HospitalInspections.org

Based on observation, document review, record review, policy review, video surveillance review, and interview, the hospital's Governing Body did not fulfill its responsibilities to patients, staff, and/or the community by the failure to establish clear goals, policies, and procedures. This deficient practice resulted in systemic failures that could lead to poor quality of care, lack of patient safety, unstable financial stability, and lapse of regulatory compliance.

Findings Include:

1. The hospital's Governing Body failed to ensure it revised and/or reviewed the bylaws every two years as required per the hospital's written bylaws. (Refer to A-0048)

2. The hospital's Governing Body failed to ensure it consulted directly with the individual responsible for the organization and conduct of the hospital's medical staff periodically throughout the fiscal or calendar year. (Refer to A-0053)

3. The hospital's Governing Body failed to ensure the appointed Chief Executive Officer managed the daily operations of the entire hospital. (Refer to A-0057)

4. The hospital's Governing Body failed to ensure a written institutional plan and budget existed for the hospital. (Refer to A-0073)

5. The hospital's Governing Body failed to ensure the institutional plan and budget were reviewed and updated annually by the failure to have a written plan. (Refer to A-0076)

6. The Governing Body failed to ensure a budget plan was prepared under the direction of the governing body. This deficient practice poses a financial risk to the hospital. (Refer to A-0077)

7. The hospital's Governing Body failed to ensure that a contractor provided services that permit the hospital to comply with all applicable conditions of participation and standards for the contracted services. (Refer to A-0083)

8. The hospital's Governing Body failed to ensure that the services performed under a contract were provided in a safe and effective manner. (Refer to A-0084)

Based on policy review, record review, and interview, the hospital failed to ensure it met all of the standards specified within the condition/requirement for the Emergency Preparedness Program (EPP) as outlined in 42 CFR §482.15 and failed to ensure it developed and maintained a comprehensive emergency preparedness program utilizing an all-hazards approach to meet the health and safety needs of its patient population that would encompass all hazards specific to the location of the facility and those locations within its span of control.

The cumulative effects of the hospital's failure to meet the requirements of the EPP resulted in the issuance of an Immediate Jeopardy (a situation in which entity noncompliance has placed the health and safety of recipients in its care at risk for serious injury, serious harm, serious impairment, or death) on 07/03/25 at 10:37 AM.

Findings include:

1. Emergency Preparedness Plan: The hospital lacked required documentation of the Emergency Preparedness Plan for all locations within their span of control. The hospital failed to develop, document, and maintain a comprehensive Emergency Preparedness Plan for all identified potential facility and community-based emergencies based on an all-hazards approach risk assessment (e.g., natural, man-made, facility, geographic, etc.) [E0004]. The hospital failed to address patient populations; failed to address services the facility has the ability to provide in an emergency; and failed to document continuity of operations, including all role assignments, delegations of authority and succession plans [E0007].

2. Policies and Procedures: The hospital lacked documentation of the required policies and procedures developed based on the facility and community-based risk assessment and communication plan, utilizing an all-hazards approach [E0013]. The hospital failed to document how it will utilize volunteers in the event of an emergency [E0024].

3. Communication Plan: The hospital failed to develop a communication plan which included primary and alternate means for communication with all locations within their span of control [E0029] and failed to have a documented and demonstrated internal and external communication plan for all identified hazards [E0032].

4. Training and Testing Program: The hospital failed to develop and maintain an Emergency Preparedness Program (EPP) training and testing program that is based on the emergency plan, risk assessment, policies and procedures, and the communication plan for all locations within their span of control [E0036]. The facility failed to document and provide initial and annual training on emergency preparedness plan and policies and procedures to all staff and individuals providing services under arrangement or any other individuals who provide services on an intermittent basis and would be expected to assist during an emergency, consistent with their roles for all locations within their span of control. The facility failed to establish and demonstrate staff and individuals providing services under arrangement competency on emergency preparedness policies and procedures consistent with their roles for all locations within their span of control [E0037]. The facility failed to conduct testing of the emergency preparedness plan utilizing the hospitals policies and procedures for each identified hazard, ensuring and documenting staff participation consistent with their roles. [E0039].

The hospital submitted a Plan of Removal (POR) that was accepted by the State Agency (SA) on 07/03/25 at 4:46 PM.

The hospital's POR included the following:

"The lack of staff certainty in their emergency roles could impede appropriate response by staff and or delay prompt responses during an emergency event created a finding of immediate jeopardy. This uncertainty could place patients, visitors, and staff at risk of serious adverse outcomes during an emergency.

07/03/2025 Administration, in collaboration with Department Directors, implemented immediate re-education for all facility staff on the Emergency Preparedness Plan and their specific roles and responsibilities. This included all staff on duty, new hires and agency personnel. Re-education is being delivered through safety huddles, utilizing department specific task cards to ensure clarity. This will continue through each shift until all staff have completed. Staff will not be allowed to work until the education has been completed.

Rapid review of the armed intruder policy and procedure was initiated. Based on most recent Hazard Vulnerability assessment this policy is being updated and integrated into the Emergency Preparedness Plan. The revised policy estimated completion 07/12/2025

07/07/2025, will conduct a joint Emergency Preparedness and Safety/Security Committee meeting for rapid review of the Emergency Preparedness Plan to further identify and correct deficiencies in the plan and addition of needed policies. All updates to the emergency preparedness plan should be completed on 07/11/2025 under the direction of the Emergency Preparedness committee and safety officer, security officer, and emergency preparedness coordinator.

07/03/2025 Administration, in collaboration with Department Directors, implemented immediate re-education for all facility staff on the Emergency Preparedness Plan and their specific roles and responsibilities. This included all staff on duty, new hires and agency personnel. Re-education is being delivered through safety huddles, utilizing department specific task cards to ensure clarity. This will continue through each shift until all staff have completed. Staff will not be allowed to work until the education has been completed. Department specific roles training will be completed annually and as needed thereafter.

