Encryption, you should use it
A recent editorial entitled "Health privacy issues can be resolved without obstructing care" made a number of good points, but the one which caught me eye, perhaps because it is the one that I regularly expound is this: "But as a few recent cases show, universal encryption of data (some forms of which may soon be required under the latest HIPAA rules) could eliminate the biggest source of security breaches."
Given the ubiquity of high-grade encryption programs, both built into operating systems such as MacOS Lion, Windows 7 Ultimate, Windows 7 Enterprise and most flavors of Linux, as well as free alternatives such as TrueCrypt, there is no longer any reason not to encrypt. In fact at a recent conference that I attended (HIT '12) one of the panelists specifically mentioned that with the phase-in of the newer privact rules, there will no longer be any acceptable reason not to encrypt your data - you may automatically be non-compliant just because your hard drives are not encrypted.
Here is the editorial I mentioned above: http://www.fiercehealthit.com/story/health-privacy-issues-can-be-resolve...