The provider shall protect the privacy of individuals served and shall not disclose confidential information without express written consent, except as permitted by law. The provider shall remain knowledgeable of, and obey, all State and Federal laws and regulations relating to confidentiality of records relating to the provision of services. The provider shall not discuss or divulge information obtained in clinical or consulting relationships except in appropriate settings and for professional purposes that demonstrably relate to the case. Confidential information acquired during delivery of services shall be safeguarded from illegal or inappropriate use, access and disclosure or from loss, destruction or tampering. These safeguards shall protect against verbal disclosure, prevent unsecured maintenance of records, or recording of an activity or presentation without appropriate releases.
26 Tex. Admin. Code § 564.13