By 07/11/2025 Emergency preparedness committee, administration and organizational development will collaborate to develop Emergency Preparedness modules via health stream outlining procedures for various emergency scenarios per the HVA. The education will include a competency assessment to ensure understanding. All facility staff, including new hires and agency personnel will have documented retraining on the emergency plan, their specific roles and responsibilities with assessments. Staff unable to demonstrate understanding will be removed from duty until successful completion.

All VPs and CEO will complete Disaster Management Emergency Preparedness (DMEP) course by 7/11/2025.
Department Directors are responsible for ensuring 100% completion of education within their departments for Emergency Preparedness modules and individual unit role training."

The onsite surveyor validated the removal of the Immediate Jeopardy on 07/03/25 at 5:55 PM.

Based on policy review, document review, and interview, the Governing Body failed to ensure that Medical Staff Bylaws and Medical Staff Rules & Regulations were reviewed and approved. This deficient practice has the potential to inhibit safety practices that could negatively impact the health and well-being of patients, staff, and/or visitors at this hospital.

Findings Include:

Review of the hospital's document titled, "MEDICAL STAFF BYLAWS of [The above-named Hospital]," last revised 07/18/2022, showed, " ...Biennial Review of Medical Staff Bylaws, Rules and Regulations The Bylaws and the Rules and Regulations of the Medical Staff shall be reviewed every two (2) years by the Executive Committee ..."

Review of the hospital's document titled, "MEDICAL STAFF RULES AND REGULATIONS of [The above-named Hospital]," last revised 07/18/2022, showed, "The Bylaws Committee shall be responsible for performing the duties involved in maintaining appropriate bylaws, rules, regulations, and other organizational documents pertaining to the staff as prescribed in Article VI, Section 6.6.3 (a) of the Bylaws of the Medical Staff. Meetings The committee shall meet when necessary but not less than annually, maintain a permanent record of its activities, and submit a report of its recommendations and actions to the Medical Executive Committee..."

Review of hospital documents failed to show documented evidence that the Governing Body revised and/or updated the hospital's Medical Staff Bylaws and Rules and Regulations every two years as required.

During an interview on 07/08/25 at 9:02 AM, Staff Q, Chief Medical Officer (CMO), stated that he/she was unsure how often bylaws are reviewed by the Governing Body.

During an interview on 07/08/25 at 1:29 PM, Governing Board Member, R, stated that the Bylaws and Rules and Regulations have not been rewritten in at least the last 4 years. Very minimal changes have been made.

During an interview on 07/08/25 at 2:17 PM, Governing Board Member, S, stated that he/she didn't remember reviewing the Bylaws this year.

During an interview on 07/08/25 at 2:54 PM, Governing Board Member, T, stated that there is not a mandate that requires the Bylaws and Rules and Regulations to be reviewed yearly. Staff T state, "We review them when something comes up."

During an interview on 07/09/25 at 3:23 PM, Staff O, Chief Executive Officer (CEO) stated that he/she was not sure of the required time frame for revising Bylaws.

Based on policy review, document review, and interview, the hospital's Governing Body failed to ensure it consulted directly with the individual responsible for the organization and conduct of the hospital's medical staff periodically throughout the fiscal or calendar year. The failure of the Governing Body to have direct consultation with the leader of the medical staff to discuss matters related to the quality of medical care provided, poses a potential risk to the safety and well-being of patients receiving care at this hospital.

Findings Include:

Review of the hospital's document titled, "MEDICAL STAFF BYLAWS of [The above-named Hospital]," last revised 07/18/2022, failed to address how the hospital implements the requirements for periodic, direct consultation with the leader of the medical staff, or their designee. The hospital was unable to provide documented evidence of periodic, direct consultation with the leader of medical staff when requested.

During an interview on 07/09/25 at 10:57 AM, Staff Q, Chief Medical Officer (CMO), stated that he/she has never had a one-on-one meeting with the Governing Board.

During an interview on 07/09/25 at 3:23 PM, Staff O, Chief Executive Officer (CEO), stated that the Chief of Staff is a voting member of the governing board and only meets with the board to complete performance evaluations. Staff O went on to state that he/she had not had any direct consults with the governing board and to the best of his/her knowledge there has not been any direct consults between his/her designee and the governing board.

Based on policy review, record review, and interview, it was determined the Chief Executive Officer (CEO) failed to manage the daily operation of the hospital. This deficient practice poses a risk to the health and safety of patients when leadership does not provide proper guidance, enforcement of policies and procedures, and/or provision of resources to provide care to meet the needs of patients.

Findings include:

Review of a document titled, "President CEO [Chief Operations Officer] Job Description," dated 08/20/24, showed, "...Responsible to formulate and execute major policies, programs and objectives to promote and ensure the health center's continuing success and growth. Execute the strategic and tactical operational growth plans for the health center. Responsible to take a leadership role in formulating and articulating the company's vision and mission. Achieve maximum efficiency and revenue objectives through the efforts of a strong management team. Develop management personnel and implement effective succession plans. Establish and maintain strong relationships with medical staff and major business and industry leaders necessary for ensuring the heath center's continued growth. Foster an achievement-oriented culture based on continuous learning principles where employees are motivated and rewarded for both individual and team contributions...As a leader within the organization, employee understands their responsibility to the [the hospital] Leadership Expectations and diligently puts them in practice each day ...ensures that all policies established by the Board are carried out ..."

During an interview on 07/09/25 at 3:23 PM, Staff O, CEO, stated that the only employee the Governing Body is responsible for is the CEO and that the CEO is responsible for every aspect underneath his authority including but not limited to, policies, procedures, budgets, medical staff, risk management, patient safety, and satisfaction.

