I've wondered about this as well. A while back I received a packet from more than one of my clients instructing me on how I must make any computer I used to contain the records of their clients had to be secured with passwords, firewalls etc. It seemed to me at the time this was in order to ensure compliance with some law, but I don't remember if they mentioned this.

One large National Bank I work with  told me privately they don't trust the Internet for transmission of the information contained in our reports. It wasn't secure enough. This is why they wanted their reports returned only by Fax and NEVER by email.

I believe the companies and government intities who have embraced imaging and digital bulk distribution did so honestly but didn't foresee the consequences to security and privacy. Now that they have, it is difficult for a corporation or local government to admit the breach.