Running Head: EROSION OF CONFIDENTIALITY
Erosion of Confidentiality
Renée Batignani
Saint Joseph College
West Hartford, Connecticut
Abstract
Managed care, large central databases and case law have eroded confidentiality, the bedrock of the counseling relationship. This article provides an overview of the dichotomy counselors face adhering to ethical standards of protecting their client’s confidence and complying with demands for records disclosure.
Erosion of Confidentiality
Acuff (1999) contends, “without the assurance of confidentiality it is reasonable to assume that many people will not seek treatment and clients in therapy may withhold crucial information” (as cited in Corey, Corey & Callanan, 2003, p.378). The foundation of the counseling relationship hinges on a client’s trust in the counselor that he or she will not disclose confidential information. If the client is apprehensive about disclosing personal information about oneself, he or she will not get maximum benefit from the experience (Corey, Corey & Callanan, 2003).
Managed care insurance companies require counselors to disclose confidential information about the client to determine the necessity and validity of the claim. Once the information is turned over to a third party it is no longer confidential. The control that the counselor once had over the information is lost forever (Corey, et al., 2003).
Case law has established the precedence of requiring counselors to break confidentiality if a client has made a threat about an identifiable third party as in Tarasoff v. Board of Regents of the University of California (1976) (Corey, et al., 2003). Hedlund v. Superior Court in 1983 expanded the duty to warn third parties, to include protecting a child of a potential victim (Corey, et al., 2003). In 1991, the case of Eisel v. Board of Education “found that school counselors have a duty to use reasonable means to attempt to prevent a suicide when they know about a student’s suicidal intentions” (Corey, et al., 2003, p.220).
The purpose of this paper is to expose how managed care and case law have caused the erosion of confidentiality and its affects on the counseling relationship.
Review of literature
A client’s private information that has been shared with a counselor, with the understanding that this information will not be disclosed to a third party, is considered confidential information (Smith-Bell & Winslade, 1996).
One assault on confidentiality comes from managed care demanding copious amounts of personal information before releasing payment. “Practitioners have no control over confidential information once it leaves their offices, and many managed care contracts require a practitioner to submit all treatment records before payment is issued” (Corey, Corey & Callanan, 2003, p.378).
Managed care is in the business of cost containment; therefore, they want as much information about the case they are paying for as possible. Before payment is released, the client must sign an agreement releasing their personal information to the managed care company (Alleman, 2001). “This gives the managed care company information about the legitimacy of what it is paying for, but this also means that the therapist’s claim to client confidentiality is dissolved” (Alleman, 2001, p.418). Concerns for the lack of data security at the managed care office are frightening when you consider how many different employees handle the confidential information, record phone conversations between the counselor and caseworkers that identify themselves only by a first name (Alleman, 2001). “All of these potential security breaches increase exponentially when computer-based information is shared with national databases to which unknown others might have access” (Alleman, 2001, p.419).
Hering (2000) argued that, “HMOs have wide access to client disclosures, and clients cannot be assured that much of what they say will remain confidential… [and] that managed care has resulted in the erosion of the traditional sense of confidentiality” (as cited in Corey, Corey & Callanan, 2003, p.379). A survey conducted by Phelps, Eisman & Kohut (1998), revealed “80% of the APA membership believed that managed care was damaging their professional effectiveness. Psychodynamic therapists long have argued that managed care inserts the equivalent of an untrusted third party into the client – therapist dyad” (as cited in Alleman, 2001, p.419). Kremer & Gersten (1998) conducted a study and found that, “regardless of personality traits or demographic background, results reveal that clients and college students were less willing to be candid with a therapist under a managed care regimen than in a standard fee-for-service setting” (p. 555).
