Everything I hear about this crap makes me feel so much better I never use it.

Didn’t they make Bitlocker a default setting?

This is obviously a bad thing, and should absolutely be protected by normal file ACLs, but if a business isn’t protecting their devices against basic theft or hard drive removal then they have bigger things to worry about than just unencrypted OCR data.

The bigger issue would be an insider attack on a shared machine. Better lock down any desktops in the executive conference room!