HIPAA Security Rule Requires Physical Security of Equipment

While most HIPAA Security Rule violations involve electronic data breaches, healthcare providers and business associates could also face a violation for failing to physically secure computers and other equipment holding PHI.

The HIPAA Security rule requires the implementation of “physical safeguards for all workstations that access ePHI to restrict access to authorized users.”