Personal Trainers and Client Confidentiality
David L. Herbert
Codes of ethicsThe education and certification of personal trainers is highly touted by a number of groups. ACSM, AFAA, ACE, NSCA, NBFE and many others offer education, training, certification and/or testing for individuals striving to become personal trainers. Mainstream training and certification groups publish codes of ethics statements that provide that information acquired during training relationships be kept confidential. Such codes, however, are not always enforced, and certainly don't have the force of law. Codes of ethics have been adopted by many personal training groups; however, the protection of client privacy by some of these groups may be lax.
No laws to zip trainers' loose lipsWhile some personal trainers have gone to great lengths to preserve client confidences, such as the personal trainer for professional baseball player Barry Bonds, others freely give out information and breach what is often considered client confidentiality. When the generally accepted screening and information acquisition practices used by many personal trainers are examined — which include the acquisition of information about clients' ages, heights, weights, bodily measurements, past medical histories, risk factors, medicines and supplements being taken, etc. — it is no wonder that some trainers are criticized for what many consider unprofessional conduct when such information is disclosed to third parties without authorization.
Surely the legal system, some would ask, protects the confidentiality of information about client health conditions that are acquired by trainers? The fact is, federal privacy laws such as HIPAA, the Health Insurance Portability and Accountability Act of 1996, and its privacy rules that protect individually identifiable healthcare information when used by, among others, "healthcare providers," do not apply to most personal trainers. Moreover, privacy laws in effect at the state level provide only a hodge-podge of regulations, most of which don't affect the training relationship so as to protect even sensitive client information.
Finding other means of protectionGiven this absence of meaningful federal or state regulation, many ask what protections are available to preserve client confidences in this setting? First, codes of ethics established by some recognized certifying/testing groups, as well as professional fitness associations, should be vigorously enforced so as to stop the unauthorized disclosure of client information. Secondly, until (if ever) laws are passed protecting the disclosure of client information, employment policies for those facilities hiring personal trainers should be developed and require the termination of a trainer who impermissibly discloses client information. For those businesses that use the services of such trainers on an independent contractor basis, contract terms should include prohibitions on the disclosure of client information. Violations of such contract terms should be pursued as contract breaches, and damages should be sought from trainers who violate these contract terms, together with requests for injunctive relief so as to stop further disclosure. Lastly, the impermissible disclosure of client information may be actionable by direct client litigation based on invasion of privacy claims, defamation actions sounding in slander or libel, negligent or intentional infliction of emotional distress grounds, or other similar legal theories.
The personal training profession as a whole, and the clients served by it, would be well-advised to address client privacy issues in a straightforward and direct manner. While pure gossip in this setting may not be actionable in and of itself, the unauthorized release of sensitive client information should be vigorously opposed by every professional in this setting.
Facility of the Week