This is the second in a series of articles addressing legal issues in infection control. The first article (Infect Control Hosp Epidemiol 1988: 9(3):127-129) discussed the basic elements of liability law as it relates to infection control in the hospital setting. This article will focus on confidentiality in the infection control process.

Infection monitoring and control, as it occurs in most hospital settings, depends on ready access to relevant information, careful evaluation of the data, and appropriate communication of conclusions and recommendations. Equally obvious, however, is the risk associated with free-floating information of this significance. Infection control programs produce a multitude of documents that are of potential interest to outsiders such as fellow staff members, other health care institutions, and attorneys. Without specific attention to mechanisms for protecting its confidentiality, information gathered in the infection control process may well become available to some or all of those interested parties.