If your organization has confidential information, then you have a legal obligation to protect this information. I have prepared a chart to make this easy. The chart has columns with the following headings: confidential information, how are we protecting it, who can see it, consent, storage and disposal. This chart is also available in my new Confidentiality governance guide coming out in October.
The example above is a common one. If you have employee Social Insurance Numbers (SIN) then you have to be able to explain how you protect this information. It’s likely done with locked cabinets and passwords. You have a list of who can see the SIN’s and you have consent from the employee to have this information.
How you are storing dead files is another area where you want to be sure you are protecting privacy and the disposal of documents. Once the retention period is over is another concern. If you use this chart you will be able to explain to anyone how you are complying with the laws.