Examining confidentiality and information governance

Confidentiality is a crucial aspect of any medical relationship with a patient. All healthcare practitioners have a duty of confidentiality to the patient. The duty is enshrined within civil and employment law as well as within relevant regulatory professional codes of conduct and Department of Health guidance. This duty allows patients to have mutual trust and confidence in the carer/patient relationship. Patients allow healthcare staff to collate personal information related to their treatment but they do so in confidence with the expectation such information is kept confidential and privacy is respected. There are occasions when patients may lack the mental capacity to extend their trust or they may be unconscious following an accident, but such circumstances do not diminish the responsibility of the healthcare practitioner from maintaining a duty of confidence.

A duty of confidence occurs when one person discloses information to another in circumstances where it is reasonable to expect that the information will be kept confidential. Healthcare establishments have a duty to ensure systems are in place to protect patient information and are assured such information is only disclosed with the explicit patient’s consent or where legally justified in the best interests of the public. The patient should always be consulted in the first instance if a disclosure of personal information is required which may identify the patient.

It is best practice on admission or during pre-operative assessment to informthe patient of how information may be used to assist with the planning of treatment. Pre-admission patient information leaflets are a useful resource to explain to the patient that information they disclose may be recorded to assist the carer with planning their effective treatment.

Therefore, on admission the practitioner admitting the patient should verify the patient understands this process and documents within the patient’s case notes such affirmation. It is important to recognise that patients are aware of the choices available to them in respect of how their information may be used or shared. If a patient refuses for information to be shared the consequences of the choice should be explained to the patient. The local Patient Advisory Liaison Officer within the hospital is often an excellent resource to refer a patient onto if the patient has concerns.

The Confidentiality NHS Code of Practice was published by the Department of Health (England) in 2003 and in the same year NHS Scotland published the NHS Code of Practice on protecting Patient Confidentiality. Information governance arrangements should comply with the codes as they are the standard of care expected within any healthcare facility.

The codes provide a guide to all staff involved with information governance within the NHS but also the Independent and Voluntary sector. The code has identified patient’s health information and their interests must be protected through a number of measures:

• Procedures to ensure that all staff, contractors and volunteers are at all times fully aware of their responsibilities regarding confidentiality.

• Recording patient information accurately and consistently.

• Keeping patient information private.

• Keeping patient information physically secure.

• Disclosing and using information with appropriate care.

CONFIDENTIALITY: LEGAL CONSIDERATIONS

The duty of confidentiality is protected by both the common law and statute law. The common law of confidentiality has been set by legal precedent via case law which has established individual judgements over time. The key principle as outlined in the Confidentiality NHS Code of Practice is “that information confided should not be used or disclosed further, except as originally understood by the confider, or with their subsequent permission”. The Data Protection Act (DPA) 1998 is a statutory act of parliament that governs the processing and security of data concerning living individuals.

This includes personal records which may consist of paper, electronic records, film and digital photography. The DPA stipulates patients have the right to be informed how information pertaining to them may be used, who will have access and to any parties such information may be disclosed. Patients should be advised of the local Data Controller and how to contact this nominated individual if they have any concerns.

Another statutory act is article eight of the Human Rights Act 1998 which established a right to “respect for private and family life”. In the context of healthcare there is a duty under the terms of this act to safeguard the confidentiality of healthcare records.

The general rule of confidentiality is to keep patient information private.

Healthcare professionals should always be careful to whom they disclose confidential information. Disclosure in a public place or outside of the workplace may lead to a breach of confidentiality which could not only lead to disciplinary sanctions but also proceedings by the relevant regulatory professional body, the outcome of which could be loss of registration to practise.

One of the greatest current risks involves the management of electronic patient records. Staff are obliged not to leave portable laptops, medical notes or files in unattended cars or accessible areas where they could be stolen. Staff should not take patient records home unless this can be justified. In which case all records should be anonymous so patients cannot be identified. Anonymisation includes removal of date of birth, name and address. The fact that information has been anonymised does not remove the duty of confidence.

ELECTRONIC RECORDS

The Confidentiality NHS Code of Practice outlines best practice for the security of electronic records:

• Always log out of any computer system or application when work on it has finished.

• Never leave a terminal unattended and logged in.

• Don’t share log ins with other people. If other staff have need to access records, then appropriate access should be organised for them. This must not be by using the access identities of others.

• Never reveal passwords to others.

• Change passwords at regular intervals to prevent anyone else using them.

• Avoid using short passwords or using names or words that are known to be associated with them such as children or the names of pets.

• Always clear the screen of a previous patient’s information before seeing another.

• Use a password-protected screen saver to prevent casual viewing of patient information by others.

When a patient dies it can be disputed whether any information relating to the individual remains legally confidential.

