Do You Use Employee Privacy and Security Policy and Procedure Checklist Templates?

Do You Use Employee Privacy and Security Policy and Procedure Checklist Templates?

Why Do You Need Policy and Procedure Checklists for Onboarding and Exiting Employees?

There is much excitement when we welcome a new hire to our team and there are many administrative tasks that need to take place to get this individual up and running. An employee policy and procedure checklist will help!

Policies and procedures must be in writing, available to employees, and monitored to ensure that they are followed to protect patient privacy as required by our professional colleges and privacy legislation. Otherwise, you face all sorts of risks, including privacy breaches and other legal problems.

To ensure that onboarding a new employee is a smooth transition, it is imperative to follow a practical checklist procedure to make sure no important steps are missed. There are also many other managerial benefits to adopting this high-quality process:

  • Better job performance and satisfaction
  • Greater commitment to protecting privacy in the organization
  • Reduced stress and better staff retention

Employee Privacy and Security Policy and Procedure Checklist

Policies and procedures are reasonable safeguards to protect the personal and health information entrusted to us. But polices and good intentions alone are not enough; we also need to take action to ensure our policies are understood and are being followed by all our employees.

Training new and existing staff on privacy and security best practices is instrumental in making your healthcare practice a success and maintaining its fine reputation. Following a systematic approach to welcoming a new employee, transitioning an existing employee into a new position, or offboarding an employee who is exiting will guarantee that valuable privacy and security training and accesses are completed.

Read this Privacy Breach Nugget that explains what can happen if you don’t have these good practices in place. Do You Know Where Your Policies And Procedures Are? 

New Employee Orientation / Onboarding

New employees are a welcome addition to any team and there is a vast amount of training that needs to take place from general procedures on how to handle phone calls to signing confidentiality oaths to becoming familiar with all policies and procedures, in addition to learning the everyday job duties for their own position.

Since privacy is good for business, we do not want to miss any important opportunities to train our new staff on privacy and security best practices. Using the Employee Privacy and Security Checklist will help facilitate training discussions and document the authorized accesses of each employee.

Existing Employees / Annual Review

The checklist will also act as a tool for each employee at their performance review. Provide positive feedback and observations of an employee’s successes in protecting personal information. Discuss opportunities for improvement, too. This is also a good time to review an employee’s current authorized role-based accesses and determine if any changes are needed to match the employee’s current job duties.

Ensure that the employee still has ‘tokens’ that they were given at the time of their hire, like identity badge, keys to the clinic or Alberta Netcare RSA fob.

Privacy and security best practices dictate that confidentiality oaths should be signed on an annual basis and annual privacy awareness and security refresher training should also be provided to all employees. In the event of a privacy incident or breach, it is imperative that a healthcare practice can prove by their documentation that regular privacy and security training is provided to their staff.

Transferring / Exiting Employees

When an employee transitions into a new role or is terminated, review and update the privacy and security checklist to ensure that access and permissions are appropriately modified or terminated.

Custodian Responsibility

Custodians have an obligation to ensure reasonable safeguards to protect the privacy and security of health information. This includes having appropriate policies and procedures in place, as well as demonstrating and documenting that you have implemented your plans. This is a requirement of professional college standards of practice and privacy legislation like the Health Information Act (HIA).

See the article Do You Know Where Your Policies And Procedures Are? to learn what can happen to you if you don’t have your employee training process well documented

The Employee Privacy and Security Checklist will make it easy for you to ensure your new hires, existing employees, and transferring or exiting employees are privacy and security compliant.



Your practice also needs to have policies and procedures that set out how you ensure the privacy, confidentiality, and security of the health information you collect, use, and disclose. Don’t know which policies and procedures you need? Download the Privacy and Security Policies and Procedures Checklist below!


Practice Management Success

If you are a member of Practice Management Success, login and access the webinar replay, and the policy, procedure, and checklist template.

Not a member? Join today!


When we know better, we can do better…

Jean L. Eaton is constructively obsessive about privacy, confidentiality, and security expecially when it comes to the handling of personal health information. If you would like to discuss how I can help your practice, just send me an email. I am here to help you.

Jean L. Eaton
Your Practical Privacy Coach