It was determined that the CEO/President failed to manage the day-to-day operations of the hospital as demonstrated by the following:

1. The CEO failed to ensure the hospital's written bylaws were revised and/or reviewed every two years as required. (Refer to A-0048)

2. The CEO failed to consult directly with the Governing Body periodically throughout the fiscal or calendar year to review the quality of medical care provided to patients of the hospital. (Refer to A-0053)

3. The CEO failed to ensure that a written institutional plan and budget exist for the hospital. (Refer to A-0073)

4. The CEO failed to ensure that the institutional plan and budget were reviewed and updated annually by the failure to have a written plan. (Refer to A-0076)

5. The CEO failed to ensure that a contractor provided services that permit the hospital to comply with all applicable conditions of participation and standards for the contracted services. (Refer to A-0083)

Based on policy review, document review, and interview, the Governing Body failed to ensure a written institutional plan and budget exist for the hospital. This deficient practice poses a risk to the health, and safety of the patients. Financial management in healthcare, including hospitals, involves defining, planning, allocating, and controlling resources to meet the needs for good quality care at an affordable cost with a sustainable margin.

Findings Include:

Upon request by onsite surveyors the hospital failed to provide a written budget plan that meets the above-mentioned standards.

During an interview on 07/07/25 at 12:46 PM, Staff P, Chief Financial Officer (CFO), stated, " ...In 15 years I have never heard of a budget plan ..."

During an interview on 07/08/25 at 9:38 AM, Staff P, CFO, stated that the budget is put together annually, every Vice President department leader develops a "wish list" and then the final number is determined. Staff P went on to state that there is a 5-year budget but it's not published and it's only a list of "bigger items".

During an interview on 07/08/25 at 1:29 PM, Governing Board Member, R, stated that the Chief Financial Officer prepares the budget for the meeting based off the financial committee meetings.

During an interview on 07/08/25 at 2:17 PM, Governing Board Member, S, stated that the budget is reviewed monthly but doesn't ever recall a budget plan or a budget being completed for longer than one year at a time.

During an interview on 07/09/25 at 3:23 PM, Staff O, Chief Executive Officer (CEO) stated that as the CEO of the hospital, he/she is ultimately responsible for being involved with every part of the budget and that the finance team works with each department head.

Based on policy review, document review, and interview, the Governing Body failed to ensure a reviewed and updated annual budget plan existed for the hospital. This deficient practice poses a financial risk to the hospital.

Findings Include:

Upon request by onsite surveyors the hospital failed to provide a written budget plan that meets the above-mentioned standards for annual review.

During an interview on 07/07/25 at 12:46 PM, Staff P, Chief Financial Officer (CFO), stated, " ...In 15 years I have never heard of a budget plan ..."

During an interview on 07/08/25 at 9:38 AM, Staff P, CFO, stated that the budget is put together annually, every Vice President department leader develops a "wish list" and then the final number is determined. Staff P went on to state that there is a 5-year budget but it's not published and it's only a list of "bigger items".

During an interview on 07/08/25 at 1:29 PM, Governing Board Member, R, stated that the Chief Financial Officer prepares the budget for the meeting based off the financial committee meetings.

During an interview on 07/08/25 at 2:17 PM, Governing Board Member, S, stated that the budget is reviewed monthly but doesn't ever recall a budget plan or a budget being completed for longer than one year at a time.

During an interview on 07/09/25 at 3:23 PM, Staff O, Chief Executive Officer (CEO) stated that as the CEO of the hospital, he/she is ultimately responsible for being involved with every part of the budget and that the finance team works with each department head.

Based on policy review, document review, and interview, the Governing Body failed to ensure a budget plan existed and was prepared under the direction of the Governing Body for the hospital to meet the required standards. This deficient practice poses a financial risk to the hospital.

Findings Include:

Upon request by onsite surveyors the hospital failed to provide a written budget plan that was prepared under the direction of the governing body.

During an interview on 07/07/25 at 12:46 PM, Staff P, Chief Financial Officer (CFO), stated, " ...In 15 years I have never heard of a budget plan ..."

During an interview on 07/07/25 at 12:46 PM, Staff P, Chief Financial Officer (CFO), stated, " ...In 15 years I have never heard of a budget plan ..."

During an interview on 07/08/25 at 9:38 AM, Staff P, CFO, stated that the budget is put together annually, every Vice President department leader develops a "wish list" and then the final number is determined. Staff P went on to state that there is a 5-year budget but it's not published and it's only a list of "bigger items".

During an interview on 07/08/25 at 1:29 PM, Governing Board Member, R, stated that the Chief Financial Officer prepares the budget for the meeting based off the financial committee meetings.

During an interview on 07/08/25 at 2:17 PM, Governing Board Member, S, stated that the budget is reviewed monthly but doesn't ever recall a budget plan or a budget being completed for longer than one year at a time.

During an interview on 07/09/25 at 3:23 PM, Staff O, Chief Executive Officer (CEO) stated that as the CEO of the hospital, he/she is ultimately responsible for being involved with every part of the budget, finance team works with each department head.

Based on policy review, record review, and interview, the Governing body failed to ensure that a contractor provided services within the rules of the contractual agreement and failed to ensure contracted services were reviewed, revised and/or updated as required per hospital requirements. Failure to review, revise, and/or update contracts has the potential risk for services to violate the current standards of practice therefore putting patients, staff and visitors at risk.

Findings Include:

Review of a hospital document titled, "QUALITY ASSESSMENT AND PERFORMANCE IMPROVEMENT PLAN 2025," signed 02/27/25 showed, " ...The purpose of the organizational Quality Assessment and Performance Improvement (QAPI) Plan at [The above named hospital] is to ensure that the Board of Trustees, medical staff, and system staff demonstrate a consistent endeavor to deliver safe, effective, optimal patient care, and services in an environment of minimal risk ... Direct and indirect patient care contracted service performance indicators will be updated as needed and data will be reviewed twice per year ...

