Published May, 2007

Guidelines on Protecting the Confidentiality and Security of HIV Information: Proceedings from a Workshop, UNAIDS (2007)

This draft set of interim guidelines is the result of a three-day workshop held in Geneva, Switzerland in May 2006 on the confidentiality and security of HIV-related information collected for patient monitoring and evaluation. The goal of these guidelines is to identify strategies that ensure the safety and privacy of HIV/AIDS-related health information during and following treatment, including: collection, transfer, storage, use, dissemination, and disposal of health information. This document primarily serves as a guide for low- and middle-income countries in securing health information as patient services are scaled up.

Breaches of confidentiality and privacy from malicious or inadvertent release of personal information and medical data can cause personal and economic harm to the subject of these records. The purpose of health information security and confidentiality principles is to make sure that such data is used carefully and appropriately, to serve the improvement of health and the reduction of harm on an individual and community level. With this in mind, the guidelines recommend that procedures used to gain HIV/AIDS-related data conform to accepted international ethical and legal standards, such as the Right to Privacy, Article 12 of the Universal Declaration of Human Rights.

All organizations, institutions, and individuals with access to health data have the responsibility to ensure that adequate confidentiality and security protections are in place for personal data, which should only be released to serve legitimate health purposes. Accordingly, the guidelines state that individual data must not be shared with non-health authorities, such as law enforcement officials, without consent of the individual, unless immediate danger or grave physical harm may come to another individual or the general population in the absence of disclosure.

The guidelines recommend that all countries have in place a written policy that defines security procedures surrounding health data storage, analysis, use, and disposal. Physical privacy of paper and electronic records is the first consideration; paper records should be kept in locked, secure storage, and electronic records should be protected with commercially-available encryption programs.

Procedural security -- the policies in place for all those dealing with the collection, storage, and transfer of health data -- is another consideration. Written policies which take into account the legal and ethical issues of data securing, sharing and release must be in place for all those who handle health records. This requires that countries, organizations, and individuals be familiar with applicable privacy laws.