This chapter is a brief consideration of several issues that may apply to only some service
areas or profiles. These issues include confidentiality, special needs populations,
comorbidity, and areas with low morbidity and minimal data.
Section 1: Confidentiality
Confidentiality is defined as the protection of information that an
individual or institution has disclosed in a relationship of trust, with
the expectation that it will not be divulged to others in ways that are
inconsistent with the individual’s or the institution’s understanding of
the original disclosure.
Why is it important for health departments and service providers to
maintain the confidentiality of HIV/AIDS surveillance data and
information about clients and services? Because people at risk for, and
living with, HIV infection have the right to know that information about
them is kept confidential by everyone involved, including prevention and
care program planners, service providers, and funders. Ensuring the
confidentiality of information on individuals is a fundamental
requirement.
What Is Confidential Information?
Confidential information is any information about an
identifiable person or establishment, when the person or establishment
providing the data or described in it has not given consent to make that
information public and was assured of confidentiality when the
information was provided.
A Breach in Confidentiality
A breach in confidentiality is a security infraction that
results in the release of private information with or without harm to 1
or more persons. A breach in confidentiality may cause a person to be
subject to harassment and discrimination because his or her HIV status
or other confidential information became publicly linked to that person.
Even the erroneous appearance of a link (e.g., someone believed to be
HIV-positive because of the release of personal identifying information)
can lead to these problems. Therefore, protection of confidentiality is
essential to surveillance and the use of data from surveillance and
other public health programs.
The relationship of the community, the health department, and care
services providers hinges on trust. One way that officials and providers
maintain trust is through ensuring the confidentiality of surveillance
information. A breach can erode the community’s confidence in public
health and care systems.
Confidentiality and the Use of Data
Most states have laws to protect the confidentiality of HIV/AIDS
surveillance data and other information and to protect the privacy of
HIV-infected persons. These laws are supported by several federal
statutes. HIV/AIDS surveillance data reported to CDC are protected by
federal assurance of confidentiality. In addition, CDC requires, as a
condition of funding, that states follow strict security standards and
guidelines.1 These standards cover health department
responsibilities for the ways in which HIV/AIDS data are collected,
analyzed, maintained, transmitted to CDC or other state agencies,
released, and disposed of.
Confidentiality and HIV/AIDS Epidemiologic Profiles
When developing your epidemiologic profile, keep confidentiality
concerns in mind with all data used, not just HIV/AIDS surveillance
data. Use aggregate—rather than individual—data throughout, including
tables and figures. Aggregate data include summary statistics compiled
from personal information that have been grouped to preclude the
identification of individuals.
For your epidemiologic profile, observe local restrictions on small
cell size to prevent the inadvertent disclosure of confidential
information. Because it can be easy to inadvertently identify people
when small numbers of cases are broken down by age, race/ethnicity,
gender, or other factors, HRSA and most state HIV/AIDS surveillance
programs have a restriction policy on small cell size. Follow it when
presenting data in tables. Specifically, cells whose value is 3 or fewer
are suppressed (not shown in data presentations). Contractors should
become familiar with the cell-size restriction policy. When preparing
the profile, writers should indicate when data were suppressed because
of small cell size.
Analyze cases by geographic area within strict guidelines for the
confidentiality and release of HIV/AIDS surveillance data as specified
by the health department.
Confidentiality derives from an individual’s right to
privacy. Persons participating in HIV/AIDS and other public
health surveillance activities, such as clinic clients or
persons reported to surveillance, have the right to privacy
regarding disclosure of information related to their HIV status.
Confidentiality is protected by law and by the ethical
guidelines for various professionals, including physicians,
psychologists, and social workers. For purposes of the
epidemiologic profile, confidential information includes
anything that would identify a person as having HIV or AIDS,
being a user of counseling and testing services, having TB or an
STD, or participating in a public health survey (e.g., Youth
Risk Behavior Surveillance System). That means that their risk
behavior, HIV status, and status with respect to other diseases
cannot be disclosed publicly. These data are collected with an
explicit promise to the participant that the data will remain
private. Breaching this promise has legal and ethical
consequences for the people or organization that collected the
data, anyone who discloses the data, and the person from whom
the data were collected. Source: Adapted
from the American Bar Association’s “Model HIV/AIDS
Confidentiality Policy.”
|
Do not include in the profile or in summary data or provide to the
planning group any information (e.g., name, address, month and day of
birth, Social Security number) that could identify an individual.
Go
to Chapter 5, Section 2
|