Confidentiality is fundamental to the preservation of a relationship of trust between patients and practitioners, and it is subject to legal and ethical safeguards. Patients need to be confident that information about their health which is given in confidence will remain private unless there is a compelling reason why this should not be the case.

Confidentiality checklist

1. Fully acquaint yourself and your colleagues with requirements and guidance on confidentiality.

2. Nominate a person to be responsible for practices and procedures for handling confidential data. MedSecure recommends the appointment of a Compliance Officer to oversee all aspects of legal and ethical compliance.

3. Train all staff to keep information confidential and reinforce the message regularly. Write a confidentiality clause into contracts of employment.

4. Keep discussion about clinical management of patients private and out of earshot of the public.

5. Ensure patients cannot read another patient’s details on computer screens.

6. Check the identity of telephone callers asking for information about a patient.

7. Take professional advice before connecting your computer to a network and keep a record of the advice.

8. Ensure electronic means of communication such as fax and email are secure before sending information.

9. Consider use of anonymised patient data when this might satisfy a request for information. 

10. Ensure that your practice is POPI compliant and PAIA.

The basis of confidentiality

The following fundamental principles apply to medical confidentiality:

It is in the public interest to ensure that medical information remains confidential. Patients must be encouraged to seek appropriate treatment and share information relating to the treatment with you.

As a healthcare practitioner, you hold information about patients that is private and sensitive, and you must not give information to others unless the disclosure can be justified.

You are also responsible for ensuring that clerks, receptionists and other staff respect confidentiality in the performance of their duties.

When you are satisfied that information should be released, you should act promptly to disclose all relevant information. This is often essential to protect the best interests of the patient, or to safeguard the well-being of others.

Issues relating to confidentiality

Confidentiality is affected by the changing nature of the practitioner-patient relationship, and the evolving norms and standards of our society, where personal information (including that of patients) is increasingly protected by, for example, the Protection of Personal Information Act.

In addition, in recent decades there has been a shift away from a single practitioner-patient relationship towards a multi-disciplinary care team, of which the patient is an integral part. This has resulted in an increased emphasis on a seamless, integrated healthcare system, with the promotion of teamwork and partnership becoming increasingly important.

A further issue which affects patient confidentiality is the tremendous progress made in connection with dissemination of data through electronic means.

Patients should have an understanding of the manner in which their health information is shared between practitioners and others in order to provide a secure ethical and legal basis for such sharing of information. This results in a challenge to the manner in which information is shared: a balance needs to be struck between protecting patient data, on the one hand, and ensuring that efficient and appropriate use of data can occur, on the other hand.

Questions also arise in connection with information-sharing on the part of practitioners who have dual obligations; what should be done where a practitioner’s colleague may be ill or under-performing; and in respect of a patient’s access to their own health records.

These issues all involve the principles governing confidentiality and disclosure of information. The issues are, however, also inter-related to topics such as informed consent, the proper management of health records, dealing with patients who have HIV, telemedicine, and other topics. Specific questions of confidentiality which are relevant to those subjects will be dealt with in the appropriate section.