Don't Tell: Confidentiality and the Volunteer Situation

The Samaritans are a UK-based charity that provides confidential emotional support to those who are depressed or suicidal. Volunteers provide this service through 24-hour crisis-lines and e-mail response centers.

One of the keystones of The Samaritans philosophy is that their service is absolutely confidential. Their belief is that clients will be more likely to seek Samaritan services and freely express their state of mind if they feel that their conversation is protected from disclosure. Here’s how both the West Australian branch and the Monadnock Region (US) of The Samaritans express this to clients on their Web sites:

Is The Samaritans Confidential? 

The Samaritans offers absolute confidentiality. There are no exceptions. What our callers say or write to us never goes beyond The Samaritans – whatever the circumstances, the caller's age, or state of mind. Our policy of absolute confidentiality also means that, if asked, we will neither confirm nor deny whether someone is in contact with us. The confidentiality lasts for ever: even after death. The Police and other agencies understand and accept our total confidentiality. ¹

In October 2003, Ray Osborne, a volunteer for the UK branch of The Samaritans, encountered a difficulty in keeping to this promise of confidentiality.

One of his callers confessed to a murder of a young girl.

Osborne reported this to police, who then, with the cooperation of The Samaritans, tapped further conversations between Osborne and his caller and eventually James Ford was arrested for the murder of Amanda Champion.

The Samaritans then terminated Osborne as a volunteer, citing his breach of the Samaritan confidentiality policy.

As you might expect, when this became public knowledge it ignited a bit of a debate in the UK over whether asking volunteers to remain silent about such matters is a good idea. After all, allowing confessed murderers to run around free doesn’t seem like the best service to the public.

You can read some of this discussion, both pro and con, at Third Sector (http://www.thirdsector.co.uk/hot-issue-samaritans-sacked-its-volunteer-ray-osborne/article/623007, link updated Mar2017).

The outcry may be having some effect, since a new page has appeared within the past ten days at www.samaritans.org/talk/questions.shtm (link no longer active, Mar2017), from The Samaritans’ UK main office, with new language in response to the potential client question:

4. Are you confidential?

Everything a caller says is confidential to Samaritans unless:

- We have informed consent from a caller to pass on information
- We call an ambulance because a caller appears to be incapable of making rational decisions for him or herself
- We receive a court order requiring us to divulge information
- We are passed information about acts of terrorism or bomb warnings
- A caller attacks or threatens volunteers
- A caller deliberately prevents the service from being delivered to other callers  

Samaritans maintain confidentiality even after the death of a caller.

Although we do not trace calls or use technology to identify you, we cannot be responsible for the security of the phone line that you use. Find out more about email <link> and ways to email securely <link>.

The site also links to a Caller Privacy Statement and has a reference to contact their legal officer for more information, so we suspect a revision is now taking place.

While the incident concerning murder is clearly a worst-case scenario, the issues involved are prompting us to make a few comments about the whole confidentiality and volunteers question.

Volunteers and Confidentiality Agreements

Volunteers are sometimes privy to personal information about the lives and conditions of clients and others. This naturally comes with the territory of serving clients. Often volunteers are asked to sign confidentiality agreements, promising to safeguard this information. If you do a quick Internet search you can find hundreds of examples of such agreements, of which two are:

• St. Thomas Hospice http://www2.edc.org/lastacts/archives/archivesJuly00/confid.asp

• Planned Parenthood of Western Washington http://www.ppww.org/Volunteer/Confid Agreeement-HIPAA Prvcy Stmnt.html

Please note: the above links are inactive as of Mar2017, but a useful replacement link is https://www.template.net/business/agreements/sample-volunteer-confidentiality-agreement/, where 10+ Volunteer Confidentiality Agreement Templates are available for free download from Template.net.

Many of these agreements (although not the examples immediately above) are phrased in absolute terms – breach of confidentiality = grounds for dismissal – some to the extent that they sound more like threats than reminders of good behavior.

This is done, no doubt, to indicate to the volunteer the seriousness of protecting the client. And, of course, to protect the organization in case of a lawsuit, but we won’t go into that.

