Confidentiality, Documentation, Public Statements, and Social Media
Key Takeaways
- Confidentiality applies to written, verbal, visual, electronic, and informal communication.
- Documentation should be accurate, timely, secure, and sufficient to support service decisions.
- Public statements must be truthful, not misleading, and clear about credentials, evidence, and limits.
- Social media does not remove confidentiality duties, even when names are omitted.
Confidentiality Is Broader Than Names
A client can be identified by initials, photos, age, school, location, rare behavior, schedule, diagnosis, family details, or a combination of facts. Removing the name is not enough if a reasonable person could infer who the client is.
Confidentiality also applies when the audience feels harmless. A closed social media group, staff lunch, ride home, conference hallway, or class discussion can still become an unauthorized disclosure.
Documentation Standards
| Record issue | Ethical risk |
|---|---|
| Late data entry | Memory errors and weak clinical decisions. |
| Missing context | Inaccurate interpretation of behavior change. |
| Altered notes | Misrepresentation and billing risk. |
| Unsecured files | Unauthorized access to private information. |
| Vague progress claims | Misleading stakeholders about effectiveness. |
Public Statements
Public statements include websites, resumes, ads, presentations, media interviews, podcasts, posts, testimonials, and comments to stakeholders. They should accurately represent services, credentials, roles, evidence, risks, and expected outcomes.
Avoid guaranteed outcomes such as "we stop aggression in 2 weeks." Avoid implying a specialty, license, or endorsement that does not exist. When describing ABA, distinguish evidence-based behavior-analytic services from unsupported claims.
Scenario Strategy
When a question involves information sharing, ask: Who needs the information? What is the minimum necessary? Is consent required? Is there a legal or safety exception? How will the disclosure be documented?
A BCBA wants to post a de-identified video of a client's successful session in a private professional group. The face is blurred, but the school logo and unusual behavior history are visible. What is the best action?
A technician reports that yesterday's session data were accidentally entered under the wrong client. What should the supervising BCBA do first?
A clinic advertisement says, "Our BCBA program guarantees language gains for every child." Which concern is most relevant?