9.2 Confidentiality, Privacy, and Data Protection

Protecting people while using information well

Health education work depends on information. A CHES may collect survey responses, attendance logs, screening referrals, interview notes, coalition minutes, evaluation data, or school records. Ethical practice requires using that information for legitimate program purposes while protecting privacy, confidentiality, and dignity.

Privacy is the person's interest in controlling access to information about themselves. Confidentiality is the professional obligation to protect information that has been shared in a trusted context. Security is the set of safeguards used to prevent unauthorized access, loss, or misuse. Exam questions may use one term, but the best answer often addresses all three.

Start before data collection. A CHES should ask what information is truly needed, why it is needed, who will see it, how it will be stored, how long it will be kept, and how it will be reported. Collecting extra identifiers because they might be useful later creates unnecessary risk.

Consent language should be understandable. Participants should know the purpose of the activity, whether participation is voluntary, what information will be collected, how it will be used, and any limits to confidentiality. In school, workplace, clinical, tribal, or research settings, additional laws, policies, or approvals may apply.

Minimum necessary access is a useful exam rule. Staff should see only the information needed for their role. A volunteer calling participants to remind them of a workshop may need names and phone numbers, but not full survey responses. A partner writing a newsletter may need aggregate outcomes, but not raw files.

Storage decisions matter. Paper sign-in sheets should not be left in public rooms. Spreadsheets with participant identifiers should not be sent to a personal email account. Shared drives should use permissions, naming conventions, and retention rules. Password protection alone is not a complete plan if access is poorly controlled.

Reporting requires judgment. Aggregate data are usually safer than individual records, but small numbers can reveal identity. A report that says one pregnant teen in a small rural school completed a program may identify the participant even without a name. Detailed quotes can also reveal identity through context.

Confidentiality has limits. A CHES should know organizational policies and applicable law for situations involving imminent harm, abuse reporting, court orders, or required public health reporting. The exam is not asking candidates to memorize every jurisdiction's law. It is asking for the professional habit of following policy, consulting appropriate authority, and not promising absolute secrecy.

NCHEC also treats exam score information as confidential. Official score information is not something a supervisor, school, or employer receives by casual request. Disclosure requires proper candidate authorization or legal direction. This reinforces the broader principle that convenience is not a reason to release protected information.

Watch for traps. It is not acceptable to discuss a participant's case in an elevator, use a real name in a training example without permission, or share a raw dataset because a partner is curious. It is also not enough to say that no harm was intended. Ethical practice focuses on foreseeable risk.

When a privacy breach is suspected, the best first response is to contain the exposure and follow policy. That may include notifying a supervisor or privacy officer, documenting what happened, securing the file, and determining required notifications. Deleting evidence or privately warning only a friend is not an ethical response.

On the CHES exam, choose the option that protects identifiable information, respects participant choice, uses data for the stated purpose, and still supports valid program decisions. Confidentiality is not a barrier to evaluation. It is a design requirement for trustworthy evaluation.

Scenario Review Checklist

• Identify the relevant CHES Area of Responsibility.
• Locate the program stage in the scenario.
• Match the answer to evidence, stakeholders, and ethics.
• Reject choices that are premature, unsupported, or outside scope.