ABSTRACT
Physical security has long been documented with specific technologies, such as closed-circuit cameras (CCT) and alarm systems. Traditional security staff focus on personnel and access controls, while Information Technology (IT) security professionals tend to focus on the logical controls. The goal of a physical security program is to provide a safe environment for patients and clinical staff. The measures employed to accomplish this goal include locks, cameras, card access systems, fire suppression, backup power, and additional disaster recovery technologies. Physical security is often the most visible means of security because the controls used in physical security are visible to insiders as well as outsiders. A physical attack can be launched against any element of an IT system, from the physical equipment to its storage systems to the personnel who run and maintain the systems. Information systems are easily damaged by water leaks, condensation, and other water sources.