Recently, 100 mental health counselors were polled to glean their viewpoint of managed care and confidentiality. “The majority reported that managed care has negatively affected their work with clients and that the protection of the confidentiality of client disclosures has been the most troublesome ethical issue” (Danzinger & Welfel, 2001, p.137). “The ACA Code of Ethics (1995) specifies that counselors take steps to ensure that the recipients of counseling records are sensitive to the confidential nature of those records (Section B.4.e). Managed care makes compliance with these standards exceptionally difficult” (Danzinger & Welfel, 2001, p.138).
“Consumers are concerned
that the security of their medical information is inadequate” (Frantz, 2002, p.
186). Kremer & Gesten (1998) views
the managed care requirements for information and records as detrimental to the
therapeutic process. They believe that
clients who are worried about confidentiality will be less willing to reveal
personal matters. This deprives
counselors of significant information and “presents a serious challenge for
practicing psychologists… Only when the psychotherapeutic relationship is given
its necessary respect and freedom from constraint can therapy be truly
effective for all concerned” (p. 553-558).
“In exploring confidentiality in managed care, Acuff and her colleagues (1999) contend that without the assurance of confidentiality it is reasonable to assume that many people will not seek treatment, and clients in therapy may withhold crucial information” (Corey, et al., 2003, p.378). Applebaum, et al (1984) “found that psychiatric patients believe that, if information about them was revealed without their consent, such disclosure would negatively affect the therapeutic relationship” (as cited in Nowell & Spruill, 1996, p.185).
Electronic medical records are not as secure as the paper documents in the office once were. Limiting access to these electronic records presents challenges to preserve confidentiality (Gard, 2002). Preventive measures can be taken to avoid ethical violations regarding storing confidential information on computers. These measure are: do not store information on a networked computer, information that identifies client data for computer accounts should be treated as confidential, computer account names should be obscure, and passwords should be changed regularly (Herlihy & Corey, 1996).
When working with a central database within the clinical office, Roberts (2002) offers guidelines for keeping information secure. Each employee should have his or her own login ID and password to identify who is accessing the database and for what purpose. These employees should log in only when necessary and their access should be restricted to a need to know basis and log out when they are not using the database.
Once the electronic records leave the clinical office, confidentiality becomes very difficult to control. State and federal statues offer some protection regarding who can and cannot access the information, however, “typically place fewer restrictions (or none at all) on the transfer of information within health systems (such as large managed care organizations)” (Simon, et al, 2000, p. 1733).
Simon, et al, (2000) defend the establishment of large clinical databases are critical for research and destigmatizing psychiatric disorders, however these databases are also accessed for profit with little restrictions. “Many of the most alarming uses of large clinical databases (e.g. selling names of patients with specific diagnoses to manufacturers of health products) fall in this category of unregulated commercial use” (Simon, et al, 2000, p. 1734).
In 1976, starting with Tarasoff v. Board of Regents of the University of California, case law has set a precedent of obliging counselors to break confidentiality if a client makes threats of harming and identified third party. As a result of this decision, the counselor now has the duty to warn the identified third party (Corey, et al., 2003). “The Tarasoff decision made it clear that client confidentiality can be readily compromised; indeed, ‘the protective privilege ends where the public peril begins’ (cited in Perlin, 1997)” (as cited in Corey, et al., 2003, p.211). Since that landmark ruling, Hedlund v. Superior Court in 1983 expanded the duty to warn third parties to include protecting a child of a potential victim (Corey, et al., 2003). In 1991, the case of Eisel v. Board of Education “found that school counselors have a duty to use reasonable means to attempt to prevent a suicide when they know about a student’s suicidal intentions” (Corey, et al., 2003, p.220).
In 1983, Peterson v. State, a female plaintiff was involved in an automobile accident with a patient who had been released from a state mental hospital five days earlier. She alleged that the psychiatrist knew the patient had been convicted of murder and rape. She further complained that the patient should not have been released and the patient’s parole violation should have been reported. Liability was imposed on the State even though the patient had not directly threatened anyone and his violence was not foreseeable. (Mills, Sullivan & Eth, 1996). This decision “appears to demand predictive powers that are completely beyond present-day psychiatry” (Mills, Sullivan & Eth, 1996, p. 165).
