Ethics in ConfidentialityBy Rebeka Nowak0567639April 16th, 2019 The focus in ethics is in not only the forensic sciences, but also in fields such as nursing and research and includes the important practice of confidentiality. Confidentiality can be defined as information that is told in private and remains private amongst the party(s) involved (1). An ethical dilemma facing confidentiality however is knowing the right moment to breach confidentiality and knowing when to keep confidentiality (2). Breaches can occur unintentionally, such as from a document being left out or an email being sent to the wrong person (2). When dealing with consensual confidentiality breaches in medicine, steps are typically taken to avoid another party recognizing the patients, something that could possibly be integrated into forensic science (2). Since forensic science is relatively new, more ethical codes need to be placed for forensic scientists, especially if individuals may have their own ethical standard compared to someone else (3). Some issues of misconduct in forensic science includes but is not limited to: drug or alcohol abuse, the defamation of professional colleagues, using unethical methods to obtain clients, and false claims (3). Forensic scientists have both personal and professional ethics (3). Personal ethics refers to the personal ethics or morals a forensic scientist has that is not related to their professional role in forensic science (3). Professional ethics is the guidelines set out to ensure that forensic scientists are following ethical conduct, which is considered more important than personal ethics (3). In order for a forensic scientist to stay ethical during their career, they must mainly stay objective while searching for answers for a case (3). Although forensic databases are common and useful, they do pose some ethical issues (3). It has been considered “a breach of personal space” but the Grand Chamber of the European Court of Human Rights said that only keeping innocent people’s samples was a breach (3). The requirements of taking fingerprint and DNA samples from people varies from country to country (3). Normally, if a person is found innocent or acquitted of a crime, their samples must be destroyed within a year but if they are guilty or convicted, their profile will remain in the database (3). It is crucial that these databases are carefully monitored to ensure that the profiles can not be released for unethical purposes (3). Ethics in all fields of science are crucial, but it is when errors and misconduct that occur that causes ethics to fail. Examples of ethical issues involving confidentiality are below. It is expected that physicians, nurses, and other medical personnel maintain confidentiality with their patient’s medical records, personal information, or other types of information the patient would want kept private between their physician and themselves (4). Most of the times in hospitals, small confidentiality breaches occur, which typically involves a patient’s information not being protected properly but usually do not cause large consequences (4). The more severe confidentiality breaches however have direct consequences, and are usually done intentionally, involving parties other than the patient and their physician(s), and without any given consent (4). In a study done by CM Beltran-Aroca, their results showed that severe confidentiality breaches occurred more often than minor breaches, and this breaches typically occurred in areas such as offices, classrooms, elevators, and other public places (4). In 2009, the Kaiser Permanente’s Bellflower hospital was fined $250,000 for not keeping proper patient confidentiality (5). The medical records of Nadya Suleman, who gave birth to octuplets early 2009, did not follow proper prevention methods to avoid confidentiality breaches (5). In February of 2009, the hospital mentioned that 2 employees accessed Suleman’s records, in a breach of her confidentiality (5). Later in the month, 6 employees were found to have had unauthorized access to the records (5). Towards the end of March, a total of 23 employees performed a breach of confidentiality, 15 were fired or resigned, while the other 8 faced “disciplinary actions”, however the doctors were disciplined, not fired (5). The way the hospital treated the unethical medical personnel was professional and handled in an effective manner (5). Unfortunately, confidentiality breaches are still common in hospitals, causing unethical sharing of patient’s private medical and personal history. In 2018, a group of thieves held medical and personal information from home-care patients ransom after hacking the computer systems of the health-care provider CarePartners (6). Although the group responsible for hacking the computer systems for the medical records breaches both confidentiality and ethics, the focus of this case will mainly be on the health-care provider, CarePartners. Some of the information obtained by the group included medical records, phone numbers, health card numbers, detailed medical histories, and any other information that was kept in the system (6). The group requested compensation in exchange for telling CarePartners how to fix the problems with their security and to not post the hacked information online (6). The group claimed that CarePartners’ software had not been updated in two years and that they were able to use that to their advantage, also claiming that none of the data they took had been encrypted to prevent this incident from occurring (6). Even though CarePartners claimed that they took certain measures such as: employee training, system updates, and protecting their servers, their system was easily able to be hacked and the data stolen (6). What CarePartners did was both unethical and a breach of confidentiality. It is not only the responsibility of health care personnel to remain ethical, but also health care providers as well. It was estimated that 237,000 CarePartners patients were impacted from this data theft incident. A year after this incident, it appears that CarePartners has not done much to fix and prevent this issue. They have posted on their website how their patients can protect their online information from potential hackers (7). Unfortunately, preventative measures being done after information has already been compromised is a poor way for CarePartners to deal with this issue. They should have done everything in their power to ensure their systems and software were updated and protected constantly, with added preventative measures such as strengthening passwords, using legitimate websites, not clicking on links that may be suspicious, along with other safeguard methods (7). This incident is a major breach of ethics, as many people who believed their information was safe and secure now have to deal with the issues of their information being stolen. It is hoped that CarePartners will do a lot more to fix the major confidentiality breaches that they caused. Forensic science is also not without following strong rules of ethics and confidentiality. Since forensic psychiatry is the branch of psychiatry that uses psychiatry in a legal context (8). Forensic psychiatrists apply their knowledge to civil cases, criminal cases, correctional issues, and legislative matters (8). Since forensic psychiatrists are not medical