The Atlantic Health System, Morristown, N.J., has developed a rigorous safety program called Red Cell, using undercover agents to test for weaknesses in hospital security. The effort has helped to strengthen Atlantic's protocols, while also earning industry accolades.

Atlantic toughened its security after 9/11 by adding card readers and security cameras. But those measures weren't always effective in preventing unauthorized persons from entering its facilities.

Atlantic Health brought in former law enforcement officers and security experts in 2009 to identify and prevent potential breaches by working undercover to gain unauthorized access to sensitive areas within system facilities.

During these surveys, the undercover, plainclothes agents test locks and access to equipment, as well as the ability of employees to question or challenge individuals as to whether they are authorized to be in a particular area. The intent is to help the health care system's managers tighten security where needed.

"The best way to begin to fortify your security is to identify the potential risks," Alan Robinson, director of protection and security services and emergency management for Atlantic Health System told Health Facilities Management's sister publication Hospitals & Health Networks.

Results of Red Cell have been promising, as Atlantic Health has experienced a noticeable decline in the number of times agents were able to infiltrate hospitals over the past few years — from 22 percent of the attempts in the first year of the program, down to 5 percent last year.

Last month, Atlantic earned one of CSO magazine's inaugural CSO40 Awards, honoring security projects "that demonstrate outstanding business value and thought leadership." The Joint Commission also recognized the Red Cell program last year as an example of security best practices.

U.S. intelligence agencies and others have used Red Cell for decades to obtain insights from persons outside their organizations.