Self-Study Modules on Tuberculosis
Module 7: Confidentiality in Tuberculosis Control
Answers To Study Questions
7.1. What is confidentiality and why is it important in TB control?
The protection of private patient information is commonly referred to as confidentiality. Confidentiality involves the protection of information revealed during patient-health care worker encounters, including all written or electronic records of these encounters. Confidentiality is an essential issue in many different aspects of TB control. Health care workers need to be aware of confidentiality issues that are relevant to patient-health care worker encounters as well as to the collection, management, and sharing of information gathered on TB patients.
Confidentiality is a very important issue in TB control because the diagnosis of TB disease is potentially damaging to patients. For some patients, a diagnosis of TB can lead to stigmatization or rejection by family, friends, and coworkers; the loss of a job; and possibly eviction from housing. In addition, the patient-health care worker relationship must be strong enough to last throughout the time it takes for a TB patient to complete adequate therapy.
7.2. List four specific confidentiality issues that require special attention by health care workers working with TB patients.
There are some specific confidentiality issues that require special attention by health care workers working with TB patients:
- The TB patient has certain rights that must be respected and are often protected by legislation
- The health department has a responsibility to protect the public's health using certain effective TB control strategies
- In the course of conducting TB control activities, some patient rights may be overridden in the interest of protecting the public's health (for example, an uncooperative, infectious patient may be quarantined until noninfectious)
- Great care must be taken to ensure that patient rights -- especially the right to privacy -- are protected to the fullest extent possible so the patient-health care worker relationship is not compromised; this relationship must be strong enough to last throughout the time it takes a TB patient to complete adequate therapy
7.3. What is the basis for the patient-health care worker relationship and why is it important in TB control?
The patient-health care worker relationship is the basis for
- Sharing information
- Communicating beliefs and feelings that affect care
- Building trust between the patient and health care worker
The quality of this relationship is important in determining whether medical treatment is successful -- particularly in TB control, where long-term adherence to a treatment regimen is critical. A strong patient-health care worker relationship built on trust and the preservation of patient confidentiality will increase the likelihood that the patient will be compliant and adhere to therapy.
7.4. How is the patient-health care worker relationship like an agreement and what are some of the consequences if either party fails to conform to the agreement?
The patient-health care worker relationship can be viewed as an agreement between the patient and the health care worker. On the basis of the diagnosis, the health care worker recommends a given course of action and both parties (the patient and the health care worker) agree to work together to resolve the patient's health problem. The agreement incorporates some basic rules that each party will observe during the course of the relationship; such rules include respecting each other's rights and upholding certain responsibilities to each other and to other parties (such as the general public or the patient's contacts). If either the health care worker or the patient fails to conform to this agreement, the relationship can break down. This may lead to misunderstandings, a lapse in communication, and treatment failure.
7.5. Who is considered a health care worker and who is the third party? What is the difference between the two?
Health care worker refers to any member of a team of health professionals who care for and manage a TB patient, including
- Outreach workers
- Hospital discharge planners
- Social workers
A third party is a person or an organization not directly involved in the care of a patient's health problem. The work of a third party is peripheral to the patient-health care worker interaction.
The difference between a health care worker and a third party is that health care workers have access to patient information and can share patient information among members of the health care worker team in order to care for the patient. The only third parties who should have access to patient information are those whom the patient has specifically requested to be present during interviews or authorized to have access to records.
7.6. Describe why trust is a key element in a successful patient-health care worker relationship and list three ways to develop trust.
Trust is the key to a successful patient-health care worker relationship in which the rights and responsibilities of both patient and health care worker are upheld. If a patient trusts or has confidence in his or her health care worker, he or she is more likely to be willing and able to adhere to a regimen and follow the health care worker's instructions and advice. Three ways to earn a patient's trust include
- Respecting the patient's autonomy, the right of a patient to determine what will be done with his or her body, belongings, and personal information
- Freely providing complete and accurate information
- Rigorously maintaining confidentiality
7.7. What are some serious consequences of revealing sensitive personal information to a third party without the patient's permission?
