R297. Install sensors on information assets
The organization must have temperature and moisture sensors in areas where digital or physical information assets are stored.
HIPAA Security Rules 164.310(a)(2)(ii): Facility Security Plan: Implement policies and procedures to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft
HIPAA Security Rules 164.310(c): Workstation Security: Implement physical safeguards for all workstations that access electronic protected health information to restrict access to authorized users.