How Security Assessments Reduce Liability

In today's world, ensuring the security of your building is not just a good practice—it's a necessity. But what happens if you're aware of security problems and choose not to conduct a security assessment? Or, what if you perform a security assessment but fail to act on the recommendations? This article explores these scenarios and offers insights into the potential liabilities you may face.

I am writing this article because numerous clients have asked us to provide verbal recommendations for security instead of a written report. They ask this because they do not want anything in print that may make them liable if they cannot or do not implement security improvements. I always advise clients to have a written report, as I believe it reduces liability, which I will explain below.

Understanding Security Liability

Security liability refers to the legal responsibility a property owner or manager may have if someone is harmed due to inadequate security measures. This liability can arise from incidents such as theft, vandalism, or personal injury.

The Importance of a Security Assessment

A security assessment comprehensively evaluates a building's physical security, security systems, policies, and procedures. It helps identify potential vulnerabilities and offers recommendations for improvements. Conducting a security assessment is a proactive step towards mitigating risks.

Identification of Vulnerabilities: A thorough assessment will reveal weak points in your security setup, whether physical, such as unsecured entrances, technological, such as insufficient camera coverage, or procedural, like inadequate staff training.

Actionable Recommendations: Based on the findings, a security assessment will provide you with a clear list of actions to enhance safety on your premises.

Legal Protection: By identifying and addressing security issues, you can reduce the risk of being held liable for incidents that occur on your property.

Examples of How Security Assessments Can Help

It was discovered during a security assessment that a mid-sized office had a side door lock that did not properly latch and could be easily bypassed. This vulnerability allowed unauthorized individuals to enter the building unnoticed. Addressing it promptly prevented potential theft and security breaches.

A manufacturing company conducted a security assessment and discovered that emergency exits were improperly secured, creating a safety hazard during potential evacuations. By immediately addressing this issue, the company avoided a workplace injury that could have resulted in costly legal liabilities.

A local warehouse conducted a security assessment that revealed insufficient lighting in their loading dock area, posing a safety risk for employees and delivery drivers. After installing proper lighting and implementing a monitoring system, they reduced accidents and avoided potential liability from workplace injury claims. The proactive changes improved both safety and operational efficiency.

Let’s examine two scenarios. First, what happens when you know your building has security issues, but you choose not to document them through a security assessment? Second, what happens when you perform an assessment and do not implement the recommendations?

Scenario 1: Ignoring the Need for a Security Assessment

Choosing not to conduct a security assessment when you know there are problems can significantly increase your liability. Here's why:

Increased Risk of Incidents: Without a proper assessment, you may overlook critical vulnerabilities that could lead to security breaches. This lack of action can be seen as negligence, especially if an incident occurs that could have been prevented with better security measures.

Legal Implication: Failing to conduct a security assessment can be perceived as neglecting your duty of care to tenants, employees, or visitors. This neglect can make you more liable in a lawsuit, as you did not take reasonable steps to ensure safety.

Examples of Ignoring an Assessment

The following are examples of situations where the recommendation of a security assessment was ignored.

1. A shopping center faced a series of car break-ins. Despite customer complaints, management dismissed the issue and did not conduct a security assessment. A subsequent break-in led to stolen valuables and a legal claim, where the court found the property owner liable for failing to address known security issues.
   
   
2. The owner of a parking garage chose not to conduct a security assessment despite receiving advice to do so. When a patron was assaulted in the poorly lit garage, it was revealed that the owner had ignored previous complaints about broken lights and failed to address security risks. As a result, the owner was held liable for neglecting their duty to provide a safe environment.
   
   
3. After months of ignoring customer complaints about gang members loitering in the parking lot and harassing patrons at night, a convenience store owner ignored the recommendation to perform a security assessment that would address signage, lighting, and other safety measures. Unfortunately, the parking lot became the scene of a violent altercation.
   
   One evening, a customer was assaulted while walking to their car, suffering severe injuries that required hospitalization. In the subsequent lawsuit, the court ruled the store liable for failing to address the known safety hazard, determining that their negligence created an unsafe environment for customers.
   

Scenario 2: Conducting an Assessment But Not Implementing Recommendations

Performing a security assessment but not acting on its recommendations can also leave you exposed to liability.

Knowledge Without Action: If you identify security weaknesses but choose not to address them, you may be seen as willfully ignoring potential threats. This can be interpreted as a disregard for the safety of individuals on your property.

Potential Consequences: Not implementing recommended changes can lead to the same legal issues as not conducting an assessment at all. In some cases, it could be worse, as you have acknowledged the risks but opted not to mitigate them.

Examples of Not Implementing Security Recommendations

The following examples present circumstances where a security assessment was performed, but the recommendations were not implemented.

1. A hotel conducted a security assessment that flagged malfunctioning cameras at its entrances. Due to budget concerns, management delayed repairs. Months later, an intruder assaulted a guest, and the lack of functioning cameras made it impossible to identify the perpetrator. The hotel faced significant legal repercussions for not acting on known security risks.
   
   
2. A security assessment warned a government office building about the lack of proper mail screening equipment, highlighting the risk of dangerous items entering undetected. Ignoring the recommendation, the office continued operations until a package containing harmful materials was delivered, causing injuries and an evacuation. Legal action followed, with the agency held liable for failing to address a known security risk that could have been prevented with proper screening measures.

Balancing Costs and Safety

So, you perform an assessment, but you do not have the budget to implement all of the recommendations.

It's understandable that budget constraints can impact your ability to implement security improvements. However, prioritizing the most critical vulnerabilities and seeking cost-effective solutions can help balance financial concerns with the need for safety.

Prioritize Risks: Focus on addressing the most significant vulnerabilities first. This approach helps manage resources effectively while enhancing security.

Seek Professional Advice:Security professionals can provide guidance on which measures are essential and which can be phased in over time.

Regular Reviews: Conduct regular reviews of your security measures to ensure they remain effective and adjust as necessary.

Good-Faith Effort Can Mitigate Liability

The last building we assessed had over 40 recommendations to improve security. Some of these recommendations were inexpensive, while others needed to be placed in a capital improvement plan and budgeted for over multiple years. Having a professional assessment and starting the implementation process of affordable and high-priority recommendations is critical to demonstrate your intention of improving security.

Showing a good faith effort to implement security recommendations while budgeting for more expensive improvements can help protect the building owner from future liabilities. While it does not completely eliminate the risk, the courts generally consider whether an owner acted reasonably given the circumstances. 

Reasonable action includes financial constraints when determining liability. By prioritizing critical recommendations, documenting the reasons for delays, and actively planning to address the remaining issues, the owner demonstrates due diligence, which can serve as a defense if an incident occurs.

Conclusion

Both ignoring the need for a security assessment and failing to implement its recommendations can significantly increase your liability. Security assessments are essential for identifying potential risks and vulnerabilities that could lead to incidents, property damage, or injury. Overlooking these risks not only endangers occupants but also exposes property owners to legal and financial consequences.

To minimize these risks, it’s crucial to proactively manage security through regular assessments, implementing necessary changes, and maintaining a robust security program. By taking these steps, you not only protect your property and occupants but also demonstrate a commitment to safety and compliance. Proactive security management is more than a legal obligation—it’s a safeguard against preventable incidents and a cornerstone of responsible ownership.