On This Page:

Confidentiality           

Information

Secrecy

Keeping

Discretion

Confidentiality

Confidentiality is one of the most important topics in any book about communication, even though it has more to do with not communicating, than it does with communicating. Perhaps, therefore, this should have been the first chapter, instead of the last. However, I think a better understanding of communication facilitates a better understanding of the need for confidentiality, so here it is at the end of the book.

I think it is self-evident that some information can cause harm to some people in some situations. It therefore follows that the possession of information raises the issue of its proper management. The central requirement of any satisfactory approach to this issue is to protect the interests of the original owner of the information. As we shall see, that is not always the only requirement, but it is always the best starting point.

Apart from the sometimes considerable direct harm which may result from failure to protect the interests of a client who has shared sensitive information, there is another important consequence. That consequence is the possibly irreparable damage to all aspects of rapport, and especially to the vital trust which may have grown up over a period of time.

In broad terms, confidentiality is the term applied to the process of handling information in a way designed to protect the interests of its original owner, thus promoting trust and making it possible for honest and open communication to occur without fear of adverse consequences.

More specifically, my dictionary tells me that confidentiality means "discretion in keeping secret information".[1] Like most dictionary definitions, I think this could benefit from some explanation. I will therefore comment briefly on each of the key words. It may be clearer if I take them in reverse order, that is, information, then secret, then keeping and finally discretion.

Information

It is obvious, on the briefest reflection, that some information, if transmitted further, can cause harm; often, though not always, to its original owner. Sometimes, just a little harm results. At other times, very great harm may occur. Perhaps that harm will take the form of mental anguish. Perhaps it will be a financial loss. Occasionally, disclosure of information can result in loss of liberty, or even loss of life.

Perhaps this may sound a little melodramatic, especially in the case of minor details, such as name and address. After all, things like that are probably in the phone book in any case. Well, perhaps they are. However, what is trivial in a particular situation, and what could be important, depends on many things, some of which may not be known to you.

For example, an address which is not known to certain people may be all that is keeping its owner safe from harm. In some cases, a few apparently minor details could fill the gaps in a large dossier, thus being much more important when collected than they might seem in isolation. Therefore, it is never safe to assume that a piece of information is of no significance.

Secrecy

Because of the risks which may attend disclosure, secrecy is the only safe starting point when handling information, until or unless it is known to be appropriate to release it. (It is also worth remembering that a person who is harmed as a result of your failure to maintain secrecy may well be able to sue you.)

It doesn't matter whether you are a professional or not. Unless you have the permission of the person involved, or some other authorisation as discussed below, the best rule is not to say anything at all about what you learn about another person, to anyone at all. "Anything at all", incidentally, includes whether or not any information exists.

An important consideration here is that the "privilege" which is often assumed to protect information received by various professional service providers is not recognised by most courts of law. In most western countries, for example, only communication between a lawyer and client is exempted from compulsory disclosure to a court.

For this reason, some commentators have suggested that extremely sensitive information should neither be recorded nor committed to memory. (In that case, nothing which points to its possible existence should be recorded or remembered either.)

It is worth remembering that many organisations insist on access to a person's medical record before providing services such as insurance. Likewise, many employers require access to medical records before considering a job application. This means that the contents of a medical record can have effects which are quite unrelated to the provision of medical care.

Obviously, maintaining secrecy will sometimes require a refusal to answer questions. This is best done with a mixture of tact and firmness. I have found the following statement useful in such situations. "I'm sorry, but if I had any information about a matter of that nature, it would be confidential, so I really can't make any comment at all."

Although declining to divulge information is easy enough in theory, some lawyers (and their secretaries) are quite ferocious in the way they make their improper requests. They will often rephrase their strident demands in cunning ways, and try very hard to trick information out of you. They may even insist, with supreme confidence, that you are required by law to answer their questions. In such cases, I recommend using the cracked record technique[2] mentioned in the previous chapter.

When you get sick of that, I guess you could put them on hold for a while. Sooner or later, though, you may have to say goodbye. It is best to do this just as calmly, quietly and politely as in the case of the "cracked record" refusals. A disappointed unscrupulous lawyer is not nearly as dangerous as an enraged one. (It is quite possible that everything you say is being recorded, incidentally, although that is usually not legal.)

Even the sharing of clinical information within a clinical team is not always acceptable. The main factors, which determine whether it is appropriate or not, are the degree of sensitivity of the information, and the degree to which it is necessary to the team's work. There is no simple rule to cover this.

Of course, even if it is appropriate, it will still breach confidentiality requirements if others can overhear what is said, or read what is written. For example, in many hospitals, clinical records are neatly placed in a purpose-designed container at the foot of the bed, even during visiting hours. This practice would be very difficult to defend if it resulted in a significant leak of confidential information.

Keeping

As well as being kept secret, information often needs to be protected against loss or damage. If it is no longer needed, an effective method of total and permanent destruction is the best way to prevent future leaks. However, multiple backups make this impracticable in most digital systems. There are also many situations in which information needs to be available in the future, as well as being safe from unauthorised access now.

Keeping information secure has never been easy. With modern information technology, the difficulties are different, but still very considerable. As discussed in Appendix 4 (Digital Communications), today's "perfect" solution for securing digital files is, unfortunately, usually tomorrow's child's play.

Discretion

There will always be some situations in which the best interests of the original owner, or sometimes of other people, can only be served by not keeping certain information secret. In other words, the default position of total secrecy may not always be the best solution. This is where discretion is required.

Discretion has various shades of meaning. It often means having the freedom to act or judge on one's own, rather than taking orders from someone else. Delicacy, diplomacy, circumspection, prudence, wisdom and objectivity can also contribute to the meaning of discretion, depending on the context in which the word is used.

You are sure to need some or all of those qualities, if you sail in the murky, and incompletely charted, waters of disclosure of confidential information. Such a voyage is never pleasant, and it can be downright dangerous. Nevertheless, there are two situations in which this hazardous voyage cannot be avoided.

Firstly, in most countries, there is a legal requirement to inform the police if you have information which could prevent the commission of a crime. In this case, the welfare of others is the reason for disclosure, and is considered to override the interests of the client. (The client will probably not share that view.)

Secondly, there may be occasions when it is actually the welfare of your client which is best served by disclosing confidential information. There is no easy way to make that decision. As with communication itself, everything you know, and everything you are, will contribute to the process; but it will still, usually, be a difficult decision.

Finally, but most certainly not least in importance, if you have a professional indemnity insurer, any matters of concern should obviously be discussed with them as soon as they arise. They have a great deal of experience in this area, and should be able to provide very helpful advice. Not only that, but you may well need their assistance with any repercussions which occur.