This is the second in a series of articles addressing legal issues ininfection control. The first article (Infect Control Hosp Epidemiol 1988: 9(3):127-129) discussed the basic elements ofliability law as it relates to infection control in the hospital setting.This article will focus on confidentiality in the infection controlprocess.

Infection monitoring and control, as it occurs in most hospital settings,depends on ready access to relevant information, careful evaluation of thedata, and appropriate communication of conclusions and recommendations.Equally obvious, however, is the risk associated with free-floatinginformation of this significance. Infection control programs produce amultitude of documents that are of potential interest to outsiders such asfellow staff members, other health care institutions, and attorneys. Withoutspecific attention to mechanisms for protecting its confidentiality,information gathered in the infection control process may well becomeavailable to some or all of those interested parties.