Test Security

• The most controversial of any of the revisions to the APA Ethics Code
involved Standard 9.04, Release of Test Data, dealing with the release
of test data (i.e., test reports, summaries, client responses or products
from the test, and psychologist's notes and observations during the
test) and Standard 9.11, Maintaining Test Security, dealing with
maintaining test security and the release of test materials (i.e., test
manuals, instruments, protocols, and test questions or test stimuli).
• With the introduction of the HIPAA Privacy Rule and the greater use of tests in
litigation, the issues of testing security have grown. Requests for test data and
materials are most likely to arise in one of two scenarios. Patients can first ask
for access to or possession of their records, which may include test data or test
materials. Second, in the course of a judicial process, demands for test data or
test materials may be made.

• In recent years, the utilisation of psychological data in courts has increased.

These cases include child custody recommendations, civil litigation in which
emotional harm is asserted, and criminal suits in which one of the parties'
mental state is a factor. The 2002 APA Ethics Code revisions must be viewed
in light of the HIPAA Privacy Rule and copyright laws.
Changes to the APA Ethics Code
• The 1992 Ethics Code (APA, 1992) included two standards relevant to
test data and test materials. Standard 2.02b, Competence and
Appropriate Use of Assessments and Intervention, of the 1992 Ethics
Code stated,
• Psychologists take reasonable precautions to protect people from misusing the information
provided by assessment techniques, interventions, results, and interpretations. This includes not
disclosing raw test results or raw data to anyone who isn't qualified to use it, such as patients or
clients.
Changes to the APA Ethics Code
• In addition, Standard 2.10, Maintaining Test Security, of the 1992
Ethics Code stated,
“Psychologists undertake reasonable measures to ensure the integrity and security of tests and
other assessment methodologies in accordance with the law, contractual duties, and the standards
of this Ethics Code.”

• These two standards placed an affirmative obligation on the part of

psychologists to take reasonable steps to prevent the misuse of test
information, ensure that "raw test results or raw data" were sent only
to "qualified" persons, and protect the security of tests.
 The 1992 standards, on the other hand, had at least three major flaws.
First, they never defined raw test results or raw data.Second, they did not
clarify who was a qualified person.

 In this case, it would be necessary for the psychologist to learn about the
credentials of the person who is to receive the raw data. This standard
places a high burden on psychologists because they would have to
evaluate the training and competence of all persons (including
psychologists) who want to see the test data and materials.
 A broader definition could include persons who have psychological testing within the
scope of their licenses. In that case, qualified persons might mean either psychologists or
physicians whose broad scope of practice legally allows them to perform many tasks also
performed by other health care professionals. For some tests, a qualified person might be
a mental health counselor or social worker, depending on the particular test being used.

 The third problem with the 1992 standards was that the passage of the HIPAA Privacy
Rule established minimal rules on patient privacy and patient control over health care
information.

 The Privacy Rule created an exception whereby , psychologists may deny patients access
to their protected health information if doing so would be reasonably expected to cause
severe injury or endanger the individual's or a third person's life or physical safety. Even in
those cases Patients have the right to have the rejection reviewed by another health care
provider.
 In response to the criticisms of the 1992 APA Ethics Code, the standards regarding test data
and test materials were changed in the 2002 Ethics Code. Standard 9.04, Release of Test
Data, of the 2002 Ethics Code states,

“(a) The term test data refers to raw and scaled scores, client/patient responses to test questions or stimuli, and
psychologists' notes and recordings concerning client/patient statements and behavior during an examination.
Those portions of test materials that include client/patient responses are included in the definition of test data.
Pursuant to a client/ patient release, psychologists provide test data to the client/patient or other persons
identified in the release. Psychologists may refrain from releasing test data to protect a client/patient or others
from substantial harm or misuse or misrepresenation of the data or the test, recognizing that in many instances
release of confidential information under these circumstances is regulated by law. “

(b) In the absence of a client/patient release, psychologists provide test data only as required by law or court
order.
Maintaining Test Security, of the 2002
APA Ethics Code
• Standard 9.11, Maintaining Test Security, of the 2002 APA Ethics Code
states,

“The term test materials refers to manuals, instruments, protocols, and test questions or stimuli and
does not include test data as defined in Standard 9.04, Release of Test Data. Psychologists make
reasonable efforts to maintain the integrity and security of test materials and other assessment
techniques consistent with law and contractual obligations, and in a manner that permits
adherence to this Ethics Code. (Italics in original)”
 Thus, the 2002 APA Ethics Code contains three major changes from the 1992 Code: Test
data and test materials are defined; the criterion of releasing only to qualified persons
was removed; and the Ethics Code was modified to be more in accord with the HIPAA
Privacy Rule and general trends in law. and ethics toward more patient autonomy.