How It Works Enterprise Solutions Use Cases Where It Goes Plans Become a Partner Pre-Order My Account
Hospital & Healthcare Security

A Restricted Door
Gets Crossed at 2am.
The Cameras Saw a Stranger.
You Need to Know Who.

Hospitals are not secure buildings. They are buildings with restricted areas inside. The cameras saw what happened. They cannot say who. Digital Tripwire logs every device that crossed the threshold, with a tamper-evident record that protects the patient, the nurse, and the institution.

Request a Hospital Pilot
The Problem
Cameras Cover the Hallway.
They Can't Identify the Hands.

A hospital is a 24-hour public building with restricted areas inside it. Visitors, contractors, agency nurses, and patients move through constantly. Staff turnover is high enough that nobody on the night shift knows everyone on the day shift by sight. The cameras at the nursery door, the pharmacy intake, the morgue, and the ED triage capture everyone walking past. They cannot identify them, link them to other locations they were seen, or hand a defensible record to a federal investigator the next morning.

Every high-stakes hospital security failure shares that single gap. The camera caught the event. It did not produce evidence. Digital Tripwire was built to do exactly that, and it does it without changing how clinicians work.

$72B
Annual U.S. drug
diversion losses
2x
Healthcare workplace
violence vs. other industries
$4,000
Avg. equipment
shrink per bed annually
100%
Of Schedule II custody
is federally regulated
Hospital corridor at night
Digital Tripwire nodes in hospital pharmacy and nursery
The Solution
Every Restricted Door
Logs Who Was There.

Digital Tripwire nodes are embedded inside every restricted-access threshold across the hospital. The hub sits in the IT closet or security office on standard power. Nothing on the patient floor changes. Nothing in the clinician workflow changes.

When a node detects motion or proximity, it scans every Bluetooth and Wi-Fi device within 10 feet. MAC address, signal strength, timestamp. Uploaded over LTE-M cellular, independent of hospital network and EMR systems. The log is HIPAA-aware: it captures device proximity, never patient health information. Exactly what a federal investigator or a Joint Commission auditor needs, and nothing more.

  • Per-room device-level proximity logs without PHI capture
  • LTE-M cellular, independent of hospital network or EMR
  • HIPAA-aware, DEA, Joint Commission, and CMS audit-ready
The Node Ecosystem
Hidden in the Hardware. Built
to Protect Patients and Staff.

Nodes embedded across every restricted zone in the building create a defensible chain of custody at every threshold that matters.

Tap any node to see what it protects
Placement Guide
8 Spots That Cover Every Restricted Zone

Strategic node placement covers the federally regulated, clinically restricted, and operationally sensitive zones across the hospital. Designed in coordination with security directors, pharmacy leadership, and risk management.

P
Pharmacy / Pyxis
Behind the Pyxis. DEA Schedule II diversion documentation.
N
Nursery / L&D
Inside the door frame. The most critical node in the building.
O
Operating Room
Inside the OR door. Instrument counts and never-event records.
E
ED Triage
Inside triage. Highest workplace-violence-incident location.
M
Materials Management
Inside dock frame. Equipment and supply shrink investigations.
B
Morgue / Biohazard
Inside cold room frame. Body and specimen chain of custody.
H
Behavioral Health
Inside unit door. Elopement and contraband documentation.
I
Imaging / Radiology
Inside contrast cabinet. NRC radiopharmaceutical custody.
Infant Abduction Prevention
When the Infant-Tag Fails,
You Need a Record
That Doesn't.

Modern L&D and nursery units rely on infant security tags that trip the door alarm if a tagged baby crosses the threshold. The catastrophic failure mode is when the tag is tampered with, removed prematurely, or defeated by an abductor who knows the system. Post-incident reviews almost always identify the same gap: the alarm worked, the camera caught a person walking out, the staff could not identify them in time, and the FBI investigator showed up to a hospital that could not produce defensible records of who was present in the unit during the abduction window.

Digital Tripwire is the independent record. The node inside the L&D and nursery door frame logs every device that crosses the threshold, every time, regardless of whether an infant tag was present, working, or tampered with. When the worst happens, the FBI gets a hash-signed proximity log of every person who entered or left the unit during the relevant window, cross-referenced against any other node in the building (the lobby, the parking garage, the morgue door, the back stairwell). That is the difference between a unsolved case and an arrest by Tuesday morning.

  • Independent of infant-tag system, badge access, and camera
  • Logs every device crossing the L&D and nursery threshold
  • Cross-references against lobby, garage, stairwell, and exits
  • FBI Crimes Against Children Task Force ready exports
  • Joint Commission infant security audit ready
Hospital nursery and L&D unit
Hospital pharmacy with Pyxis cabinet
Drug Diversion & DEA Compliance
Federal Law Requires
Documented Custody.
Most Hospitals Have a Paper Log.

DEA Schedule II handling requires controlled substances be stored in a securely locked cabinet with strict accountability for every dose dispensed and wasted. Most hospitals satisfy the letter of the law with a Pyxis or Omnicell, a witnessed waste log, and a quarterly inventory. The DEA Diversion Investigator who walks in for an unannounced audit wants more: defensible, timestamped, tamper-evident records of who was present at every override, every count discrepancy, and every wastage event.

