It’s a really simple concept that some people still have not grasped, even though they presumably received employee training on HIPAA and data protection:
Do not take patient data with you that you intend to work on when you’re in public spaces. You may leave it behind.