A fake doctor who roamed the Queensland Children’s Hospital (QCH) in Brisbane has sparked a security overhaul that included a crackdown on swipe-card access and revealed the entire CCTV network needed to be replaced.
The hospital ordered a review of its security systems after the man posed as a doctor for more than six months before being caught.
Nicholas Brett Delaney stole credentials and walked the halls of the hospital between May and December 2017.
Mr Delaney, 25, who has a mild intellectual impairment, was fined $3000 in January this year after pleading guilty in a Brisbane court to a charge of fraud and one of entering a premises and committing an indictable offence.
The court was told Mr Delaney had not attempted to treat patients and had been “seeking friendships”, interacting with volunteers and members of the public, in public areas such as the front desk, foyer, and cafes.
The review, obtained by the ABC under right to information (RTI) laws, revealed the hospital’s entire CCTV network, including 640 security cameras, was being replaced because it was deemed “not fit for purpose”.
The hospital would not reveal to the ABC what exactly was wrong with the system, but said the replacement was needed to make the network “state-of-the-art”.
A briefing document stated the security system “was identified as a defect and commencement towards replacement occurred”.
Health Minister Steven Miles said nearly all the cameras had been replaced, and the cost covered by the company that managed the hospital’s construction in 2013-14, but the hospital would not reveal how much the replacement cost the contractor.
“My understanding is that this was agreed between the hospital and the contractor as something that needed to be rectified and therefore it has been rectified at their cost,” Mr Miles said.
“I understand that was necessary because of an upgrade to the central CCTV system.”
‘Security could have been tightened’
QCH executive director Dominic Tait said the network was safe and had previously been identified for replacement before the security review.
“There was no impact on clinical care and the replacement and getting that state-of-the-art security system,” Mr Tait said.
The review also identified a number of security risks around staff being trapped and attacked in single-door access rooms, the potential for sabotage of plant rooms, and that swipe access cards were not being regularly monitored.
It found “key proximity” access cards, which gave guests entry into restricted areas, were only being audited every fortnight, which increased risk the cards could be misused by multiple people.
Mr Tait said the hospital had instigated a daily check on the cards since the review.
“Importantly, the review did make some recommendations around guest access,” Mr Tait said.
“I’m comfortable and confident to say that we have a daily tracking and daily audit of those proximity access cards.
“It’s really important to make sure that if somebody’s given an access card for a particular purpose, that at the end of that purpose we have a process that tracks and audits that.”
Mr Miles admitted the review exposed areas where “security could have been tightened” but said parents could be sure the hospital was safe.
Opposition health spokeswoman Ros Bates said she feared another ‘fake doctor’ situation could happen.
“Those swipe card accesses take you into areas of the hospital shouldn’t be in,” Ms Bates said.
“My concern is that if you just threw on a pair of scrubs, put a stethoscope around your neck, had a lanyard around your neck, that you could still go around unchallenged in our hospitals.”
The hospital said it had developed an 11-point action plan to implement the recommendations and hoped they would all be finalised by early 2019.