Skip to main content

MDT Guide and Toolkit

MDT Guide and Toolkit

6: Confidentiality

Purpose of this Chapter

Information sharing is a central aspect of an MDT that facilitates a holistic approach to meeting the multifaceted service needs of MDT clients and assists in the coordination of abuse investigations. With information sharing comes the responsibility to protect client information and ensure the proper handling of data related to each case. Understanding confidentiality and related concepts is essential to developing clear and robust policies for the proper handling of information. Confidentiality is a serious issue that warrants considerable attention, but it does not have to preclude information sharing in most cases. For decades, similar teams addressing mental health, domestic violence, child abuse, and sexual assault have found ways to navigate the complexities of information sharing and confidentiality. This chapter will help you manage these issues.  

Five Steps to Managing Confidentiality

I. Understand the purpose of confidentiality 
II. Review the five elements of confidentiality 
III. Chart federal and state laws, professional ethics, and other authority 
IV. Create a confidentiality policy, protocol, form, and address data security 
V. Pause periodically to re-evaluate your policy, protocol, and form

Each step is described in detail below. 

I. Understand the Purpose of Confidentiality

Confidentiality pertains to all members of the MDT. Confidentiality involves restricting information to persons belonging to a set of specifically authorized recipients through professional silence and secure data management. The purpose of confidentiality is foster relationship building, that is, confidentiality builds trust between the client and a professional (e.g., physician, psychologist, victim advocate). When personal information is not shared with third parties, clients are more likely to be honest and open in disclosing information to the professional, and in turn, the professional can provide the most relevant and appropriate response, thereby optimizing the client’s well-being. 

II. Review the Five Elements of Confidentiality

There are innumerable misunderstandings about confidentiality. Reviewing the five elements below will bring greater clarity to confidentiality of client information, whether verbal or written.

1. Who is Sharing the Information?

Each member of the MDT is guided by their profession’s confidentiality mandates. However, professions have adopted varying degrees of confidentiality, from no exceptions to sharing information without a victim waiver (e.g., victim advocates, attorneys, LTC Ombudsmen) to some exceptions (e.g., health care provider teams, social workers on some MDTs). The team will need to gauge the level of confidentiality and possible exceptions for each MDT member.

2. Sharing Information with Whom?  

Next consider with whom the information is being shared. Is the MDT member sharing the information with an authorized team member or a service provider versus a colleague, friend, or spouse. These latter three individuals may not have a “need to know” MDT client information, but a team member or a service provider might. Sharing information is a duty; it ensures the MDT client is receiving a holistic response while facilitating investigative aims. At the same time, both parties must assume the duty of protecting that information from those who do not need to know.

3. Information Sharing for What Purpose? 

MDT client information must be held confidential and must only be shared with individuals on a “need to know” basis. Some legitimate purposes for information sharing include: 

  • Care and care plan development and coordination
    Client information must be held confidential and must only be shared with individuals who need the information to provide services or who have a legitimate need for the information (e.g., investigators).
  • Required by law
    Disclosure of information may be required by law, for example, mandated reporting laws (reporting abuse or harm to self or others). If mandated reporting is required, it is advisable to provide an explanation to the MDT client about why their information is being shared, and to the extent possible, engage the MDT client in the disclosure process.  
  • Research
    Sharing atomized information means confidentiality (the identifying information) is protected yet allows for the data to be used for the purposes of research (check your state statute for exceptions for research). 

If the purpose for sharing information is for the sake of interest or gossip, sharing client information is always prohibited.

4. How Much Information is Shared? 

The amount of information released should be limited to the “need to know” amount. Not every detail of every case needs to be shared. The information shared should be relevant, necessary and proportional to the needs of the case.

5. Where is Information Being Shared? 

Think carefully about where information is being shared. Is the information being shared behind closed office doors where privacy can be assured versus public areas such as in an elevator, in a restaurant, or at home. Take precautions to ensure that when information is being shared, there are adequate protections in place to maintain the confidentiality of the information being shared. 

III. Chart Federal and State Laws, Professional Ethics, and Other Authority

Confidentiality must be considered in the context of federal and state laws, professional ethics, and other authority. Think about the five questions above in the context of your mission and goals, federal and state laws, and ethical frameworks for each profession on the MDT. Below are relevant law and statutory reviews for consideration. Finally, determine whether your state has additional authority it must consider.

Federal Law 

Depending on various factors, federal law may apply to your MDT. Entities receiving federal funds may find that federal restrictions on sharing information apply. Therefore, it is important to be familiar with these laws as they relate to sharing client information.  

State Law

Likewise, MDTs will need to be responsive to their state laws. Below is a link to a statutory review of elder abuse MDT statutes. 

Professional Ethics 

Similarly, review each profession’s code of ethics to determine the parameters of confidentiality. 

IV. Create a Confidentiality Policy, Protocol, and Form

Confidentiality Policy 

Now that you possess a better understanding of confidentiality, your MDT will need to draft a confidentiality policy. The confidentiality policy provides guidelines on how MDT members should handle and protect MDT client information. Be sure the policy includes team training about confidentiality policies and procedures. Note that in some states, a confidentiality policy may be:

Tips for MDTs

Confidentiality policies need to be developed with input from legal counsel and MDT member agencies. Also ensure that your team knows how to handle sensitive documents in a legally defensible manner. The MDT Toolkit offers sample confidentiality policies from existing teams that can be used to develop your policy. 

