My question is, is it possible to do a "sanity check" on a Paper Wallet, test the bip38 password without importing it to the blockchain?
You can use bitaddress offline to decrypt the private key with your password.
Then you can run some trusted software (such as Bitcoin Core) offline. It doesn't need to talk to the internet or have access to the blockchain to be able to verify that your private key generates the expected bitcoin address. Import the private key into the offline software and compare the resulting bitcoin address to the address that bitaddress gave you. If they match, then bitaddress didn't do anything screwy and your private key is good.
Remember not to put that offline computer back online unless you are absolutely certain that you've cleared out any private keys that are on it.
Anything other I should think about before sending funds to the paper wallet?
You'll want to be very careful when/if you decide to use the bitcoins from the paper wallet some day. You'll want to understand completely what the software does when you import the private key and create a transaction. People in the past have lost a LOT of bitcoins because they didn't realize that the software they imported their paper wallet into generated a brand new address and sent all the unused bitcoins to that new address when they created a transaction. They then deleted the software and data, mistakenly thinking that the remaining bitcoins were still securely stored with the paper wallet.
My other question, do I need to protect the public address
That depends. It's called a "public" address, because if you share it nobody can use that information to access, take, or spend your bitcoins.
However, if you care about your privacy, you'll want to limit who knows that you are in control of that address. Anybody that knows that you control the address will be able to see exactly how many bitcoins you receive at that address as well as when you receive them. They can also see exactly how many of those bitcoins you spend as well as when you spend them. If the address you send them to is publicly known, then they will know who you sent the bitcoins to. If the owner of the outputs that were spent to send the bitcoins you you is publicly known, then they will know who you got the bitcoins from.
can I do multiple deposits to the public address?
Technically, you can if you want to.
It is generally a better idea not to.
Using a separate address for each transaction received will increase privacy and anonymity, and will slightly increase security.
