Confidentiality of social work records in the computer age.
Privacy, Confidentiality, and Privileged Communication
The concepts of confidentiality and privilege often are used interchangeably. Confidentiality is a broader and more inclusive concept that is designed to assure clients that what they tell a professional will be used responsibly. Privilege, on the other hand, is a special status granted by law to certain professional relationships (Perlman, 1988; Polowy & Gorenberg, 1997; Watkins, 1989). The concept of confidentiality is a subcategory of privacy. Rooted in law, it ideally serves as the basis of intimate or therapeutic relationships and reflects the tension between the values of autonomy and well-meaning paternalism (Lindenthal, Jordan, Lentz, & Claudewell, 1988). Confidentiality is synonymous with the notion of trust and is an integral tenet of professional codes of ethics that regulate the disclosure of information obtained in the course of professional interactions (Gostin et al., 1993; Gothard, 1995; Houston-Vega, Nuehring, & Daguio, 1997; Kluge, 1994; Lawrence, 1994; Williams, 1995-96). The recently revised Code of Ethics (1996) of the National Association of Social Workers (NASW) contains 19 items pertaining to client privacy, confidentiality, consent, and information disclosure under Standard 1.07 "Privacy and Confidentiality." These items guide social workers' interactions with clients. Whatever definition of confidentiality is used, "the principle of confidentiality between . . . professionals and clients . . . is well established. Ethical and functional guidelines dictating the application of confidentiality and privileged communication are critical for the relationship to be successful" (Pollack, 1997, p. 89). The maintenance of confidentiality is designed to foster interaction and protect clients from the accidental or intentional disclosure or misuse of recorded information. Violations of confidentiality threaten therapeutic relationships.
The clearest statement by the courts relating to therapeutic privacy and privileged communication for social workers occurred in 1996. In the landmark case Jaffee v. Redmond (1996), the Supreme Court determined that under the Federal Rules of Evidence, a licensed clinical social worker's notes and records written in the course of diagnosis or treatment are protected against involuntary disclosure by a psychotherapist-client privilege. Like the spousal and attorney-client privilege, the psychotherapist-client privilege is "rooted in the imperative need for confidence and trust" (Trammel v. United States, 1980, p. 51). The court determined that
social workers provide a significant amount of mental health treatment. Their clients often include the poor and those of modest means who could not afford the assistance of a psychiatrist or psychologist, . . . but whose counseling sessions serve the same public goals. Perhaps in recognition of those circumstances, the vast majority of states explicitly extend a testimonial privilege to licensed social workers. (Jaffee v. Redmond, 1996, p. 1926)
The Supreme Court agreed with the lower court that "drawing a distinction between the counseling provided by costly psychotherapists and the counseling provided by more readily accessible social workers serves no discernible public purpose" (Jaffee v. Redmond, 1996, p. 1358, note 19; see also Alexander, 1997; Schwartz, 1989).
If a client agrees that confidential information may be shared, the client's agreement must be obtained in the form of "informed consent." This can be done explicitly or implicitly, in writing, orally, or by conduct. Acquiring consent has its own set of hypotheticals and uncertainties and becomes more complicated when children, clients with severe emotional or psychiatric disorders, elderly people, or clients adjudicated "incompetent" are involved. Coercion, family or peer pressure, or perceived pressure by the social worker may complicate and confuse the consent process further and bring about another set of problems.
Levels of Confidentiality
Confidentiality exists in degrees: absolute and relative. "Absolute confidentiality" requires that the treating professional not divulge confidential material under any circumstance. In theory, absolute confidentiality may exist; in practice it does not. Although NASW, in its Code of Ethics (1996), addresses the issues of privacy and the limits of confidentiality, it is not as explicit as the American Psychological Association (APA). APA, in its guidelines for record keeping, explicitly acknowledges that "no record is free from disclosure all of the time, regardless of the wishes of the client or the psychologist" (Canter, Bennett, Jones, & Nagyn, 1994, p. 207).
For information to be protected absolutely, it should never be written into a record or case file, discussed orally or electronically with another party, or entered into a computer database. APA has adopted the principle that "if confidential information concerning recipients of psychological services is to be entered into databases or systems of records available to persons whose access has not been consented to by the recipient, the psychologist should use coding or other techniques to avoid the inclusion of personal identifiers" (Canter et al., 1994, p. 194, [section] 5.07).
