Maternal confidentiality: an ethical, professional and legal duty

ETHICS/EDUCATION

Maternal confidentiality: an ethical, professional and legal duty

The duty to maintain patient confidentiality may be derived from three main sources: the law, professional guidance and ethical theory. In this paper we will outline the sources of the duty and some situations where breaches of confidentiality are either permissible or mandatory. Decisions regarding maternal confidentiality are particularly complex given the impact on the fetus and the father. We will also highlight traditional challenges to maintaining confidentiality as well as some modern problems arising with online social networking.

Carwyn R Hooper Rehana Iqbal Cleave Gass

The law Confidentiality is largely protected by common law rather than statute, although the role of statute law is increasingly important in defining and defending patient’s rights to privacy. Doctors have a duty of care to keep information about patients private. Thus, a breach of confidentiality (maternal or otherwise) could amount to a tort and lead to a claim of negligence. From the point of view of statute law, the Data Protection Act 1998 (DPA) and the Human Rights Act (HRA) 1998 provide the primary legislative framework for patient privacy. The DPA requires that the “processing” of sensitive data, like medical information, should be carried out fairly and lawfully and a number of special conditions must be met for processing for it to be legal. Article 8 of the HRA provides people with a right to respect for private and family life and as the case of Campbell v MGN [2004] clarified, this right could be construed in such a way that it creates a nonabsolute right to privacy of medical information.

Abstract This paper will briefly discuss the duty of confidentiality from an ethical, legal, and professional perspective, especially maternal confidentiality where any analysis should consider the consequences for the patient, the fetus and the father. We will explain why patient confidentiality is considered vital and delineate the ways in which the General Medical Council and the laws of England and Wales protect the rights of patients to privacy. We will also discuss situations where breaches are permissible or mandatory and remind clinicians of traditional challenges that exist in trying to maintain patient privacy. We will consider the issue of confidentiality in the age of the internet.

Keywords confidentiality; ethics; law; privacy; professionalism

Introduction

Professional guidance

It is historically recognized that physicians owe patients a duty of confidentiality. Hippocrates for instance, stated that whatever doctors find out about patients, which “ought not to be spoken abroad”, should be kept “secret” (Hippocratic Oath). However, confidentiality is not an absolute requirement. Hippocrates himself implied that there are situations when certain information should be “spoken abroad” and the modern understanding of the duty of confidentiality suggests some justifiable and even obligatory breaches. Whilst it is unclear whether Hippocrates believed the duty of confidentiality was a negative duty alone, even in this case, the modern understanding reflects a duty with a negative and positive aspect: physicians have a negative duty not to breach patients’ privacy, but also a positive duty to ensure that confidential information is not revealed improperly.

The Department of Health, the British Medical Association and the General Medical Council (GMC) all publish core guidance outlining the professional, legal and ethical obligations of doctors to maintain the privacy of their patients. The GMC has also published supplemental guidance for specific issues relating to knife and gun wounds, communicable diseases, and drivers who suffer from medical disorders which prohibit them from driving vehicles (GMC-Confidentiality Guidance). In the GMC’s main professional guidance, Good Medical Practice, it makes clear that patients “have a right to expect that information about them will be held in confidence by their doctors” (GMC-Confidentiality Guidance). The GMC explains that confidentiality is central to the trust between doctors and patients and that respecting privacy is critical to the provision of safe and effective care, both for the individual patient and for the general public. It concedes that the right to confidentiality is not absolute, but it also suggests that disclosure of information is only justifiable in limited circumstances.

Carwyn R Hooper BSc, MBBS, Dip.Phil, MA is a Lecturer in Medical Ethics and Law at the Centre for Medical & Healthcare Education, Division of Population Health & Education, St George’s, University of London, UK. Conflicts of interest: none declared.

Ethical arguments The importance of patient confidentiality is defended on various ethical grounds. From a deontological (i.e. duty based) position, it is argued that respecting confidentiality is critical to properly protect individual autonomy. Similarly a rights based argument is used to defend the value of confidentiality, such as arguments that people have a fundamental interest in keeping sensitive data about themselves private and thus, a prima facia moral right to patient confidentiality. With maternal confidentiality, providing

Rehana Iqbal MBBS, FRCA, Dip Ethics and Law, BSc is a Consultant Obstetric Anaesthetist and Lecturer in Medical Ethics and Law at the Centre for Medical & Healthcare Education, Division of Population Health & Education, St George’s, University of London, UK. Conflicts of interest: none declared. Cleave Gass MB ChB, FRCA, MPhil is a Consultant Obstetric Anaesthetist at St George’s Hospital, London, UK. Conflicts of interest: none declared.

OBSTETRICS, GYNAECOLOGY AND REPRODUCTIVE MEDICINE 22:4

108

Crown Copyright Ó 2012 Published by Elsevier Ltd. All rights reserved.

ETHICS/EDUCATION

the fetus with legal rights in certain jurisdictions (although not in the UK) has made it difficult to always regard maternal confidentiality as paramount. Consequentialists reason the ethical importance of protecting confidentiality to maximize good consequences, even more critical in a maternity situation. The GMC suggests if people do not trust their doctors, they will be less likely to consult healthcare professionals and to fully disclose health information. If doctors do not know the “full story” the care will be sub-optimal and will endanger the health of individual patients, and, in some situations, the health of the general public. As such, a prima facia duty to protect confidentiality in the name of the greater good is required. Virtue ethicists argue that one key virtue required of all good medical doctors is trustworthiness. Trust, the GMC suggests, is intimately associated with respecting privacy. Patients generally expect that their doctors will treat personal information in a confidential manner and will not breach their privacy. Thus, virtue ethicists could also underwrite the moral importance of confidentiality without appeal to the intrinsic value of rights, duties or consequences.

that, prior to disclosure it is good practice to inform the patient and to explain the rationale for disclosing.