There don’t seem to be any statistics on this, but we suspect that volunteers are asked to sign confidentiality agreements far more often than paid staff. In my (Steve’s) entire lifetime as both a paid staff person and a consultant, involving dozens of organizations, I’ve only been asked to sign a confidentiality agreement once, even though I was receiving confidential information about both clients and organizations (Susan reports not even one personal experience). In the last three years I’ve signed four of them as a volunteer, all phrased as protecting data about clients, although the work I was doing had no direct client contact. You’ll forgive our suspicious minds if we believe this is related to the unfortunate tendency of organizations to think that volunteers can’t be trusted because 1) they are clearly prone to gossip, and 2) they can’t be threatened with loss of pay…

It’s also a bit odd that we don’t ask board volunteers to sign confidentiality agreements, either, but that’s another pet peeve for a different article.

No laws stop an organization from giving authorized volunteers access to client information. Anyone with legitimate, direct connection to a case, whether paid or not, needs and should be given identifying and background data to provide the best service. Yet there are agencies in which volunteers are considered confidentiality risks purely because they are not on the payroll. Consider that there are many people who are indeed employees, but nevertheless should be prevented from browsing client records; this may mean the executive director, custodians, or any workers not assigned to a specific case. A volunteer who is properly screened and trained, then assigned to work with a client, is no longer an “outsider,” but an agent of the organization.

At times, the reluctance to share client information with a volunteer smacks of paternalism – towards the client. If an organization feels any uncertainty about who should or should not be told about a case, the best course of action is to ask the client for permission. If it’s okay with the recipient of service that someone, including a volunteer, be given personal details in order to be of help, then it ought to be okay with agency personnel.

The organization’s duty of care to protect information means denying access to anyone who does not meet the criteria of “needs to know,” including any unassigned employees or volunteers, the public, and other clients. This requires locked file cabinets, protected passwords to computer files, concern not to leave folders and reports out on desks, and other basic security precautions. It also means being careful with telephone messages, reception desk questions, and appointment calendars.

Helping Volunteers Deal with Confidentiality

One way to avoid any potential conflicts in protecting both client confidentiality and the conscience of the volunteer is to ensure that volunteers understand both the issues they will be dealing with and their options when confronted with a ethical question involving confidential information.

Here are three suggestions:

1. Establish clear policies for paid staff, volunteers, and clients.

Some confidentiality rules are defined by law, such as protecting minors or not revealing someone’s HIV status. But most confidentiality policies are constructed by an organization for itself, based on its mission and the circumstances of its work. Therefore it is critical to develop written policy statements to clarify both the extent and the limits of confidentiality for everyone involved.

For The Samaritans and any other organization taking a no-exception stance to maintaining confidentiality, both the rules and the possible difficult consequences of abiding by them need to be explained fully.

Here is a more common example of explaining both the confidentiality protections and the conditions under which disclosure might be warranted, from the Crisis Line of Volunteers of America, Western Washington. It is directed toward clients, but also provides guidance to volunteers:

At the Crisis Line, we maintain your concerns in confidence and do not reveal any information to anyone without your permission, except in some situations. If we believe that there is a threat of imminent harm to you or someone else, if we have reason to believe that a child or elderly person is being abused or neglected, or if our records are subpoenaed by a court – under these conditions the law requires us to break confidentiality by getting in touch with the police or other agencies . ²

And here is a more comprehensive explanation for volunteers from the Rainbow Project in Northern Ireland, which also explains how a volunteer should deal with a situation where a breach of confidentiality may occur:

Often, gay men approaching the outreach volunteer will divulge personal issues, perhaps for the first time and this is unlikely to happen unless the client feels safe to completely trust the volunteer.

Confidentiality is one of the most important aspects of the work of The Rainbow Project. We must ensure that personal information divulged to us in the course of our work remains confidential, otherwise we would lose the trust and respect of the gay men we provide a service to and other organisations we work with. If a breach of confidentiality proves necessary, then the outreach volunteer must inform the supervising worker. The worker will then seek guidance or advice as necessary.

