Physical measures, policies, and procedures to protect a covered entity's or business associate’s electronic information systems and related buildings and equipment from natural and environmental hazards, and unauthorized intrusion.
Sources:
NIST SP 800-66r2
from
HIPAA Security Rule - §164.304