Key point 4-04. Many states recognize "invasion of privacy" as a basis for liability. Invasion of privacy may consist of any one or more of the following: (1) public disclosure of private facts; (2) use of another person's name or likeness; (3) placing someone in a "false light" in the public eye; or (4) intruding upon another's seclusion.

A federal district court in Virginia ruled that an insurance company that posted confidential medical records online without security restriction gave "unreasonable publicity" to, and "disclosure" of information about, patients' private lives. This case suggests that a church may be liable on the basis of invasion of privacy to publishing a "prayer list" in a church bulletin, newsletter, website, or some other resource that contains the names and medical conditions of church members who are either hospitalized or ill.

To illustrate, in another case, a church music director was hospitalized for severe depression. During the period of his hospitalization, the church placed him on a medical leave of absence, and an acting music director was appointed. A few months later, the music director was again hospitalized following a suicide attempt.

A few days after the music director was discharged from the hospital, the church posted an article on its website that contained the following statements: "We have good news for you! Our music director is returning to the church after a long medical leave of absence. Since the summer of last year, he has been treated for bi-polar illness, a condition which at times has resulted in serious depression for him. Various therapies and medications have been tried, and finally, after much experimentation, his health has improved considerably. For that we are all very happy."