Clients should also be made aware of those occasions when confidentiality may be sub-ordinated. These extenuating occasions may arise if the client indicates involvement in a criminal offence (Criminal Law Act Northern Ireland 1967) and/or a likelihood that they may cause serious harm to themselves or to others. This harm is particularly pertinent if directed towards children. The breach of the confidentiality should be carried out with the permission of the client, unless the outreach volunteer feels that the client is no longer responsible for his actions. If a breach of confidentiality proves necessary, then the volunteer must first inform his supervising worker. ³

Volunteers are more likely to do the right thing when someone has explained what it is.

2. Train volunteers in dealing with complex issues regarding disclosure of information.

Most organizations perform training in confidentiality by first stressing the importance of protecting clients and then having volunteers sign a confidentiality agreement. This probably isn’t sufficient (not for volunteers and not for employees, either).

Confidentiality training should cover two key areas: preventing unintentional disclosure and recognizing exceptions to the rules.

Make sure everyone understands what “confidentiality” really covers. It is far more than revealing a client’s name or situation/condition. It includes not providing information that might lead another to guess private identity. So, having a loud conversation in public about the domestic problems of “that fat man in a red suit who comes down the chimney at Christmas” has violated confidentiality! Point out that casual conversations among staff and volunteers are easily overheard by others and much confidential information can be passed on without anyone realizing what they have revealed.

Since the enactment of the Health Insurance Portability and Accountability Act of 1996 (generally referred to as “HIPAA”), health care institutions in the US have learned that safeguarding the privacy of client information is far more difficult than most people realize. It can also sometimes be hard to understand why, for example, employees/volunteers in one section of the hospital are caring for patients while another department is not permitted access to even contact information about those patients. Massachusetts General Hospital provides some great suggestions, directed at both employees and volunteers, at: http://www.mgh.harvard.edu/volunteers/new_confidential.htm (link no longer active Mar2017)

Any confidentiality training should also deal with possible exceptions to the general rule of protecting client information, especially to explain any statutory requirements regarding reporting of criminal acts, child abuse or other legal requirements – which almost always take precedence over agency guidelines. The Samaritans example above, however, demonstrates that some organizations take a different stance (as would clergy or psychiatrists). That’s even more of a reason to explain public law vs. internal policy fully and carefully.

The rules and practice of confidentiality are best taught in a more active training environment in which volunteers role play dealing with specific situations likely to be encountered in their particular volunteer position. For some tips on how to construct and apply such scenarios, see Steve’s article, “Utilizing Role Playing Scenarios in Volunteer Interviewing,” (http://www.casanet.org/program-management/volunteer-manage/vlinscen.htmlink no longer active Mar2017) which can be applied to both the interviewing and training settings.

3. Encourage volunteers to talk about ethical questions and dilemmas.

Once confidentiality has been defined and interpreted, both volunteers and paid staff will realize that there are many gray areas. The way client information is treated may differ in some situations or vary if other client rights are affected, too. Therefore, perhaps the most important part of training is to encourage everyone to stay alert and to ask questions if a dilemma presents itself. This means giving clear instructions as to who is the most appropriate person in an organization to deal with confidentiality questions and what procedure must be followed to determine a course of action. Again in The Samaritan example, the volunteer went directly to the police, bypassing anyone internally who may have found a way to protect all interests.

The worst scenario for a volunteer manager is a volunteer who has concerns but doesn’t feel comfortable in raising them with program staff. There are two ways to ensure this doesn’t happen. The first is develop an atmosphere that encourages discussion of issues with paid staff, both in formal and informal settings. The second is to foster buddy networks among volunteers, utilizing this peer-to-peer approach to both allow volunteers to grapple with complex situations and to encourage them to seek the help of others.

See through the Smoke

We began this essay dealing with the extreme violation of confidentiality issue posed by The Samaritan example, which is pretty unique. What concerns us more is that confidentiality is still too often used as a smokescreen covering resistance to engaging volunteers in substantive client services. Whether someone will spy or gossip is not a function of being paid or not, and we all react to unexpected revelations from our individual ethical perspectives. As with so many other aspects of management, both employees and volunteers will most often act appropriately, according to organization rules, once they are given clear direction. To coin a phrase, an ounce of prevention is worth a pound of cure.