Review of a hospital contract titled, "1st Choice Security LLC Security Agreement," dated 05/18/18, showed, " ...This Security Services Agreement ("Agreement") is entered onto the 1st day of July, 2018 by and between 1st Choice Security, LLC ... Contractor shall perform physical security screening services for SRHC and employees who work within ... The Contractor herby agrees to provide insured, bonded, unarmed, trained, competent, and, where required by applicable local or state or federal law or regulation, duly-licensed security guards for SRHC ...5. Services Provided by the Contractor. In addition, Contractor shall provide services meeting the following objectives of the parties: ...Security will be familiar with the campus layout and hospital policies ...Will NOT use or carry pepper spray in the hospital setting. Our security personnel will be unarmed and clearly identified as "SECURITY" ...Provide training to hospital employees. Work closely with administration and law enforcement personnel ..."

Review of a hospital policy titled, "WORKPLACE VIOLENCE," reviewed June 2024, showed, " ...1. This list of behaviors, while not inclusive, provides examples of conduct that is prohibited:..Possession of a weapon and/or ammunition while on SRHC property or while on [The Hospital] business ..."

Review of a hospital document titled, "HAZARD AND VULNERABILITY ASSESSMENT," dated, February 2025 showed that "Active Shooter" is considered a relative threat with a probability percentage of 52%.

Review of a hospital document titled, "Contracts," undated. provided to onsite surveyors on 07/07/25 showed, " ...1st Choice Security LLC - SRHC Security Agreement 07-01-18 ...effective 10/01/2020 ..." Further review failed to show when the document was last reviewed.

During an interview on 06/30/25 at 4:00 PM, Staff C, Security, stated that some security staff carry firearms, some do not, and it depends on if they are considered qualified by the director.

During an interview on 07/01/25 at 11:28 AM at 8:07 PM, Staff F, Director of Security, stated that the security officers at the hospital either carry firearms, tasers, or pepper gel. Staff F went on to state that hospital training and policy review is not offered to all security staff and is dependent on if the staff is provided a hospital email. Staff F stated, "As a security company we are not listed in the hospital policies."

During an observation on 06/30/25 at 9:00 AM through 07/10/25 at 9:00 AM, visible signage could be seen posted on the outside of building entrances that stated, "no firearms allowed."

During multiple observations on 06/30/25 at 10:00 AM through 07/03/25 at 5:00 PM, security staff were seen carrying either a firearm, pepper spray, and/or taser.

Review of a surveillance video dated 06/26/25 showed the following:
7:04:55 AM, an individual entered the Emergency Department (ED) lobby/waiting room.
7:07:09 AM, the individual put his/her hand in a pocket and immediately withdrew a handgun. The individual put the handgun to his/her right temple and pulled the trigger.
From 7:07:12 AM-7:08:47, a security officer with 1st Choice drew a firearm on the individual while approaching and maintained a drawn firearm throughout this time.

During an interview on 07/07/25 at 4:07 PM, Staff V, Director Quality Improvement, stated that every contract is loaded into the hospital's system and are to be evaluated twice yearly.

During an interview on 07/08/25 at 1:29 PM, Governing Board Member, R, stated that all contracts are not reviewed by the governing board. Each committee would give the authority to approve the contract that is for their department.

During an interview on 07/08/25 at 2:17 PM, Governing Board Member, S, stated that the governing board doesn't review any contracts. Staff S went on to state that security does not report to the board.

During an interview on 07/08/25 at 2:54 PM, Governing Board Member, T, stated that the governing board doesn't review all contracts but should have to approve them, although that doesn't happen real often and not all contracts are approved.

During an interview on 07/09/25 at 3:23 PM, Staff O, Chief Executive Officer (CEO) stated that a process review for each contract should be completed by the committee, then the contract is sent to Quality and Performance Improvement, then to Risk Management and last to the governing board for approval. After the initial approval all contracts should be evaluated semi-annually. Staff O went on to state that the operational owner of the contract is ultimately responsible.

Review of a hospital document titled, "Contracts," undated, provided to onsite surveyors on 07/07/25, showed that 105 of 261 contracts have not been reviewed twice per year as required per the hospital's QAPI Plan.

Further review of the hospitals contracted services showed the following contracts have not been reviewed or revised since the date they were signed:
1. Telemedicine Professional Services Agreement for six providers signed 09/07/18
2. Telemedicine Professional Services Agreement signed 08/01/18
3. Telemedicine Professional Services Agreement signed 08/27/18
4. Ambulance Transport Agreement signed 08/20/07
5. Education Agreement signed 07/29/09
6. Anesthesia Services Agreement signed 09/10/14
7. Agreement for Credentialing Verification Services 08/18/11

Based on policy review, document review, and interview, the hospital's Governing Body failed to ensure that the services performed by contracted security were provided in a safe and effective manner and allowed security to carry firearms and/or other armament that was in violation of the service contract. This deficient practice poses a safety risk to patients, staff and visitors while at this hospital.

Findings Include:

Review of a hospital document titled, "MEDICAL STAFF BYLAWS," dated 07/18/22 showed, " ...There shall be a written plan, developed in cooperation with the hospital administration and the Safety-Disaster Planning Committee, which will safeguard patients at the time of an external disaster. All key personnel shall rehearse fire and other types of disaster drills a minimum of four (4) times a year for each shift ...There shall be a written plan, developed in cooperation with the hospital administration and the Safety/Disaster Planning Committee for the care, reception and evacuation of mass casualties. The plan shall be coordinated with the inpatient and outpatient services of the hospital(s) and shall relate to other available resources in the community. The
plan shall specify the hospital's role with other agencies in the event of disasters in the hospital and nearby communities. The external disaster plan shall be rehearsed by all personnel involved at least twice yearly ..."

