I'm mostly just surprised that the doctor didn't lock the workstation when they left the room. Especially if it was a radiology workstation (rather than e.g. exam room EMR workstations); the sensitive data risk from leaving it unlocked is huge!

Like, I'm not saying that'd solve computer security or anything, someone could still break into a locked computer. But it would definitely raise the level of effort required to access medical data up from "has a flash drive and five minutes".

I'm sure doctors get the same lock-your-workstation trainings as the rest of us, and ignore them about as often. I wonder if smartcards would be appropriate here: since doctors are typically jumping between lots of "thin-client equivalent" computers around their practice all day, could we give them smartcards that need to be physically inserted in computers in order to log in? Pull the card, computer logs you out; don't forget your card in the exam room or you can't log into the next one.

Like, I'm sure they'd have tantrums (any kind of users would, at this transition), but putting that aside: this kind of system is technically cheap and has been well-supported for decades. Would the overhead of employing it at medical practices be preventative? Is it already employed at some practices? How does it work there?