Physically Securing Medical Equipment with Electronic Access Control -- Security Today

Physically Securing Medical Equipment with Electronic Access Control

By Steve Spatig
May 20, 2014

Physically Securing Medical Equipment with Electronic Access Control With HIPAA audits approaching, health care providers are concentrating their efforts on ensuring they have the appropriate physical safeguards in place to protect confidential patient information. Under new HIPAA rules, non-compliant providers face penalties of up to $1.5 million per year for security breaches, making access control a top priority.

Despite actions taken industry-wide to protect patient privacy, an alarming number of medical records are still subject to security breaches each year. According to a recent study published by Redspin, 199 large data breaches were reported to the Secretary of Health and Human Services (HHS) in 2013, impacting over 7 million patient records. Of those breaches reported to the HHS, 83.2% occurred due to theft and 22.1% resulted from unauthorized access.[1]

Health care IT managers can avoid costly penalties, improve security and better prepare for impending HIPAA audits by integrating intelligent electronic access solutions into the equipment that stores confidential patient data, such as server racks and wall mounted charting stations. Electronic access solutions combine intelligent electronic locking mechanisms with remote monitoring and audit trail capabilities, and can be networked with existing facility security systems to control access.

A “Digital Record” of Physical Activity

Physical security solutions traditionally used in health care facilities include mechanical locks with different keying options, some of which allow multiple key codes for added security. With the need for greater security clearly defined by HIPAA, health care IT managers are turning to electronic access solutions.

A complete electronic access solution consists of an electronic lock or latch, access control device and remote monitoring capabilities. Intelligent electronic locks can be operated from a variety of access control devices, from standalone keypads to fully networked RFID and biometric readers. Combining an electronic lock with an access control device provides an additional layer of security for health care equipment that stores valuable patient data.

Electronic access solutions eliminate the complexity of managing multiple mechanical keys and can provide real-time remote access monitoring and audit trail reporting through the generation of an electronic “signature” – a digital record of activity that can be monitored locally or remotely and aid in meeting compliance requirements.

Each time an electronic access-enabled enclosure opens or closes, a signal is sent to a monitoring system to confirm and log access. Depending on the configuration, electronic access reporting can provide simple open/close information as well as additional data such as:

Which credential was used to activate the electronic lock;
The time and duration of the event; and
If access was activated electronically or mechanically.

In the event a security breach does occur, this audit trail can be used to forensically reconstruct a series of events leading up to the suspicious activity.

Networked Solutions for Equipment Security

Electronic access solutions are ideal for securing medical equipment as they can provide an indisputable access audit trail for all doors and cabinets secured electronically, allowing the health care facility to demonstrate compliance with industry regulations such as HIPAA and HITECH. When combined with a building’s existing security system, electronic locks create one cohesive security network across the health care facility to control access.

For example, many facilities use wall-mounted charting stations that typically house computers containing HIPAA-protected information. Access to these stations must be tightly controlled as they are often located in high-traffic areas within the health care facility. Because multiple health care workers may have access to these stations on any given day, securing them and monitoring access can be a challenge.

Electronic access solutions that have been networked with the health care facility’s existing security network allow employees to access these charting stations with the same credentials they use to enter the building. Each time the card comes in contact with the reader and the door to the wall charting station opens or closes, a signal is sent to the monitoring system to confirm and log access, creating an audit trail of all activity.

Electronic access solutions work with existing user credentials to keep medical equipment secure, connecting building security and equipment access through standardized security credential protocols. Additionally, electronic locks can communicate with IP security cameras or other security devices, expanding the scope and capabilities of a security network.

Preparation Is Key

As the health care industry continues to anticipate HIPAA audits, it is critical for health care facilities to have the appropriate security controls in place to ensure compliance and protect valuable patient information. Electronic access offers a multitude of solutions for securing medical equipment throughout the hospital or institution, including intelligent locking mechanisms and access control devices that work with existing building security systems.

When choosing an electronic access solution, it should ultimately provide remote monitoring capabilities to control access within the facility and audit trail capabilities to demonstrate compliance with HIPAA requirements. It is important to consider access control and select an equipment level security solution that leverages the facility’s overall physical security system.

[1] BREACH REPORT 2013: Protected Health Information (PHI), Feb. 2014, www.redspin.com

About the Author

Steve Spatig is general manager of Southco’s Electronic Access Solutions Strategic Business Unit and has over 15 years of experience working in various design engineering and product management capacities with the company.

Elite Interactive Expands Team to Target Innovation and Strategic Growth
10/21/2025
Alan Gillmore, IV Assumes Presidency of The Monitoring Association
10/21/2025
SIA Women in Security Forum Launches Sixth Annual CAN DO Challenge to Combat Food Insecurity
10/20/2025
Securitas Technology Releases 2026 Global Technology Outlook Report
10/15/2025
HID Signs Agreement to Acquire IDmelon, Expand Passwordless Authentication Capabilities
10/15/2025
Convergint Opens New U.S. Headquarters
10/13/2025
ONVIF to End Support for Profile S, Recommends Profile T as Replacement
10/09/2025
Totem Achieves Immix Central Station Certification Status
10/09/2025

Featured

Identity Governance at the Crossroads of Complexity and Scale

Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now
- Cybersecurity
Eagle Eye Networks Launches AI Camera Gun Detection

Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now
- Active Shooter
Report: AI is Supercharging Old-School Cybercriminal Tactics

AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now
- Cybersecurity
Pragmatism, Productivity, and the Push for Accountability in 2025-2026

Every year, the security industry debates whether artificial intelligence is a disruption, an enabler, or a distraction. By 2025, that conversation matured, where AI became a working dimension in physical identity and access management (PIAM) programs. Observations from 2025 highlight this turning point in AI’s role in access control and define how security leaders are being distinguished based on how they apply it. Read Now
- Access Control
- Artificial Intelligence
Report: Cyber Attackers Continue to Turn to AI-Based Tools to Avoid Detection

Comcast Business recently released its 2025 Cybersecurity Threat Report, a comprehensive analysis of 34.6 billion cybersecurity events detected between June 1,2024 and May 31, 2025. Now in its third year, the report offers business leaders a unique perspective into the evolving threat landscape and provides actionable insights to help organizations strengthen their defenses and align cybersecurity with business risk. Read Now
- Artificial Intelligence
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Luma x20

Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”
Camden CV-7600 High Security Card Readers

Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.
Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.