I’ve been in and out of therapy for most of my life, and I’ve always been under the assumption that therapy sessions are pretty much all confidential, bound by HIPAA, except for in a few circumstances like preventing harm to the client or others.
One of my family members is a family therapist and over the holidays she was sharing stories from her and her colleagues’ clients. I was kind of put off by this but didn’t want to start anything. None of the information made the clients identifiable, so I thought maybe this was the loophole but that still doesn’t sound right to me. Is this normal?
All medical journals and manuals where at some point someone’s story, or an aggregation of multiple stories perhaps. What differentiates it is the connection to a person. It’s plenty fine to talk in the abstract about cases for things like instruction or peer input, but only those that are a proper member of the care team, or are given specific disclosure access, should be able to attribute the discussion to an individual.
You need to give explicit permission to be included in many studies.
They can share details, just not your details. And if the details they share reveal a connection to your identity, they fucked up
Doctors can share the details of your genial warts as well as long as it doesn’t become painfully clear they were taking about you. The same logic applies to therapists. They can share your story but not the fact that it is yours. And if they have a lot of patients they have a certain level of obscurity. And if they’re clever they change a couple of things about the story to make it less obvious.
The distinction I would make here is the intent behind sharing the story. If it’s a function of venting with other professionals, I get it. They’re only human too. If it’s meant as a sort of teachable moment to others present, I think that’s alright. If it’s a “get a load of this shit” story telling and I found out, I would change therapists.
Not anything identifying, really. My best practice is to never talk about work with those outside of the need to know group. It goes in the work box, it stays there. Unless I had a particularly traumatic day. I couldn’t hide the limp or the black eye I had a few days ago. So that is an example of the most I will share.
I really don’t know, but I’ve read several books by psychiatrists, psychologists, and therapists where they shared client stories, without PII. I would think it’s ok to share generic stories as long as the client can’t be identified, only because I doubt from some of the stories I’ve read that all those clients consented to having their stories told, but who knows. Hopefully somebody with expertise can chime in!
I have experience from the “proper handling of PII” side of things, and can tell you that while everyone covered by HIPAA has likely taken the mandatory PII training, most, if asked, wouldn’t be able to identify what is and isn’t protected from a list of examples.
So no matter what the rules say, medical and therapy data leak like a sieve, and modern expert systems, if provided with the information, could probably identify the patients 90% of the time.
What medical practitioners and therapists are really protected by is insurance.
HIPAA also only covers specific types of information medium. It’s not a generic “you can’t share information” law like most people think it is, it’s a “if you’re storing information you need to follow these rules about who can see what, and have these safeguards in place to prevent access” law.
I’d upvote you multiple times if I could.
And in some cases, they are actually required to share information with the government/police.
