Confidentiality - An Overview
Confidentiality is a key tenant of our professional obligations to our patients. It is the basis upon which trust is maintained between clinician and patient. This duty to protect our patients rights to confidentiality can be traced back to the hippocratic oath:
“Whatsoever things I see or hear concerning the life of men, in my attendance on the sick or even apart therefrom, which ought to be noised abroad, I will keep silence thereon, counting such things to be sacred secrets.”
This is also reflected in the GMC guidance on confidentiality (Confidentiality) which states in Principles 1 and 2:
“Trust is an essential part of the doctor-patient relationship and confidentiality is central to this. Patients may avoid seeking medical help, or may under-report symptoms, if they think their personal information will be disclosed by doctors without consent, or without the chance to have some control over the timing or amount of information shared.
Doctors are under both ethical and legal duties to protect patients’ personal information from improper disclosure. But appropriate information sharing is an essential part of the provision of safe and effective care. Patients may be put at risk if those who are providing their care do not have access to relevant, accurate and up-to-date information about them.”
The GDC also highlight the importance of confidentiality in Standard 4 of the Standards for the Dental Team - Maintain and protect patients’ information:
“Patients expect:
Their records to be up to date, complete, clear, accurate and legible.
Their personal details to be kept confidential.
To be able to access their dental records.
Their records to be stored securely.”
They go onto clarify further the importance and expectations in regard to the duty of confidentiality:
“4.2 You must protect the confidentiality of patients’ information and only use it for the purpose for which it was given
Guidance
4.2.1 Confidentiality is central to the relationship and trust between you and your patients. You must keep patient information confidential. This applies to all the information about patients that you have learnt in your professional role including personal details, medical history, what treatment they are having and how much it costs.
4.2.2 You must ensure that non-registered members of the dental team are aware of the importance of confidentiality and that they keep patient information confidential at all times.
4.2.3 You must not post any information or comments about patients on social networking or blogging sites. If you use professional social media to discuss anonymised cases for the purpose of discussing best practice you must be careful that the patient or patients cannot be identified. See our website for further guidance on social networking.
4.2.4 You must not talk about patients or their treatment in places where you can be overheard by people who should not have access to the information you are discussing.
4.2.5 You must explain to patients the circumstances in which you may need to share information with others involved in their healthcare. This includes making sure that they understand:
what information you will be releasing;
why you will be releasing it; and
the likely consequences of you releasing the information.
You must give your patients the opportunity to withhold their permission to share information in this way unless exceptional circumstances apply. You must record in your patient’s notes whether or not they gave their permission.
4.2.6 If a patient allows you to share information about them, you should ensure that anyone you share it with understands that it is confidential.
4.2.7 If other people ask you to provide information about patients (for example, for teaching or research), or if you want to use patient information such as photographs for any reason, you must:
explain to patients how the information or images will be used;
check that patients understand what they are agreeing to;
obtain and record the patients’ consent to their use;
only release or use the minimum information necessary for the purpose; and
explain to the patients that they can withdraw their permission at any time.
If it is not necessary for patients to be identified, you must make sure they remain anonymous in any information you release.
4.2.8 You must keep patient information confidential even after patients die.
4.2.9 The duty to keep information confidential also covers recordings or images of patients such as photographs, videos or audio recordings, both originals and copies, including those made on a mobile phone. You must not make any recordings or images without the patient’s permission.”
If you wish to share patient notes you need a patient’s consent to do so. There are some instances when you can disclose patient information without patient consent.
When ordered to do so by a court
When ordered to do so by a coroner
To protect the best interests of the public
For a medical research project which has been given ethical approval by an ethics board.
For the identification of a deceased patient
The GDC in Standard 4.3 claim that - “You must only release a patient’s information without their permission in exceptional circumstances” further stating:
“4.3.1 In exceptional circumstances, you may be justified in releasing confidential patient information without their consent if doing so is in the best interests of the public or the patient. This could happen if a patient puts their own safety or that of others at serious risk, or if information about a patient could be important in preventing or detecting a serious crime. If you believe that revealing information about a patient is in the best interests of the public or the patient you should first try to get the patient’s permission to release the information. You should do everything you can to encourage the patient to either release the information themselves or to give you permission to do so. You must document the efforts you have made to obtain consent in the patient’s notes.
4.3.2 If obtaining consent from a patient to the release of their information in the public interest is not practical or appropriate, or if the patient will not give their permission, you should get advice from your defence organisation or professional association before you release the information.
4.3.3 If you have information that a patient is or could be at risk of significant harm, or you suspect that a patient is a victim of abuse, you must inform the appropriate social care agencies or the police. See our website for further guidance.
4.3.4 You can be ordered by a court, or you can be under a statutory duty, to release information about a patient without their permission. If this happens, you should only release the minimum amount of information necessary to comply with the court order or statutory duty.
4.3.5 In any circumstance where you decide to release confidential information, you must document your reasons and be prepared to explain and justify your decision and actions.”
For a great summary of confidentiality from Dental Protection click here.
For more information on protecting and when to disclose information:
Department of Health - ‘NHS Code of Practice - Confidentiality - for the full guidance click here.
NHS Confidentiality Policy - for the full guidance click here
Resources:
https://www.youtube.com/watch?v=41LWsjVAeMY
https://www.youtube.com/watch?v=uEuFGzXVY8s
https://www.gmc-uk.org/ethical-guidance/ethical-guidance-for-doctors/confidentiality
https://www.theddu.com/guidance-and-advice/guides/confidentiality-your-obligations
https://standards.gdc-uk.org/pages/principle4/principle4.aspx