Which statement about confidentiality best describes its scope?

Confidentiality in health information management covers all health information across contexts, in any form. This means anything that identifies a patient and relates to their health—whether it’s a clinical note, a billing or administrative record, lab results, or information shared for research or quality improvement—must be protected. It applies whether the information is stored on paper, kept electronically, or spoken in conversation, and it travels across settings like clinical care, insurance, and even external partnerships. The broad scope is essential because even seemingly ordinary business records can reveal health details, so safeguards must apply everywhere health information appears to maintain trust and comply with legal and ethical obligations. Limiting confidentiality to electronic records ignores the many non-digital and non-clinical sources of health data, and restricting it to clinical data overlooks administrative and financial records that also contain sensitive information.