Therapist Confidentiality: An Overview
Therapists are required to keep any and all information that you discuss with them confidential. This allows for a therapeutic relationship to develop. As such, your therapist is obligated to keep the content of any session private and will not even be allowed to tell your spouse, family members, or relatives that he or she has been seeing you as a client without having your permission to do so.
Keeping information confidential fosters a safe environment for patients to discuss issues and problems of the mind and the emotions that are troubling to them. Confidentiality ensures that what patients disclose will be protected and not shared with others who would not have a right to know about the vulnerable things they have revealed to their therapists.
In California, although a therapist’s communication with the patient is private , there are certain exceptions to the therapist’s confidentiality requirement. The law allows the therapist to share private information in the following circumstances:
The limits on confidentiality are, though, relatively few. For example; when the patient is a danger to him or herself, when the patient shows signs of being a danger to someone else, when the therapist believes the patient is a vulnerable adult or child is the victim of abuse, where the disclosure to law enforcement is necessary to protect the patients’ rights or property or those of another person, when a court orders the therapist to disclose information, or where the patient sues the psychologist for legal breaches of duty, such as breach of psychologist/patient privilege or breach of contract.
Applicable Law in California
California law protects the confidentiality of patient-therapist communications, and mandates that therapists who are licensed or working under the supervision of a licensed mental health professional do not disclose confidential information obtained in the course of their work except under limited circumstances. Confidentiality is important to patients who seek mental health treatment so that they can speak freely with their therapist about their thoughts and feelings. California has adopted the psychotherapist-patient privilege to help encourage patients to visit a mental health care provider by keeping their visits and information confidential.
A number of statutes touch upon confidentiality between therapist and patient. The primary California statute regarding the therapist-patient privilege is CA Evidence Code § 1010 et. seq., and the various exceptions to this privilege. California’s Evidence Code establishes the general rules of privilege that are followed in patient-therapist communications.
In addition to the deadline imposed by federal and state laws, the relevant patient-therapist privilege provisions of California Evidence Code IP § 910 et. seq. impose a rule of reasonableness to those records which are subject to the privilege. For example, the Evidence Code § 913 allows a party to claim a conflict between privileges. Specifically, Section 913 allows the holder of any possible conflicting privilege to claim that the waiver of one or more privileges would cause the disclosure of otherwise privileged matter. On the other hand, Evidence Code § 917 provides exceptions to the privilege, which allows otherwise privileged information to be disclosed. For example, Evidence Code § 910 allows the disclosure of confidential information for purposes of a criminal proceeding, while Evidence Code §§ 999-1002 allow a licensed therapist to testify against his or her will in a case involving child abuse or neglect.
In addition, the Patient Information Records Sharing Act (PIRSA) was established in 2000. PIRSA requires certain health care entities to provide patients with copies of their medical record information upon request. Patient records are considered confidential in California, and in order to maintain such confidentiality, access to a patient’s medical records must be given only to those persons who are authorized to receive it. Patients in California can inspect and obtain a copy of their patient records, as well as an explanation or summary of the information within those records if they so desire. However, there are certain individuals and entities that may be charged a fee for obtaining copies of their medical records pursuant to California Health and Safety Code § 123100.
Psychotherapists must follow SAMHSA’s Confidentiality of Substance Abuse Disorder Patient Record’s regulations, which imposes stricter requirements than HIPAA. While HIPAA applies to all patient information in a therapist’s record, SAMHSA’s Confidentiality of Substance Abuse Disorder Patient Records, 42 U.S.C. § 290dd-3, restricts access to substance related information for patients in substance abuse treatment programs.
Specific Exemptions to Confidentiality
Exceptions to confidentiality laws exist when a therapist is asked to report an intention to harm oneself and other individuals, or report abuse, as well as when a legal action involving the therapist is initiated. The latter situation includes when a mental health professional is named in certain types of litigation as a party or as a witness.
Situations where confidentiality may be breached include the following:
- Where a Client is Likely to Commit Child Abuse. California law requires that all persons are required to report known or suspected child abuse or neglect, and this includes physicians, nurses, optometrists, psychiatrists, psychologists, social workers, clinical social workers, school personnel, marriage and family therapists, and others. Certain lawyers are also required to report known or suspected instances of child abuse or neglect.
- Where a Client is Likely to Commit Elder Abuse. California law requires mandatory reporting of elder abuse to law enforcement or other child protective agencies by a person who is an elder care custodian, healthcare practitioner, adult protective services agency employee, a financial institution officer, caregiver, etc.
- Where a Client is Likely to Commit Suicide or Harm Another Person. A therapist may disclose the information reasonably believed to be necessary to prevent the threatened danger. Often, situations will exist where you, as a therapist, are able to obtain the name and address of the person or persons being threatened, and then notify them and law enforcement about the threat, if you feel it is justified.
- In especially violent situations, you have the right to warn an intended victim. In some cases, it is not necessary to contact law enforcement before warning the victim about the imminent threat.