Review of a hospital contract titled, "1st Choice Security LLC Security Agreement," dated 05/18/18, showed, " ...This Security Services Agreement ("Agreement") is entered onto the 1st day of July, 2018 by and between 1st Choice Security, LLC ... Contractor shall perform physical security screening services for SRHC and employees who work within ... The Contractor herby agrees to provide insured, bonded, unarmed, trained, competent, and, where required by applicable local or state or federal law or regulation, duly-licensed security guards for SRHC ...5. Services Provided by the Contractor. In addition, Contractor shall provide services meeting the following objectives of the parties: ...Security will be familiar with the campus layout and hospital policies ...Will NOT use or carry pepper spray in the hospital setting. Our security personnel will be unarmed and clearly identified as "SECURITY" ...Provide training to hospital employees. Work closely with administration and law enforcement personnel ..."

Review of a hospital policy titled, "WORKPLACE VIOLENCE," reviewed June 2024, showed, " ...1. This list of behaviors, while not inclusive, provides examples of conduct that is prohibited:..Possession of a weapon and/or ammunition while on SRHC property or while on [The Hospital] business ..."

Review of a hospital document titled, "Contracts," undated, provided to onsite surveyors on 07/07/25 showed, " ...1st Choice Security LLC - SRHC Security Agreement 07-01-18 ...effective 10/01/2020 ..."

During an interview on 06/30/25 at 4:00 PM, Staff C, Security, stated that some security staff carry firearms and some do not. Staff C stated that the Security Director makes the decision if a security staff is qualified to carry firearms.

During an interview on 07/01/25 at 11:28 AM, Staff F, Director of Security, stated that the 1st Choice contracted security officers either carry firearms, tasers, or pepper gel. Staff F went on to state that the hospital's training and policy review is not offered to all contracted security staff. If the staff do not have an email address, they are unable to access the training. Staff F stated that the contracted security company is not listed in the hospital policies and procedures and is not incorporated within the facility response procedures in the event of a fire, tornado, mass casualty, or active shooter emergency event. 1st choice security does not collaborate or participate in emergency preparedness planning, testing, or training. Contracted 1st Choice Security staff are not trained on the hospital's emergency preparedness plan, policies or procedures.

Review of a surveillance video dated 06/26/25 showed the following:

7:04:55 AM, an individual entered the Emergency Department (ED) lobby/waiting room.

7:07:09 AM, the individual put his/her hand in a pocket and immediately withdrew a handgun. The individual put the handgun to his/her right temple and pulled the trigger.

7:07:12 AM-7:08:47, a security officer with 1st Choice drew a firearm on the individual while approaching and maintained a drawn firearm throughout this time.

During an observation on 06/30/25 at 9:00 AM through 07/10/25 at 9:00 AM, visible signage could be seen posted on the outside of building entrances that stated, "no firearms allowed."

During multiple observations on 06/30/25 at 10:00 AM through 07/03/25 at 5:00 PM, security staff were seen carrying either a firearm, pepper spray, and/or taser.

Interviews on 06/30/25 and 07/01/25 between 10:00 AM and 6:00 PM, revealed 14 of 14 staff could not adequately articulate their role or policy and procedure indicated actions in the event of a fire, tornado, mass casualty, or active shooter emergency event.

Based on document review and review of the hospital's Emergency Preparedness Plan (EPP), the hospital failed to ensure its EPP met the documentation requirements for all locations within their span of control. The hospital failed to develop, document, and maintain a comprehensive EPP for all identified potential facility and community-based emergencies based on an all-hazards approach risk assessment (e.g., natural, man-made, facility, geographic etc). This deficient practice has the potential to inhibit the ability to effectively respond to an emergency event and poses a serious risk of an adverse outcome to patients, staff, and visitors.

Findings Include:

Review of the hospital's Emergency Preparedness Program folders revealed that the facility failed to address all locations within their span of control.

Review of the hospital's Exhibit 286 Form (Hospital/CAH Database Worksheet) dated 07/03/25, revealed that the provider had five (5) off-site locations under their span of control. These off-site locations did not participate within the Emergency Preparedness Program and were not included in the Emergency Preparedness Plan, communication plan, or training program.

Based on document review and review of the hospital's Emergency Preparedness Plan (EPP), the hospital failed to ensure it addressed all patient populations; failed to address services the facility has the ability to provide in an emergency; and failed to document continuity of operations, including all role assignments, delegations of authority and succession plan. This deficient practice poses a risk that could inhibit the ability to effectively respond to an emergency event and poses a serious risk of an adverse outcome to patients, staff, and visitors.

Findings Include:

Review of the hospital's Emergency Preparedness Program folders revealed that the facility failed to address the patient population at all locations within their span of control.

Review of the hospital's Exhibit 286 Form (Hospital/CAH Database Worksheet) dated 07/03/25, the provider had five (5) off-site locations under their span of control. These off-site locations did not participate within the Emergency Preparedness Program and were not included in the Emergency Preparedness Plan, communication plan, or training program.

Review of the hospital's Emergency Preparedness Program folders revealed that the facility failed to address services the facility has the ability to provide in an emergency at all locations within their span of control.

Review of the hospital document titled, "SRHC Emergency Preparedness Policy and Procedure, Hospital Incident Command System," dated February 2025, revealed that the delegations of authority and succession plans are not documented.

Review of the hospital document titled, "SRHC Emergency Preparedness Policy and Procedure, Hospital Incident Command System," dated February 2025, revealed that the two personnel listed as holding the title of "Emergency Preparedness Coordinators" do not play an active role in the hospital's incident command staff but rather play "supporting roles". Two of 11 personnel listed as "Command Staff" are documented as participating in the emergency preparedness planning committee. Nine of the 11 personnel listed as "Command Staff" are not documented as participating in the emergency preparedness planning committee, and play no role in emergency preparedness program (EPP) planning, EPP policy and procedure creation, EPP creation, etc.

Based on document review and review of the hospital's Emergency Preparedness Plan (EPP), the hospital failed to ensure it developed and maintained policies as required based on the facility and community-based risk assessment and communication plan, utilizing an all-hazards approach. This deficient practice poses a risk that could inhibit the ability to effectively respond to an emergency event and poses a serious risk of an adverse outcome to patients, staff, and visitors.

