R101. Assign ID cards to workforce members
The organization must guarantee that all the workforce members that carry out activities inside the facilities must be registered and have the corresponding access control system cards.
HIPAA Security Rules 164.310(a)(1) Facility Access Controls: Implement policies and procedures to limit physical access to its electronic information systems and the facility or facilities in which they are housed, while ensuring that properly authorized access is allowed.
HIPAA Security Rules 164.310(a)(2)(iii): Access Control and Validation Procedures: Implement procedures to control and validate a person’s access to facilities based on their role or function, including visitor control, and control of access to software programs for testing and revision.