How to Protect Staff Privacy and Manage Employee-specific Information

"Private" Photo by Tim Mossholder on Unsplash
Employee-specific information
in narratives and evidence should be avoided to protect staff privacy. Employee-specific information includes, but is not limited to:

  • home addresses
  • personal phone numbers
  • salary
  • performance reviews

To protect staff privacy in the Magnet® document related to the performance review process in EP11 examples ONLY, the Magnet Program Office (MPO) advises you to redact or not include names. Role and credentials are acceptable identifiers in the SOE example. Be careful NOT to hide/remove the role and credentials in your redactions for EP11.

To protect staff privacy in other SOEs in the Magnet document prior to a site visit, the MPO has provided two options:

  • OPTION #1: Redact all employee-specific information BEFORE entering or uploading to ADAM / ADAMplus (Recommended).


  • OPTION #2: Create an alternative, edited “Organization/Public” version of the final Magnet document submission where sections are hidden/removed for staff privacy. Make this version available for viewing as a printed hard-copy or hosted on an intranet or other website.

How to share your Magnet Document with your staff in ADAM or ADAMplus:

Organizational Administrators can create user accounts assigning the “Organizational Post-Submission Reviewer” user type. This user type can view (read-only) all narrative and evidence that was submitted to the MPO (including all of the history links).

The MPO recommends creating a ‘shared user account’ with a shared email address and password.

  • The shared email address must be a valid email address in order to establish and reset an associated password. For example,,, or a similarly generic email address created for this purpose.
  • After the Organizational Administrator creates the shared user account and assigns it to the “Organizational Post-Submission Reviewer” user type, the login email address and password can be shared within the organization.
    • URL to access ADAM
    • Login (email address):  <<shared email address that org admin creates and assigns to the Organizational Post-Submission Reviewer>>
    • Password:  <<password that org admin creates and assigns to the Organizational Post-Submission Reviewer>>


The information and guidance in this discussion post/web page is not legal advice and should not be treated as such. The information is provided without any representations or warranties, expressed or implied. Information on this webpage may not constitute the most up-to-date information; and it contains links to other third-party websites for the convenience of the reader and ANCC does not recommend or endorse the contents of the third-party sites. We encourage you to consult with your Privacy and/or Compliance Officer, Legal, and Information Technology departments about your organization’s policies and procedures regarding the HIPAA Security Rule and safeguards.