1. Include your club’s privacy policy in your literature and on your Web site.
2. Collect only essential information from your members, keep it in secure, locked files and limit access to as few people as possible.
3. Conduct criminal and other background checks on all employees who will have access to personal and confidential information and require employees who have access to members' or employees' personal information to sign confidentiality agreements.
4.Screen any cleaning companies and personnel firms to ensure they’re proactive about privacy and confidentiality.
5.Use randomly assigned numbers on membership cards rather than Social Security numbers.
6. Include photos on member ID cards.
7. Use a shredder to dispose of personal information that doesn't need to be kept on file.
8.Instruct staff on security procedures when sending personal information by fax, including using a confidential cover sheet and double-checking the fax number. Train your employees not to convey personal or confidential information via voicemail, pagers, cellular phones, or e-mail.
9. Encrypt and password-protect all personal and confidential information on computers. Install firewall protection and keep virus protection updated.
10. If a member’s information is stolen, notify law enforcement, the victim and affected businesses immediately.
Source: International Health, Racquet and Sportsclub Association