If sensitive personal information is revealed to a third party without the patient's permission, the patient's trust of the health care worker could be threatened and may result in serious consequences:
- The patient-health care worker relationship may be damaged, possibly affecting the care of the patient
- The patient may be stigmatized or rejected by family, friends, and others
- The patient may lose a job or be evicted from housing
- The health care worker may lose the trust of other patients
7.8. What is an authorization or waiver form and when is it used?
The patient needs to give specific authorization or permission to allow a third party to have access to the patient's confidential information. Patients are asked to sign a specific waiver or form to allow their health information to be used by third parties. The patient has a right to refuse requests for information by third parties, as well as the right to limit the authorization in any way he or she wishes. TB programs and health care workers should carefully consider whether such requests are legitimate and valuable before asking patients to authorize disclosures.
7.9. What is patient-identifiable information? List four specific uses for this information.
Personal information shared by the patient with his or her health care worker is considered "privileged" information; that is, information that the health care worker has a responsibility to protect. When the identify of the patient is either directly included in or can be deduced from such information, it is sometimes referred to as patient-identifiable information. This information is usually entered into the patient's medical record and into any secondary databases that are maintained by the health care worker or institution where the patient receives care. Secondary databases are usually maintained for the purposes of
- Sharing information among members of the health care worker team
- Conducting reporting and surveillance of diseases or medical conditions
- Financing health care through reimbursements from the government or a private organization (such as an insurance company)
- Conducting institutional review of the quality of care and appropriateness of expenditures
7.10. What is informed consent?
The patient-health care worker relationship is founded on the patient's consent to the care being provided. Informed consent is a patient's written consent to a surgical or medical procedure or other course of treatment, given after the health care worker has told the patient all of the potential benefits, risks, and alternatives involved. The concept of informed consent is based on the principle that a health care worker has a duty to disclose information that allows the patient to make a reasonable decision regarding his or her own treatment.
7.11. What are the four types of patient rights and what is the purpose of each of the patient rights?
|Type of Patient Right||Purpose|
|The right to give or withhold authorization of disclosures||The patient generally has the right to control who has access to confidential information except as otherwise provided by law. The patient needs to give specific authorization or permission to allow a third party to have access to confidential information.|
|The right to maintain privacy||Only those persons directly involved in the care of the patient's health problem should have access to private information. Health care workers should protect information revealed during provider-health care worker encounters, including all written or electronic records of these encounters.|
|The right to have autonomy||Autonomy is the right of a patient to determine what will be done with his or her body, personal belongings, and personal information; this concept applies to any adult person who is mentally competent. Sometimes the right to autonomy can be overridden in the interest of protecting others who may be harmed by the patient's decisions.|
|The right to be given information||The patient has a right to information about his or her medical diagnosis, treatment regimen, and progress. This allows the patient to make appropriate, informed decisions about his or her health care.|
7.12. What is due process and why is it important?
Due process is an established course for governmental activities or procedures designed to safeguard the legal rights of the individual. It is extremely important that an established course be followed so that all patients are treated equally and receive attention for their individual needs.
7.13. Why is disclosure of patient information allowed for case reporting that is required by law?
Cases of TB are reported to federal, state, or local health authorities based upon laws governing the locality. Because TB is considered a significant threat to the public's health, the disclosure of the patient information from the health care worker to a designated public health authority is allowed for the purpose of TB control. In addition to routine case reporting, some TB control programs conduct active surveillance to identify TB cases through laboratory or pharmacy records. Health departments are required to protect the confidentiality of all TB case reports.
7.14. How should health care workers protect confidentiality during DOT encounters?
DOT involves frequent encounters between the patient and health care worker, which may take place at sites in the community (for example, the patient's home, workplace, or other locations). Health care workers should make sure that the patient's confidentiality is protected during these encounters. This means that
- The location chosen should allow private conversations
- No other persons should be present without the patient's permission
- Any documents or materials brought to such encounters should be protected from access by unauthorized persons
7.15. What information should the health care worker explain to a patient regarding the protection of confidentiality during a contact investigation?