Findings Include:

Review of the contents of the hospital folder titled, "Emergency Operations Plan (EOP)," dated February 2025, and the hospital folder titled, "Policies and Procedures," revealed that the facility did not have a policy and procedure in place for all identified hazards identified on the hazard and vulnerability assessment.

Review of a hospital document titled, "HAZARD AND VULNERABILITY ASSESSMENT," dated February 2025, revealed that "Active Shooter" is considered a relative threat with a probability percentage of 52%.

Review of the hospital's incident log dated 04/01/25 through 06/30/25 showed that there was a safety/security event on 06/26/25 identified as a "self-harm" event resulting from a discharged firearm in the Emergency Department.

Review of the hospital's Emergency Preparedness Program folders revealed that the facility failed to:

1. have a comprehensive and coordinated policy and procedure for active shooter/armed intruder within the facility's emergency preparedness plan.
2. include communication protocols for staff and security to respond effectively in the event of an active shooter/armed intruder.
3. include staff and contracted vendor training for active shooter /armed intruder emergency events.
4. include documented EPP testing for active shooter /armed intruder emergency events.

Based on review of the hospital's Emergency Preparedness Plan (EPP), the hospital failed to ensure that it documented how it will utilize volunteers in the event of an emergency. This deficient practice poses a risk that could inhibit the ability to effectively respond to an emergency event and poses a serious risk of an adverse outcome to patients, staff, and visitors.

Findings Include:

Review of the hospital's Emergency Preparedness Program folders revealed that the facility failed to have a policy and procedure in place for the use of volunteers in the event of an emergency.

Based on document review, interview, and review of the hospital's Emergency Preparedness Plan (EPP), the hospital failed to ensure that it developed a communication plan which included primary and alternate means for communication with all locations within their span of control. This deficient practice poses a risk that could inhibit the ability to effectively respond to an emergency event and poses a serious risk of an adverse outcome to patients, staff, and visitors.

Findings Include:

During an interview on 07/01/25 at 8:35 AM, Staff D, Call Center Representative, stated that call center procedures in the event of varying emergency events are not clearly understood by all call center staff and call center leadership. Further interview revealed that after the 06/26/25 emergency event, call center staff were not provided a debrief opportunity and did an after-action review. Call center staff were instructed to read-up on their codes again. Call center staff regularly receive notice that overhead pages are not heard in some areas.

During an interview on 07/01/25 at 2:45 PM, Staff K, Director of Facilities, stated that it is known by their department that some areas in the hospital have complained of not being able to hear overhead pages. Staff K confirmed reports of areas such as the Operating Room (OR) turning down the volume on overhead announcement speakers.

Review of the hospital document titled, "Emergency Operations Plan (EOP)," and the hospital document titled, "Communication Plan," dated February 2025, revealed that communication during an emergency is achieved via "phone landlines, VOCERA badges, cellphones, Ascom wireless, 800MHz radios, community broadcasting stations, Red Alert, miSecure Messenger, computer email, EMResources, SRHC Facebook, SRHC Twitter, GETS cards, fax, tv, news, and overhead paging."

Review of the hospital document titled, "Emergency Operations Plan (EOP)," and the hospital document titled, "Communication Plan," revised July 2025, revealed that "RED ALERT" and "miSecure" are not used and have been replaced by Amtelco Mass Notification System and Amtelco Secure Messages.

Review of the hospital service invoice for Amtelco, dated 09/01/24, showed a service of 10/01/24 to 09/30/25. The "Emergency Operations Plan (EOP)" and "Communication Plan" were not updated to reflect this change, when the change occurred, nor when the plans were reviewed in February 2025.

Review of the hospital document titled, "Emergency Operations Plan (EOP)," dated February 2025, revealed, " ...internal communication with on duty staff will be accomplished by updates from the Public Information Officer (PIO) and via "all users" emails..."

Based on document review, interview, and review of the hospital's Emergency Preparedness Plan (EPP), the hospital failed to ensure it had a documented and demonstrated internal communication plan for all identified hazards. This deficient practice poses a risk that could inhibit the ability to effectively respond to an emergency event and poses a serious risk of an adverse outcome to patients, staff, and visitors.

Findings Include:

During an interview on 07/01/25 at 8:35 AM, Staff D, Call Center Representative, stated that call center procedures in the event of varying emergency events are not clearly understood by all call center staff and call center leadership. Further interview revealed that after the 06/26/25 emergency event, call center staff were not provided a debrief opportunity and did an after-action review. Call center staff were instructed to read-up on their codes again. Call center staff regularly receive notice that overhead pages are not heard in some areas.

During an interview on 07/01/25 at 2:45 PM, Staff K, Director of Facilities, stated that it is known by their department that some areas in the hospital have complained of not being able to hear overhead pages. Staff K confirmed reports of areas such as the Operating Room (OR) turning down the volume on overhead announcement speakers.

Review of the hospital document titled, "Emergency Operations Plan (EOP)," and the hospital document titled, "Communication Plan," dated February 2025, revealed that communication during an emergency is achieved via "phone landlines, VOCERA badges, cellphones, Ascom wireless, 800MHz radios, community broadcasting stations, Red Alert, miSecure Messenger, computer email, EMResources, SRHC Facebook, SRHC Twitter, GETS cards, fax, tv, news, and overhead paging."

Review of the hospital document titled, "Emergency Operations Plan (EOP)," and the hospital document titled, "Communication Plan," revised July 2025, revealed that "RED ALERT" and "miSecure" are not used and have been replaced by Amtelco Mass Notification System and Amtelco Secure Messages.

Review of the hospital service invoice for Amtelco, dated 09/01/24, showed a service of 10/01/24 to 09/30/25. The "Emergency Operations Plan (EOP)" and "Communication Plan" were not updated to reflect this change, when the change occurred, nor when the plans were reviewed in February 2025.

