Threat Assessment
Standing Up a Threat Assessment Team in a Hospital
Build a multidisciplinary threat assessment team that holds up at survey — charter, membership, activation pathway, and records — without ever framing it as a security operation.
A multidisciplinary threat assessment team is the body that takes a reported concern — a fixation on a clinician, a threat made on discharge, a pattern of intimidating messages — and decides, deliberately and on the record, how serious it is and what to do about it. Standing one up requires a written charter, the right cross-functional membership, a clear activation pathway, and a confidential record. Done well, it is the capability that lets a facility show a surveyor it manages concerns rather than merely logging them.
This is not a security operation and must never be chartered as one. It is a compliance and clinical-coordination function that connects to — but is distinct from — the standing WVP committee. Below is how to build it so it functions in practice and holds up at survey.
#Why a standing team, not an ad hoc huddle
Facilities often handle threats informally: a manager hears a concern, pulls a few people into a hallway conversation, and the matter dissolves once the shift changes. That approach fails on two fronts. Clinically, it loses information across shifts and departments. For compliance, it leaves no record that the concern was evaluated and managed — which is exactly what a surveyor tracing an incident, or plaintiff's counsel reviewing it later, looks for.
A standing team solves both. The Joint Commission's workplace violence requirements (effective Jan. 1, 2022 for hospitals) expect facilities to track, trend, and follow up on incidents — and a threat assessment team is how the follow-up half becomes a real workflow. Under Texas HSC Chapter 331, the same team operationalizes the required reporting mechanism and post-incident response. OSHA Publication 3148 frames management commitment and a structured response as core program components.
#Membership: cross-functional by design
The power of the team is in the disciplines at the table. Each brings a lens no single department has.
| Function | What they contribute |
|---|---|
| Safety / security leadership | Access control, physical measures, response coordination |
| Human resources | Staff-directed concerns, employment dimensions, conduct policy |
| Behavioral health / psychiatry | Clinical evaluation of risk and stabilizing factors |
| Nursing leadership | Unit context, care-team coordination, patient history |
| Risk management / legal | Privacy, documentation discipline, litigation-exposure awareness |
| Ad hoc (by case) | Involved unit manager, employee health, chaplaincy, the treating clinician |
Two membership rules matter for the rails. First, security or safety leadership is one voice among several, never the owner — the team is multidisciplinary precisely so it is not a security function. Second, the chair should be a role with program authority — a risk, compliance, or safety leader — not whoever happens to be available.
#The charter: what to put in writing
The team needs a written charter for the same reason the program does: a surveyor reviews the structure, and an undocumented team is, for survey purposes, no team. A defensible charter states:
- Purpose and scope. Evaluation and management of reported behavioral concerns involving patients, visitors, or staff — framed as compliance and clinical coordination, not security or investigation.
- Standing membership and the chair, by role and credential — never by name (rail #2).
- Activation pathway. Who can refer a concern, through which channel, and how the team convenes (including an urgent-convene option).
- The assessment method. The structured factors the team weighs and the five-step process it follows.
- Confidentiality and records. Where case records live, who may access them, and the retention rule.
- Relationship to the WVP committee. How cases inform the program and how trends flow back up.
#The activation pathway: from concern to convened team
A team that meets on a fixed monthly calendar will miss the concern that surfaces on a Tuesday night. The activation pathway has to be both routine and urgent-capable.
- Intake. Any staff member can refer a concern through the same confidential reporting channel the WVP plan already requires — low friction, no fear of retaliation.
- Triage. A first screen separates an immediate emergency (activate emergency response / 911) from a concern the team will assess.
- Convene. Routine cases at the next scheduled meeting; urgent cases through an on-call convene — a defined small quorum that can meet within hours.
- Decide and assign. A documented management plan with a named owner and review dates.
- Close the loop. Follow-up at the set dates; the case closes only when the team agrees, and the record stays in the confidential file.
#Distinguishing the team from the committee
The single most common point of confusion is the line between the threat assessment team and the WVP committee. Keep them clear:
- The WVP committee governs the program — the plan, policy, worksite analysis, training oversight, and the annual evaluation to the governing body. It looks at the system.
- The threat assessment team works cases — evaluating and managing specific concerns. It looks at situations.
They share membership and exchange information — the committee sets the framework the team operates within, and de-identified case trends sharpen the committee's worksite analysis. But conflating them produces a body that does neither job well.
#Records: confidential, disciplined, defensible
Case records are sensitive and must be handled as such — limited access, clear retention, and language written with the awareness that it may be read in discovery. The discipline is covered in our piece on documenting threat assessments defensibly: record the assessment and the management decision factually, show the follow-up, and avoid speculation or labels that read badly out of context. A clean record is the team's best evidence that it worked as designed.
#How VIGILO helps
VIGILO helps facilities charter and stand up a multidisciplinary threat assessment program — membership by role and credential, an activation pathway, a structured method, and a confidential record — and integrate it with the written WVP plan and policies and the standing committee. The capability is kept current through an annual program review, and for Texas facilities it aligns with HSC Chapter 331. To see where your structure stands against what surveyors verify, start with the Chapter 331 compliance checklist.
VIGILO provides compliance, training, and consulting assistance and supports survey-readiness and preparedness; it does not guarantee safety outcomes and does not provide security guard, patrol, or investigative services. A healthcare threat assessment team is a compliance and clinical-coordination function, not a security or investigative unit. Sources: The Joint Commission Workplace Violence Prevention requirements (incident reporting, tracking, trending, and follow-up; effective Jan. 1, 2022 for hospitals); OSHA Publication 3148 (program components); Texas Health & Safety Code Chapter 331 (SB 240, 88th Leg., 2023) and 26 TAC §133.55; HHSC PL 2024-10.