When a contact investigation is to be conducted for a reported TB case, a health care worker should interview the patient, explain the goals of the investigation and why it is important to know the names of contacts. The patient should be told about his or her right to privacy and the measures that will be taken to maintain confidentiality.
The health care worker should be aware that some patients may be reluctant to identify some or all of their contacts. For example, a patient may not want to identify people who use illegal drugs with him or her, or the patient simply may not want his or her friends to know that he or she has TB. The health care worker should be sensitive to the patient's fears, explain the importance of screening the contacts, and assure the patient that all information, including the patient's name, will be kept confidential and will not be shared with authorities.
Finally, the patient should be assured that the contacts will not be told who identified them as a contact.
7.16. What are some strategies that a health care worker can use to protect the TB case's (index case's) identity when conducting a contact follow-up during contact investigations?
Health care workers can use the following strategies to protect the confidentiality of the patient when conducting a contact follow-up during contact investigations:
- Gender-neutral language should be used (even if it requires using bad grammar). For example, "Somebody was diagnosed with TB and they were [or "that person was"] concerned about you" instead of "A woman was diagnosed with TB and she was concerned about you."
- The index case's health care worker, place and dates of diagnosis, or hospitalization should not be mentioned
- The environment in which the exposure occurred should not be mentioned. For example, "You have been around somebody who has TB" instead of "You have been around somebody at work who has TB."
- The dates of exposure should not be specified
- When following-up on interjurisdictional referrals, the county or state that initiated the referral should not be mentioned
- Confidentiality should not be violated even if contacts refuse to be evaluated until they have been told the index patient's identity
7.17. Explain how other program activities, especially those involving data collection and analysis, require adequate measures to provide data security and protect confidentiality.
Confidentiality is important when collecting and analyzing data with patient-identifiable information. TB control programs develop specific policies to ensure the security and confidentiality of TB records and should train staff members in procedures for maintaining and carrying out these policies. Policies and procedures should be in place to protect all TB reports, records, and files containing patient names or other identifying information.
Local policies regarding the security and confidentiality of such information, especially HIV test results, must adhere to all laws applicable in state and local jurisdictions. These protections should include the use of TB surveillance databases such as CDC's Tuberculosis Information Management System (TIMS) software or other databases developed specifically for TB surveillance. These databases are encrypted to protect information during transfers of data for reporting purposes. Although such databases allow for the collection and storage of personal identifiers such as names and street addresses for local and state TB surveillance purposes, these identifiers are not transmitted to CDC. In general, any surveillance information sent through the mail should be stamped "confidential," addressed to a specific person (or sent to that person's attention), and sent by secure mail. These precautions will help to limit unauthorized access to surveillance information.
7.18. List the ways in which a patient's confidentiality can be protected in the following situations.
- Confirm the patient's identity at the first encounter
- Never discuss the patient's case with anyone without the patient's permission (including family and friends during off-duty hours)
- Never leave hard copies of forms or records where unauthorized persons may access them
- Use only secure routes to send patient information (for example, official mail) and always mark this information confidential
- When using an interpreter, ensure that the interpreter understands the importance of patient confidentiality
When in an office, clinic, or institution
- Conduct patient interviews in private rooms or areas
- Never discuss cases or use patients' names in a public area
- If a staff member or health care worker requests patient information, establish his or her authority to do so before disclosing anything
- Keep records that contain patient names and other identifying information in closed, locked files
- Restrict access to electronic databases to designated staff
- Carefully protect computer passwords or keys; never give them to unauthorized persons
- Carefully safeguard computer screens
- Keep computers in a locked or restricted area; physically or electronically lock the hard disk
- Keep printouts of electronic information in a restricted or locked area; printouts that are no longer needed should be destroyed
When in the field
- Be discreet when making patient visits
- Conduct patient interviews in private; never discuss the case in a public place
- Don't leave sensitive or confidential information in messages for the patient on a door; but if a message must be left on the door, it should be left in a sealed envelope, marked confidential, and addressed to a specific person
- Don't leave sensitive or confidential information on an answering machine that other people can access
- Don't leave sensitive or confidential information with a neighbor or friend, and be careful not to disclose the patient's condition when gathering information on his or her whereabouts