doctors, their confidentiality requirements are a bit different. Before the evaluation of the patient begins, the forensic psychiatrist should state why they are conducting the evaluation and what will be done with the information after the examination (8). As with all other disciplines involving confidentiality, the forensic psychiatrist should do everything in their power to ensure that people cannot access the information without authorization (8). It is also crucial that the psychiatrist makes any limits to confidentiality clear to ensure that a breach in confidentiality does not occur (8). It is important to note that forensic psychology also has ethical dilemmas to which forensic psychologists must deal with (9). The main issue is that forensic psychologists handle involuntary patients, according to MA Connell (9). Since they are involuntary, their levels of confidentiality are limited or null, which may result in patients personal and or sensitive information being exposed (9). A majority of the people forensic psychologists evaluate are people labeled as ‘vulnerable’, such as children, due to the fact that they cannot make judgements independently (9). Due to that limitation, forensic psychologists must be cautious and be aware of any potential risks to their ethics (9). Another major area where both ethics and confidentiality are important is in research, including but not limited to: qualitative, clinical, and human genetic research (10). According to the Government of Canada’s website on research ethics, there are a few key concepts researchers need to follow (10). These concepts are privacy, confidentiality, and security, along with a few others (10). They stated that in order to ethically handle confidentiality, information must be protected from unauthorized access, thefts, or modifications (10). Following both ethics and confidentiality allows for the research to remain truthful (10). In 2017, a Quebec Superior Court of Justice ordered a professor, Marie-Eve Maille, to release the names of the people she interviewed for her wind farm development research (11). Maille provided the company Eoliennes de l’Erable (Maple Wind Turbines) with anonymous data but they wanted the names, which is a major breach of confidentiality (11). The company also wanted all of her detailed notes for the purpose of discrediting her as an expert witness and the participants who launched the class-action (11). Many other researchers and academics are worried about the court’s decision, as stated by the Canadian Association of University Teachers (CAUT) executive director, “Maintaining the confidentiality of research subjects is an ethical obligation and professional requirement” (11). Fortunately, later in the year, the Superior Court of Quebec reversed the decision they made so that Maille would not be required to give up the confidential information she had collected during her research (12). Many other scientists and researchers were relieved that a breach of confidentiality would not need to occur, and as mentioned by a chief scientist in Quebec, “The decision reaffirms the importance of protecting participant identities in the best interests of science” (12). The only explanation these sources provide for why the wind turbine company would need the names of the participants is that they wanted Maille’s raw data (12). What the company did was unethical, and they had no legitimate reasons to want the names of the participants of the study, which would have been breached if the Superior Court of Quebec did not reverse their decision. Since the world is continuously advancing in technology, the ethics in confidentiality will also change. Since a lot of medical records are moving from paper to a more automated approach, confidentiality in these documents will need to be prioritized to ensure the privacy of the patients (13). In order for this to remain ethical, the information must be routinely checked to ensure that proper privacy methods are in place (13). Personally, I feel that confidentiality is a major component of ethics, so I believe that more needs to be done in order to ensure that everyone has a sense of ease when it comes to things like medical records, credit card information, and other personal information. I think that the people in charge of confidential information need to have some form of ethical training to prevent incidents like gossiping or leaving important documents unattended. It is also important that more parameters are set for controlled and consensual confidentiality breaches. Ethics is such a major concept in many different fields of study and as with anything, will need constant improvements to be more functional and efficient. In conclusion, ethics is of major importance in our world today and needs to include strong outlines of what confidentiality is and how it can be kept. The largest area where ethics and confidentiality are used and required is the medical field, as sensitive information is being handled, and thus needs to be treated and protected as such. Forensic psychiatry also deals with confidentiality and ethical issues, mainly including involuntary patients. Incidents such as CarePartners being hacked and Maille almost being forced to give up confidential information of her research, are fairly recent, occurring in 2018 and 2017 respectively. We can only hope that with every error that occurs, more solutions are being raised to create a world with more ethics in handling confidentiality. References1. Oxford Dictionary. (2019). Obtained from: https://en.oxforddictionaries.com/definition/confidentiality (accessed April 8, 2019).2. Blightman K, Griffiths SE, Danbury C. Patient confidentiality: when can a breach be justified? Continuing Education Anaesthesia Crit Care Pain 2014;14(2):52-56. 3. Yadav PK. Ethical issues across different fields of forensic science. Egypt J Forensic Sci 2017;7(1):10.4. Beltran-Aroca CM, Girela-Lopez E, Collazo-Chao E, Montero-Perez-Barquero M, Munoz-Villanueva MC. Confidentiality breaches in clinical practice: what happens in hospitals? BMC Med Ethics 2016;17(1):52. 5. Ornstein C. Kaiser hospital fined $250,000 for privacy breach in octuplet case. Los Angeles Times 2009 May 15. 6. Braga M, Ward L, Culbert A. Thousands of patient records held for ransom in Ontario home care data breach, attackers claim. CBC 2018 July 17. 7. https://www.carepartners.ca/PrivacyBreachUpdate-February-4-2019.htm (accessed April 14, 2019). 8. California State University. Psy 301-CSULB. American academy of psychiatry and the law ethical guidelines for the practice of forensic psychiatry, 1989. 9. Connell, MA. Ethical issues in forensic psychology. In Jackson R and Roesch R, editors. International perspectives on forensic mental health. Learning forensic assessment: research and practice. New York, NY, US: Routledge/Taylor & Francis Group, 2016;45-62.10. http://www.pre.ethics.gc.ca/eng/policy-politique/initiatives/tcps2-eptc2/chapter5-chapitre5/ (accessed April 14, 2019). 11. https://www.caut.ca/bulletin/2017/01/research-confidentiality-compromised-uqam (accessed April 16, 2019). 12. Castonguay P. Quebec ruling reaffirms research data confidentiality. University Affairs 2017 Jun 7. 13. Dick RS, Steen EB, Detmer DE. The computer-based patient record: an essential technology for health care. Washington, D.C.: National Academy Press, 1997.