But even with such precautions, unless a statute granting privilege to the relationship exists, an individual can be compelled to disclose confidential information. Therefore, when reference is made to confidentiality, it usually implies "relative confidentiality," which can be breached under certain defined circumstances (for example, child maltreatment, an imminent physical threat to a third person, or a client who is suicidal). The level of confidentiality of the professional relationship is determined by the social worker's role in that relationship (Schultz, 1991). "It is therefore important that social workers be clear as to what their professional role is and be able to communicate that role to those with whom they are working. Their role must be disclosed at the start of the professional relationship to ensure that the level of confidentiality in the relationship is understood" (Pollack, 1997, p. 200).
Pragmatically, confidentiality is not an absolute right but a public policy goal that must be balanced against other social goals (Brannigan, 1992).
Although the discussion so far has focused on primary, relationships, the requirements of confidentiality also apply to information derived from a relationship and later recorded or entered into a database. Therefore, the need to safeguard and protect information extends to all forms of documentation. Violations of confidentiality and invasions of personal privacy increase exponentially, as do the number of individuals or organizations that have potential access to recorded information (Bernstein, 1997; Grady, 1997; Hawkins, 1997; Pear, 1997c, 1997d, 1997e; Washburn, 1997). As early as 1977 the Supreme Court was concerned about the inherent danger associated with confidentiality and computerized information systems. In his concurring opinion, Justice Brennan wrote prophetically: "The central storage and easy accessibility of computerized data vastly increase the potential for abuse of that information, and I am not prepared to say that future developments will not demonstrate the necessity of some curb on such technology" (Whalen v. Roe, 1977, p. 7).
Computerization of personal information potentially opens the door to the demise of privacy and to erosion of the foundation of helping relationships. The rapidly developing computerization of information, including the gathering, manipulation, classification, storage and retrieval, and sale of recorded knowledge, leaves all parties vulnerable. The following recent examples are illustrative:
* The confidential medical records of more than 400 patients at a county hospital were illegally made public by county officials in trying to find a private operator for the hospital. The personal information that was retrieved from computerized files was contained in seven volumes distributed by the officials as part of a request for proposals from prospective bidders. The information included the patients' last name and first initial, the time of treatment, a code indicating the type of treatment, and the cost. Whether or not the records disclosed constitute health records will be determined in a court of law (Morley, 1997).
* 2,000 patient records from a pharmacy in Arizona were still on a computer purchased at an Internet auction. All the software the pharmacy had used for record keeping was still on the computer's hard drive, including patient names, addresses, social security numbers, and a chronological list of all prescriptions filled at the pharmacy (Markoff, 1997).
* A Maryland banker who served on a state health commission accessed a list of every cancer patient in his area and checked it against the names of customers at his bank. He rescinded the mortgages of his customers who had a cancer diagnosis (Breitenstein & Nagel, 1997).
* In April 1997 the Social Security Administration touched off a firestorm when it introduced an Internet site through which individuals could gain access to their earnings records. Critics contended that the required identifiers could give ex-spouses, relatives, prying neighbors, and others immediate and easy access to sensitive information (Lewis, 1997). Although the Social Security Administration will soon be back online, a person's earnings history will not be available over the World Wide Web, and a more elaborate authentication process will be used (Pear, 1997a, 1997b).
* According to a special report in the September 15, 1997, edition of the New York Times, "electronic dossiers have become the common currency of computer-age sleuths, and a semi-underground information market offers . . . private telephone records, credit card bills, airline travel records, and even medical treatment histories" (Bernstein, 1997, pp. A1, A20).
In short, when the number of people who have access to electronic confidential medical or mental health information becomes so large, is the information still confidential? What can be done to ensure privacy once personal information enters a database?
Guidance in Protecting Privacy and Confidentiality
The Federal Privacy Act of 1974 is the model for protecting individual privacy. It contains guidelines and procedures for safeguarding information obtained and specifies consent and review provisions before the release or sharing of recorded information for federal agencies and agencies receiving federal funds. Various professional organizations and accrediting bodies have incorporated similar principles of privacy and confidentiality into their standards and codes of ethics.