Review of the hospital document titled, "Emergency Operations Plan (EOP)," dated February 2025, revealed, " ...internal communication with on duty staff will be accomplished by updates from the Public Information Officer (PIO) and via "all users" emails..."

Based on document review, interview, and review of the hospital's Emergency Preparedness Plan (EPP), the hospital failed to ensure it developed and maintained an Emergency Preparedness Program (EPP) training and testing program that is based on the emergency plan, risk assessment, policies and procedures, and the communication plan for all locations within their span of control. This deficient practice poses a risk that could inhibit the ability to effectively respond to an emergency event and poses a serious risk of an adverse outcome to patients, staff, and visitors.

Findings Include:

Review of the hospital document titled, "SRHC Emergency Preparedness Policy and Procedure, Hospital Incident Command System," dated February 2025, revealed that the purpose of the policy and procedure is, " ... to serve as a guide for prompt mobilization and coordination of personnel, equipment and supplies in time of disaster ..." The document further explained, " ...A disaster will be defined as a situation in which the normal operations of the facility are or have the potential to rapidly become overtaxed to the extent that additional resources must be committed in order to provide the necessary medical care..." Senior leadership staff interviews confirmed the procedure is to utilize the EPP folders during an emergency.

Review of the hospital document titled, "SRHC Emergency Preparedness Policy and Procedure, Hospital Incident Command System," dated February 2025, revealed that the two personnel listed as holding the title of "Emergency Preparedness Coordinators" do not play an active role in the hospital's incident command staff but rather play "supporting roles". Two of 11 personnel listed as "Command Staff" are documented as participating in the emergency preparedness planning committee. Nine of the 11 personnel listed as "Command Staff" are not documented as participating in the emergency preparedness planning committee, and play no role in emergency preparedness program (EPP) planning, EPP policy and procedure creation, EPP creation, etc.

Review of the hospital document titled, "SRHC Emergency Preparedness Policy and Procedure, Hospital Incident Command System," dated February 2025, revealed that the hospital utilizes the NIMS (Nation Incident Management System) Guidelines for their incident command structure and response design in the Hospital Incident Command System (HICS) format.

Review of the hospital document titled, "Emergency Operations Plan (EOP)," dated February 2025, revealed that the "SRHC Incident Command Structure (ICS) is activated as needed during emergency situations. The Incident Commander oversees the emergency response through the various positions activated for the emergency." The document continued to state, " ...each position has been trained to the appropriate level in ICS 100, ICS 200, IS 700 and 800. Each position on the ICS has specific responsibilities and they are detailed in the HICS policy..." Senior leadership staff interviews revealed that those who make up the hospital's incident command system have received no training specific to their role within the hospitals incident command system.

Review of the contents of the hospital folder titled, "Emergency Operations Plan (EOP)," dated February 2025, and the hospital folder titled, "Policies and Procedures," revealed that the facility did not have a policy and procedure in place for each identified hazard on their hazard risk analysis. Senior Leadership staff interviews revealed that in the event of an emergency requiring the activation of the EPP, their procedure would be to utilize these EPP folders as guides for how and what to do when assuming the role of Incident Commander.

Based on document review, interview, and review of the hospital's Emergency Preparedness Plan (EPP), the hospital failed to ensure it documented and provided initial and annual training on the EPP and its policies and procedures to all staff and individuals providing services under arrangement or any other individuals who provide services on an intermittent basis and would be expected to assist during an emergency and consistent with their roles for all locations within their span of control. The facility failed to establish and demonstrate staff and individuals providing services under arrangement competency on emergency preparedness policies and procedures consistent with their roles for all locations within their span of control. This deficient practice poses a risk that could inhibit the ability to effectively respond to an emergency event and poses a serious risk of an adverse outcome to patients, staff, and visitors.

Findings Include:

Review of a hospital document titled, "Emergency Operations Plan (EOP)," dated February 2025, revealed that " ...all employees receive basic orientation regarding safety response as they are hired. All employees must complete annual safety education. These programs include code blue (cardiac/respiratory arrest event), neonatal code blue (cardiac/respiratory arrest event in the birth center), fire alarm, tornado/severe weather, code gray (mass casualty), Dr. Armstrong (person needing physical restraint), armed intruder, child abduction, code hazmat, and bomb threat. The plan continues to state that codes and alerts are drilled each year to refresh employees on their responsibilities."

Review of a hospital document titled, "MEDICAL STAFF BYLAWS," dated 07/18/22 revealed, "There shall be a written plan, developed in cooperation with the hospital administration and the Safety-Disaster Planning Committee, which will safeguard patients at the time of an external disaster. All key personnel shall rehearse fire and other types of disaster drills a minimum of four (4) times a year for each shift ... There shall be a written plan, developed in cooperation with the hospital administration and the Safety/Disaster Planning Committee for the care, reception and evacuation of mass casualties. The plan shall be coordinated with the inpatient and outpatient services of the hospital(s) and shall relate to other available resources in the community. The plan shall specify the hospital's role with other agencies in the event of disasters in the hospital and nearby communities. The external disaster plan shall be rehearsed by all personnel involved at least twice yearly ..."

Review of the hospital's Emergency Preparedness Program folders, training records, and current health stream EPP training between 06/30/25 and 07/07/25 revealed that the facility failed to provide initial and annual facility specific EPP training to all staff and individuals providing services under arrangement consistent with their roles and ensure understanding and competency.

Interviews on 06/30/25 and 07/01/25 between 10:00 AM and 6:00 PM, revealed 14 of 14 staff could not adequately articulate their role or EPP policy and procedure indicated actions in the event of a fire, tornado, mass casualty, or active shooter emergency event. Staff could not recall the last training they received on active shooter. Staff stated that they are inundated with frequent "health stream training" (facility's online educational learning/training program) and that the volume of the training impacts their ability to recall the information covered. Some staff reported they can hear overhead intercom announcements while others could not recall if they can hear the announcements in their units. Some staff stated that the volume of overhead speakers occasionally gets turned down in certain areas. Staff could not articulate how emergency information is delivered to them in the event of a fire, tornado, mass casualty, or active shooter emergency event.

