After BCBS of Tennessee had that horribly time-consuming and costly breach involving 57 tapes with oodles of personal and protected health information that they had to wade through, they apparently learned their lesson.  Howard Anderson writes:

BlueCross BlueShield of Tennessee, which experienced a health information breach affecting nearly 1 million individuals in 2009, has completed the encryption of all its stored data.

In the aftermath of the October 2009 incident, which involved the theft of 57 unencrypted hard drives from servers at a call center that had recently closed, officials at the insurer last year described security steps they planned to take, including widespread use of encryption (see: BCBS of Tenn. Breach: Lessons Learned). The Blues plan now says it has invested more than $6 million and 5,000 man-hours in encrypting all data at rest, a total of 885 terabytes of information. That includes patient information on computer hard drives, servers and removable media.

Read more on HealthcareInfoSecurity.com