Bert, from a security perspective, the opposite is true.
When I ran corporate IT, we ALWAYS disabled DHCP, and managed the entire IP space.
We ran a network monitoring script internally that emailed and alerted us as soon as a device started broadcasting for DHCP - it was a dead giveaway that an unauthorized device had been inserted into the network.
Actually the same can be done with DHCP. You can reserve IP's outside of your broadcast range. It's probably a lot easier for your average user to see a device pop up in a router's web interface. It could also be scripted.
The pinpointing is at the switch level anyways so static vs dynamic doesn't matter.
Also, it's probably non-issue for most doctor's offices who would probably notice someone unplugging one of their computers to hook their own into a LAN jack. So, I'm with Bert on this one, DHCP all the way.
.png "ACUF Donor I")