A New York HMO, Community Health Plan – Kaiser Corp, has been found liable for breach of confidentiality. The plaintiff known as Jane Doe, complained that personal information she disclosed to her counselor that she was gay was leaked out by a clerk in that office. (Lentz, 2000).
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires full compliance April 14, 2003. “HIPAA’s privacy requirements apply to ‘personally identifiable information’: electronic, paper, and oral communications pertaining to a patient’s physical or mental health or the payment for health care treatment” (Frank-Stromborg & Ganschow, 2002, p. 55). This act is aimed at giving patients more control over their records by requiring more patient authorizations to release information. HIPAA also contains a minimum disclosure standard that requires the providers to “limit use, disclosure, or requests regarding health information to the minimum necessary” (Frank-Stromborg & Ganschow, 2002, p. 55). HIPAA imposes uniformity nationwide and failure to comply may result in civil and / or criminal penalties. (Frank-Stromborg & Ganschow, 2002).
Implications for the Field of Counseling
Kremer & Gesten
(1998) express concerns that clients will be apprehensive or unwilling to
disclose very intimate information knowing that whatever they say may be
accessed by a third party. This fear
deprives the client of full benefit from the therapeutic process. “Only when the psychotherapeutic
relationship is given its necessary respect and freedom from constraint can
therapy be truly effective for all concerned” (p. 558). Quallich (2002) found that “if a patient
feels that his/her right to confidentiality is in danger, he/she may be tempted
to minimize complaints or fail to mention them at all, making it a challenge
for anyone to successfully care for the patient” (p. 340).
In response to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, the APA issued a recommendation that the following information be “kept separately from the rest of the treatment record: Intimate personal content or facts, details of fantasies and dreams, process interactions, sensitive information about other individuals in the patient’s life, the therapist’s formulations, hypotheses, or speculations, and topics / themes discussed in therapy sessions” (APA, 2000).
The therapeutic relationship between a client and his or her counselor is based on trust. The client expects the counselor to hold what is said in session in strict confidence. The restrictions placed on this relationship by managed care are the equivalent of having a third person in the room with you during the session. A client will most likely be apprehensive about sharing free thoughts. They will likely think about what they say before they say it or be too cautious about what is said for fear that their inner most secrets will be published somewhere without permission (Madden, 1998).
Quallich (2002) cites a case of a female employee of a health care system that employs a computerized charting system. She is reluctant to discuss the details of her symptoms because she is concerned that her coworkers will be able to access her records.
The decision in Peterson v. State “appears to demand predictive powers that are completely beyond present-day psychiatry” (Mills, Sullivan & Eth, 1996, p. 165). A counselor is expected to possess skills bordering on clairvoyance. Although the law is clear, if a client discloses their intent to harm an identified third party, then the counselor has a duty to warn the potential victim. But what if the client was only venting? It is possible that once a client verbalized a threat, in what was presumed to be a safe place, he or she had no intentions of acting on it. The counselor is placed in a precarious position of having to decide if the client really meant it or if he or she was merely venting. If the decision is made to report the threat, then the potential victim is saved but the counseling relationship is spoiled and the client will be ever distrustful of the process. Worse yet, what if the third party does become victim of the threats and the counselor did not report it? Now the counselor is embroiled in a lawsuit and racked with guilt for making a bad judgment call that could possibly have spared a victim from harm. (Madden, 1998, p.66)
Even once the decision has been made to report or not to report, the counselor may second-guess himself or herself as to whether or not the right decision was made. If the counselor always errs on the side of caution, wishing to avoid being sued, the therapeutic relationship would be severely compromised.
Therapy, if it is to be most effective, should be a safe place where a client can sort out their feelings and thoughts without fear that what is said can and will be used against them in a court of law.
