CDR Confidentiality Concerns

Confidentiality is always an issue when discussing the implementation or continuing work of a Child Death Review (CDR) team. This issue is even more likely to surface since the enactment of the Health Insurance Portability and Accountability Act (HIPAA).

Sensitive information is the currency of CDR teams. They collect sensitive information from their members and others and they compile sensitive information through their activities. And team members are not the only ones interested in the information. Child deaths are often in the public eye and may be controversial. The public and the press may want to know what the team knows.

When we talk about confidentiality in relation to the CDR process, we are generally referring to two separate but related concepts:

For both concepts of confidentiality, there are important policy considerations:

  • The team cannot do its work without having access to information about the child, the family and the death.
  • Agencies and individuals will neither share information nor freely discuss the issues involved in child deaths if their work is open to the public or subject to litigation.
  • The public has an interest in knowing why and how children are dying and what can be done to prevent those deaths.

Confidentiality is crucial to the CDR process and does not have to be a barrier or roadblock to conducting child death reviews. Although there are valid concerns that have to be addressed to ensure smooth team operations, those concerns do not have to impede the review process.

There are several solutions to the issues that confidentiality raises. Dealing effectively with confidentiality is often dependent on state of mind − it is as much of a problem as you want it to be. Sometimes people perceive confidentiality as a barrier because they do not know what the ground rules are and sometimes people treat confidentiality as a barrier so they do not have to participate on a team. In other words, they use it as an excuse to avoid being involved in a process that they do not want to be involved in to begin with. You may find it useful to identify individual motivations and provide strategic solutions.

Back to top

The Team’s Access to Information There are many ways to approach access to information for case reviews. Some teams may have mandated access; others may enter into agreements with the providers of the information. For teams without legislative authority to obtain information, they may have to resort to court orders, Attorney General Opinions or the subpoena powers of certain team members in order to obtain valuable information that has been elusive.

We should note here that there might be federal restrictions that supercede state or local information access mandates. For example, team members from substance abuse services, mental health, education or others may not be able to share case-specific information at reviews. In those cases, they may instead be able to provide information about their services and can give ideas about improving linkages and referrals in the future.

Back to top

Others’ Access to Team Information When we speak of access to team information, we are referring to the ability to:

  • access the team’s written materials.
  • access the team’s unwritten information.
  • attend team meetings.

So how does the team maintain the confidentiality it needs to do its job? Here is a four-part approach.

  1. What information does the CDR team have?
  2. What agencies or individuals are entitled to the information?
  3. Are there any restrictions on access?
  4. What are the possible approaches to the access or restrictions?

Back to top

1. What information does the CDR team have?
The starting point for determining whether there will be problems related to the access by outside persons/entities to team information is to identify the kinds of information that the team has. Generally, the information will be in one of two forms. It will either be:

  • Identified: information is included that identifies the child and family.
  • De-identified: the information provides no clues to the identity of the child and family.

Some teams are mandated to use de-identified information as a means of reporting and surveillance; many others complete records using case-specific identifiers. A team may feel differently or have fewer constraints regarding the sharing of de-identified information than it will regarding the sharing of case-identified information.

Back to top

2. What agencies or individuals are entitled to the information?
The steps to determine whether any agency or individual is entitled to access that information should be identified. There are four groups that might be entitled to access:

  • Team members.
  • Other government officials or agencies.
  • The press.
  • The public.

In considering these possibilities, a team should look at applicable statutes, regulations, case law, court rules and memorandums of agreement. Here, we will focus on statutes that give the public access to what the government does and has.

  • Public information acts, also called “freedom of information acts (FOIA),” are state and federal laws that give the public access to records maintained by government entities. Many states that have enabling CDR legislation have specific exemptions from that coverage.
  • Open meeting laws make the meetings of government organizations open to the public. These laws often include a listing of exemptions for certain types of meetings, of which CDR meetings may be a part. And again, CDR enabling legislation may also hold the review meetings exempt from these laws.