The new NASW Code of Ethics (1996) devotes considerable attention to the issues of privacy and confidentiality. Unlike the previous code, specific attention is given in Standard 1.07 to written and electronic records:
(1) Social workers should protect the confidentiality of clients' written and electronic records and other sensitive information. Social workers should take reasonable steps to ensure that clients' records are stored in a secure location and that clients' records are not available to others who are not authorized to have access.
(m) Social workers should take precautions to ensure and maintain the confidentiality of information transmitted to other parties through the use of computers, electronic mail, facsimile machines, telephones and telephone answering machines, and other electronic or computer technology. Disclosure of identifying information should be avoided whenever possible.
(n) Social workers should transfer or dispose of clients' records in a manner that protects clients' confidentiality and is consistent with state statutes governing records and social work licensure. (pp. 11-12)
Medical providers, like social workers and psychologists, have a duty to promote, ensure, honor, and uphold confidentiality. The American Medical Association's (AMA) Code of Medical Ethics (1994) states that "information disclosed to a physician during the course of the relationship between donor and patient is confidential to the greatest possible degree" (p. 8). Similarly, the 1995 accreditation standards of the Joint Commission on Accreditation of Health Care Organizations (JCAHO) are clear on the need to protect patient privacy (JCAHO, 1995). Records must be kept confidential, secure, and free from unauthorized access. The Council on Accreditation of Services for Families and Children (1997) devotes an entire standard (G7) to the protection of confidential information regarding people served. Standard G7.6.03 requires organizations seeking accreditation to have policies protecting the security of all case records from unauthorized access. Although these behavioral mandates provide guidance to professionals employed in various organizational contexts along with those organizations' own written enforcement procedures, compliance and enforcement are not guaranteed. When breeches occur, courts are available to resolve disputes, but only in the context of a lawsuit brought by "adversaries." As electronic access increases there is a need for more stringent guidelines, enforcement, and real sanctions.
Recent Legislative Reform and Resultant Problems
The recently enacted Health Insurance Portability and Accountability Act (1996) (P.L. 104-191), introduced by Senators Kennedy and Kassebaum, calls for the standardization of all medical information compiled by doctors, hospitals, health plans, and insurers about their patients ("Privacy of Health Data Eyed," 1997). The legislation also requires the use of "universal patient identifiers," which create the potential for a nationwide linking of all patient files. Although this legislation has a number of administrative benefits, it also poses major threats to personal privacy.
Unlike the current requirement for patient consent before release of information, the proposed sharing of information does not require the consent of the patient. According to Representative McDermott of Washington State, "What this means is that whatever medical information is collected on people can be used for or against them, depending upon who asks for it" (Spragins & Hager, 1997, p. 84).
A panel of the National Research Council cited in a recent report the lack of security of medical records and cautioned about the danger of growing electronic fries containing personal information (Leary, 1997). The Clinton administration has until late 1999 to develop "fair information practices" to ensure the confidentiality of medical records (Breitenstein & Nagel, 1997). However, it appears that the regulations will broaden law enforcement officials' access to medical records without restrictions on use or redisclosure rather than ensure confidentiality (Pear, 1997c). Under the proposed provisions, law enforcement officials would not have to obtain a court order to obtain access to medical information or notify a person that they are seeking his or her medical information ("Trifling with Medical Privacy," 1997). There would be no opportunity for individuals to challenge the disclosure, even though the information obtained may be inaccurate or could be used against the person in investigations or prosecutions. The proposed regulations, however, would require an audit log of disclosures. Individuals damaged by improper disclosure may be able to file lawsuits in federal court to obtain compensation (Pear, 1997c).
In a similar way, to facilitate the enforcement of child support obligations, the federal government will launch a computerized directory listing every newly hired person by every employer in the country. This follows successful efforts by a number of states to track and collect support payments from deadbeat parents. The Internal Revenue Service, the Social Security Administration, and the Justice Department will have access, along with state welfare and child support officials (Pear, 1997e).
