{{org_field_logo}}

{{org_field_name}}

Registration Number: {{org_field_registration_no}}

---

Safe and Secure Business Premises Policy

1. Purpose

The purpose of this policy is to ensure that {{org_field_name}} provides a safe, secure, and well-maintained environment for service users, staff, and visitors. It outlines the measures taken to protect individuals, property, and sensitive information while complying with Care Inspectorate Wales (CIW) regulations and health and safety legislation. This policy aims to prevent unauthorised access, ensure emergency preparedness, and maintain a comfortable living and working environment for all.

This policy aligns with:

• The Regulation and Inspection of Social Care (Wales) Act 2016, which requires service providers to ensure premises are safe and fit for purpose​.
• The Health and Safety at Work Act 1974, which mandates safe working environments.
• The Fire Safety (Wales) Regulations 2022, which set fire prevention and emergency response requirements.
• The General Data Protection Regulation (UK GDPR), which ensures secure storage of personal information.
• Care Inspectorate Wales (CIW) guidance, which outlines expectations for security, cleanliness, and emergency planning​.

2. Scope

This policy applies to:

• All staff members, ensuring they understand their responsibilities for security and safety.
• Service users, ensuring their environment is comfortable, safe, and secure.
• Visitors and contractors, ensuring controlled access and adherence to safety protocols.
• Equipment, documentation, and property, ensuring proper security and maintenance.

The policy covers:

• Physical security measures, including access control and surveillance.
• Health and safety procedures, including risk assessments and compliance with regulations.
• Fire safety and emergency planning.
• Confidentiality and data protection within the premises.

3. Principles of Safe and Secure Premises

3.1. Ensuring a Safe and Well-Maintained Environment

At {{org_field_name}}, we ensure that the premises are:

• Clean, well-lit, and free from hazards, reducing the risk of accidents and injuries.
• Designed to support accessibility, ensuring wheelchair users and those with mobility needs can navigate safely.
• Regularly inspected, with maintenance checks on fire exits, lighting, flooring, and stairways.
• Adequately ventilated and temperature-controlled, providing comfort for service users and staff.

A premises risk assessment is conducted quarterly, and findings are documented with corrective actions implemented.

3.2. Access Control and Prevention of Unauthorised Entry

To protect service users, staff, and confidential records, we have strict access control measures, including:

• Key card or keypad access to secure areas, ensuring only authorised personnel can enter.
• Sign-in and sign-out procedures for visitors, ensuring accountability.
• CCTV surveillance in external and communal areas, monitored for security purposes.
• Restricted access to sensitive areas, such as medication storage rooms and personal records.

Staff are responsible for ensuring that doors and windows are locked when necessary and that unauthorised persons are challenged or reported.

3.3. Fire Safety and Emergency Preparedness

Fire safety is a critical component of our security strategy. We ensure:

• A Fire Risk Assessment is conducted annually, with actions taken to mitigate risks.
• Fire alarms, extinguishers, and sprinkler systems are maintained and tested regularly.
• Fire escape routes are clear, with clear signage and emergency lighting.
• All staff receive fire safety training, including fire drill participation every six months.
• An evacuation plan is in place, with designated fire wardens ensuring safe exits.

In the event of a fire, staff must follow emergency protocols and assist service users to designated assembly points.

3.4. Secure Handling of Personal and Confidential Information

Confidentiality and data protection are key security concerns within the premises. We ensure:

• Service user records are stored in locked cabinets and/or password-protected databases.
• Only authorised staff have access to personal data, following GDPR regulations.
• Visitors and contractors sign confidentiality agreements where necessary.
• Shredding of confidential documents before disposal, preventing data breaches.

Data breaches or unauthorised access to confidential information must be reported immediately to the Data Protection Officer: {{org_field_data_protection_officer_first_name}} {{org_field_data_protection_officer_last_name}}.

3.5. Health and Safety Compliance and Risk Management

To ensure the ongoing safety of service users and staff, we:

• Conduct regular risk assessments, identifying hazards and implementing controls.
• Follow infection prevention and control procedures, including cleaning and PPE use.
• Provide staff training on manual handling, first aid, and accident reporting.
• Ensure emergency procedures (fire, power failure, medical emergency) are well-documented and rehearsed.

All incidents, near-misses, and accidents must be reported and logged in line with our Health and Safety Policy.

3.6. Staff Responsibilities and Training

All staff members must adhere to this policy and:

• Complete safety and security training as part of induction and annual refresher courses.
• Follow procedures for access control, fire safety, and data protection.
• Report concerns about security, health hazards, or suspicious behaviour to the Registered Manager.
• Support service users in understanding and following security measures, ensuring their participation in safety protocols.

Managers are responsible for monitoring compliance and ensuring staff receive regular updates on safety measures.

4. Managing Security and Safety Efficiently

4.1. Leadership and Accountability

• The Registered Manager is responsible for overseeing security, health and safety compliance, and risk assessments.
• The Fire Safety Lead: {{org_field_the_fire_safety_lead_name}} ensures that all fire prevention measures are in place.
• The Data Protection Officer ensures that confidentiality and GDPR regulations are adhered to.
• All staff members are accountable for following security and safety procedures in their daily work.

4.2. Staff Training and Awareness

• Mandatory training in security, fire safety, and data protection is provided to all new staff.
• Annual refresher courses ensure knowledge is up to date.
• Security drills and fire evacuations are carried out bi-annually.
• Incident reporting and lessons learned are incorporated into staff training.

4.3. Monitoring and Continuous Improvement

• Quarterly security audits are conducted to identify risks and improvement areas.
• Feedback from staff, service users, and families is used to enhance safety measures.
• Incident logs and near-miss reports are reviewed regularly to identify trends.
• Annual policy reviews ensure alignment with CIW regulations and legal updates.

5. Related Policies

This policy is supported by:

• CHW11 – Safe Care and Treatment Policy
• CHW16 – Health and Safety at Work Policy
• CHW17 – Infection Prevention and Control Policy
• CHW18 – Risk Management and Assessment Policy
• CHW19 – Emergency and Business Continuity Plan
• CHW20 – Fire Safety and Evacuation Procedures
• CHW34 – Confidentiality and Data Protection (GDPR) Policy

6. Policy Review

This policy is reviewed annually, or sooner if required due to legislative changes, CIW guidance updates, or security incidents. Updates are communicated to all staff, and additional training is provided as necessary.

---

Responsible Person: {{org_field_registered_manager_first_name}} {{org_field_registered_manager_last_name}}
Reviewed on: {{last_update_date}}
Next Review Date: {{next_review_date}}
Copyright © {{current_year}} – {{org_field_name}}. All rights reserved.