Information Managers
  • Home
  • Services
    • All Services
  • Blog
  • Upcoming Events
  • Contact Us
  • Practice Management Success
  • Podcasts

Do You Use Employee Privacy and Security Policy and Procedure Checklist Templates?

Posted on September 12, 2019 by Jean Eaton in Blog

Why Do You Need Employee Onboarding and Exiting Checklists?

There is much excitement when we welcome a new hire to our team and many administrative tasks need to take place to get this individual up and running.

Policies and procedures must be in writing, available to employees, and monitored to ensure that they are followed to protect patient privacy as required by our professional colleges and privacy legislation. Otherwise, you face all sorts of risks, including privacy breaches and other legal problems.

To ensure that onboarding a new employee is a smooth transition, it is imperative to follow a practical checklist procedure to make sure no important steps are missed. There are also many other managerial benefits to adopting this high-quality process

  • Better job performance and satisfaction
  • Greater commitment to protecting privacy in the organization
  • Reduced stress and better staff retention

Employee Privacy and Security Checklist

Policies and procedures is a reasonable safeguard to protect the personal and health information entrusted to us. But polices and good intentions alone is not enough; we also need to take action to ensure our policies are understood and being followed by all our employees.

Training new and existing staff on privacy and security best practices is instrumental in making your healthcare practice a success and maintaining its fine reputation. Following a systematic approach to welcoming a new employee, transitioning an existing employee into a new position, or offboarding an employee who is exiting will guarantee that valuable privacy and security training and accesses are completed.

Read this Privacy Breach Nugget that explains what can happen if you don’t have these good practices in place. Do You Know Where Your Policies And Procedures Are? 

New Employee Orientation / Onboarding

New employees are a welcome addition to any team and there is a vast amount of training that needs to take place from general procedures on how to handle phone calls to signing confidentiality oaths to becoming familiar with all policies and procedures, in addition to learning the everyday job duties for their own position.

Since privacy is good for business, we do not want to miss any important opportunities to train our new staff on privacy and security best practices. Using the Employee Privacy and Security Checklist will help facilitate training discussions and document the authorized accesses of each employee.

Existing Employees / Annual Review

The checklist will also act as a tool for each employee at their performance review. Provide positive feedback and observations of an employee’s successes in protecting personal information. Discuss opportunities for improvement, too. This is also a good time to review an employee’s current authorized role based accesses and determine if any changes to match the employee’s current job duties is needed.

Ensure that the employee still has ‘tokens’ that they were given at the time of their hire, like identity badge, keys to the clinic or Alberta Netcare RSA fob.

Privacy and security best practice dictate that confidentiality oaths should be signed on an annual basis and annual privacy awareness and security refresher training should also be provided to all employees. In the event of a privacy incident or breach, it is imperative that a healthcare practice can prove by their documentation that regular privacy and security training is provided to their staff.

Transferring / Exiting Employees

When an employee transitions into a new role or is terminated, review, and update the privacy and security checklist to ensure that access and permissions are appropriately modified or terminated.

Custodian Responsibility

Custodians have an obligation to ensure reasonable safeguards to protect the privacy and security of health information. This includes having appropriate policies and procedures in place, as well as demonstrating and documenting that you have implemented your plans. This is a requirement of professional college standards of practice and privacy legislation like the Health Information Act (HIA).

See the article Do You Know Where Your Policies And Procedures Are? to learn what can happen to you if you don’t have your employee training process well documented

The Employee Privacy and Security Checklist will make it easy for you to ensure your new hires, existing employees, and transferring or exiting employees are privacy and security compliant.

 

Download the FREE Report - Employee Privacy and Security Policy and Procedure Checklist Template

If you are a member of Practice Management Success, login and access the webinar replay, and the policy, procedure, and checklist template.

When we know better, we can do better…

Jean L. Eaton is constructively obsessive about privacy, confidentiality, and security expecially when it comes to the handling of personal health information. If you would like to discuss how I can help your practice, just send me an email. I am here to help you.

Jean L. Eaton
Your Practical Privacy Coach
INFORMATION MANAGERS

 

 

clinic, health care, healthcare, medical, policy, Practice Management Success, privacy, procedure, template

Privacy Challenge #3 Privacy Collection Notice

Posted on October 17, 2015 by Meghan Davenport in Archive

Privacy Collection Notice

Every time we gather information from a client, we're entering into a trust relationship with them. We trust them to provide accurate information, and they trust us to keep it private and safe.