Recent attempts to provide protection for health care consumers have not been successful. However, there are several efforts under way to resolve this problem. The Fair Health Information Practices Act (1997), which was introduced by Representative Condit (D-CA), includes provisions that would limit disclosures of medical records and would require health care providers to create records of disclosures made ("Electronic Threats to Medical Privacy," 1997). Representative Tauzin (R-LA), chair of the House Commerce Committee's Telecommunications Subcommittee, has introduced a bill that would bar companies from disclosing or using without consent people's medical and financial records, as well as government information such as social security numbers, that are available online (Associated Press, 1997). Senator Bennett (R-UT) is planning to reintroduce a Medical Information Confidentiality Act similar to his 1995 legislation (S. 1360) that would establish federal standards for the confidentiality of health care records ("Confidentiality Threat Prompts Call to Action," 1997).
Although access to health records is available to strangers, there is currently no federal statute that provides an individual with the right to gain access to or review his or her own health records. Although 34 states have enacted laws covering the use and dissemination of health information, only 28 explicitly protect and ensure the rights of patients to review their own records and to correct any errors they find (Leary, 1997).
As we await government action to ensure privacy, the range of entities that possess information about individuals continues to increase. Health information, like other information about individuals, has become a desirable commodity that increasingly is being used to make key decisions affecting all aspects of life. Quittner (1997), in a Time magazine article entitled "Invasion of Privacy," indicated that "at least a third of all Fortune 500 companies regularly review health information before making hiring decisions" (pp. 31-32).
Companies . . . no longer hesitate to seek information on what was once assumed to be the private side of workers' lives. More than one third of the members of the American Management Association, the nation's largest management development and training organization, tape phone conversations, videotape employees, review voice mail, and check computer files and E-mail. (Hawkins, 1997, p. 56)
In a special report on "Managed Care and Mental Health," Washburn (1997) noted that "managed-care companies that oversee mental health benefits have a voracious appetite for all kinds of information, and that can mean that confidentiality - the key ingredient in any therapeutic relationship - is sometimes left on the shelf" (p. A1). Panelists participating in the recent National Information Systems Conference indicated that it will be difficult to come up with standards for the security of health records, further jeopardizing therapeutic relationships ("Privacy of Medical Records May Be Elusive," 1997).
Confidentiality Breaches in Cyberspace
With increased interest, availability, and use of communication technology come increased risks to personal privacy and to therapeutic relationships. Electronic medical records are extensions of the individual therapeutic relationship and must be afforded the same respect and protection as that relationship. According to Kluge (1994), electronic medical records should be treated ethically as "patient-analogues in information space" (p. 24). A growing threat involves the compilation of information about an individual via the Internet. The amount of personal information potentially available on the Internet complements the information held by credit bureaus, health and managed care companies, automobile and life insurers, marketing organizations, libraries, cable companies, utility providers, and toll authorities using electronic collection systems. Whenever an individual fills out any type of application, orders by mail, fills in a manufacturer's warranty card, subscribes to a magazine, completes a marketing or a user survey, or enters a sweepstakes, his or her wants, needs, aspirations, and habits find their way into someone's database. The majority of this information is provided by the user or consumer. Although efforts are made to protect this information, as evidenced by notifications accompanying various bills or statements, these are essentially voluntary efforts. The sheer number of databases and points of entry into entire data systems leaves everyone potentially vulnerable. Any minimal number of identifiers (for example, name, date of birth, social security number, or address) can be used by someone with the interest, desire, and technology to become intimately knowledgeable about a social worker or the clients a social worker serves. Those who exchange information on the Internet should recognize that all such communications are public (Butterfield & Schoech, 1997). As might be expected, this information is of value to the Internet providers, marketers, and individuals or organizations who specialize in information gathering. Such information may be sold, used for advertising campaigns, or used for designing services, or it can be used to exclude individuals from insurance coverage.
In a similar way, the increasing use of e-mail by social workers and other professionals raises additional concerns about client privacy. Materials sent through the U.S. mail may not be reviewed by anyone except the intended recipient, but information sent by e-mail has less protection. In 1986 Congress revamped the Electronic Communications Privacy Act of 1986 (ECPA) (P.L. 99-508), legislation originally enacted in 1968 to prevent telephone wiretapping. Although the ECPA was amended to cover all forms of digital communications, this legislation does not adequately protect the privacy of users of e-mail.
