As we indicated in the report, we have already taken a certain number of very real measures to respond to these recommendations.
In light of the incident we immediately reviewed and reinforced our procedure and protocol involving IT security specifically pertaining to the handling of personal information on portable storage devices such as USB keys and external hard drives.
As well we took action to strengthen training for employees regarding the proper handling of sensitive data such as personal information.
To be a bit more specific we have new stricter protocols that have been implemented. Unencrypted external hard drives are no longer permitted in the department.