So it's only fair that we are transparent with our clients about our policies and procedures regarding the collection and safe-keeping of CollectionNoticetheir important confidential information. We want them to understand:

  • Why we are collecting their information
  • How we are using their information
  • How we are protecting their information
  • How our organization meets the rules and regulations of our industry

Read More

#15DayPrivacyChallenge, 15 Day Privacy Challenge, Collection Notice, Health Information Act, HIA, Practical Privacy Coach, privacy, template

The Honest Spin Doctor

Posted on July 24, 2014 by Jean Daffin in Blog, Practice Management Nugget Interview

A press release can be used to announce an event like community wellness day, product launch or some other newsworthy event. A well written press-release makes it easy for the media to make you look good.

The Honest Spin Doctor 

is a tightly written book that will give you what you need to know about media relations, crisis communications and the need for organizations to have policies that guide their behaviour when it comes to the media and social media.  Tweet this!

This easy to read, easy to use, valuable resource is ideal for healthcare practices to

  • Prepare press release about your practice
  • Develop communications and social media policies
  • Respond to media inquiries

 

Grant Ainsley Grant Ainsley Inc.

Grant Ainsley
Grant Ainsley Inc.

Grant Ainsley is an award-winning journalist and public relations professional, who has interviewed some of the biggest names in Canada.  His newest book, self-published The Honest Spin Doctor:  Navigating the Media Maze is now available.

Practice Management Nugget webinar interview with Grant Ainsley recorded live on Thursday July 24, 2014.

Try out a Membership Trial to access this Practice Management Nugget interview and other webinar replays and resources. And if you’re already a member, just log-in and enjoy!

 

communications policy, honest spin doctor, media relations, Practice Management Mentor, Practice Management Nugget, press release, self-publishing, social media, template

Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Posted on June 3, 2014 by Meghan Davenport in Blog, Privacy, Confidentiality, and Security Series Webinar

Privacy, Confidentiality, Security for Medical Offices©

Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Privacy is a huge issue for the public right now, and as more businesses, health care practices, and even your grocery store collect more information about you, the risks of having that information stolen, misused, or compromised, are huge.

Having a privacy breach can cost you time, money, and trust of your patients.

Attend this webinar, 3 Mistakes in Managing a Privacy Breach, to help you understand the three common mistakes in managing a privacy breach, and ensure that you and your staff take the right steps to contain, manage, and prevent privacy breaches.

 

Pssst – if you are a member, click this link for an EXCLUSIVE coupon. Not a member? Become one!

 

This webinar will teach you:

  • how to identify a privacy breach
  • how to notify a privacy breach
  • how to communicate about a privacy breach

 

Register for the Webinar!

 

Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Tuesday July 29th, 2014  12:00pm – 1:00pm MST

Live webinar with Jean Eaton, the Practical Privacy Coach and Practice Management Mentor.

Discussion, resources, and template procedures that you can use right away!

Replay will be available for 1 week. Register today!

The Privacy, Confidentiality and Security Series include topics such as privacy awareness, privacy breaches, and email with patients. Seminars last from an hour to an hour and a half, and cover important information for new patient care providers and support staff, as well as practice managers, healthcare providers, or trusted vendors who support healthcare practices. Privacy, Confidentiality and Security© series is hosted by Jean Eaton (the Practice Management Mentor) of Information Managers Ltd.

 

practice management, privacy breach, template

Fax cover page – friend or foe?

Posted on November 25, 2013 by Jean Eaton in Blog

Fax cover pages often act as ‘dividers' to piles of paper – electronic or hard copy.  Many offices still receive faxes by hard copy – and this remains the default assumption as the ‘lowest common denominator'.  I think that the dividers still serve a purpose.

Perhaps more importantly, there is a common practice that the cover page is the identifier of where the document originated, the intended purpose the information was provided, who the information is addressed, and who authorized the sending of the information.

Often the cover page provides clarity to the identify of the individual the information is about.  Many healthcare providers use the cover page as their ‘disclosure log' to meet legislative compliance to clearly document disclosure of health information of a individual.  I don't think it is feasible to add the information to the source document.

The receiver of the information needs this information in order to determine if they will accept the responsibility of collecting the information and the purpose for that information.

Perhaps the better approach is to make the cover page more useful – to both the receiving and sending party – by improving the documentation and adding suggested indexing categories.  This can be easily generated if the sending party is using an EMR.

See also:  Canadian EMR http://blog.canadianemr.ca/canadianemr/2013/11/a-complication-of-paper-faxes.html

best practice, cover pages, disclosure log, EMR index, fax, health information, healthcare, template

Search the site

What is the elephant in the room?

The Elephant in the Room Find out here...

Privacy Policy

"The thing that I liked about the 'Engage your patients using automated tools' webinar interview was ideas to have patients engaged in their own health care instead of us doing all the work, simply put. There were a few ideas about how to achieve this in the long run."

--Practice Management Nugget event, 'Engage your patients using automated tools' with Karol Clark

- Michelle from Wabasca

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2019 Information Managers Ltd.