
Because conduct-based measures are more freely available, the discipline for visitors is documenting the basis: what conduct occurred, what policy it violated, and what access decision followed. A visitor restriction recorded this way is defensible; one applied without a documented basis is not.
#Domestic situations spilling into care
The third source is the hardest because the threat originates outside the facility and arrives uninvited — an abuser following a patient to the bedside, a partner who appears at an employee's workplace, a custody conflict playing out in the lobby. The named target is a patient or an employee the facility wants to protect; the threat is a third party with no legitimate reason to be present.
Domestic situations call for a distinct response set:
- Safety planning for the named individual — the patient or employee at risk — coordinated with them, not over their head.
- Access awareness so the threatening party can be recognized and not granted access, within policy.
- Minimum-necessary communication to the staff and departments who need it, on the same cross-shift, cross-department discipline used for any credible threat.
- Coordination with the threat assessment team as a single owned case, and with law enforcement where protective orders or imminent danger are in play.
When the named individual is an employee, the situation also has an HR and employee-safety dimension that a patient case does not — another reason the multidisciplinary team, with HR at the table, is the right body to manage it.
#Keeping three responses inside one program
The risk in distinguishing by source is fragmentation — three different responses managed by three different parts of the building with no shared record. The fix is that all three route to the same threat assessment team and the same documented process, which simply selects the proportionate response menu for the source. That single point of ownership is what lets a facility show a surveyor a coherent capability rather than three improvised reactions, and what keeps de-identified trends from all three flowing back into one worksite analysis.
The rails hold across all three. None of this makes the facility a security or investigative operation: it convenes, assesses, decides, and documents — using clinical tools for patients, conduct and access policy for visitors, and safety planning and coordination for domestic situations. It is a compliance and clinical-coordination function throughout.
#How VIGILO helps
VIGILO helps facilities build source-specific response menus into one threat assessment program and the written WVP plan and policies — clinical management for patient-source threats, a defensible visitor code of conduct and access framework, and domestic-situation safety planning coordinated with HR, risk, and legal — all owned by one multidisciplinary team and documented to one standard. The capability is trained through staff education and refreshed in an annual program review. For Texas facilities it aligns with HSC Chapter 331. To see how your program handles each source, start with the Chapter 331 compliance checklist.
VIGILO provides compliance, training, and consulting assistance and supports survey-readiness and preparedness; it does not provide legal advice, does not guarantee safety outcomes, and does not provide security guard, patrol, or investigative services. Patient-care and access decisions must comply with applicable clinical, ethical, and regulatory obligations; coordinate with your clinical, HR, risk, and legal functions. Sources: The Joint Commission Workplace Violence Prevention requirements (effective Jan. 1, 2022 for hospitals); Texas Health & Safety Code Chapter 331 (SB 240, 88th Leg., 2023) and 26 TAC §133.55; OSHA General Duty Clause §5(a)(1) and Publication 3148.