Remy is a psychologist and he keeps a lot of patient data on his phone. How can he lock that down without having to lock down all of his phone? Leo says it's wise to lock it down completely. If it's lost or stolen, he'll really want to make it difficult for someone to get to the data. Password protecting the phone with a passcode isn't that big of a disruption, and it's an extra measure to protect that data he's talking about. It encrypts the entire contents of the phone.
A good solution though is a password vault like LastPass. He can also use LastPast to store patient notes, SSNs, and more, and it's unaccessible to anyone except Remy since only he would have the password. Leo uses it all the time because not even LastPass has access to the information. So that makes it HIPA compliant. Leo suggests getting the premium version for $12 a year. But all the encryption and security in the world won't protect him from his own behavior.
If he has separate accounts on his computer, he should make sure he has them run as a limited user. Don't ever use the Admin account. Then he's prevented from installing apps and malware. How is Kaspersky? Leo says it works just fine. He prefers Eset's Nod32, but if he's already using Kaspersky, he'll be just fine.
(Disclaimer: ESET is a sponsor)