Many employees don't realize that the law recognizes little if any privacy protection in electronic mail sent or received by an employee on their work accounts - even if the mail is personal and not work-related. While the "Omnibus Crime Control and Safe Streets Act of 1968" prohibits employers from eavesdropping on the private phone conversations of their employees at work, there is no similar protection of electronic mail communications. (Beeson, 1996, online)
Thus, individuals who communicate with social work agency personnel concerning day care arrangements, health care needs, arrangements for substance abuse treatment, reports of domestic violence, and so forth may find that their employer has obtained knowledge of this personal information legally.
Online communications can be intercepted by hackers or others illegally. Often such hackers are computer aficionados who simply want to demonstrate their ability to break into systems and access information, but the potential for destructive and harmful interception of communications remains real. The rights of individual privacy online must be clarified further and refined through the courts. But as it stands now, individuals have very little guarantee of privacy in electronic communication.
Many hospitals and social welfare agencies have developed internal networks (intranets) to transmit information. Such intranets depend on the same computer protocols as the Internet and are subject to the same security risks. Without adequate security this information may be viewed by unauthorized personnel. These threats to information need to be addressed by system administrators who should ensure that the software does not have security loopholes, that there are barriers between computer systems with public access and those requiring user verification, and that systems use encryption when sending information over telephone lines.
Other security issues involve users themselves. Personnel need to be trained adequately in procedures to maintain the integrity of the system, including security of passwords and correct logoff procedures. Service agencies also need to be concerned about transmitting sensitive information among themselves. It is very easy to attach files that contain case records, progress reports, financial information, and so forth to e-mails. Thus, a hospital social worker easily might send information to a nursing home social worker to facilitate a discharge plan. Even though the client has provided a signed release for the information, there is no guarantee that the information is secure while it is being transmitted or waiting in the e-mail box of the recipient. Because many small agencies do not maintain their own Internet servers, they are dependent on the use of commercial Internet providers.
This use of commercial Internet service providers complicates the situation. Most Internet provider systems are configured to store all messages that pass through them. The operator has the ability to review all communications passing through the system. ECPA provides civil remedies for users whose privacy has been violated by their service provider:
ECPA provides a complex set of rules for the proper disclosure of information by the service provider to law enforcement. Service providers may not provide basic information about users to law enforcement without an administrative subpoena; that information includes user name, billing address, how long the user has used the service, and which features were used. Service providers are also forbidden from disclosing the transactional records of a user to law enforcement without a warrant, a court order, or the consent of the user. (Beeson, 1996)
However, the ECPA explicitly allows service providers to disclose the transactional records of users to "any person other than a governmental entity" (Beeson, 1996). Many hot lines and resources have been developed on the Internet to provide helpful information in an anonymous manner, and individuals who access this information may believe they are assured of privacy. However, individuals who access information about sensitive subjects (for example, abortions, drug treatment, gay or lesbian lifestyles, suicide, or domestic violence) might find that their inquiry has been released to others without their permission. There is a need to balance the importance of confidentiality against the need for quick and easy access.
Several methods can be used to protect the privacy of electronic records. Passwords can be used to prevent access to terminals or databases. Identifying data for records can be coded and stored in a nonelectronic format or in a separate database. When sending data over the Internet, e-mail and case records can be coded and restricted to a specific recipient. Internet browsers use certificates or digital signatures to encrypt information and to verify the identity of the certificate's owner. The Certificate Authority Services (1998) Web page (https://certs.netscape.com/client.html) lists the organizations that issue digital certificates. Digitally signed and encrypted e-mail can ensure that confidential messages and attachments are protected from tampering, impersonation, and eavesdropping.
While we await legislative regulation and the development of additional technological safeguards to protect the collection, storage, and transmittal of personal information, guidance is needed beyond that provided in professional codes of ethics for those engaged in the helping professions (Pollack, 1992). It needs to be understood that the client record, although integral to therapeutic relationships, is a means of communication between individuals and organizations that have a legitimate need to know something about someone. To minimize the threat to personal privacy, entries into client records, whether written or electronic, must be guarded by common sense. Clients need to be informed about the limits of confidentiality and their role in safeguarding information about themselves. Precautions need to be taken to limit access to recorded information to those who have a legitimate need to know. In addition, social workers should be judicious in their recording of client information and should adhere to the following principles:
* Know who the potential audience is and verify the audience's identity and the purpose for the information that is being requested.
