Confidential data stored on a memory stick must be encrypted.
Use one of the following methods:
1) Use secure memory sticks with built-in encryption.
IT Services recommends a device certified to the CESG CAPS or FIPS140-2 cryptographic standards such as the SafeXsFIPS. This is also a requirement laid down in the NHS e-Health directive.
2) Use standard memory sticks, along with TrueCrypt encryption software.
The advantage of
1) is in simplicity of use but these devices are much more expensive than ordinary memory sticks. By contrast,
2) does not have any direct cost as the software is free, but it is necessary to become familiar with the software and use it correctly at all times.