Cabinet security was already a concern in hospitals where drug theft is a problem, but has become an increased concern particularly in U.S. hospitals where new HIPAA privacy security regulations have mandated that patient data be secured by key or pass code locking device. There are a wide variety of locking arrangements available to accomplish the task.
Simplex combination cabinet locks appear often in this application. They are relatively inexpensive, not too hard to install, and accomplish basic compliance with HIPAA. The regulations state that access to codes (or keys) should be limited, however, when you have a five-button mechanical combination lock, several hundred people can know the combination in a very short time by word of mouth. Therefore a more costly and complex solution might be necessary in order to comply with the spirit of the regulations that are designed to actually protect patients’ privacy.
The best way to control people is to make them individually responsible. That’s what electronic access control is all about. Typically an institution adopts electronic access control for the audit trail capabilities that monitor who does what, where and when. So if a patient’s information goes viral on the ‘Net, the debacle can more probably be traced back to its source.
As for credentials, biometrics is the most secure since one cannot share their fingerprint, but card or fob credentials are also effective. People are less likely to share any credential that can be traced back to them. Of course, unlike a fingerprint on a live finger, a card or prox fob could be stolen. I do recommend a physical credential of some kind because PIN numbers are too easily shared.
The drawback to electronic security as applied to cabinets is that most available, good access control hardware tends to be hard wired. Wiring can be difficult in such tight spaces, yet there are some solutions available. For example, a resourceful access control installer could use an SDC model 1583 electromagnetic cabinet lock and an IEI Prox.pad keypad/proximity reader to secure a cabinet. For a fail secure locking device, an RCI 3513 electric cabinet lock could be substituted for the SDC 1583. The system would run on 24 volts DC and would need a power supply, but at least you could get audit trail and time zone capability out of it, with a Wiegand output for your existing access control system.
There are some glimmers of hope. There are some stand-alone, battery operated cabinet locks that read a proximity card or i-Button. But these are simply add-and-delete-user systems that allow control of who has access but does not keep track of when. Without audit trail capability, access control is little better than that Simplex mechanical combination lock or a regular cabinet lock with its regular brass key.
For now the ultimate solution for cabinet security seems to be to put the cabinet in a locked room and use access control on the room rather than the cabinet. But I think that will change, don’t you?