Policies and procedures associated with confidentiality -- also known as privacy -- are found in many employment handbooks. Places such as doctor's offices, schools, lawyers offices and places that have payment processing or credit bureaus deal with confidentiality on a daily basis. There are many policies and procedures for each work place, but most are created based on the same standards.
Any employee with access to personal and confidential records or documents must sign a statement of confidentiality that requires him to not disclose any sensitive information. At no time is anyone with access to confidential files or computer information allowed to share the information with visitors, family members or friends. A person, however, may authorize certain individuals to discuss their confidential information or receive test results on her behalf. Medical records must be stored in a safe, private place.
Breaches of Confidentiality
Employees who violate confidentiality policies or procedures could face legal action brought on by the employer. Training and proper background checks on employees can help prevent such incidents from happening. Training should occur annually with a focus on current confidentiality standards.
Access to Records
Records can be in paper form, computer-based or stored on computer disks and CD's. Each employee may have a different level of access to certain records. Documents must remain confidential and stored in locked cabinets or employee-only accessed rooms. Documents cannot be given to anyone without permission of the client and a form must be signed prior to receiving copies of any records.
Records may only be released to authorized personnel -- such as other medical providers or attorneys -- when they are needed for a case. A record-release form needs to be signed and records are then mailed. Never give out information to anyone who claims to require sensitive information without appropriate reasoning.
Destruction of Records
Any confidential record that is no longer needed should be placed in locked bins until ready to be shredded. Medical records are kept for an average of seven years after a person dies before they are shredded. Each state has different regulations regarding the disposal of confidential documents.