Data security as a component of a confidentiality policy. In the context of elder abuse MDTs, data security refers to the measures and practices implemented to protect sensitive information related to elder abuse cases from unauthorized access, disclosure, alteration, or destruction, whether written or oral. It is a critical component of ensuring confidentiality as well as preserving the integrity of investigations and potential prosecutions.

When developing your team’s data security policy, consider both the in-office and virtual environments. Common in-office textual data security practices include:

  • Locking documents in file cabinets
  • Using password protected computers and software
  • Prohibiting team members from taking files home
  • Ensuring files that are in use are kept out of the view of passersby
  • Providing clear boundaries around intake and distribution of information
  • Collecting and shredding documents shared during case review meetings

Since 2020, many teams have moved to virtual or hybrid (virtual and in-person) meetings. To enhance security in this environment, both written and verbal, develop policies that include:

  • Using password protected Wi-Fi
  • Holding calls in private spaces
  • Using an appropriate meeting platform and a tier that includes enhanced security features. Most virtual meeting platforms now have HIPPA-compliant for-pay tiers.
  • Keeping software updated
  • Fully utilizing the software security features that are available to you such as:
    • Using waiting rooms to accept participants into meetings
    • Having a unique meeting link for each meeting
    • Utilizing unique meeting passwords
    • Blocking attendees whose identity you cannot verify or who have not submitted a signed confidentiality agreement prior to the meeting

Confidentiality Protocol 

Now that you have a policy in place, you need to develop a confidentiality protocol. How is confidentiality going to be managed on a day-to-day basis? 

Innovative MDTs have developed approaches for managing – not ignoring – confidentiality that allow MDTs to share information among team members while maintaining MDT client confidentiality. 

Drawn from practicing elder abuse MDTs, below is a partial list of possible solutions. Solutions for verbal discussions during case review meetings might include: 

  • All MDT members signing a confidentiality agreement at each meeting.
  • MDT members using pseudonyms, initials, or case ID numbers when discussing cases during a case review meeting.
  • Providing written reminders about confidentiality (with applicable state code sections) at each case review meeting, with a confidentiality reminder on the case review meeting agenda.
  • Requiring individuals who are not MDT members, but are attending a case review meeting for a specific purpose, to sign a confidentiality pledge prior to the meeting.

Tip for MDTs

Adopting Person-Centered Practices: Obtaining MDT Client-Informed Consent 

Historically, elder abuse MDTs have rarely sought the consent of the MDT client to share their confidential information among MDT members. However, in recent years, with a greater focus on person-centered care, more teams are supporting the autonomy of older adults by obtaining informed consent from MDT clients prior to sharing information at case review meetings.  

Informed consent is the voluntary agreement of an older adult (or their legal representative) to allow the sharing of specified information under particular circumstances. It involves providing clear explanations of the purpose, potential risks, and benefits of sharing information.

Obtaining informed consent from an MDT client whose decision-making capacity is in question raises concerns as to whether the MDT client has the decision-making capacity to give informed consent. The standard for decision-making capacity to give informed consent for their information to be shared has, to our knowledge, not been established. Concerns about decision-making capacity are sometimes used to justify not obtaining informed consent. Yet it is important to ask for the MDT client to consent to sharing their information with MDT members. See sample Informed Consent form

To address concerns about decision-making capacity in the context of informed consent, build redundancy into your policy and protocol by also adopting one or more of the practices listed above. When informed consent is obtained, assure the MDT client that they can withdraw consent at any time.

Solutions for documents used or generated at case review meetings might include: 

  • Prohibiting note taking during case review meetings except for the MDT Coordinator.
  • As mentioned, collecting and shredding all paper documentation at the close of the meeting.
  • Keeping a list of action items and referrals to assist with case tracking and requesting updates for MDT member agencies rather than keeping case consultation meeting minutes.
  • Keeping reports and medical records with the parties originally requesting that information, and simply noting where cross-reporting and legal mandates require or permit the sharing of information. For example, in some jurisdictions an APS worker may have the ability to request medical records and share them with law enforcement. Their MDT might note that APS had requested medical records and shared them with law enforcement, but the MDT would not house those records within their files. Instead, they would make a note that APS and law enforcement can be contacted for updates related to this action.

Confidentiality Form 

Finally, the MDT will need to create a confidentiality form based on the confidentiality policy and protocol. The MDT Guide and Toolkit has several sample confidentiality forms you can review when drafting your own confidentiality form.

VI. Pause Periodically to Re-Evaluate Your Confidentiality Policy, Protocol, and Form

Build into your program a period of time (e.g., annually) to re-evaluate your confidentiality policy, protocol, and form to ensure it is still meeting its intended purpose. 

For more information on elder abuse MDT confidentiality, view these webinars:

Tip for MDTs

  • Form relationships with neighboring MDTs to share professionals across teams should a conflict arise.
  • Develop a system similar to the Texas Elder Abuse and Mistreatment (TEAM) Institute’s portal whereby APS in every county can electronically submit documents for a forensic review. Not only does this expand the reach of a limited professional resource, but it also minimizes the chance that a conflict of interest will arise as the forensic reviewers are not located in the community they are serving.
Chapter 6: Summary

There are many aspects of confidentiality that your elder abuse MDT will need to discuss when developing the policies and protocols around this issue. While confidentiality is a topic that engenders considerable debate and passion, it is by no means an insurmountable barrier to information sharing and forming trusting relationships among MDT members so critical to a well-functioning elder abuse MDT.