This document defines confidentiality and outlines the legal obligations and professional responsibilities regarding confidentiality in healthcare. It explains that confidentiality means trusting wholly and keeping patient information private, as recognized by the Hippocratic Oath. English law, including common law, the Human Rights Act, Data Protection Act, and specific healthcare legislation, protects patients' right to medical confidentiality. Confidentiality can only be broken with patient consent or in certain circumstances like risk of harm, court order, or public interest. Professional codes also provide guidance around maintaining confidentiality.

1. Confidentiality
ED HOROWICZ

2. Objectives
 To define confidentiality.
 Understand the legal obligations relating to confidentiality.
 Understand the circumstances in which a breach of
confidentiality is justified under English law.
 Understand your professional responsibilities and obligations
under confidentiality.

3. What does confidentiality mean?
 Put simply confidentiality means to ‘trust wholly’.
 Confidentiality has long been regarded as a fundamental
ethical obligation, recognised from the Hippocratic Oath.
“ Whatever, in connection with my professional practice, or
not in connection with it, I see or hear in the life of men,
which ought not to be spoken of abroad, I will not divulge,
as reckoning that all such should be kept secret.”

4. Confidentiality
 Healthcare professions regard confidentiality as of the upmost
importance and requires that unauthorised third parties do not
acquire confidential information relating to patients without the
patient’s consent.
 English law protects legally recognises a person’s right to medical
confidentiality and protects this under;
 Common Law,
 The Human Rights Act 1998,
 The Data Protection Act 1998
 Specific healthcare legislation such as the National Health Service Act 2006
and the Health Protection (Notification) Regulations 2010.

5. Common Law
 The common law applies to civil claims for breach of
confidence.
 In W v Egdell [1990] confidential information could be
disclosed to appropriate professionals, in the public interest,
provided that the risk is real and that it involves the danger of
physical harm to the public.
 Confidence is also not dependent upon being in a confidential
relationship.
 In Campbell V MGM [2004] the court held that the duty of
confidentiality will arise whenever a person receives
information that they know or should know is confidential. E.g.
finding medical notes.

6. The Data Protection Act 1998
 Enacted over concern that existing common law did not
sufficiently protect confidential personal information.
 Section 2 (e) classifies medical records as sensitive personal
data.
 Specifically section 68 (2) defines medical information as any
record which;
‘a) consists of information relating to the physical and mental
health or condition of an individual and,
b) Has been made by or on behalf of a health professional in
connection with the care of an individual’.
 Applies only to the living!

7. Data Protection Act 1998
 Data can only be released or ‘processed’ when;
 The patient consents.
 When it is necessary to protect the vital interests of the patient.
 When the court demands it.
 When the data controller (the trust) needs the information for medical
purposes (preventative medicine, medical diagnosis, medical research and
the provision of treatment), importantly this must be undertaken by a
healthcare professional or a person owing the same duty of confidentiality
to such information.
 It is in the public interest.
 The Act does provide remedies to those who have suffered damage as a
result of breach in confidentiality such as; the halting of any data processing,
compensation or that data is amended.

8. The Human Rights Act 1998
 Article 10: The Freedom of Expression provides that ;
‘ Everyone shall have the right to freedom of expression.
The exercise of these freedoms may be subject to
restriction; conditions or penalties which are described
in law... For the protection of reputation of others, for
preventing the disclosure of information received in
confidence…’

9. The Human Rights Act 1998
 Article 8: Right to Respect for Private and Family Life.
 Can only be overridden in interests of national
security, public safety, economic well-being,
prevention of crime, protection of health or morals
and protection of the rights and freedoms of others.
 Campbell v MGM [2004]

10. Breaching Confidentiality
 There are circumstances where confidentiality may be breached but also
circumstances where confidentiality must be breached.
 Legal obligation to breach;
 Health and Social Care Act 2012, in circumstances of infection or
contamination of disease that presents or could present significant harm
to human health. Consider recent Ebola cases.
 Safeguarding children following recent government guidelines.
 If giving evidence to a court, although only to the extent necessary.
 To answer police questions relating to a serious offence or suspected
terrorism. No professional protection to refuse to answer.

11. May Breach Confidentiality- Adults
 When a patient has consented to information being shared with relatives.
 If it is in the public interest and there is a risk of physical harm;
 such as mental health tribunals,
 where drugs beyond personal consumption are found,
 where infections such as HIV are likely to be contracted,
 where the patient is incompetent and
 where language barriers exist and require an interpreter, as a person who
cannot speak English is vulnerable by definition. However, this should be
official for best practice, as the interpreter holds responsibilities to
confidentiality.

12. May Breach Confidentiality- Children
 Children are owed a duty of confidence .
 Young people between 16-18 are provided with this duty under the Family
Reform Act 1969.
 If a child is Gillick competent then advice and treatment may be given if
the criteria are satisfied. In R (Axon) v SoS for Health [2006] the court
affirmed the duty of confidence owed to a competent child.
 Young children obviously have their information shared with their
parent(s)/guardian as part of parental responsibilities under the Children’s
Act 1989, importantly such information is protected from sharing with any
other unauthorised person.

13. Professional Obligations
 The Department of Health has a code of
practice for confidentiality.
 The GMC has specific guidance for
confidentiality and confidentiality with respect
to children.
 The NMC and HCPC all have professional
conduct standards for confidentiality.

14. Caldicott Report 1997
 Recognised that each individual, each trust and the NHS as a corporate entity
has a duty to uphold confidentiality.
 6 principles were set out;
 If confidential information is required, there should always be a justification for
this purpose.
 Patient-identifiable information should only be used when it is absolutely
necessary.
 When patient-identifiable information is required, only the minimum necessary
to achieve the desired purpose should be used.
 Access to patient-identifiable information should be on a strict need-to-know
basis.
 Everyone who has access to this information is under a duty of confidence.
 Everyone should understand and comply with the law.

15. QUESTIONS????

16. References
 Brazier.M. and Cave.E, 2011. Medicine, Patients and the Law. 5th Edition, London
:LexisNexis / Penguin.
 Department of Health, 2003. Confidentiality: NHS Code of Practice. London: Department
of Health.
 Department of Health, 2003. Confidentiality: NHS Code of Practice. Supplementary
Guidelines: Public Interest Disclosures. London: Department of Health.
 Fletcher.N, Holt.J, Brazier.M and Harris.J, 1995, Ethics, Law and Nursing. Manchester:
Manchester University Press.
 General Medical Council, 2006. Good Medical Practice. 2006, London: General Medical
Council.
 Herring.J, 2012. Medical Law and Ethics. 5th Edition, Oxford: Oxford University Press.
 Pattinson.S, 2011. Medical Law and Ethics. 3rd Edition, London: Sweet and Maxwell.