When an employee's religious beliefs clash with an employer's privacy rules, the temptation to tattle can sometimes be overwhelming.

As a result, employers are left with a hard-to-handle exposure: the possibility that a devout employee will break privacy regulations in the name of a greater good.

Dr. Gerald L. Bullock, who practiced medicine in Denison, Texas, in the 1980s, said he was stunned when a bookkeeper at his office released patient information to her church elders. As a Jehovah's Witness, the woman admitted that she was following what she perceived as her obligation to her church to report on a fellow church member's perceived sinful behavior, the doctor explained.

The patient had been treated by Dr. Bullock for a sexually transmitted disease. The Sunday after his employee released that information to church elders, the patient was expelled from the church, he said, and told not to communicate with friends and relatives in the church. "It had a major, major impact on her life," Dr. Bullock said.

The patient threatened to sue. Dr. Bullock's attorney advised the physician to immediately fire the bookkeeper and then "call this lady and do whatever she asks because you've got no defense," the doctor recalled.

After the firing and an apology, the lawsuit threat was withdrawn.

While such privacy breaches by Jehovah's Witnesses are not frequent, "it does happen," according to Gerald Bergman, a former member of the society who has written extensively on the church's practices. He teaches biology and chemistry at Northwest State Community College in Archbold, Ohio.

"Their responsibility is to the church, not to the employer," Mr. Bergman said of the approximately 1 million Jehovah's Witnesses in the United States. "The employer is secular, and, therefore, second."

Such privacy breaches, of course, could be committed by anyone who feels morally obligated to do so, noted George Head, director emeritus of the Insurance Institute of America in Malvern, Pa. "You've got to be careful not to pick on just Jehovah's Witnesses," he said.

And no matter why someone feels obligated to release private information, the consequences could be dramatic for the entity that was responsible for that data.

"The ramifications of this are horrendous," said Catherine H. Gates, senior training specialist with Montgomery Insurance Co. in Sandy Spring, Md.

Ms. Gates, who teaches ethics workshops for Montgomery's agents, said, "Think of the damage if an insurance company had a lawsuit against them for the release of private information. Whether it was successful or not, they are going to lose their clients."

Even though it seems obvious that "the right thing to do is keep your mouth shut and the wrong thing to do is share the information with others," Ms. Gates said it's not hard to see the ethical dilemma for someone who would want to be loyal to a church as well as his or her employer.

For others, though, the dilemma is not so clear.

"It is definitely not appropriate to release (private information) no matter what the outside religious obligation is," said Sanford M. Bragman, Dallas-based vp, risk management at Tenet Healthcare Corp.

The Christian Congregation of Jehovah's Witnesses, the body that directs church affairs, says there is no policy forcing members to report sinful acts or divulge private information. That choice is up to members, according to Phillip Brumley, general counsel for the Brooklyn, N.Y.-based group.

"They should study the scriptures, and what they do is up to them," said Mr. Brumley. If there is a conflict, he said, a member should "think that through and decide what to do."

A 1987 article in the church's Watchtower magazine, which the church says is its most recent on the subject, advises members to consider the ramifications before taking any oath that would put them in conflict with biblical requirements. Doctors' offices, hospitals and law firms are businesses where privacy problems could arise, the article states. "We cannot ignore Caesar's law or the seriousness of an oath, but Jehovah's law is supreme," it reads.

The article further states that if a "Christian feels, after prayerful consideration, that he is facing a situation where the law of God required him to report what he knew despite the demands of lesser authorities, then that is a responsibility he accepts before Jehovah."

It is an employee's promise, though, that appears to be an employer's only protection against the release of private information on moral grounds.

"Even if you have everybody sign something, it isn't going to stop the behavior" if a zealous employee feels obligated to release information, Ms. Gates noted. "The only thing it can do is keep the employer from being held liable," she said.

Dr. Bullock said he now hires only workers who make such promises, and, when interviewing, wants to know whether there is "anything about you that would cause you to tell on a patient," he noted. If so, the applicant isn't hired.

Nancy Hacking, director of safety and risk management at Concord Hospital in Concord, N.H., said hospital employees each year sign a confidentiality agreement stating that they will not release confidential information. Workers who violate the agreement, she said, "are subject to termination."

Apart from educating employees on what information is private, the hospital also runs "audit trails" on its electronic systems to keep tabs on who accesses such information, Ms. Hacking said.

At Tenet, ongoing training, much of it online, keeps employees aware of what information should be kept private, according to Mr. Bragman. The training covers regulations contained in the Health Insurance Portability & Accountability Act that govern privacy, he said.

Adam G. Linett, associate general counsel with the Jehovah's Witnesses, said employers shouldn't fear HIPAA penalties for unauthorized disclosures because sanctions in the act are aimed at employees.

And, Mr. Linett said, he "can't think of a single case where this has happened and resulted in a lawsuit."