During an interview on 07/02/25 at 12:06 PM, Staff A, Chief Nursing Officer (CNO), stated that any vice presidents of administration and/or the CEO (Chief Executive Officer) take call and will assume the position of incident commander (IC) in the event of an emergency. It was revealed that vice president administration staff do not receive any training in relation to the role they would assume and do not participate in the EPP planning or policy/procedure creation. Staff A stated that if an event would occur, then the on-call administration staff would come in and utilize the EPP folders for guidance and job aide and use the call tree. Staff A, when interviewed to the call center record keeping, stated that they did not have a record of the call logs or actions taken for the 06/26/25 emergency event.

During an interview on 07/02/25 at 1:15 PM, Staff O, CEO, confirmed that all vice presidents of administration and/or the CEO rotate being on-call and will assume the position of incident commander (IC) in the event of an emergency. It was revealed that the staff who will assume the role of IC or any other incident command position do not receive any specific EPP training in relation to their role. Furthermore, it was revealed that the CEO and vice president administration staff do not participate in the EPP planning and creation process. Staff O stated that if an emergency would occur, the procedure would be to utilize EPP folders.

Based on observation, document review, interview, and review of the hospital's Emergency Preparedness Plan (EPP), the hospital failed to ensure conducted testing of the emergency preparedness plan utilizing the hospitals policies and procedures for each identified hazard, ensuring and documenting staff participation consistent with their roles. This deficient practice poses a risk that could inhibit the ability to effectively respond to an emergency event and poses a serious risk of an adverse outcome to patients, staff, and visitors.

Findings Include:

Review of the hospital's incident log dated 04/01/25 through 06/30/25 showed that there was a safety/security event on 06/26/25 identified as a "self-harm" event resulting from a discharged firearm in the Emergency Department.

During an interview on 07/01/25 at 3:25 PM, Staff L, Administrative Assistant, stated that testing of the EPP is not a facility wide event and does not expand to other locations within their span of control. Additionally, the hospital does not have a method in place for tracking which staff participate in the testing of the EPP and which do not.

Review of the hospital document titled, "Emergency Operations Plan (EOP)," dated February 2025, revealed, " ...Emergency Preparedness Coordinator or designee will conduct a critique of the emergency response, evaluate incident using the HSEEP format, write an After-Action Report and Corrective Action Plan and submit to any regulating body as requested. These reports will be submitted to the Emergency Preparedness Committee..." Evidence of the EOP policy required After-Action critique, After-Action Report and Corrective Action Plan were not documented for the 06/26/25 emergency event.

Review of the hospital document titled, "Emergency Operations Plan (EOP)," dated February 2025, revealed that once an emergency has been contained, a critique will be conducted with all personnel who responded. Questions that should be asked include: "Did we follow the plans and operating guides?", "What worked well?", and "What could we have done better?"

Review of the hospital document titled, "After Event Sign-In," for the 06/26/25 emergency event, revealed that not all personnel who responded to the emergency event were involved in the after an emergency critique. Interviews of staff directly involved with the 06/26/25 emergency event and response confirmed they were not involved in an after-action review/critique.

Review of the hospital document titled, "Meeting Minutes," for the 06/26/25 emergency event within the Emergency Department (ED) waiting room, revealed that the meeting minutes were dated 06/26/26, while the internal data properties on the Microsoft Word document showed that the content was created on 06/30/25 at 2:42PM, after survey entrance on 06/30/25, and documentation request at 9:00 AM.

Review of the hospital document titled, "Meeting Minutes," revealed that the required Emergency Operations Plan (EOP) policy After-Action Critique/Review topics were not addressed with all personnel involved in the response. Hospital EOP stated that "questions that should be asked include: "Did we follow the plans and operating guides?", "What worked well?", and "What could we have done better?".

During an interview on 07/01/25 at 11:28 AM, Staff F, Director of Security, stated that 1st Choice Security (contracted security company) is not listed within the facility's Emergency Preparedness Program policies and procedures and that security staff are not incorporated within the facility response procedures in the event of a fire, tornado, mass casualty, or active shooter emergency event. 1st choice security does not collaborate or participate in emergency preparedness planning, testing, or training. Contracted 1St Choice Security staff are not trained on the hospital's emergency preparedness plan, policies or procedures. Further discussion revealed that some security staff are armed, while some carry pepper spray and/or tasers, pending their qualifications, competency, and an evaluation and the comfort level of company overhead.

Review of the hospital's Emergency Preparedness Program folders on 06/30/25 and 07/01/25 revealed that the contracted security company (1St Choice Security) is not listed as playing a support role to any EPP policies and procedures in the event of an emergency.

Review of a hospital contract titled, "1st Choice Security LLC Security Agreement," dated 05/18/18, revealed, " ...Contractor shall provide services meeting the following objectives of the parties ...Security will be familiar with the campus layout and hospital policies ...Will NOT use or carry pepper spray in the hospital setting. Our security personnel will be unarmed and clearly identified as "SECURITY" ...Provide training to hospital employees. Work closely with administration and law enforcement personnel ..."

Observations from 06/30/25 and 07/01/25 between 10:00 AM and 6:00 PM revealed that 1St Choice Security staff within the hospital carried varying levels of armament. Some were observed with firearms, while others had pepper spray, tasers, or nothing at all.

Observation of the security footage of the 06/26/25 emergency event revealed that an individual discharged a firearm within the Emergency Department. The responding 1St Choice Security Officer drew his firearm in response to the gunshot, advanced with his firearm drawn on the individual until the weapon in the individual's hand could be safely cleared. Security's firearm was drawn from 7:07:12 AM until 7:08:47 AM.