Fidelity Investments has announced that a laptop stolen from the company included the personal information, including Social Security numbers, of 186,000 current and former Hewlett-Packard (HP) employees. The theft is the most recent in a spate of high-profile security breaches linked to laptops. Victimized companies have included Ameriprise Financial, Boeing, and Verizon Communications. The Privacy Rights Clearinghouse, a consumer group, has a list of 27 cases where laptops with sensitive personal information stored on them were lost or stolen from companies, government, agencies, and other institutions over the past 13 months. The mobility of the workforce can conflict with the need to guard personal information well, say security experts, since, for instance a laptop is an example of data that sort of walks out the door, if you will, according to Richard M. Smith of Boston Software Forensics. Encryption is the solution, say security experts, because when passwords alone are used, they can be obtained directly from the computer hard drive without much difficulty. The Fidelity information was not encrypted, but the company is in the process of implementing encryption on laptops. The Ameriprise theft resulted from the theft of a laptop that was not encrypted, even though encryption is company policy. Among reasons that difficulties are being revealed is the passage of a 2003 California law requiring companies to notify customers of security breaches that involve personal data. Over 20 additional states have passed similar legislation, and Congress is also considering passage of such a law.