* Obtain informed consent and identify the limitations of confidentiality.
* Understand the potential of information technology and ensure that appropriate safeguards are in place.
* Recorded information should be factual, accurate, objective, and necessary only for the purpose at hand.
* Recorded information should be clear, concise, and specific.
* The services provided should be clearly identified.
* The treatment being provided should be based on a professional assessment that can be supported.
* Intuition, hypotheses, and hunches should be differentiated from facts and excluded from the record.
* All information should be verified over time, with corrections made in a timely fashion.
* Progress or the lack of progress should be documented.
* Unmet needs should be identified.
* Obstacles to meeting needs should be indicated.
The expedient flow of electronic information is attractive and necessary. In addition to providing social workers with a wide range of information resources, electronic media provide a unique forum for assisting clients. But recent incidents have caused the profession to be concerned. A robust desire to allow for maximum expression of ideas must be tempered with an equally strong desire to protect the social work profession, its clients, and social workers. It is clear that electronic communication modalities have outpaced the courts and the social work profession and that both must catch up.
Alexander, R. (1997). Social workers and privileged communication in the federal legal system. Social Work, 42, 387-391.
American Medical Association. (1994). Code of medical ethics (Report, Council on Ethical and Judicial Affairs). Chicago: Author.
Associated Press. (1997, July 30). Ensuring privacy on Internet. Record, p. B2.
Beeson, A. (1996). Privacy in cyberspace: ls your email safe from the boss, the SysOp, the hackers, and the cops? American Civil Liberties Union Freedom Network: Cyber-Liberties [Online]. Available: http://www.aclu.org/issues/cyber/priv/privpap.html
Bernstein, N. (1997, September 15). On line, high-tech sleuths find private facts. New York Times, pp. A1, A20.
Brannigan, V. M. (1992). Protecting the privacy of patient information in clinical networks: Regulatory effectiveness analysis. Annals of the New York Academy of Sciences, 670, 190-201.
Breitenstein, A. G., & Nagel, D. M. (1997, September 1). Medical "privacy" bill is misnomer. Record, p. A18.
Butterfield, W. H., & Schoech, D. (1997). The Internet: Accessing the world of information. In R. L. Edwards (Ed.-in-Chief), Encyclopedia of social work (19th ed., 1997 Supplement, pp. 151-168). Washington, DC: NASW Press.
Canter, M., Bennett, B., Jones, S., & Nagyn, T. (1994). Ethics for psychologists. Washington, DC: American Psychological Association.
Certificate Authority Services [Online]. (1998). https://certs.netscape.com/client.html. Netscape Security.
Confidentiality threat prompts call to action: Bill targets drug, alcohol care. (1997, July). NASW News, p. 1.
Council on Accreditation of Services for Families and Children. (1997). Standards for agency management and service delivery: New York: Author.
Electronic Communications Privacy Act (ECPA) (1986), P.L. 99-508, 100 Stat. 1848.
Electronic threats to medical privacy [Editorial]. (1997, March 11). New York Times, p. A22.
Federal Privacy Act of 1974, 5 U.S.C. [section]552.
Gostin, L. O., Turek-Brezina, J., Powers, M., Kozloff, R., Faden, R., & Steinauer, D. D. (1993). Privacy and security of personal information in a new health care system. JAMA, 270, 2487-2493.
Gothard, S. (1995). Legal issues: Confidentiality and privileged communication. In R. L. Edwards (Ed.-in-Chief), Encyclopedia of social work (19th ed., Vol. 2, pp. 1579-1584). Washington, DC: NASW Press.
Grady, D. (1997, March 12). Hospital files as open book. New York Times, p. C8.
Hawkins, D. (1997, September 15). Who's watching now? U.S. News and World Report, pp. 56, 58.
Health Insurance Portability and Accountability Act of 1996, P.L. 104-191, 110 Stat. 1936.
Houston-Vega, M. K., Nuehring, E., & Daguio, E. (1997). Prudent practice. Washington, DC: NASW Press.
Jaffee v. Redmond, 116 S. Ct. 1923 (1996).
