Communication Training and Curriculum Development

Employee acknowledgement of policy updates and new policies

  • 1.  Employee acknowledgement of policy updates and new policies

    Posted 09-26-2019 11:32 AM
    I'm new to the world of compliance, and I'm currently working on a big project to organize our policies and procedures into one database where we can create, disseminate for acknowledgement, publish, etc.  My question for the group is, do you require all policies to be acknowledged and put out a notification of all changes?  Is there a best practice here?  Also, how do you handle changes to more minor policies.  For instance, if you're updating your dress code, pto, and other policies that may not be as important as updates to your sexual harassment or code of conduct policies, do you send out notifications/acknowledgements each time there's an update to these policies?  Any insight you can provide would be much appreciated!

    Rebekah Rutland
    Compliance Manager

    2020 SCCE Membership

  • 2.  RE: Employee acknowledgement of policy updates and new policies

    Posted 09-26-2019 11:48 AM
    We have an assortment of policy categories. We have HIPAA Privacy and Breach policies which are kept separate from Security and Cyber policies, separate from Corporate policies and then general Employee Handbook policies. The examples you gave would fall into our Employee Handbook. Those changes are generally updated once a year and require a signature attestation by all staff that they have been read. Occasionally we might have a singular update that is serious enough to get put out before the annual update. Again we would get the attestation.

    As to all of the HIPAA type policies, we have them on our Intranet, summarized in simple English with a drill down to the actual policy. Those are re-evaluated annually but we don't require a new attestation, just one at time of hire. The changes to these policies are are normally for clarity. If we make a change of a nature that everyone needs to know about, such as changing the minimum password from 8 to 12, we would simply make an announcement and require everyone to change their password. We don't get an attestation.

    Corporate policies are normally those for our Board Members, such as a change to the Conflict of Interest policy they sign. They sign it each year so they see it each year.

    Carl Russell
    Compliance Analyst, CHPC
    Delta Dental of Idaho

    Anything I say is my sole opinion and not of my company.

    2020 SCCE Membership

  • 3.  RE: Employee acknowledgement of policy updates and new policies

    Posted 09-27-2019 09:24 AM
    Congratulations on taking on this daunting task.  I just did this for my company including creating a numbering system and a process to review/revise policies.  We do not require all policies to be acknowledged by employees.  HR policies are usually the ones that require an acknowledgement when there are changes such as dress code, time off or anything that may affect the workforces daily operations.  For compliance, of course we have them acknowledge the Code of Conduct and Conflict of interest on an annual basis.

    Brian Haines
    Corporate Compliance Manager
    MDLIVE, Inc.

    2020 SCCE Membership

  • 4.  RE: Employee acknowledgement of policy updates and new policies

    Posted 09-30-2019 03:39 PM

    Hi Rebekah,


    We are ISO certified and as such have to track roll out of most SOPs. We do that through our Learning Management System, in which we define the audience and completion date. Hope this helps.


    Toks Joseph

    Vice President

    Global Compliance and Ethics


    12601 Twinbrook Parkway

    Rockville, MD 20858


    (301)816-8550 Phone





    2020 SCCE Membership