Drug diversion is the single most expensive ongoing loss in modern hospitals, with industry estimates exceeding $72B annually when patient harm, regulatory fines, and replacement costs are included. It is almost always internal, almost always by a clinician with authorized access, and almost always documented for months in subtle Pyxis transaction patterns the hospital cannot prove. Digital Tripwire produces the proof: hash-signed proximity logs of every device present at every Schedule II event, exportable to DEA, the State Board of Pharmacy, and the hospital's diversion task force.

DEA 21 CFR Joint Commission CMS State Pharmacy Board USP 800 340B Audit
Workplace Violence & Staff Safety
Healthcare Workers Are Assaulted
at Twice the Rate
of Any Other Industry.

Healthcare workers experience workplace violence at twice the rate of workers in any other industry. The ED is the epicenter, with triage staff, charge nurses, and physicians absorbing the bulk of the assault, threat, and intimidation events. Most of these events end with a stitched-up nurse, a filed incident report, and no documented identification of the assailant beyond a badge photo if they were a registered patient. If they were a visitor or a non-registered companion, the camera might have a face. It almost never has a name.

Digital Tripwire logs every device present at every ED event. When a charge nurse is assaulted at triage, the proximity log surfaces the device cluster of the assailant within seconds, cross-referenced against lobby, parking, and elevator nodes to produce a complete movement record. The same device cluster appearing at a second hospital across the system the next month flags the repeat threat actor before they reach the triage desk again.

Hospital emergency department triage area
The Difference
Existing Hospital Security vs. Digital Tripwire
CapabilityDigital TripwireCameras & Badges
Identifies devices, not silhouettes-
Tracks visitors and contractorsYesBadge issuance only
Independent of infant-tag systemSystem-dependent
Cross-room movement reconstructionManual review
DEA-grade chain of custodyPyxis log only
HIPAA-aware (no PHI capture)Varies
Independent of hospital networkLTE-M cellularRequires network
Subpoena / FBI ready exportCSV / JSON + hashVaries
RetentionCloud, indefiniteTypically 30-90 days
Hospital FAQ
Common Questions
Is this HIPAA-compliant?+
The system is purpose-built to be HIPAA-aware. It captures device proximity (MAC address, signal strength, timestamp) only. It does not capture, store, or transmit any patient health information, clinical content, audio, video, or identifying patient data. Because it does not handle PHI, it does not fall under the Business Associate framework in the same way an EMR or billing vendor would. The deployment is reviewed alongside the hospital's privacy officer and risk management team, and standard policy disclosure framework is provided for visitor and contractor signage.
Will this disrupt clinical workflow?+
No. Nodes are passive sensors hidden inside door frames, behind cabinets, and inside hardware that clinicians do not interact with. There is nothing for nurses, physicians, or pharmacy staff to scan, badge, or remember. The system is intentionally invisible to the clinician, which is also why it produces a defensible record: the people being logged do not know they are being logged at the device level, which is exactly what you need for a diversion investigation.
How does this interact with our infant security system?+
It runs alongside your existing infant-tag system as an independent backup record. The infant tag is the primary alert mechanism and remains in place. The Digital Tripwire node at the L&D and nursery threshold is the forensic record that survives any tag tampering, malfunction, or workflow gap. In the catastrophic-failure scenario where the tag system fails, the proximity log is what hands the FBI the device cluster of every person who crossed the threshold during the abduction window. The two systems are complementary, not redundant.
Is the proximity log admissible to DEA and Joint Commission?+
The export is designed specifically for regulatory and federal evidentiary use. Each log entry is hash-signed at the moment of capture, the upload chain is documented, and the export package includes chain-of-custody metadata showing every transformation between capture and delivery. Digital Tripwire is built around the same evidence-handling standards used in digital forensics. DEA diversion investigators, Joint Commission auditors, and CMS surveyors review supplemental electronic logs as part of standard practice, and the Digital Tripwire export is structured to fit that review process.
What about visitor and patient privacy?+
The intended deployment is in restricted-access zones (pharmacy, L&D, OR, behavioral health, materials management, morgue) where patients and visitors already operate under documented monitoring frameworks (cameras, badge access, signage). The system does not capture identity, content, or any data outside of MAC address proximity. This is functionally similar to the proximity logging that hospital Wi-Fi infrastructure already performs for network management and asset tracking, and it falls under the same disclosure framework.
How do we pilot this in a hospital environment?+
Standard hospital pilots run 90-120 days, focused on the highest-stakes zones first: pharmacy with Pyxis, L&D and nursery, and the ED. Six to nine nodes plus a hub. Installation is non-invasive and is typically done by hospital facilities during a routine maintenance window. The pilot is structured as a formal evaluation with security, pharmacy, risk management, the privacy officer, and nursing leadership at the table. Most hospitals expand from a single-unit pilot to a system-wide deployment within twelve months. Contact us for hospital scoping.
Pilot Digital Tripwire
Your Patients Deserve
a Witness.

Hospital pricing scaled to bed count. Pilot a single unit in 90 days. DEA-grade chain of custody, infant security backup record, ED workplace violence documentation, hash-signed forensic export packets.

Request a Hospital Pilot