Author's Self-Rating: V-T-BBB - Loss of laptops with sensitive informaiton on them is a common problem in many industries. But the story below is typical of many hospital environments.

Click HERE to see the story in The Gazette (UK) about a laptop that was lost by an employee - he was fired (or "sacked" as they say in Britain).

The first question should be "Why are all our laptops and mobile storage devices not encrypted?"

Full disk encryption products are widely available, and not that expensive, especially considering the impact of losing any data that is on them. PGP Disk is a product I've used and it works quite well.

The other important question should be, "Why is sensitive information being used on these laptops in the first place?" It may be a valid reason, but the more sensitive data you have that's on the move, the higher the risk. If people are violating the policies, what measures do you have in place to enforce them and deter people from going against them?