| |
I.
PREPARE |
| |
|
A. Understand Clients' Rights and Your Ethical Responsibilities
in Behalf of Those Rights
|
| |
|
B. Learn the State Laws that Can Affect Your Ability to Protect Confidential Information |
| |
|
|
(Include both laws that protect confidentiality and laws that limit it.) |
| |
|
C. Clarify Your Personal Ethical Position About Confidentiality and its Legal Limits |
| |
|
D. Decide When/How You Will Limit Confidentiality Voluntarily
|
| |
|
E. Develop Plan for Ethical Response to Laws That Require You To Disclose "Involuntarily" |
| |
|
F. Choose Reliable Ethics Consultants and Legal Consultants and Use as Needed
|
| |
|
G. Devise Informed Consent Forms that Reflect Your Real Intentions about Confidentiality
|
| |
|
H. Construct a HIPAA-Compliant "Notice of Privacy Practices" |
| |
|
I. Prepare to Discuss Confidentiality and Its Limits in Understandable Language
|
| |
|
J. Conduct HIPAA-Compliant Confidentiality Training for Employees, Supervisees, Interns, Etc. |
| |
|
|
| |
II. TELL CLIENTS THE TRUTH "UP FRONT" (Inform Their Consent) |
| |
|
A. Inform Prospective Clients About the Limits You Intend to Impose on Confidentiality
|
| |
|
|
(include those imposed by law, by your agency, and/or by your own voluntary policies) |
| |
|
B. Explain Any Roles or Potential Conflicts of Interest That Might Affect Confidentiality
|
| |
|
C. Obtain Informed Client's Consent to Accept Described Limits as Condition of Receiving Services
|
| |
|
D. Reopen the Conversation If/When Patient's Circumstances (Or Your Intentions) Change |
| |
|
|
|
| |
III. OBTAIN INFORMED CONSENT TO DISCLOSE VOLUNTARILY |
| |
|
A. Respect the Rule: Disclose Without Client Consent Only if Legally Unavoidable |
| |
|
B. Inform Client Adequately About Content and Implications of Potential Disclosures |
| |
|
C. Obtain and Document the Client's Consent Before Disclosing |
| |
| |
(Consent is required unless patient gave prior consent at intake -- See 2, C, Above) |
| |
| D. Avoid Creating Unethical Exceptions to the Confidentiality Rule
|
| |
|
|
|
| |
IV. RESPOND ETHICALLY TO LEGALLY-IMPOSED DISCLOSURES |
| |
|
A. Notify Client Of Pending Legal Requirement for a Disclosure Without Client's Consent |
| |
|
B. Respond According to Plan (from Step 1,E above) to each law limiting confidentiality |
| |
|
|
1. Laws requiring you to initiate disclosures (e.g., reporting laws)
2. Laws giving others access to information without client consent
3. Exceptions to therapist-client privilege in court cases
4. Laws allowing others to redisclose information that you disclose |
| |
|
C. Limit Disclosure of Confidential Information to the Extent Legally Possible |
| |
|
|
|
| |
V. AVOID THE "AVOIDABLE" BREACHES OF CONFIDENTIALITY |
| |
|
A. Avoid Making Unethical Exceptions to the Confidentiality Rule
B. Establish and Maintain Protective Policies and Procedures
C. Monitor Note Taking and Record Keeping Practices
D. Avoid Dual Roles that Create Conflicts of Interest in Courtroom and Elsewhere
E. Anticipate Legal Demands; Empower Clients to Act Protectively in Their Own Behalf
F. Protect Client Identity in Presentations, Research, Consultations
G. Prepare a Professional Will to Protect Client Confidentiality In Event of Illness or Death
H. Conduct HIPAA-Compliant Training for all staff (including Non-Clinical Staff) to include: |
| |
| |
HIPAA Privacy Rule "Workforce Training" Requirements
HIPAA Security Rule Compliance Requirements (Administrative, Physical, & Technical)
HIPAA Transaction Rule Compliance Requirements. |
| |
|
|
| |
VI. TALK ABOUT CONFIDENTIALITY |
| |
| A. Model Ethical Practices; Confront Others' Unethical Practices
B. Provide Peer Consultation About Confidentiality Ethics
C. Teach Ethical Practices to Students, Supervisees, Employees, Agency
D. Educate Attorneys, Judges, Consumers and the Public
E. Lobby for Legislative Reform Toward More Protective Laws About Patient Confidentiality
|
| |
|
|