Confidentiality is an important legal and ethical duty, but it is not absolute.

This area deals with the key principles relating to confidentiality that you should apply to your practice.

It provides a framework to help you decide when you can share information. And it helps you to think about why you are sharing the information, and how this promotes good healthcare: information may be shared for the direct care or protection of the patient, to protect others, or for another reason.

The section also deals with managing and protecting information. With the introduction of the POPI Act, the spotlight has fallen on these issues, and we provide helpful advice on doctors’ personal responsibilities for protecting patient information, and for making information available in terms of the Promotion of Access to Information Act.

Commentary CC001: Introduction to confidentiality and disclosure (Open Access)

Confidentiality is fundamental to the preservation of a relationship of trust between patients and practitioners, and it is subject to legal and ethical safeguards.

Commentary CC002: What are the key principles of confidentiality?

The HPCSA guidelines state that patients have a right to expect that information about them will be held in confidence by healthcare practitioners. Confidentiality is “central to trust between practitioners and patients”.

This topic examines the key principles of confidentiality.

When can information be disclosed to others providing care?

Most patients understand that health information needs to be shared within the healthcare team in order to provide an adequate level of care. 

This topic looks at how this should be done.

When can information be disclosed for reasons other than treatment?

Confidential information can be disclosed for reasons other than the direct care of the patient. This topic looks at disclosure for reasons of education, research, monitoring and epidemiology, public health surveillance, clinical audit, administration and planning

What steps should be taken to prevent unintentional disclosures?

Healthcare practitioners are responsible for personal information about their patients and must make sure that such information is effectively protected against improper disclosure at all times. This topic looks at ways in which should prevent unintentional disclosure.

When can disclosures be made in the public interest without the patient’s consent?

This topic deals with circumstances where it is in the public interest to make a disclosure, but the consent of the patient cannot be obtained. 

When can personal information be disclosed for audit, research, or in journals or textbooks?

The HPCSA Guidelines provide that healthcare practitioners should record financial or other administrative data separately from clinical information and provide it in anonymised form wherever possible.

This topic takes a closer look at this provision.

Disclosure where health practitioners have dual responsibilities

This topic focuses on those situations where practitioners have a clear obligation to an identifiable third party that can be in tension with the obligation to the patient, such as where healthcare practitioners: 

provide occupational health services or medical care for employees of a company or organisation;

are employed by an organisation, such as an insurance company;

work for an agency assessing claims for benefits;

provide medical care to patients, and are subsequently asked to provide medical reports or information for third parties about the patients;

work as district medical officers or forensic pathologists;

work in the Armed Forces; or

work in correctional services.

Disclosure after a patient’s death

The manner in which confidential information should be dealt with after a patient’s death is dealt with in this section.