The Access to Health Records Act (AHRA) 1990 does permit access to records of a deceased by relatives who wish to pursue a claim arising out of concerns with the patient’s death. If the patient has undertaken a formal advance directive forbidding access to healthcare notes such access is denied. The AHRA permits patients to see their own manual health records subject to certain safeguards.

In certain circumstances the law recognises disclosure of confidential information is reasonable as such disclosure is in the best interests of the public. This may include situations where a suspected criminal act is about to or has occurred. The healthcare individual disclosing must be able to justify the reasons for this action. Wherever feasible, the consent of the individual should be attained. The challenge for the healthcare practitioner making the disclosure concerns the correct assessment of a crime as serious. Alleged murder, rape or child abuse would clearly be justifiable to report, however fraud, theft or criminal damage to property may not be justifiable to warrant a disclosure.

In such circumstances it is advisable to report concerns to a line manager to ascertain whether it is in the public’s interest for a confidence to be breached. The legal system including magistrates, sheriff and coroners courts can order a healthcare worker to reveal patient confidential information if it is relevant to the case in question.

CALDICOTT GUARDIAN

In recent times the security of patient information stored and transmitted electronically had been a major issue of concern within the NHS. In 1997 a committee was established under Dame Fiona Caldicott to review patient identifiable information. Her subsequent report made a series of recommendations with regard to confidentiality which all healthcare organisations should take on board within local information governance.

A key recommendation of the 1997 Caldicott Report was the establishment of the Caldicott Guardian throughout the NHS to safeguard access to patient identifiable information. The Caldicott Guardian is responsible for agreeing and reviewing policies governing the protection of patient identifiable information. Ideally the Guardian should be at Trust or Health Board level and be a senior professional within the organisation.

The Caldicott principles include:

• Justify the purpose.
• Don’t use patient identifiable information unless it is absolutely necessary.
• Use the minimum necessary patient identifiable information.
• Access to patient identifiable information should be on a strict need to know basis.
• Everyone should be aware of their responsibilities.
• Understand and comply with the law.

When disclosing information healthcare staff are obliged to take reasonable care and always do so in accordance with local policy. A failure to comply may lead to disciplinary action. Answering a telephone enquiry with regard to a patient under your care may present as a challenge. Staff are required to check the identity of the caller and whether the patient has identified the person as a key contact. If the person is not a key contact such as next of kin the caller can be referred to the key contact. Some organisations manage the risk by telephoning the caller back to check they have a legitimate right of access.

An effective information governance strategy includes regular review and audit to ascertain best practice is being adhered to. The NHSIA Information Governance Toolkit is a useful resource for healthcare establishments to use. Clear policies should be in existence for confidentiality to be respected (Dimond 1999). The duty of confidentiality should also be an implied term within contracts of employment.

A breach of confidentiality leading to verbal, written warnings or even dismissal for gross misconduct.

SCENARIO 1

A famous celebrity is taken ill while performing at the local theatre. Appendicitis is diagnosed and the celebrity requires emergency surgery. The anaesthetic practitioner recognises the celebrity and following the surgery rings a friend to tell them. The following day the newspaper publishes details of the surgery and following an internal investigation the breach of confidentiality is traced to the anaesthetic practitioner.

The scenario raises a number of dilemmas for the employer.

The duty to maintain confidentiality is part of the duty of care to the patient. It is also integral to the contract of employment and the individual’s regulatory professional code of conduct. The breach could lead to a disciplinary sanction as according to local disciplinary procedure or even dismissal. The anaesthetic practitioner could also be reported to the regulator where a professional misconduct committee could decide whether the breach warrants removal of the practitioner from the professional register and evoke the licence to practise.

SCENARIO 2

A consultant surgeon undertakes a ward round on a busy surgical ward. The surgeon has the diagnostic results of a patient which reveal an inoperable tumour. The curtains are drawn around the patient’s bedside and the surgeon informs the patient of the bad news with a nurse present. The conversation can be heard by fellow patients and the patient is devastated to hear the bad news.

There is an inherent duty of mutual trust between the healthcare professional and the patient. Disclosing confidential information with regard to diagnosis and treatment in a public place is a breach of this trust and a breach of privacy as stipulated by Article 8 of the convention of Human Rights Act 1998. The surgeon would have to justify the reasons for disclosing confidential information in a public place. It would have been far more appropriate to arrange to meet the patient in a private setting such as the ward office where a duty of confidentiality could be complied with. The nurse as patient advocate could also have stopped the conversation and request the meeting is continued in a more private setting where next of kin could be present if applicable to provide emotional support to the patient.

