We all know how computers are targeted for theft. The thieves grab the computers and sell them. Not a big deal if you calculate the loss based on the replacement cost of the computer. A bigger deal if you think about the work that you did not back up. A HUGE deal if you are in California or collect data from California residents. This article is just one of many in recent weeks. Can you imagine being a small medical service and having to mail out hundreds of thousands of notifications?
Time to seriously think about encrypting data on machines that hold this sort of information. It is easy so why not do it? The California laws do not even specify which encryption algorithym you need to use. Rot13 would suffice!