Joint Commission on Accreditation of Health Care Organizations. (1995). Comprehensive accreditation manual for hospitals. Oakbrook Terrace, IL: Author.
Kluge, E. H. (1994). Health information, privacy, confidentiality and ethics. International Journal of Bio-medical Computing, 35(Suppl. 1), 23-27.
Lawrence, L. M. (1994). Safeguarding the confidentiality of automated medical information. Journal of Quality Improvement, 20, 639-646.
Leary, W. E. (1997, March 6). Panel cites lack of security on medical records. New York Times, pp. A1, B11.
Lewis, R. (1997, May). SSA mulls restoring net data. AARP Bulletin, 38(5), pp. 1, 13.
Lindenthal, J. J., Jordan, T. J., Lentz, J. D., & Claudewell, S. T. (1988). Social workers' management of confidentiality. Social Work, 33, 157-158.
Markoff, J. (1997, April 4). Patient files turn up in used computer. New York Times, p. A14.
Morley, H. R. (1997, August 28). Pines patients' records made public. Record, p. A1.
National Association of Social Workers. (1996). Code of ethics. Washington, DC: NASW Press.
Pear, R. (1997a, April 10). Social Security closes online site, citing risks to privacy. New York Times, p. A15.
Pear, R. (1997b, September 4). U.S. to go back on Internet with social security benefits. New York Times, pp. A1, A22.
Pear, R. (1997c, September 10). Clinton would broaden access of the police to medical records. New York Times, pp. A1, A15.
Pear, R. (1997d, September 12). Limited access to medical records is urged. New York Times, p. A24.
Pear, R. (1997e, September 22). Vast worker database to track deadbeat parents. New York Times, pp. A1, A16.
Perlman, G. L. (1988). Mastering the law of privileged communication: A guide for social workers. Social Work, 33, 425-429.
Pollack, D. (1992). Record retention management: A key element in minimizing agency and worker liability. Journal of Law and Social Work, 3(2), 89-95.
Pollack, D. (1997). Social work and the courts. New York: Garland.
Polowy, C. I., & Gorenberg, C. (1997). Legal issues: Recent developments in confidentiality and privilege. In R. L. Edwards (Ed.-in-Chief), Encyclopedia of social work (19th edition, 1997 Supplement, pp. 179-190). Washington, DC: NASW Press.
Privacy of health data eyed. (1997, March). NASW News, p. 1, 10.
Privacy of medical records may be elusive, panel says. (1997, October 9). Record, p. A13.
Quittner, J. (1997, August 25). Invasion of privacy. Time, pp. 28-35.
Schultz, L. (1991). Social workers as expert witnesses in child abuse cases: A format. Journal of Independent Social Work, 5(1), 69-87.
Schwartz, G. (1989). Confidentiality revisited. Social Work, 34, 223-226.
Spragins, E. E., & Hager, M. (1997, June 30). Naked before the world. Newsweek, p. 84.
Trammel v. United States, 445 U.S. 40 (1980).
Trifling with medical privacy [Editorial]. (1997, September 11). New York Times, p. A30.
Washburn, L. (1997, October 6). Confidential therapy files an open book. Record, pp. A1, A7.
Watkins, S. A. (1989). Confidentiality and privileged communications: Legal dilemma for family therapists. Social Work, 34, 133-136.
Whalen v. Roe, 429 U.S. 589 (1977).
Williams, R. C. (1995-96). Privacy and computerized medical records. Alabama Medicine, 65(57), 29-37.
Sheldon R. Gelman, MSL, PhD, ACSW, is Schachne dean of the Wurzweiler School of Social Work, Yeshiva University, 2495 Amsterdam Avenue, New York, NY 10033; e-mail: firstname.lastname@example.org. Daniel Pollack, MSW, JD, is associate professor, and Adele Weiner, PhD, ACSW, is associate dean of the Wurzweiler School of Social Work, Yeshiva University, New York.
|Printer friendly Cite/link Email Feedback|
|Author:||Gelman, Sheldon R.; Pollack, Daniel; Weiner, Adele|
|Date:||May 1, 1999|
|Previous Article:||Tribal and Shamanic-based social work practice: a Lakota perspective.|
|Next Article:||The new confidentiality for the 21st century in a managed care environment.|