- In Serious Criminal Cases
- In Cases Where You are Involved in an Investigation or Prosecution
- For Billing and Collection Purposes. Your attorney will help make client and insurance company contact for such purposes as billing information, collection, and required progress reports.
Rights of Clients and Responsibilities of the Therapist
Clients have the right to know all the circumstances in which their private information may be disclosed and what notifications and safeguards are available to protect this information. Counselors, psychologists, psychiatrists and other mental health care professionals accordingly have a duty to keep private as confidential and secret all facts and information obtained by them in their professional capacity, except under specific circumstances existing by law or provided by their clients. California law recognizes patients’ rights to privacy and confidentiality by providing that "a patient has a right of privacy in all information and records held by a provider of health care pertaining to the patient’s medical history, conditions, or treatment except as specified in paragraph (1), (2), or (3)." 42 Cal. Code Regs., § 5:27.3. 4850.378.
In order to comply with laws and ensure client privacy and confidentiality, therapists must competently draw an informed consent agreement with written parameters regarding confidentiality and its limits. Informed consent should include what information can and cannot be disclosed in client progress notes, what information must be kept confidential, the minimum necessary information that may be shared, and how therapists and their employees will share information internally. Therapists should also explain their record retention and storage policies and procedures (both electronic and physical security measures), including the length of time records are retained and the manner in which clients can authorize release of all or part of their confidential information. For example, while some mental health professionals retain all records for seven years, there is no legal requirement in California that all psychotherapy notes need to be held forever. 9 Cal. Code Regs., § 1810.205.
When sharing client files with other providers or handling subpoenas, mental health professionals have an affirmative duty to inform their clients to seek a court order or equivalent protection against further disclosure, such as an appropriate protective order pursuant to California Code of Civil Procedure Sections 1985 or 1987.1. Cal. Civ. Proc., § 1985 & Cal. Civ. Proc., § 1987.1. Not all therapists realize that they have a duty to do so, especially in cases where court authorization to disclose or report information is required by law.
Consequences of Breaching Confidentiality
The consequences of breaching confidentiality can be significant for therapists, both legally and professionally. When a therapist fails to comply with confidentiality laws, they risk facing legal action from their client. If a client feels their therapist has breached their trust by sharing private information without consent, they may sue the therapist for damages. For instance, a lawsuit brought on behalf of a minor may request compensation for emotional harm done to the child. Even though confidentiality breaches primarily involve civil law, some situations may lead to criminal penalties. While not likely, a therapist who unlawfully shares client information could face monetary fines and/or incarceration. Ethical consequences may follow any legal action. If a therapist is found guilty of breaching confidentiality , licensing boards may suspend or revoke their license to practice.
Professional ethics and codes of conduct are usually written into licensing laws (such as the California Business and Professions Code) and professional organizations (like the American Psychological Association, for example). Because these rules are set by their specified authorities, they have the potential for serious sanctions if breached. In addition to civil and criminal consequences, unprofessional actions can result in disciplinary hearings before licensing boards. Sanctions may be administrative, such as fines, suspension or revocation of licensure, mandatory additional education, or voluntary surrendering of the therapist’s license.
Guidelines for Therapists to Maintain Confidentiality
Therapists in California should implement several best practices to ensure they are complying with the state’s confidentiality laws. The following are some best practices that all mental health providers must follow: Document Everything: While documenting everything might not be necessary, when it comes to maintaining confidentiality, it’s always best to have records of every conversation, text, and email you engage in regarding your patients. This does not mean sharing new information on social media platforms or telling your friends about your clients. It simply means all your electronic and physical notes are clearly labeled and easy to find.
Consult with Experts: As a mental health professional, consider consulting with a lawyer (ideally someone who specializes in confidentiality violations – see PLF’s free directory here). The lawyer can help determine what actions and policies are best for your practice in terms of keeping patient confidentiality.
Have a Privacy Policy: It’s recommended that psychotherapists create a privacy policy that explains how patient information will be stored, shared, and controlled. The policy should state that therapist/patient communication will be kept private and secure and that no one will be privy to this information without the patient’s written consent.
Provide Confidentiality Training: Explain to your staff how important confidentiality is to your practice and its clients. Make it clear to all employees that private information will never be shared without the patient’s permission and that they will be punished for any such violations.
Secure Your Devices: Secure all electronic devices and paper files containing patient information. File cabinets should be locked and digitally stored files should be password protected. Additionally, implement privacy settings on your mobile phone and email accounts if you ever communicate with patients through these mediums.
Conclusions regarding Patient-Therapist Confidentiality
In navigating the challenges of therapist confidentiality, both therapists and clients must be aware of the limits that law places on disclosure of information. These connections can be beneficial in a therapeutic context; however, the law places a strong emphasis on the ability of the client to control access to information imparted to a therapist . In recognition of this duality, California allows for certain exceptions to client control, and specifically does not prevent sharing of information with a therapist’s attorney in the context of client defense supported by records. Clients ought to be informed consents regarding these potential exceptions to confidentiality prior to providing information to a therapist; however, therapists may not divulge confidential information without the explicit consent of the client.