Challenges to maintaining patient privacy; traditional and modern problems Maintaining patient privacy has always been a challenge, especially in the clinical setting. In a busy ward where patients often lie almost cheek to jowl and numerous relatives visit regularly, it can be impossible to keep every item of patient data confidential. However, many breaches of confidentiality have less to do with systematic problems like hospital overcrowding and more to do with “casual” breaches of privacy that doctors could avoid. Classically these casual breaches occur when healthcare professionals discuss patients in public places (such as in hospital corridors, lifts, local restaurants and public houses) and where healthcare professionals discuss patients with their partners, friends, and family members. Casual breaches also occur in a completely different forum: in the online world of social networks. Many healthcare professionals use social networking websites like Facebook and MySpace. Although solid data to support the claim that breaches are occurring on these websites is limited, a recent report published by an organization called “Big Brother Watch” indicates a growing problem. The report cites at least 23 incidents of NHS personnel posting confidential information about patients on social networking sites between July 2008 and July 2011. Thirteen of these postings were by clinical personnel. This is likely to represent the tip of a very large iceberg (Big Brother Watch Report 2011). Clearly posting identifiable or partially-identifiable information on social networking websites is unethical, unprofessional, and illegal. However, even when data is anonymized the legality of making comments about patients on such sites e regardless of the “privacy settings” e seems highly questionable, nor would such comments be deemed professional or ethical.

Breaching confidentiality As the Hippocratic Oath implies, the duty to maintain patient confidentiality is not an absolute duty. There is a prima facia duty to keep information private, but the law and professional guidance has long recognized that there are circumstances which permit doctors to breach this and even impose a duty to do so. Most moral philosophers also accept that a nuanced approach to confidentiality is probably correct and that confidentiality ought not to be treated as an absolute requirement in all cases. There are three primary situations where disclosure of information may be justified: with patient consent, if required by statute or in the case of public interest. Where the patient consents disclosure is permissible and where there are statutory requirements disclosure is mandatory. Public interest matters are more complex and doctors have more discretion. The laws of England and Wales support the idea of justifiable breaches in the public interest (W v Egdell [1990]). As reasoned in the Egdell case, to legally justify a breach on the basis of the public interest it is usually necessary for the doctor to sincerely believe that there is a real risk of serious harm of a physical nature to an identifiable individual (W v Egdell [1990]). The GMC suggests that where serious crimes are involved, a breach for the public interest will often be justifiable, although a case by case analysis is always required. HIV for instance, is not a notifiable disease and in the difficult circumstance of maternal HIV infection where patient wishes to maintain confidentiality, the clinician must undertake an ethical analysis to justify maintaining confidentiality or disclosure. Harm to the fetus and partner must be balanced with the mother. Here it is mandatory to refer to professional guidelines as legal challenges will reference these. Importantly, whenever confidentiality is breached, especially with the multi party impact of a maternity situation, doctors should keep the disclosure proportional and limited in scope and depth. The recipients and the amount of information disclosed should be kept to a minimum. Indeed, if possible the information should be anonymized before disclosure and the GMC suggests

OBSTETRICS, GYNAECOLOGY AND REPRODUCTIVE MEDICINE 22:4

Conclusion The principle of patient confidentiality has a long history. Ancient Greek physicians understood the value of privacy over two thousand years ago and we now live in a world where the right of patients to control access to data about themselves is increasingly important. That said, the right to confidentiality is not absolute and there are circumstances where the law, professional guidance and ethical theory accept that it is permissible to breach privacy and further circumstances, where there is a duty to do so. In the context of maternal confidentiality, decisions may affect the patient, the fetus and the father. Referral to professional guidelines, ethical analysis and the law is therefore even more essential. A

FURTHER READING 1 Hippocratic Oath. http://www.nlm.nih.gov/hmd/greek/greek_oath.html. 2 General Medical Council. Confidentiality, http://www.gmc-uk.org/static/ documents/content/Confidentiality_0910.pdf; 2009. 3 General Medical Council. Confidentiality reporting gunshot wounds, http://www.gmcuk.org/Confidentiality_reporting_gunshot_wounds_ 2009.pdf_27493825.pdf; 2009.

109

Crown Copyright Ó 2012 Published by Elsevier Ltd. All rights reserved.

ETHICS/EDUCATION

4 Department of Health. Confidentiality: NHS code of practice, http:// www.dh.gov.uk/prod_consum_dh/groups/dh_digitalassets/@dh/@en/ documents/digitalasset/dh_4069254.pdf; 2003. 5 W v Egdell [1990] 1 All ER 895. 6 British Medical Association. Confidentiality and disclosure of health information tool kit, http://www.bma.org.uk/images/ confidentialitytoolkitdec2009_tcm41-193140.pdf; 2009. 7 Campbell v MGN [2004] HL 22.

OBSTETRICS, GYNAECOLOGY AND REPRODUCTIVE MEDICINE 22:4

8 Data Protection Act 1998. http://www.legislation.gov.uk/ukpga/1998/ 29/contents. 9 Human Rights Act 1998. http://www.legislation.gov.uk/ukpga/1998/42/ contents. 10 Big Brother Watch. NHS breaches of data protection law: how patient confidentiality was compromised five times every week, http://www. bigbrotherwatch.org.uk/home/2011/10/nhs-data-protection.html; 2011.

110

Crown Copyright Ó 2012 Published by Elsevier Ltd. All rights reserved.