It emerged recently that two hospitals have suffered data losses, one in the UK and the other in US. The losses (here and here), illustrate the need not just for encryption, but for clear internal policy guidelines for handling data and the need for staff to be made aware of policy and trained in how to handle data. Patient records in particular can be highly sensitive and the impact of their loss considerable to those concerned, the need for protection is obvious.
