Privacy & security
In a clinic, a loose USB stick is a walking breach.
Moving scans, results or slides on a shared drive feels efficient. But a clinical USB combines the two worst properties for sensitive data: it's easy to lose, and easy for whoever finds it to read.
6 min read
Mar 2026
Every claim sourced · 3 references
A registrar copies imaging onto the department stick to show in the meeting room. A trainer loads case slides for a teaching session. It's routine, it's fast — and it quietly turns highly sensitive data into the most losable object in the building.
✕ The myth
"It's just a convenient way to move files between machines."
Everyone uses the shared drive; it never leaves the department.
✓ The reality
Convenient to move means convenient to lose — and read.
People open roughly 45% of USB drives they find,1 and lost removable media is a classic, often reportable data breach.
Put the two facts together. A drive of patient data left in a taxi or a café isn't a private loss — the controlled study shows a finder is very likely to plug it in and browse it.1 And breaches are expensive: the 2024 global average hit $4.88 million, with regulatory fines among the biggest contributors.2 In healthcare, an exposure of patient information can also trigger mandatory breach notification and regulatory action.3
The regulatory weight behind a small object
The reason hospitals treat loose drives so seriously isn't paranoia — it's the law and the cost. Patient data carries some of the strictest handling obligations there are, and a lost unencrypted drive can convert a five-second convenience into a notifiable breach with fines, investigations and reputational damage attached.23
$0.00M
Average breach cost in 2024 — with regulatory fines a leading contributor.
2
Reportable
Lost media exposing patient data can trigger mandatory breach notification.
3
Findable
A dropped drive is very likely to be picked up and opened.
1
⚖ The honest bit — encryption helps a lot
An encrypted, managed drive is a different animal.
Let's be fair: a properly encrypted, organisation-managed USB drive dramatically reduces this risk — a finder gets ciphertext, not records, and many breach regimes treat strongly-encrypted lost media far more leniently. If your institution mandates hardware-encrypted drives and device control, a lot of this danger is already handled. The residual problem is the unencrypted convenience stick that appears anyway because it's easy, plus the paperwork even an encrypted loss can generate. The cleanest position remains: don't create a loose copy of patient data just to show it in the next room.
Where SyncBy!App fits
When the goal is simply to display results on the meeting-room screen, SyncBy lets you do it from your device without copying anything onto a drive — the slides stream to the screen and are never written to portable media or uploaded. It doesn't replace your institution's secure systems of record; it removes the specific temptation to sneaker-net patient data on a stick just to get it on a wall.
TL;DR
- A lost USB is very likely to be found and opened (~45% in a controlled study).1
- Exposed patient data can mean mandatory breach reporting and fines; breaches average $4.88M.23
- Honest caveat: encrypted, managed drives materially cut the risk — the villain is the unencrypted convenience stick.
- Best of all: don't create a loose copy just to show results in the next room.