Back to top

3. Are there any restrictions on access?
Just as there may be restrictions that hamper the team’s ability to obtain case information, the same types of statutes may also restrict the access of others to team information. The law may even stipulate with whom team information can be shared:

  • Other local CDR teams within a state (especially if there are cross-jurisdictional issues).
  • The State Office of the Children’s Ombudsman or state social services agency.
  • The agency that sponsors the CDR process.
  • The CDR support staff.

Back to top

4. What are the possible approaches to the access or restrictions?
When looking at possible approaches to responding to the attempts of persons not on the team to access information, we are interested not only in how the team can restrict access, but also how the team can obtain the access they need to review findings. Consider these approaches:

  • State statutes or regulations: Should state statutes or regulations be changed to allow certain people to have access to the team’s de-identified information? Should they be changed to protect the disclosure of the team’s identified information?
  • Confidentiality agreements: As discussed earlier, these can remind team members to keep confidential the information that is not to be shared beyond the team.
  • Court orders: These can identify the information that is available to the public and that which is not.
  • Providing de-identified information and prevention approaches to the public: We started this chapter by identifying reasons why the public should have team information. Consider sharing de-identified information about deaths and prevention approaches to the public.

Back to top

Ensuring Confidentiality in Your Team’s Review Process
Confidentiality can sometimes be perceived as a barrier to conducting effective and comprehensive death reviews. However, there are ways to ensure confidentiality.

If you are just starting a team, it may be to your benefit to look into obtaining statutory support for the team’s activities. This legislation may specifically address matters that can cause a person or entity to be wary of either participating in the process directly or providing case information to the team. Some legislation may speak to exemptions of the review meetings from open meetings acts or team records from FOIA. They may go further, providing the team legal authority to access certain records for use in conducting reviews. They may even hold team members exempt from tort liabilities as a result of their participation on the team. Research what may already be in place in your state regarding special protections for access to records for certain types of public health surveillance that may cover your team’s activities.

If there is nothing in place and your team (or potential team) believes that legislation would assist them in conducting the work of the team, research what other states’ provisions of law are regarding CDR. It is almost always easier to get legislators to consider statutes if you can point to many other states that use similar language. If you are going for legislation, try to build into your bill all the necessary components to allow confidential reviews and to protect your team members. It’s easier to get the most comprehensive legislation the first time rather than to go back and ask for amendments.

CDR legislation checklist (PDF)

Back to top

Confidentiality Statements/Agreements
CDR team members should sign a confidentiality agreement before sharing information in a review meeting. These statements can incorporate a variety of topics in their language. They may specifically include:

  • The stated purpose of the review process.
  • References to the statutes that pertain to CDR, especially those that address confidentiality.
  • References to the consequences of breaking the confidentiality agreement (removal from the team, disciplinary action within the team member’s agency, misdemeanors, etc.)
  • Circumstances under which it is permitted to share team information.

Teams may require that confidentiality agreements be signed once by each team member and kept on file for the duration of that person’s service on the team. Others may renew these documents on an annual basis, in order to have recent signatures and to remind members about their responsibilities of maintaining confidentiality. Teams in larger, more urban areas may wish to include this language at the top of their sign-in sheet, to be sure that all members are participating under current agreements, including ad hoc members that may be called in for one case only or on a sporadic basis. CDR programs may also require their support staff to sign such documentation.

Sample Confidentiality Statement (PDF)

Back to top

Assurances of Document Storing and Security
It may be helpful to have written statements available to describe exactly how all information, records and documents for CDR cases will be stored (locked files in locked offices, etc.). These should exist already if your housing or sponsor organization has put the activities of the review team through the approval process of their Institutional Review Board (IRB). Having policies in place regarding specifics of who has access to these files and how the team’s information will be turned into aggregate data for wider distribution may also be helpful.

Back to top