Privacy
Privacy refers to an individual’s right to be free from intrusion or interference by others. It is a fundamental right in a free and democratic society. Individuals have privacy interests in relation to their bodies, personal information, expressed thoughts and opinions, personal communications with others, and spaces they occupy. Research affects these various domains of privacy in different ways, depending on its objectives and methods. An important aspect of privacy is the right to control information about oneself. The concept of consent is related to the right to privacy. Privacy is respected if an individual has an opportunity to exercise control over personal information by consenting to, or withholding consent for, the collection, use and/or disclosure of information .
Confidentiality
The ethical duty of confidentiality refers to the obligation of an individual or organization to safeguard entrusted information. The ethical duty of confidentiality includes obligations to protect information from unauthorized access, use, disclosure, modification, loss or theft. Fulfilling the ethical duty of confidentiality is essential to the trust relationship between researcher and participant, and to the integrity of the research project.
Security
Security refers to measures used to protect information. It includes physical, administrative and technical safeguards. An individual or organization fulfils its confidentiality duties, in part, by adopting and enforcing appropriate security measures. Physical safeguards include the use of locked filing cabinets, and the location of computers containing research data away from public areas. Administrative safeguards include the development and enforcement of organizational rules about who has access to personal information about participants. Technical safeguards include use of computer passwords, firewalls, anti-virus software, encryption and other measures that protect data from unauthorized access, loss or modification.
Identifiable Information
Where researchers seek to collect, use, share and access different types of information or data about participants, they are expected to determine whether the information or data proposed in research may reasonably be expected to identify an individual. For the purposes of this Policy, researchers and REBs shall consider whether information is identifiable or non-identifiable. Information is identifiable if it may reasonably be expected to identify an individual, when used alone or combined with other available information. Information is non-identifiable if it does not identify an individual, for all practical purposes, when used alone or combined with other available information. The term “personal information” generally denotes identifiable information about an individual. The assessment of whether information is identifiable is made in the context of a specific research project.
2. According to Section IV of the AMA Principles of
Medical Ethics
“A physician...shall safeguard patient confidences
and privacy within the constraints of the law.”
AMA- American Medical Association
28-04-2022 2
4. 5 recognized exceptions to the duty of confidentiality
• Consent
• Court order
• Continued treatment
• Comply with the law
• Communicate a threat (tarasoff exception)
28-04-2022 4
5. Consent—A clinician may release confidential information with the
consent of the patient or a legally authorized surrogate decision maker,
such as a parent, guardian, or other surrogate designated by an advance
medical directive
What is missing over here?
28-04-2022 5
6. Continued Treatment—A clinician may release confidential information
necessary for the continued treatment of a patient. (This exception is also
recognized by HIPAA, subject to the “minimum necessary” rule of limited
disclosure )
What is full form of HIPAA?
28-04-2022 6
7. Court Order—A clinician may release confidential information upon
the receipt of an order by a court of competent jurisdiction
(Note: Unless issued by a judge, a subpoena/summon should not be
considered the equivalent of a court order in many jurisdictions)
28-04-2022 7
8. Comply with the Law—A clinician may reveal confidential information in
order to comply with mandatory reporting statutes (e.g., child abuse), law
enforcement or administrative agency investigations, business operations,
and other such lawful purposes
28-04-2022 8
9. Communicate a Threat—This is the well known Tarasoff exception to
confidentiality that involves the clinician's duty to protect others from
violence by a patient. The Tarasoff exception exists in a variety of forms in
many jurisdictions
28-04-2022 9
10. How does one deal with the
analysis of a clinical problem
involving confidentiality issues?
28-04-2022 10
11. Here is one way to DEAL with a potential confidentiality issue:
• Duty—Does the clinician have a duty to maintain confidentiality in the context of
a treatment relationship or for some other reason?
• Exception—Does an exception exist? (Use the Five C’s as a guide)
• Ask—Consider asking for help, such as a consultation from a colleague, risk
manager, or attorney
• Law—Be familiar with the law of the jurisdiction and the confidentiality policy
of the facility or organization
28-04-2022 11
12. 1. Section IV. In: Principles of Medical Ethics of the American Medical
Association. Chicago, IL: American Medical Association, 2001
2. Jaffee v. Redmond, 518 U.S. 1 (1996)
3. Gutheil T. The Psychiatrist As Expert Witness. Washington, DC:
American Psychiatric Press, Inc., 1998. See also the companion volume,
The Psychiatrist in Court: A Survival Guide
4. For example, see Mississippi Code Annotated Section 41-21-97
5. Health Insurance Portability and Accountability Act of 1996, 29 U.S.C.A.
1181, et seq. See also 45 CFR Part 164
6. Tarasoff v. Regents of the University of California, 551 P.2d 334 (Cal.
1976)
REFERENCES
28-04-2022 12