Managed care and case law have eroded confidentiality, the bedrock of the counseling relationship, and creates a dichotomy for counselors trying to adhere to a professional code of ethics while complying with the law.
Clients can avoid a third party gaining access to their records by paying for sessions out of pocket, but this is not a viable option to most people in need of counseling. Confidentiality still cannot be guaranteed as this only protects them from the eyes of third party payers and large medical information databases, but does not alleviate the legal requirement of reporting threats to third parties or compliance to court orders.
Clients who come to counseling with the assumption that what they say will be held in strict confidence, are disheartened to learn in the first session, through informed consent, that confidentiality is limited. No longer is a client able to say whatever it is they are thinking for fear of repercussions. Gone is the implicit trust they once had in the therapist. Clients must be cautious and therapists keenly aware of information that comes out and what it means and what they are bound by law to do with the information.
References
Alleman, J.R. (2001). Personal, practical, and professional issues in providing managed
mental health care: A discussion for new psychotherapists. Ethics & Behavior,
11(4), 413-429.
American Psychiatric
Association. (2002). Psychotherapy notes provision of the
health
insurance portability and accountability act (HIPAA) privacy rule.
(APA Document Reference No. 200201). Washington DC.
Corey, G., Corey, M.S., &
Callanan, P. (2003). Issues and
ethics in the helping
professions (6th ed.). Pacific Grove, CA: Brooks/Cole.
Danzinger, P.R. & Welfel, E.R. (2001). The impact of managed care on mental health
counselors: a survey of perceptions, practices, and compliance with ethical
standards. Journal of Mental Health Counseling, 23(2), 137-150.
Frank-Stromborg, M. & Ganschow, J.R. 2002. How HIPAA will change your practice.
Nursing 32(9) 55-57. Retrieved November 13, 2002 from the ProQuest database.
Frantz, J. (2002). Patient data confidentiality and patient
rights. Journal of Allied
Health, 31(3) 186. Retrieved November 13, 2002 from the ProQuest database.
Gard, C. (2002). How private are your medical records? Current health 2, 29(3), 30-31.
Herlihy B. & Corey, G. (Eds.). (1996). ACA ethical standards casebook (5th ed.).
Alexandria, VA : American Counseling Association.
Kremer, T.G. & Gesten, E.L. (1998). Confidentiality limits of managed care and clients’
willingness to self-disclose. American Psychological Association Journal,
553-558.
Madden, R.G. (1998). Legal issues in social work, counseling,
and mental health:
Guidelines for clinical practice in psychotherapy. Thousand Oaks, CA:
Sage Publications, Inc.
Mills, M.J., Sullivan, G. & Eth, S., (1996). Protecting third parties: A decade after
Tarasoff. In D.N. Bersoff (Ed.), Ethical conflicts in Psychology (p. 164-167).
Washington DC: American Psychological Association.
Nowell, D. & Spruill, J. (1996). If it’s not absolutely confidential, will information be
disclosed? In D.N. Bersoff (Ed.), Ethical conflicts in Psychology (p. 185-188).
Washington DC: American Psychological Association.
Roberts. D.W. (2002). How to keep electronic health records private. Nursing 32(10)
95. Retrieved November 13, 2002 from the ProQuest database.
Simon, G.E., Jurgen, U., Young, B.E., & Pincus, H.A. 2000. Large medical databases,
population-based
research, and patient confidentiality. The
American Journal
of Psychiatry 157(11), 1731-1737. Retrieved November 13, 2002 from the
ProQuest database.
Smith-Bell, M. & Winslade, W.J. (1996). Privacy, confidentiality, and privilege in
psychotherapeutic
relationships. In D.N. Bersoff (Ed.), Ethical
conflicts in
psychology (p. 145-150). Washington DC: American Psychological Association.
Quallich, S.A. (2002). Issues of confidentiality. Urologic Nursing, 22(5), 340.
Retrieved November 13, 2002 from the ProQuest database.