It is very common for the staff of small and medium sized healthcare organizations to store patient data on USB Flash Drives (a.k.a. Jump Drives or Thumb Drives). This is universally a bad idea and guarantees non-compliance with HIPAA. Below, I will discuss why and suggest some alternatives to accomplish the same ends.
While this article discusses USB Flash drives in particular, the same arguments hold for all portable media — full sized USB hard drives, writable CDs and DVDs, laptops, etc.
Read the rest of this post »