The patient could complain to the NHS Trust employing the surgeon with regard to the breach but would have to consider if harm had been caused by the manner in which the breach occurred so the complaint could be upheld. The surgeon could also face disciplinary sanctions as according to local disciplinary policy and may also be reported to the regulatory body for breaching the duty of confidentiality.

SCENARIO 3

Andrew Jones has attended the genitourinary clinic at his local Trust hospital. Andrew is seen by Dr Singh who informs him that he is HIV positive. Dr Singh counsels Andrew to contact his sexual partners to inform them of his status. Andrew starts a course of treatment. For the last 18 months Andrew has been in a relationship with Sue. They are expecting a baby in two months time. Before this relationship Andrew has had a series of sexual partners. On a subsequent visit to the clinic it becomes clear to Dr Singh that Andrew has not told Sue of his HIV status. Dr Singh is aware of the impending arrival of their baby and tells Andrew that steps should be taken to assess whether Sue is HIV positive and whether the baby is at risk so that if necessary treatment may be started. Andrew refuses to tell Sue and says that if she is told without his consent then he will stop his course of treatment. What should Dr Singh do? Can/should he inform Sue, or Andrew’s GP?

The principle of respect for autonomy requires that personal information should not be disclosed without consent. However, in some cases the autonomy of another person may also be at issue (in this case Sue and previous sexual partners, as well as the baby when born). Not disclosing information may limit their ability to make decisions as to treatment and lifestyle.

In this scenario the harms of non-disclosure can be identified as:

• The risk that Sue may be HIV positive. The consequence of not providing information to enable her to be tested is that she is harmed by not knowing her HIV status and not receiving a course of treatment.

• If Sue is HIV positive and is not aware of the risk the consequences are that she will not take steps to minimise the risk of infection to the baby e.g. obtaining treatment during pregnancy, baby born by caesarean section, knowing not to breastfeed, prophylactic treatment.

• If Sue did later find out that there was a risk to her and that she was not informed she may lose trust in her doctor or the healthcare system.

• Risks to Andrew’s former identifiable sexual partners who could be contacted and informed.

The harms of disclosure would include:

• If the clinician informs others without Andrew’s consent then as a consequence he may lose trust in Dr Singh, and perhaps the medical profession in general.

• He has indicated that he will end his course of treatment thus risking relapse and severe health problems including death.

• There is also a risk that he could go on to infect future sexual partners.

• Andrew may be stigmatized by others who get to know and may have problems with future employment because of discrimination.

This scenario is an ethical dilemma for Dr Singh. Although maintaining confidence in personal information may be the starting point, a balance of the benefits and harms of disclosure/non-disclosure leads to consideration of the consequences of a course of action. General Medical Council guidance for serious communicable diseases does permit disclosure to a known sexual contact where the patient has not informed that person and cannot be persuaded to do so. As Sue is an identifiable individual at serious risk, disclosure to her would be justified but Andrew should be informed of the decision to disclose to Sue.

What about the interests of the child to be born? In Re C (HIV testing) [1999] 2 FLR 1004 the court considered that it was in the best interests of a baby to undergo testing for HIV (where the mother was HIV positive and had refused interventions to prevent transmission of the virus) despite the fact that the parents refused their consent. Clinicians were of the view that if the child was infected measures could be taken to manage the condition. The court said that the child had interests that were separate from those of its parents. In the case study scenario it would be necessary to consider the likelihood of HIV risk to the baby to determine whether breach of confidentiality is justified. Sue would need to be informed in order to consent to testing/treatment.

Healthcare workers have a responsibility to be aware of the principles of the law with regard to the duty of confidentiality. Ignorance of the law is no defence if a breach occurs and the causation of the breach can be attributed to the healthcare worker. Similarly the healthcare worker should be familiar with the duty of confidentiality as laid out in the respective clause of their regulatory professional code of conduct. Each and every healthcare worker is accountable for their actions and therefore must be able to justify their actions when a decision is made to disclose confidential patient information.

REFERENCES

1 Department of Health November 2003 Confidentiality NHS Code of Practice DH London. www.ecric.org.uk/ nhs_conf_code.pdf

2 Dimond B 1999 Confidentiality 8: role of the NHS trust and patient confidentiality British Journal of Nursing Vol 8, No17 1175-1176.

3 General Medical Council 1997 Serious Communicable Diseases. www.gmc-uk.org/guidance/ current/library/serious_communicable _diseases.asp

4 NHS Executive 1999 Health Service Circular 1999/012. Caldicott Guardians DH London.

5 NHS Scotland 2003 NHS Code of Practice on Protecting Patient Confidentiality www.confidentiality.scot.nhs.uk/ publications/6074NHSCode.pdf

6 Re C (HIV testing) [1999] 2 FLR 1004.