Abstract
In these days of close attention to security of information handled electronically, there is a tendency to overlook the security of hard-copy documents, particularly patient records and employee documentation. Document security is related to growing concerns for individual privacy; guidelines are furnished for protecting employee privacy by separating retention practices for business information from personal information. Sensitive documentation requires rules and procedures for processing, retaining, accessing, storing, and eventually destroying. Also, documents that are missing or incomplete sometimes present unique problems for the organization. The article provides simple rules for safeguarding employee and patient documentation.