Positive steps can be made by the public health sector to adopt cost effective, tried and tested technology such as encrypted USB devices that will deliver improved data security, as long as the relevant education is put in place regarding correct use and implementation, quashing the uneducated fears surrounding the damage they can bring.
For instance, a strict policy that eradicates employee use of personal devices in the working environment is paramount. The policy should also include information on the importance of encryption and auditing regarding the movement of information using mobile devices.
Auditing can be difficult due to the physical size of USBs and the number an organisation may have. However, auditing comes through their encryption so even if one does find itself in the wrong the data is protected.
Mobile devices such as laptops can bring more problems than USBs as in one form or another they are more likely to give an indication of who they belong to - making their passwords, not easier, but more targeted than that of USBs.