Confidentiality is a foundational principle of mental health treatment and mental health information is uniquely sensitive. The degree to which communication and sharing of information is facilitated or automated within computerized health information systems carries increased risk of unauthorized transmission of protected health information.
Confidentiality refers to protecting information from being accessed by unauthorized parties. In other words, only the people who are authorized to do so can gain access to sensitive data. Imagine your bank records. You should be able to access them, of course, and employees at the bank who are helping you with a transaction should be able to access them, but no one else should. A failure to maintain confidentiality means that someone who shouldn't have access has managed to get it, through intentional behavior or by accident. Such a failure of confidentiality, commonly known as a breach, typically cannot be remedied. Once the secret has been revealed, there's no way to un-reveal it. If your bank records are posted on a public website, everyone can know your bank account number, balance, etc., and that information can't be erased from their minds, papers, computers, and other places. Nearly all the major security incidents reported in the media today involve major losses of confidentiality. So, in summary, a breach of confidentiality means that someone gains access to information who shouldn't have access to it.
Obviously, confidentiality is one of the five pillars of Information Assurance (IA). The other four are authentication, availability, integrity and nonrepudiation. Sensitive information or data should be disclosed to authorized users only. In IA, confidentiality is enforced in a classification system. For example, a U.S. government or military worker must obtain a certain clearance level, depending on a position's data requirements, such as, classified, secret or top secret. Those with secret clearances cannot access top secret information.